From 055f6455e8a1751e91b93b68b8bd36a85943471b Mon Sep 17 00:00:00 2001 From: Vincent Date: Thu, 26 Oct 2023 15:46:09 -0400 Subject: [PATCH] Prepare the release 1.12 for operator (#1614) * Change 1.11 into 1.12 * Updated the manifests * Update the test cases for security guards * Update the manifests for 1.12 --- .../{1.8 => 1.12}/ceph/ceph.yaml | 8 +- .../{1.8 => 1.12}/github/github.yaml | 50 +- .../{1.8 => 1.12}/gitlab/gitlab.yaml | 44 +- .../kafka/eventing-kafka-controller.yaml | 589 +- .../kafka/eventing-kafka-post-install.yaml | 402 +- .../kafka/eventing-kafka-source.yaml | 22 +- .../rabbitmq/rabbitmq-source.yaml | 59 +- .../{1.8 => 1.12}/redis/redis-source.yaml | 12 +- .../{1.8 => 1.12}/contour/net-contour.yaml | 32 +- .../{1.8 => 1.12}/istio/net-istio.yaml | 136 +- .../{1.8 => 1.12}/kourier/kourier.yaml | 161 +- .../{1.8.1 => 1.12.0}/1-eventing-crds.yaml | 427 +- .../{1.8.2 => 1.12.0}/2-eventing-core.yaml | 666 +- .../1.12.0/3-eventing-tls-networking.yaml | 205 + .../4-in-memory-channel.yaml} | 176 +- .../5-mt-channel-broker.yaml} | 203 +- .../6-eventing-post-install.yaml} | 17 +- .../1.8.0/1-eventing-crds.yaml | 2296 ------ .../1.8.0/2-eventing-core.yaml | 4640 ----------- .../1.8.0/3-in-memory-channel.yaml | 1215 --- .../1.8.0/4-mt-channel-broker.yaml | 675 -- .../1.8.1/2-eventing-core.yaml | 4640 ----------- .../1.8.1/3-in-memory-channel.yaml | 1215 --- .../1.8.1/5-eventing-post-install.yaml | 231 - .../1.8.2/1-eventing-crds.yaml | 2296 ------ .../1.8.2/3-in-memory-channel.yaml | 1215 --- .../1.8.2/4-mt-channel-broker.yaml | 675 -- .../1.8.2/5-eventing-post-install.yaml | 231 - .../1.8.3/1-eventing-crds.yaml | 2296 ------ .../1.8.3/2-eventing-core.yaml | 4640 ----------- .../1.8.3/4-mt-channel-broker.yaml | 675 -- .../1.8.3/5-eventing-post-install.yaml | 231 - .../1.8.4/1-eventing-crds.yaml | 2296 ------ .../1.8.4/2-eventing-core.yaml | 4640 ----------- .../1.8.4/3-in-memory-channel.yaml | 1215 --- .../1.8.4/4-mt-channel-broker.yaml | 675 -- .../1.8.4/5-eventing-post-install.yaml | 231 - .../1.8.5/1-eventing-crds.yaml | 2296 ------ .../1.8.5/2-eventing-core.yaml | 4640 ----------- .../1.8.5/3-in-memory-channel.yaml | 1215 --- .../1.8.5/4-mt-channel-broker.yaml | 675 -- .../1.8.5/5-eventing-post-install.yaml | 231 - .../1.8.6/1-eventing-crds.yaml | 2296 ------ .../1.8.6/2-eventing-core.yaml | 4640 ----------- .../1.8.6/3-in-memory-channel.yaml | 1215 --- .../1.8.6/4-mt-channel-broker.yaml | 675 -- .../1.8.6/5-eventing-post-install.yaml | 231 - .../1.8.7/1-eventing-crds.yaml | 2296 ------ .../1.8.7/2-eventing-core.yaml | 4640 ----------- .../1.8.7/3-in-memory-channel.yaml | 1215 --- .../1.8.7/4-mt-channel-broker.yaml | 675 -- .../1.8.7/5-eventing-post-install.yaml | 231 - .../1.8.8/1-eventing-crds.yaml | 2296 ------ .../1.8.8/2-eventing-core.yaml | 4640 ----------- .../1.8.8/3-in-memory-channel.yaml | 1215 --- .../1.8.8/4-mt-channel-broker.yaml | 675 -- .../1.8.8/5-eventing-post-install.yaml | 231 - .../{1.8.2 => 1.12.0}/1-serving-crds.yaml | 504 +- .../{1.8.6 => 1.12.0}/2-serving-core.yaml | 1268 +-- .../{1.8.0 => 1.12.0}/3-serving-hpa.yaml | 26 +- .../4-serving-post-install-jobs.yaml | 9 +- .../knative-serving/1.8.0/1-serving-crds.yaml | 4032 ---------- .../knative-serving/1.8.0/2-serving-core.yaml | 6917 ---------------- .../1.8.0/4-serving-post-install-jobs.yaml | 70 - .../knative-serving/1.8.1/1-serving-crds.yaml | 4032 ---------- .../knative-serving/1.8.1/2-serving-core.yaml | 6917 ---------------- .../knative-serving/1.8.1/3-serving-hpa.yaml | 112 - .../1.8.1/4-serving-post-install-jobs.yaml | 70 - .../knative-serving/1.8.2/2-serving-core.yaml | 6917 ---------------- .../knative-serving/1.8.2/3-serving-hpa.yaml | 112 - .../knative-serving/1.8.3/1-serving-crds.yaml | 4032 ---------- .../knative-serving/1.8.3/2-serving-core.yaml | 6917 ---------------- .../knative-serving/1.8.3/3-serving-hpa.yaml | 112 - .../1.8.3/4-serving-post-install-jobs.yaml | 70 - .../knative-serving/1.8.4/1-serving-crds.yaml | 4032 ---------- .../knative-serving/1.8.4/2-serving-core.yaml | 6920 ----------------- .../knative-serving/1.8.4/3-serving-hpa.yaml | 112 - .../1.8.4/4-serving-post-install-jobs.yaml | 70 - .../knative-serving/1.8.5/1-serving-crds.yaml | 4032 ---------- .../knative-serving/1.8.5/2-serving-core.yaml | 6920 ----------------- .../knative-serving/1.8.5/3-serving-hpa.yaml | 112 - .../1.8.5/4-serving-post-install-jobs.yaml | 70 - .../knative-serving/1.8.6/1-serving-crds.yaml | 4032 ---------- .../knative-serving/1.8.6/3-serving-hpa.yaml | 112 - .../1.8.6/4-serving-post-install-jobs.yaml | 70 - go.mod | 16 +- go.sum | 34 +- hack/update-codegen.sh | 2 +- .../knativeserving/security/security_test.go | 2 +- .../knativeserving/security/securityguard.go | 2 +- .../{1.8.0 => 1.12.0}/serving-core.yaml | 0 test/e2e-common.sh | 4 +- .../{ => v2}/pbutil/LICENSE | 0 .../{ => v2}/pbutil/NOTICE | 0 .../{ => v2}/LICENSE | 0 .../{ => v2}/NOTICE | 0 .../{ => v2}/pbutil/.gitignore | 0 .../{ => v2}/pbutil/Makefile | 0 .../{ => v2}/pbutil/decode.go | 16 +- .../{ => v2}/pbutil/doc.go | 0 .../{ => v2}/pbutil/encode.go | 5 +- .../prometheus/common/expfmt/decode.go | 2 +- .../prometheus/common/expfmt/encode.go | 2 +- .../google.golang.org/api/internal/version.go | 2 +- .../api/storage/v1/storage-api.json | 387 +- .../api/storage/v1/storage-gen.go | 1595 +++- vendor/google.golang.org/grpc/README.md | 2 +- .../grpc/attributes/attributes.go | 4 +- .../grpc/balancer/balancer.go | 15 + .../grpc/balancer/grpclb/grpclb.go | 50 +- .../grpc/balancer/grpclb/grpclb_picker.go | 9 - .../balancer/grpclb/grpclb_remote_balancer.go | 49 +- .../grpc/balancer/grpclb/grpclb_util.go | 61 - vendor/google.golang.org/grpc/clientconn.go | 18 +- vendor/google.golang.org/grpc/dialoptions.go | 5 +- .../grpc/encoding/encoding.go | 13 +- .../health/grpc_health_v1/health_grpc.pb.go | 22 +- .../grpc/internal/backoff/backoff.go | 36 + .../grpc/internal/internal.go | 6 + .../grpc/internal/status/status.go | 28 + .../grpc/internal/transport/handler_server.go | 13 +- .../grpc/internal/transport/http2_client.go | 13 +- .../grpc/internal/transport/http2_server.go | 14 +- .../grpc/internal/transport/http_util.go | 18 +- .../grpc/internal/transport/transport.go | 2 +- .../grpc/resolver/manual/manual.go | 119 + vendor/google.golang.org/grpc/server.go | 136 +- vendor/google.golang.org/grpc/tap/tap.go | 6 + vendor/google.golang.org/grpc/version.go | 2 +- vendor/google.golang.org/grpc/vet.sh | 3 + vendor/knative.dev/hack/codegen-library.sh | 4 +- vendor/modules.txt | 23 +- 132 files changed, 5663 insertions(+), 141341 deletions(-) rename cmd/operator/kodata/eventing-source/{1.8 => 1.12}/ceph/ceph.yaml (98%) rename cmd/operator/kodata/eventing-source/{1.8 => 1.12}/github/github.yaml (96%) rename cmd/operator/kodata/eventing-source/{1.8 => 1.12}/gitlab/gitlab.yaml (95%) rename cmd/operator/kodata/eventing-source/{1.8 => 1.12}/kafka/eventing-kafka-controller.yaml (69%) rename cmd/operator/kodata/eventing-source/{1.8 => 1.12}/kafka/eventing-kafka-post-install.yaml (63%) rename cmd/operator/kodata/eventing-source/{1.8 => 1.12}/kafka/eventing-kafka-source.yaml (95%) rename cmd/operator/kodata/eventing-source/{1.8 => 1.12}/rabbitmq/rabbitmq-source.yaml (96%) rename cmd/operator/kodata/eventing-source/{1.8 => 1.12}/redis/redis-source.yaml (98%) rename cmd/operator/kodata/ingress/{1.8 => 1.12}/contour/net-contour.yaml (84%) rename cmd/operator/kodata/ingress/{1.8 => 1.12}/istio/net-istio.yaml (85%) rename cmd/operator/kodata/ingress/{1.8 => 1.12}/kourier/kourier.yaml (78%) rename cmd/operator/kodata/knative-eventing/{1.8.1 => 1.12.0}/1-eventing-crds.yaml (83%) rename cmd/operator/kodata/knative-eventing/{1.8.2 => 1.12.0}/2-eventing-core.yaml (87%) create mode 100644 cmd/operator/kodata/knative-eventing/1.12.0/3-eventing-tls-networking.yaml rename cmd/operator/kodata/knative-eventing/{1.8.3/3-in-memory-channel.yaml => 1.12.0/4-in-memory-channel.yaml} (87%) rename cmd/operator/kodata/knative-eventing/{1.8.1/4-mt-channel-broker.yaml => 1.12.0/5-mt-channel-broker.yaml} (79%) rename cmd/operator/kodata/knative-eventing/{1.8.0/5-eventing-post-install.yaml => 1.12.0/6-eventing-post-install.yaml} (92%) delete mode 100644 cmd/operator/kodata/knative-eventing/1.8.0/1-eventing-crds.yaml delete mode 100644 cmd/operator/kodata/knative-eventing/1.8.0/2-eventing-core.yaml delete mode 100644 cmd/operator/kodata/knative-eventing/1.8.0/3-in-memory-channel.yaml delete mode 100644 cmd/operator/kodata/knative-eventing/1.8.0/4-mt-channel-broker.yaml delete mode 100644 cmd/operator/kodata/knative-eventing/1.8.1/2-eventing-core.yaml delete mode 100644 cmd/operator/kodata/knative-eventing/1.8.1/3-in-memory-channel.yaml delete mode 100644 cmd/operator/kodata/knative-eventing/1.8.1/5-eventing-post-install.yaml delete mode 100644 cmd/operator/kodata/knative-eventing/1.8.2/1-eventing-crds.yaml delete mode 100644 cmd/operator/kodata/knative-eventing/1.8.2/3-in-memory-channel.yaml delete mode 100644 cmd/operator/kodata/knative-eventing/1.8.2/4-mt-channel-broker.yaml delete mode 100644 cmd/operator/kodata/knative-eventing/1.8.2/5-eventing-post-install.yaml delete mode 100644 cmd/operator/kodata/knative-eventing/1.8.3/1-eventing-crds.yaml delete mode 100644 cmd/operator/kodata/knative-eventing/1.8.3/2-eventing-core.yaml delete mode 100644 cmd/operator/kodata/knative-eventing/1.8.3/4-mt-channel-broker.yaml delete mode 100644 cmd/operator/kodata/knative-eventing/1.8.3/5-eventing-post-install.yaml delete mode 100644 cmd/operator/kodata/knative-eventing/1.8.4/1-eventing-crds.yaml delete mode 100644 cmd/operator/kodata/knative-eventing/1.8.4/2-eventing-core.yaml delete mode 100644 cmd/operator/kodata/knative-eventing/1.8.4/3-in-memory-channel.yaml delete mode 100644 cmd/operator/kodata/knative-eventing/1.8.4/4-mt-channel-broker.yaml delete mode 100644 cmd/operator/kodata/knative-eventing/1.8.4/5-eventing-post-install.yaml delete mode 100644 cmd/operator/kodata/knative-eventing/1.8.5/1-eventing-crds.yaml delete mode 100644 cmd/operator/kodata/knative-eventing/1.8.5/2-eventing-core.yaml delete mode 100644 cmd/operator/kodata/knative-eventing/1.8.5/3-in-memory-channel.yaml delete mode 100644 cmd/operator/kodata/knative-eventing/1.8.5/4-mt-channel-broker.yaml delete mode 100644 cmd/operator/kodata/knative-eventing/1.8.5/5-eventing-post-install.yaml delete mode 100644 cmd/operator/kodata/knative-eventing/1.8.6/1-eventing-crds.yaml delete mode 100644 cmd/operator/kodata/knative-eventing/1.8.6/2-eventing-core.yaml delete mode 100644 cmd/operator/kodata/knative-eventing/1.8.6/3-in-memory-channel.yaml delete mode 100644 cmd/operator/kodata/knative-eventing/1.8.6/4-mt-channel-broker.yaml delete mode 100644 cmd/operator/kodata/knative-eventing/1.8.6/5-eventing-post-install.yaml delete mode 100644 cmd/operator/kodata/knative-eventing/1.8.7/1-eventing-crds.yaml delete mode 100644 cmd/operator/kodata/knative-eventing/1.8.7/2-eventing-core.yaml delete mode 100644 cmd/operator/kodata/knative-eventing/1.8.7/3-in-memory-channel.yaml delete mode 100644 cmd/operator/kodata/knative-eventing/1.8.7/4-mt-channel-broker.yaml delete mode 100644 cmd/operator/kodata/knative-eventing/1.8.7/5-eventing-post-install.yaml delete mode 100644 cmd/operator/kodata/knative-eventing/1.8.8/1-eventing-crds.yaml delete mode 100644 cmd/operator/kodata/knative-eventing/1.8.8/2-eventing-core.yaml delete mode 100644 cmd/operator/kodata/knative-eventing/1.8.8/3-in-memory-channel.yaml delete mode 100644 cmd/operator/kodata/knative-eventing/1.8.8/4-mt-channel-broker.yaml delete mode 100644 cmd/operator/kodata/knative-eventing/1.8.8/5-eventing-post-install.yaml rename cmd/operator/kodata/knative-serving/{1.8.2 => 1.12.0}/1-serving-crds.yaml (90%) rename cmd/operator/kodata/knative-serving/{1.8.6 => 1.12.0}/2-serving-core.yaml (90%) rename cmd/operator/kodata/knative-serving/{1.8.0 => 1.12.0}/3-serving-hpa.yaml (83%) rename cmd/operator/kodata/knative-serving/{1.8.2 => 1.12.0}/4-serving-post-install-jobs.yaml (87%) delete mode 100644 cmd/operator/kodata/knative-serving/1.8.0/1-serving-crds.yaml delete mode 100644 cmd/operator/kodata/knative-serving/1.8.0/2-serving-core.yaml delete mode 100644 cmd/operator/kodata/knative-serving/1.8.0/4-serving-post-install-jobs.yaml delete mode 100644 cmd/operator/kodata/knative-serving/1.8.1/1-serving-crds.yaml delete mode 100644 cmd/operator/kodata/knative-serving/1.8.1/2-serving-core.yaml delete mode 100644 cmd/operator/kodata/knative-serving/1.8.1/3-serving-hpa.yaml delete mode 100644 cmd/operator/kodata/knative-serving/1.8.1/4-serving-post-install-jobs.yaml delete mode 100644 cmd/operator/kodata/knative-serving/1.8.2/2-serving-core.yaml delete mode 100644 cmd/operator/kodata/knative-serving/1.8.2/3-serving-hpa.yaml delete mode 100644 cmd/operator/kodata/knative-serving/1.8.3/1-serving-crds.yaml delete mode 100644 cmd/operator/kodata/knative-serving/1.8.3/2-serving-core.yaml delete mode 100644 cmd/operator/kodata/knative-serving/1.8.3/3-serving-hpa.yaml delete mode 100644 cmd/operator/kodata/knative-serving/1.8.3/4-serving-post-install-jobs.yaml delete mode 100644 cmd/operator/kodata/knative-serving/1.8.4/1-serving-crds.yaml delete mode 100644 cmd/operator/kodata/knative-serving/1.8.4/2-serving-core.yaml delete mode 100644 cmd/operator/kodata/knative-serving/1.8.4/3-serving-hpa.yaml delete mode 100644 cmd/operator/kodata/knative-serving/1.8.4/4-serving-post-install-jobs.yaml delete mode 100644 cmd/operator/kodata/knative-serving/1.8.5/1-serving-crds.yaml delete mode 100644 cmd/operator/kodata/knative-serving/1.8.5/2-serving-core.yaml delete mode 100644 cmd/operator/kodata/knative-serving/1.8.5/3-serving-hpa.yaml delete mode 100644 cmd/operator/kodata/knative-serving/1.8.5/4-serving-post-install-jobs.yaml delete mode 100644 cmd/operator/kodata/knative-serving/1.8.6/1-serving-crds.yaml delete mode 100644 cmd/operator/kodata/knative-serving/1.8.6/3-serving-hpa.yaml delete mode 100644 cmd/operator/kodata/knative-serving/1.8.6/4-serving-post-install-jobs.yaml rename pkg/reconciler/knativeserving/security/testdata/kodata/knative-serving/{1.8.0 => 1.12.0}/serving-core.yaml (100%) rename third_party/VENDOR-LICENSE/github.com/matttproud/golang_protobuf_extensions/{ => v2}/pbutil/LICENSE (100%) rename third_party/VENDOR-LICENSE/github.com/matttproud/golang_protobuf_extensions/{ => v2}/pbutil/NOTICE (100%) rename vendor/github.com/matttproud/golang_protobuf_extensions/{ => v2}/LICENSE (100%) rename vendor/github.com/matttproud/golang_protobuf_extensions/{ => v2}/NOTICE (100%) rename vendor/github.com/matttproud/golang_protobuf_extensions/{ => v2}/pbutil/.gitignore (100%) rename vendor/github.com/matttproud/golang_protobuf_extensions/{ => v2}/pbutil/Makefile (100%) rename vendor/github.com/matttproud/golang_protobuf_extensions/{ => v2}/pbutil/decode.go (83%) rename vendor/github.com/matttproud/golang_protobuf_extensions/{ => v2}/pbutil/doc.go (100%) rename vendor/github.com/matttproud/golang_protobuf_extensions/{ => v2}/pbutil/encode.go (91%) create mode 100644 vendor/google.golang.org/grpc/resolver/manual/manual.go diff --git a/cmd/operator/kodata/eventing-source/1.8/ceph/ceph.yaml b/cmd/operator/kodata/eventing-source/1.12/ceph/ceph.yaml similarity index 98% rename from cmd/operator/kodata/eventing-source/1.8/ceph/ceph.yaml rename to cmd/operator/kodata/eventing-source/1.12/ceph/ceph.yaml index 57a8ec2d80..175e7177b7 100644 --- a/cmd/operator/kodata/eventing-source/1.8/ceph/ceph.yaml +++ b/cmd/operator/kodata/eventing-source/1.12/ceph/ceph.yaml @@ -464,7 +464,7 @@ spec: containers: - name: controller terminationMessagePolicy: FallbackToLogsOnError - image: gcr.io/knative-releases/knative.dev/eventing-ceph/cmd/controller@sha256:13880c80b3ed2a1f10e043c53b0ec0a93ec443df5e25746ebeb7f1e6d4673d47 + image: gcr.io/knative-releases/knative.dev/eventing-ceph/cmd/controller@sha256:6f0cdff22d25359323e6541a3c3b4d9872aed956658d6b0894345dbb54e72665 resources: requests: cpu: 100m @@ -481,7 +481,7 @@ spec: - name: METRICS_DOMAIN value: knative.dev/sources - name: CEPH_SOURCE_RA_IMAGE - value: gcr.io/knative-releases/knative.dev/eventing-ceph/cmd/receive_adapter@sha256:a17153d21b07bc8faafef8f320ef12ce272888510d13938236ab61c18c96adfe + value: gcr.io/knative-releases/knative.dev/eventing-ceph/cmd/receive_adapter@sha256:356c3ccbe6e869eaa8b2f6558ea5fedf1d48f965f75c86a98ec65a334f80633c - name: POD_NAME valueFrom: fieldRef: @@ -620,7 +620,7 @@ spec: containers: - name: cephsource-webhook terminationMessagePolicy: FallbackToLogsOnError - image: gcr.io/knative-releases/knative.dev/eventing-ceph/cmd/webhook@sha256:3e467865e79ce42af695bc3ed26f4dbf31413ad3a4bc81833e24a0352a513f17 + image: gcr.io/knative-releases/knative.dev/eventing-ceph/cmd/webhook@sha256:dcb89efeb32244464097f5cd195c4568279ae29a8c6163dad995a517211a3c22 env: - name: SYSTEM_NAMESPACE valueFrom: @@ -758,7 +758,7 @@ data: # logging.fluentd-sidecar-image provides the fluentd sidecar image # to inject as a sidecar to collect logs from /var/log. # Must be presented if logging.enable-var-log-collection is true. - logging.fluentd-sidecar-image: k8s.gcr.io/fluentd-elasticsearch:v2.0.4 + logging.fluentd-sidecar-image: registry.k8s.io/fluentd-elasticsearch:v2.0.4 # logging.fluentd-sidecar-output-config provides the configuration # for the fluentd sidecar, which will be placed into a configmap and diff --git a/cmd/operator/kodata/eventing-source/1.8/github/github.yaml b/cmd/operator/kodata/eventing-source/1.12/github/github.yaml similarity index 96% rename from cmd/operator/kodata/eventing-source/1.8/github/github.yaml rename to cmd/operator/kodata/eventing-source/1.12/github/github.yaml index 9429f2093a..063bce45bc 100644 --- a/cmd/operator/kodata/eventing-source/1.8/github/github.yaml +++ b/cmd/operator/kodata/eventing-source/1.12/github/github.yaml @@ -17,7 +17,7 @@ kind: Namespace metadata: name: knative-sources labels: - contrib.eventing.knative.dev/release: "v1.8.0" + contrib.eventing.knative.dev/release: "v1.12.0" --- # Copyright 2019 The Knative Authors @@ -40,7 +40,7 @@ metadata: name: github-controller-manager namespace: knative-sources labels: - contrib.eventing.knative.dev/release: "v1.8.0" + contrib.eventing.knative.dev/release: "v1.12.0" --- # Copyright 2019 The Knative Authors @@ -63,7 +63,7 @@ metadata: name: github-webhook namespace: knative-sources labels: - contrib.eventing.knative.dev/release: "v1.8.0" + contrib.eventing.knative.dev/release: "v1.12.0" --- # Copyright 2019 The Knative Authors @@ -85,7 +85,7 @@ kind: ClusterRole metadata: name: eventing-sources-github-controller labels: - contrib.eventing.knative.dev/release: "v1.8.0" + contrib.eventing.knative.dev/release: "v1.12.0" rules: # Sources admin - apiGroups: @@ -204,7 +204,7 @@ kind: ClusterRoleBinding metadata: name: eventing-sources-github-addressable-resolver labels: - contrib.eventing.knative.dev/release: "v1.8.0" + contrib.eventing.knative.dev/release: "v1.12.0" subjects: - kind: ServiceAccount name: github-controller-manager @@ -236,7 +236,7 @@ kind: ClusterRoleBinding metadata: name: eventing-sources-github-controller labels: - contrib.eventing.knative.dev/release: "v1.8.0" + contrib.eventing.knative.dev/release: "v1.12.0" subjects: - kind: ServiceAccount name: github-controller-manager @@ -266,7 +266,7 @@ kind: ClusterRoleBinding metadata: name: eventing-sources-github-podspecable-binding labels: - contrib.eventing.knative.dev/release: "v1.8.0" + contrib.eventing.knative.dev/release: "v1.12.0" subjects: - kind: ServiceAccount name: github-webhook @@ -296,7 +296,7 @@ kind: ClusterRoleBinding metadata: name: eventing-sources-github-webhook labels: - contrib.eventing.knative.dev/release: "v1.8.0" + contrib.eventing.knative.dev/release: "v1.12.0" subjects: - kind: ServiceAccount name: github-webhook @@ -326,7 +326,7 @@ kind: ClusterRole metadata: name: github-webhook labels: - contrib.eventing.knative.dev/release: "v1.8.0" + contrib.eventing.knative.dev/release: "v1.12.0" rules: # Sources admin - apiGroups: @@ -473,7 +473,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: labels: - contrib.eventing.knative.dev/release: "v1.8.0" + contrib.eventing.knative.dev/release: "v1.12.0" duck.knative.dev/binding: "true" knative.dev/crd-install: "true" name: githubbindings.bindings.knative.dev @@ -526,7 +526,7 @@ kind: CustomResourceDefinition metadata: name: githubsources.sources.knative.dev labels: - contrib.eventing.knative.dev/release: "v1.8.0" + contrib.eventing.knative.dev/release: "v1.12.0" eventing.knative.dev/source: "true" duck.knative.dev/source: "true" knative.dev/crd-install: "true" @@ -605,6 +605,9 @@ spec: properties: spec: properties: + githubAPIURL: + description: URL for enterprise GitHub + type: string ownerAndRepository: description: Reference to the GitHub repository to receive events from, in the format user/repository. type: string @@ -728,6 +731,9 @@ spec: oneOf: - required: [ref] - required: [uri] + secure: + type: boolean + description: Secure can be set to true to configure the webhook to use https, or false to use http. Omitting it relies on the scheme of the Knative Service created. required: - ownerAndRepository - eventTypes @@ -785,7 +791,7 @@ metadata: name: github-controller namespace: knative-sources labels: - contrib.eventing.knative.dev/release: "v1.8.0" + contrib.eventing.knative.dev/release: "v1.12.0" control-plane: github-controller-manager spec: selector: @@ -815,7 +821,7 @@ metadata: name: github-controller-manager namespace: knative-sources labels: - contrib.eventing.knative.dev/release: "v1.8.0" + contrib.eventing.knative.dev/release: "v1.12.0" control-plane: github-controller-manager spec: selector: @@ -828,7 +834,7 @@ spec: spec: serviceAccountName: github-controller-manager containers: - - image: gcr.io/knative-releases/knative.dev/eventing-github/cmd/controller@sha256:ca06d26eccaf5d3d8aec9cc64779777dbb9722e99b7c240f182c566aadbcdb90 + - image: gcr.io/knative-releases/knative.dev/eventing-github/cmd/controller@sha256:aed1e165e2c596de43e4de31b0ce5e2ae246e2bb207089de56eba3498ecda242 name: manager env: - name: SYSTEM_NAMESPACE @@ -844,7 +850,7 @@ spec: - name: METRICS_DOMAIN value: knative.dev/sources - name: GH_RA_IMAGE - value: gcr.io/knative-releases/knative.dev/eventing-github/cmd/receive_adapter@sha256:825feead64aab02ba8727bc8e61658b7a8918d6e9dd6a8b6469ade7c52a5c4d6 + value: gcr.io/knative-releases/knative.dev/eventing-github/cmd/receive_adapter@sha256:62c2f54f365aed77d2d39133d9d8c5d918944597a664b1308479981c53cda72a resources: requests: cpu: 100m @@ -874,7 +880,7 @@ kind: MutatingWebhookConfiguration metadata: name: defaulting.webhook.github.sources.knative.dev labels: - contrib.eventing.knative.dev/release: "v1.8.0" + contrib.eventing.knative.dev/release: "v1.12.0" webhooks: - admissionReviewVersions: - v1beta1 @@ -891,7 +897,7 @@ kind: ValidatingWebhookConfiguration metadata: name: validation.webhook.github.sources.knative.dev labels: - contrib.eventing.knative.dev/release: "v1.8.0" + contrib.eventing.knative.dev/release: "v1.12.0" webhooks: - admissionReviewVersions: - v1beta1 @@ -926,7 +932,7 @@ metadata: name: github-webhook-certs namespace: knative-sources labels: - contrib.eventing.knative.dev/release: "v1.8.0" + contrib.eventing.knative.dev/release: "v1.12.0" # The data is populated at install time. --- @@ -950,7 +956,7 @@ metadata: name: github-webhook namespace: knative-sources labels: - contrib.eventing.knative.dev/release: "v1.8.0" + contrib.eventing.knative.dev/release: "v1.12.0" spec: replicas: 1 selector: @@ -967,7 +973,7 @@ spec: containers: - name: github-webhook terminationMessagePolicy: FallbackToLogsOnError - image: gcr.io/knative-releases/knative.dev/eventing-github/cmd/webhook@sha256:73ab340c9fac3c5d0dc075453a7c6ce2427733863c444b6bab2524c2cf65713b + image: gcr.io/knative-releases/knative.dev/eventing-github/cmd/webhook@sha256:7176881527b892722f6ce59ff307dc3eb0d3504d5a2988d3509fb58439e82ac9 env: - name: SYSTEM_NAMESPACE valueFrom: @@ -1031,7 +1037,7 @@ metadata: name: config-leader-election-github namespace: knative-sources labels: - contrib.eventing.knative.dev/release: "v1.8.0" + contrib.eventing.knative.dev/release: "v1.12.0" data: # An inactive but valid configuration follows; see example. resourceLock: "leases" @@ -1170,7 +1176,7 @@ data: # logging.fluentd-sidecar-image provides the fluentd sidecar image # to inject as a sidecar to collect logs from /var/log. # Must be presented if logging.enable-var-log-collection is true. - logging.fluentd-sidecar-image: k8s.gcr.io/fluentd-elasticsearch:v2.0.4 + logging.fluentd-sidecar-image: registry.k8s.io/fluentd-elasticsearch:v2.0.4 # logging.fluentd-sidecar-output-config provides the configuration # for the fluentd sidecar, which will be placed into a configmap and diff --git a/cmd/operator/kodata/eventing-source/1.8/gitlab/gitlab.yaml b/cmd/operator/kodata/eventing-source/1.12/gitlab/gitlab.yaml similarity index 95% rename from cmd/operator/kodata/eventing-source/1.8/gitlab/gitlab.yaml rename to cmd/operator/kodata/eventing-source/1.12/gitlab/gitlab.yaml index 5e96537037..ccaa19a774 100644 --- a/cmd/operator/kodata/eventing-source/1.8/gitlab/gitlab.yaml +++ b/cmd/operator/kodata/eventing-source/1.12/gitlab/gitlab.yaml @@ -17,7 +17,7 @@ kind: Namespace metadata: name: knative-sources labels: - contrib.eventing.knative.dev/release: "v1.8.0" + contrib.eventing.knative.dev/release: "v1.12.0" --- # Copyright 2020 The Knative Authors @@ -40,7 +40,7 @@ metadata: name: gitlab-controller-manager namespace: knative-sources labels: - contrib.eventing.knative.dev/release: "v1.8.0" + contrib.eventing.knative.dev/release: "v1.12.0" --- apiVersion: v1 kind: ServiceAccount @@ -48,7 +48,7 @@ metadata: name: gitlab-webhook namespace: knative-sources labels: - contrib.eventing.knative.dev/release: "v1.8.0" + contrib.eventing.knative.dev/release: "v1.12.0" --- # Copyright 2020 The Knative Authors @@ -70,7 +70,7 @@ kind: ClusterRole metadata: name: gitlabsource-manager-role labels: - contrib.eventing.knative.dev/release: "v1.8.0" + contrib.eventing.knative.dev/release: "v1.12.0" rules: - apiGroups: - sources.knative.dev @@ -143,7 +143,7 @@ apiVersion: rbac.authorization.k8s.io/v1 metadata: name: eventing-contrib-gitlab-source-observer labels: - contrib.eventing.knative.dev/release: "v1.8.0" + contrib.eventing.knative.dev/release: "v1.12.0" duck.knative.dev/source: "true" rules: - apiGroups: @@ -175,7 +175,7 @@ kind: ClusterRoleBinding metadata: name: gitlabsource-manager-rolebinding labels: - contrib.eventing.knative.dev/release: "v1.8.0" + contrib.eventing.knative.dev/release: "v1.12.0" roleRef: apiGroup: rbac.authorization.k8s.io kind: ClusterRole @@ -190,7 +190,7 @@ kind: ClusterRoleBinding metadata: name: eventing-sources-gitlab-addressable-resolver labels: - contrib.eventing.knative.dev/release: "v1.8.0" + contrib.eventing.knative.dev/release: "v1.12.0" subjects: - kind: ServiceAccount name: gitlab-controller-manager @@ -207,7 +207,7 @@ kind: ClusterRoleBinding metadata: name: eventing-sources-gitlab-webhook labels: - contrib.eventing.knative.dev/release: "v1.8.0" + contrib.eventing.knative.dev/release: "v1.12.0" subjects: - kind: ServiceAccount name: gitlab-webhook @@ -237,7 +237,7 @@ kind: ClusterRole metadata: name: gitlab-webhook labels: - contrib.eventing.knative.dev/release: "v1.8.0" + contrib.eventing.knative.dev/release: "v1.12.0" rules: # Sources admin - apiGroups: @@ -387,7 +387,7 @@ kind: CustomResourceDefinition metadata: name: gitlabbindings.bindings.knative.dev labels: - contrib.eventing.knative.dev/release: "v1.8.0" + contrib.eventing.knative.dev/release: "v1.12.0" duck.knative.dev/binding: "true" knative.dev/crd-install: "true" spec: @@ -514,7 +514,7 @@ kind: CustomResourceDefinition metadata: name: gitlabsources.sources.knative.dev labels: - contrib.eventing.knative.dev/release: "v1.8.0" + contrib.eventing.knative.dev/release: "v1.12.0" eventing.knative.dev/source: "true" duck.knative.dev/source: "true" knative.dev/crd-install: "true" @@ -760,7 +760,7 @@ apiVersion: v1 kind: Service metadata: labels: - contrib.eventing.knative.dev/release: "v1.8.0" + contrib.eventing.knative.dev/release: "v1.12.0" control-plane: gitlab-controller-manager name: gitlab-controller-manager-service namespace: knative-sources @@ -776,7 +776,7 @@ apiVersion: apps/v1 kind: Deployment metadata: labels: - contrib.eventing.knative.dev/release: "v1.8.0" + contrib.eventing.knative.dev/release: "v1.12.0" control-plane: gitlab-controller-manager name: gitlab-controller-manager namespace: knative-sources @@ -804,12 +804,12 @@ spec: - name: METRICS_DOMAIN value: knative.dev/sources - name: GL_RA_IMAGE - value: gcr.io/knative-releases/knative.dev/eventing-gitlab/cmd/receive_adapter@sha256:0a79e507c3e68c16443fbaa3806288f8358446f1a7832976948f7350df598406 + value: gcr.io/knative-releases/knative.dev/eventing-gitlab/cmd/receive_adapter@sha256:4608fc2382ba90b42674e597493dbf9e23510c2a894a7fbe107d370191714f47 - name: POD_NAME valueFrom: fieldRef: fieldPath: metadata.name - image: gcr.io/knative-releases/knative.dev/eventing-gitlab/cmd/controller@sha256:2708484c9b081aea5405a3627f53d4a4f883dc640cc3c03701f6da09b22da6e3 + image: gcr.io/knative-releases/knative.dev/eventing-gitlab/cmd/controller@sha256:2ff14285d09903761a481cd52df077f7f75d1689c5b8e6e11093e627a84768e5 resources: limits: cpu: 100m @@ -839,7 +839,7 @@ kind: MutatingWebhookConfiguration metadata: name: defaulting.webhook.gitlab.sources.knative.dev labels: - contrib.eventing.knative.dev/release: "v1.8.0" + contrib.eventing.knative.dev/release: "v1.12.0" webhooks: - admissionReviewVersions: - v1beta1 @@ -856,7 +856,7 @@ kind: ValidatingWebhookConfiguration metadata: name: validation.webhook.gitlab.sources.knative.dev labels: - contrib.eventing.knative.dev/release: "v1.8.0" + contrib.eventing.knative.dev/release: "v1.12.0" webhooks: - admissionReviewVersions: - v1beta1 @@ -873,7 +873,7 @@ kind: MutatingWebhookConfiguration metadata: name: gitlabbindings.webhook.gitlab.sources.knative.dev labels: - contrib.eventing.knative.dev/release: "v1.8.0" + contrib.eventing.knative.dev/release: "v1.12.0" webhooks: - admissionReviewVersions: - v1beta1 @@ -906,14 +906,14 @@ metadata: name: gitlab-webhook-certs namespace: knative-sources labels: - contrib.eventing.knative.dev/release: "v1.8.0" + contrib.eventing.knative.dev/release: "v1.12.0" # The data is populated at install time. --- apiVersion: v1 kind: Service metadata: labels: - contrib.eventing.knative.dev/release: "v1.8.0" + contrib.eventing.knative.dev/release: "v1.12.0" role: webhook name: gitlab-webhook namespace: knative-sources @@ -931,7 +931,7 @@ metadata: name: gitlab-webhook namespace: knative-sources labels: - contrib.eventing.knative.dev/release: "v1.8.0" + contrib.eventing.knative.dev/release: "v1.12.0" spec: replicas: 1 selector: @@ -946,7 +946,7 @@ spec: containers: - name: gitlab-webhook terminationMessagePolicy: FallbackToLogsOnError - image: gcr.io/knative-releases/knative.dev/eventing-gitlab/cmd/webhook@sha256:0b2817249fac64ac1b7bf4443c63d7419b753eff45a866632d1903f4c3f90eff + image: gcr.io/knative-releases/knative.dev/eventing-gitlab/cmd/webhook@sha256:26500282ab11d886f118e9652839c426c803354a9e70692dff567ceff13dc1c9 env: - name: SYSTEM_NAMESPACE valueFrom: diff --git a/cmd/operator/kodata/eventing-source/1.8/kafka/eventing-kafka-controller.yaml b/cmd/operator/kodata/eventing-source/1.12/kafka/eventing-kafka-controller.yaml similarity index 69% rename from cmd/operator/kodata/eventing-source/1.8/kafka/eventing-kafka-controller.yaml rename to cmd/operator/kodata/eventing-source/1.12/kafka/eventing-kafka-controller.yaml index d36584ae9d..0eb7832b3e 100644 --- a/cmd/operator/kodata/eventing-source/1.8/kafka/eventing-kafka-controller.yaml +++ b/cmd/operator/kodata/eventing-source/1.12/kafka/eventing-kafka-controller.yaml @@ -17,7 +17,7 @@ metadata: name: kafka-broker-config namespace: knative-eventing labels: - kafka.eventing.knative.dev/release: "f4b0fce3181870b96980b0f6b4d36899a9fc7ab0" + app.kubernetes.io/version: "64635c2cbff2fe10390b3e37392af59bf6ccc8f0" data: default.topic.partitions: "10" default.topic.replication.factor: "3" @@ -43,7 +43,7 @@ metadata: name: kafka-channel-config namespace: knative-eventing labels: - kafka.eventing.knative.dev/release: "f4b0fce3181870b96980b0f6b4d36899a9fc7ab0" + app.kubernetes.io/version: "64635c2cbff2fe10390b3e37392af59bf6ccc8f0" data: bootstrap.servers: "my-cluster-kafka-bootstrap.kafka:9092" @@ -67,7 +67,7 @@ kind: CustomResourceDefinition metadata: name: kafkachannels.messaging.knative.dev labels: - kafka.eventing.knative.dev/release: "v20221016-e3e35c5f0" + app.kubernetes.io/version: "64635c2cbff2fe10390b3e37392af59bf6ccc8f0" knative.dev/crd-install: "true" messaging.knative.dev/subscribable: "true" duck.knative.dev/addressable: "true" @@ -336,7 +336,7 @@ kind: CustomResourceDefinition metadata: creationTimestamp: null labels: - kafka.eventing.knative.dev/release: "f4b0fce3181870b96980b0f6b4d36899a9fc7ab0" + app.kubernetes.io/version: "64635c2cbff2fe10390b3e37392af59bf6ccc8f0" knative.dev/crd-install: "true" name: consumers.internal.kafka.eventing.knative.dev spec: @@ -392,7 +392,7 @@ kind: CustomResourceDefinition metadata: creationTimestamp: null labels: - kafka.eventing.knative.dev/release: "f4b0fce3181870b96980b0f6b4d36899a9fc7ab0" + app.kubernetes.io/version: "64635c2cbff2fe10390b3e37392af59bf6ccc8f0" knative.dev/crd-install: "true" name: consumergroups.internal.kafka.eventing.knative.dev spec: @@ -463,7 +463,7 @@ metadata: labels: duck.knative.dev/addressable: "true" knative.dev/crd-install: "true" - kafka.eventing.knative.dev/release: "f4b0fce3181870b96980b0f6b4d36899a9fc7ab0" + app.kubernetes.io/version: "64635c2cbff2fe10390b3e37392af59bf6ccc8f0" spec: group: eventing.knative.dev names: @@ -546,11 +546,31 @@ spec: type: object properties: address: - description: 'Kafka Sink is Addressable. It exposes the endpoint as an URI to get events delivered to a Kafka topic.' + description: Kafka Sink is Addressable. It exposes the endpoint as an URI to get events delivered into the Kafka topic. type: object properties: + name: + type: string url: type: string + CACerts: + type: string + audience: + type: string + addresses: + description: Kafka Sink is Addressable. It exposes the endpoints as URIs to get events delivered into the Kafka topic. + type: array + items: + type: object + properties: + name: + type: string + url: + type: string + CACerts: + type: string + audience: + type: string annotations: description: 'Annotations is additional Status fields for the Resource to save some additional State as well as convey more information to the user. This is roughly akin to Annotations on any k8s resource, just the reconciler conveying richer information outwards.' type: object @@ -627,7 +647,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: labels: - kafka.eventing.knative.dev/release: "v20221016-e3e35c5f0" + app.kubernetes.io/version: "64635c2cbff2fe10390b3e37392af59bf6ccc8f0" eventing.knative.dev/source: "true" duck.knative.dev/source: "true" knative.dev/crd-install: "true" @@ -645,12 +665,364 @@ spec: storage: true schema: openAPIV3Schema: + description: KafkaSource is the Schema for the kafkasources API. type: object - # this is a work around so we don't need to flush out the - # schema for each version at this time - # - # see issue: https://github.com/knative/serving/issues/912 - x-kubernetes-preserve-unknown-fields: true + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: KafkaSourceSpec defines the desired state of the KafkaSource. + type: object + required: + - bootstrapServers + - topics + properties: + bootstrapServers: + description: Bootstrap servers are the Kafka servers the consumer will connect to. + type: array + items: + type: string + ceOverrides: + description: CloudEventOverrides defines overrides to control the output format and modifications of the event sent to the sink. + type: object + properties: + extensions: + description: Extensions specify what attribute are added or overridden on the outbound event. Each `Extensions` key-value pair are set on the event as an attribute extension independently. + type: object + additionalProperties: + type: string + consumerGroup: + description: ConsumerGroupID is the consumer group ID. + type: string + consumers: + description: "Number of desired consumers running in the consumer group. Defaults to 1. \n This is a pointer to distinguish between explicit zero and not specified." + type: integer + format: int32 + delivery: + description: Delivery contains the delivery spec for this source + type: object + properties: + backoffDelay: + description: "BackoffDelay is the delay before retrying. More information on Duration format: - https://www.iso.org/iso-8601-date-and-time-format.html - https://en.wikipedia.org/wiki/ISO_8601 \n For linear policy, backoff delay is backoffDelay*. For exponential policy, backoff delay is backoffDelay*2^." + type: string + backoffPolicy: + description: BackoffPolicy is the retry backoff policy (linear, exponential). + type: string + deadLetterSink: + description: DeadLetterSink is the sink receiving event that could not be sent to a destination. + type: object + properties: + CACerts: + description: CACerts are Certification Authority (CA) certificates in PEM format according to https://www.rfc-editor.org/rfc/rfc7468. If set, these CAs are appended to the set of CAs provided by the Addressable target, if any. + type: string + ref: + description: Ref points to an Addressable. + type: object + required: + - kind + - name + properties: + address: + description: Address points to a specific Address Name. + type: string + apiVersion: + description: API version of the referent. + type: string + group: + description: 'Group of the API, without the version of the group. This can be used as an alternative to the APIVersion, and then resolved using ResolveGroup. Note: This API is EXPERIMENTAL and might break anytime. For more details: https://github.com/knative/eventing/issues/5086' + type: string + kind: + description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + namespace: + description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ This is optional field, it gets defaulted to the object holding it if left out.' + type: string + uri: + description: URI can be an absolute URL(non-empty scheme and non-empty host) pointing to the target or a relative URI. Relative URIs will be resolved using the base URI retrieved from Ref. + type: string + retry: + description: Retry is the minimum number of retries the sender should attempt when sending an event before moving it to the dead letter sink. + type: integer + format: int32 + retryAfterMax: + description: "RetryAfterMax provides an optional upper bound on the duration specified in a \"Retry-After\" header when calculating backoff times for retrying 429 and 503 response codes. Setting the value to zero (\"PT0S\") can be used to opt-out of respecting \"Retry-After\" header values altogether. This value only takes effect if \"Retry\" is configured, and also depends on specific implementations (Channels, Sources, etc.) choosing to provide this capability. \n Note: This API is EXPERIMENTAL and might be changed at anytime. While this experimental feature is in the Alpha/Beta stage, you must provide a valid value to opt-in for supporting \"Retry-After\" headers. When the feature becomes Stable/GA \"Retry-After\" headers will be respected by default, and you can choose to specify \"PT0S\" to opt-out of supporting \"Retry-After\" headers. For more details: https://github.com/knative/eventing/issues/5811 \n More information on Duration format: - https://www.iso.org/iso-8601-date-and-time-format.html - https://en.wikipedia.org/wiki/ISO_8601" + type: string + timeout: + description: "Timeout is the timeout of each single request. The value must be greater than 0. More information on Duration format: - https://www.iso.org/iso-8601-date-and-time-format.html - https://en.wikipedia.org/wiki/ISO_8601 \n Note: This API is EXPERIMENTAL and might break anytime. For more details: https://github.com/knative/eventing/issues/5148" + type: string + initialOffset: + description: InitialOffset is the Initial Offset for the consumer group. should be earliest or latest + type: string + net: + type: object + properties: + sasl: + type: object + properties: + enable: + type: boolean + password: + description: Password is the Kubernetes secret containing the SASL password. + type: object + properties: + secretKeyRef: + description: The Secret key to select from. + type: object + required: + - key + properties: + key: + description: The key of the secret to select from. Must be a valid secret key. + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?' + type: string + optional: + description: Specify whether the Secret or its key must be defined + type: boolean + x-kubernetes-map-type: atomic + type: + description: Type of saslType, defaults to plain (vs SCRAM-SHA-512 or SCRAM-SHA-256) + type: object + properties: + secretKeyRef: + description: The Secret key to select from. + type: object + required: + - key + properties: + key: + description: The key of the secret to select from. Must be a valid secret key. + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?' + type: string + optional: + description: Specify whether the Secret or its key must be defined + type: boolean + x-kubernetes-map-type: atomic + user: + description: User is the Kubernetes secret containing the SASL username. + type: object + properties: + secretKeyRef: + description: The Secret key to select from. + type: object + required: + - key + properties: + key: + description: The key of the secret to select from. Must be a valid secret key. + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?' + type: string + optional: + description: Specify whether the Secret or its key must be defined + type: boolean + x-kubernetes-map-type: atomic + tls: + type: object + properties: + caCert: + description: CACert is the Kubernetes secret containing the server CA cert. + type: object + properties: + secretKeyRef: + description: The Secret key to select from. + type: object + required: + - key + properties: + key: + description: The key of the secret to select from. Must be a valid secret key. + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?' + type: string + optional: + description: Specify whether the Secret or its key must be defined + type: boolean + x-kubernetes-map-type: atomic + cert: + description: Cert is the Kubernetes secret containing the client certificate. + type: object + properties: + secretKeyRef: + description: The Secret key to select from. + type: object + required: + - key + properties: + key: + description: The key of the secret to select from. Must be a valid secret key. + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?' + type: string + optional: + description: Specify whether the Secret or its key must be defined + type: boolean + x-kubernetes-map-type: atomic + enable: + type: boolean + key: + description: Key is the Kubernetes secret containing the client key. + type: object + properties: + secretKeyRef: + description: The Secret key to select from. + type: object + required: + - key + properties: + key: + description: The key of the secret to select from. Must be a valid secret key. + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?' + type: string + optional: + description: Specify whether the Secret or its key must be defined + type: boolean + x-kubernetes-map-type: atomic + ordering: + description: Ordering is the type of the consumer verticle. Should be ordered or unordered. By default, it is ordered. + type: string + sink: + description: Sink is a reference to an object that will resolve to a uri to use as the sink. + type: object + properties: + CACerts: + description: CACerts are Certification Authority (CA) certificates in PEM format according to https://www.rfc-editor.org/rfc/rfc7468. If set, these CAs are appended to the set of CAs provided by the Addressable target, if any. + type: string + ref: + description: Ref points to an Addressable. + type: object + required: + - kind + - name + properties: + address: + description: Address points to a specific Address Name. + type: string + apiVersion: + description: API version of the referent. + type: string + group: + description: 'Group of the API, without the version of the group. This can be used as an alternative to the APIVersion, and then resolved using ResolveGroup. Note: This API is EXPERIMENTAL and might break anytime. For more details: https://github.com/knative/eventing/issues/5086' + type: string + kind: + description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + namespace: + description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ This is optional field, it gets defaulted to the object holding it if left out.' + type: string + uri: + description: URI can be an absolute URL(non-empty scheme and non-empty host) pointing to the target or a relative URI. Relative URIs will be resolved using the base URI retrieved from Ref. + type: string + topics: + description: Topic topics to consume messages from + type: array + items: + type: string + status: + description: KafkaSourceStatus defines the observed state of KafkaSource. + type: object + properties: + annotations: + description: Annotations is additional Status fields for the Resource to save some additional State as well as convey more information to the user. This is roughly akin to Annotations on any k8s resource, just the reconciler conveying richer information outwards. + type: object + additionalProperties: + type: string + ceAttributes: + description: CloudEventAttributes are the specific attributes that the Source uses as part of its CloudEvents. + type: array + items: + description: CloudEventAttributes specifies the attributes that a Source uses as part of its CloudEvents. + type: object + properties: + source: + description: Source is the CloudEvents source attribute. + type: string + type: + description: Type refers to the CloudEvent type attribute. + type: string + claims: + description: Claims consumed by this KafkaSource instance + type: string + conditions: + description: Conditions the latest available observations of a resource's current state. + type: array + items: + description: 'Condition defines a readiness condition for a Knative resource. See: https://github.com/kubernetes/community/blob/master/contributors/devel/sig-architecture/api-conventions.md#typical-status-properties' + type: object + required: + - status + - type + properties: + lastTransitionTime: + description: LastTransitionTime is the last time the condition transitioned from one status to another. We use VolatileTime in place of metav1.Time to exclude this from creating equality.Semantic differences (all other things held constant). + type: string + message: + description: A human readable message indicating details about the transition. + type: string + reason: + description: The reason for the condition's last transition. + type: string + severity: + description: Severity with which to treat failures of this type of condition. When this is not specified, it defaults to Error. + type: string + status: + description: Status of the condition, one of True, False, Unknown. + type: string + type: + description: Type of condition. + type: string + consumers: + description: Total number of consumers actually running in the consumer group. + type: integer + format: int32 + maxAllowedVReplicas: + type: integer + format: int32 + observedGeneration: + description: ObservedGeneration is the 'Generation' of the Service that was last processed by the controller. + type: integer + format: int64 + placements: + type: array + items: + type: object + properties: + podName: + description: PodName is the name of the pod where the resource is placed + type: string + vreplicas: + description: VReplicas is the number of virtual replicas assigned to in the pod + type: integer + format: int32 + selector: + description: Use for labelSelectorPath when scaling Kafka source + type: string + sinkCACerts: + description: SinkCACerts are Certification Authority (CA) certificates in PEM format according to https://www.rfc-editor.org/rfc/rfc7468. + type: string + sinkUri: + description: SinkURI is the current active sink URI that has been configured for the Source. + type: string subresources: status: {} scale: @@ -693,8 +1065,6 @@ spec: service: name: kafka-source-webhook namespace: knative-eventing ---- - --- # Copyright 2019 The Knative Authors @@ -717,7 +1087,7 @@ apiVersion: rbac.authorization.k8s.io/v1 metadata: name: eventing-kafka-source-observer labels: - kafka.eventing.knative.dev/release: "f4b0fce3181870b96980b0f6b4d36899a9fc7ab0" + app.kubernetes.io/version: "64635c2cbff2fe10390b3e37392af59bf6ccc8f0" duck.knative.dev/source: "true" rules: - apiGroups: @@ -750,7 +1120,7 @@ metadata: name: config-kafka-source-defaults namespace: knative-eventing labels: - kafka.eventing.knative.dev/release: "f4b0fce3181870b96980b0f6b4d36899a9fc7ab0" + app.kubernetes.io/version: "64635c2cbff2fe10390b3e37392af59bf6ccc8f0" annotations: knative.dev/example-checksum: "b6ed351d" data: @@ -789,6 +1159,37 @@ data: # kafkaLagThreshold is the lag (ie. number of messages in a partition) threshold for KEDA to scale up sources. # kafkaLagThreshold: "10" +--- +# Copyright 2022 The Knative Authors +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# https://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +apiVersion: v1 +kind: ConfigMap +metadata: + name: config-kafka-autoscaler + namespace: knative-eventing + labels: + app.kubernetes.io/version: "64635c2cbff2fe10390b3e37392af59bf6ccc8f0" +data: + class: "keda.autoscaling.knative.dev" + min-scale: "0" + max-scale: "50" + polling-interval: "10" + cooldown-period: "300" + lag-threshold: "100" + activation-lag-threshold: "1" + --- # Copyright 2021 The Knative Authors # @@ -810,7 +1211,7 @@ metadata: name: config-kafka-descheduler namespace: knative-eventing labels: - kafka.eventing.knative.dev/release: "f4b0fce3181870b96980b0f6b4d36899a9fc7ab0" + app.kubernetes.io/version: "64635c2cbff2fe10390b3e37392af59bf6ccc8f0" data: predicates: | [] @@ -833,7 +1234,7 @@ metadata: name: config-kafka-features namespace: knative-eventing annotations: - knative.dev/example-checksum: "76de22c2" + knative.dev/example-checksum: "1192895d" data: _example: |- ################################ @@ -861,17 +1262,29 @@ data: # Controls whether the controller should autoscale consumer resources with KEDA # 1. Enabled: KEDA autoscaling of consumers will be setup. # 2. Disabled: KEDA autoscaling of consumers will not be setup. - controller.autoscale: "disabled" + controller.autoscaler: "disabled" + # The Go text/template used to generate consumergroup ID for triggers. + # The template can reference the trigger Kubernetes metadata only. + triggers.consumergroup.template: "knative-trigger-{{ .Namespace }}-{{ .Name }}" + # The Go text/template used to generate topics for Brokers. + # The template can reference the broker Kubernetes metadata only. + brokers.topic.template: "knative-broker-{{ .Namespace }}-{{ .Name }}" + # The Go text/template used to generate topics for Channels. + # The template can reference the channel Kubernetes metadata only. + channels.topic.template: "knative-channel-{{ .Namespace }}-{{ .Name }}" dispatcher.rate-limiter: "disabled" dispatcher.ordered-executor-metrics: "disabled" controller.autoscaler: "disabled" + triggers.consumergroup.template: "knative-trigger-{{ .Namespace }}-{{ .Name }}" + brokers.topic.template: "knative-broker-{{ .Namespace }}-{{ .Name }}" + channels.topic.template: "knative-messaging-kafka.{{ .Namespace }}.{{ .Name }}" --- apiVersion: v1 kind: ConfigMap metadata: labels: - kafka.eventing.knative.dev/release: "f4b0fce3181870b96980b0f6b4d36899a9fc7ab0" + app.kubernetes.io/version: "64635c2cbff2fe10390b3e37392af59bf6ccc8f0" name: config-kafka-leader-election namespace: knative-eventing annotations: @@ -938,7 +1351,7 @@ metadata: name: config-kafka-scheduler namespace: knative-eventing labels: - kafka.eventing.knative.dev/release: "f4b0fce3181870b96980b0f6b4d36899a9fc7ab0" + app.kubernetes.io/version: "64635c2cbff2fe10390b3e37392af59bf6ccc8f0" data: predicates: | [ @@ -978,7 +1391,7 @@ metadata: name: kafka-config-logging namespace: knative-eventing labels: - kafka.eventing.knative.dev/release: "f4b0fce3181870b96980b0f6b4d36899a9fc7ab0" + app.kubernetes.io/version: "64635c2cbff2fe10390b3e37392af59bf6ccc8f0" data: config.xml: | @@ -990,6 +1403,30 @@ data: +--- +# Copyright 2022 The Knative Authors +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +apiVersion: v1 +kind: ConfigMap +metadata: + name: config-namespaced-broker-resources + namespace: knative-eventing +data: + resources: | + [ + ] + --- # Copyright 2019 The Knative Authors # @@ -1011,7 +1448,7 @@ metadata: name: config-tracing namespace: knative-eventing labels: - kafka.eventing.knative.dev/release: "f4b0fce3181870b96980b0f6b4d36899a9fc7ab0" + app.kubernetes.io/version: "64635c2cbff2fe10390b3e37392af59bf6ccc8f0" knative.dev/config-propagation: original knative.dev/config-category: eventing annotations: @@ -1071,7 +1508,7 @@ apiVersion: rbac.authorization.k8s.io/v1 metadata: name: knative-kafka-addressable-resolver labels: - kafka.eventing.knative.dev/release: "f4b0fce3181870b96980b0f6b4d36899a9fc7ab0" + app.kubernetes.io/version: "64635c2cbff2fe10390b3e37392af59bf6ccc8f0" duck.knative.dev/addressable: "true" # Do not use this role directly. These rules will be added to the "addressable-resolver" role. rules: @@ -1114,7 +1551,7 @@ kind: ClusterRole metadata: name: knative-kafka-channelable-manipulator labels: - kafka.eventing.knative.dev/release: "f4b0fce3181870b96980b0f6b4d36899a9fc7ab0" + app.kubernetes.io/version: "64635c2cbff2fe10390b3e37392af59bf6ccc8f0" duck.knative.dev/channelable: "true" # Do not use this role directly. These rules will be added to the "channelable-manipulator" role. rules: @@ -1151,16 +1588,24 @@ kind: ClusterRole metadata: name: kafka-controller labels: - kafka.eventing.knative.dev/release: "f4b0fce3181870b96980b0f6b4d36899a9fc7ab0" + app.kubernetes.io/version: "64635c2cbff2fe10390b3e37392af59bf6ccc8f0" rules: - apiGroups: - - "*" + - "" + resources: + - namespaces + verbs: + - get + - list + - watch + - apiGroups: + - "" resources: - configmaps verbs: - delete - apiGroups: - - "*" + - "" resources: - configmaps - services @@ -1172,7 +1617,7 @@ rules: - create - delete - apiGroups: - - "*" + - "" resources: - pods verbs: @@ -1181,7 +1626,7 @@ rules: - get - watch - apiGroups: - - "*" + - "" resources: - pods/finalizers verbs: @@ -1191,7 +1636,7 @@ rules: - update - delete - apiGroups: - - "*" + - "" resources: - events verbs: @@ -1210,7 +1655,7 @@ rules: - patch - watch - apiGroups: - - "*" + - "" resources: - secrets verbs: @@ -1241,7 +1686,7 @@ rules: - list - watch - apiGroups: - - "*" + - "" resources: - serviceaccounts verbs: @@ -1264,7 +1709,7 @@ rules: - delete # Scheduler permissions - apiGroups: - - "*" + - "" resources: - nodes verbs: @@ -1412,7 +1857,7 @@ metadata: name: kafka-controller namespace: knative-eventing labels: - kafka.eventing.knative.dev/release: "f4b0fce3181870b96980b0f6b4d36899a9fc7ab0" + app.kubernetes.io/version: "64635c2cbff2fe10390b3e37392af59bf6ccc8f0" --- # Copyright 2020 The Knative Authors @@ -1433,7 +1878,7 @@ kind: ClusterRoleBinding metadata: name: kafka-controller labels: - kafka.eventing.knative.dev/release: "f4b0fce3181870b96980b0f6b4d36899a9fc7ab0" + app.kubernetes.io/version: "64635c2cbff2fe10390b3e37392af59bf6ccc8f0" subjects: - kind: ServiceAccount name: kafka-controller @@ -1448,7 +1893,7 @@ kind: ClusterRoleBinding metadata: name: kafka-controller-addressable-resolver labels: - kafka.eventing.knative.dev/release: "f4b0fce3181870b96980b0f6b4d36899a9fc7ab0" + app.kubernetes.io/version: "64635c2cbff2fe10390b3e37392af59bf6ccc8f0" subjects: - kind: ServiceAccount name: kafka-controller @@ -1479,7 +1924,9 @@ metadata: namespace: knative-eventing labels: app: kafka-controller - kafka.eventing.knative.dev/release: "f4b0fce3181870b96980b0f6b4d36899a9fc7ab0" + app.kubernetes.io/version: "64635c2cbff2fe10390b3e37392af59bf6ccc8f0" + app.kubernetes.io/component: kafka-controller + app.kubernetes.io/name: knative-eventing spec: selector: matchLabels: @@ -1489,7 +1936,9 @@ spec: name: kafka-controller labels: app: kafka-controller - kafka.eventing.knative.dev/release: "f4b0fce3181870b96980b0f6b4d36899a9fc7ab0" + app.kubernetes.io/version: "64635c2cbff2fe10390b3e37392af59bf6ccc8f0" + app.kubernetes.io/component: kafka-controller + app.kubernetes.io/name: knative-eventing spec: securityContext: runAsNonRoot: true @@ -1513,7 +1962,7 @@ spec: weight: 100 containers: - name: controller - image: gcr.io/knative-releases/knative.dev/eventing-kafka-broker/control-plane/cmd/kafka-controller@sha256:d58ff9abd8ebbf5118c1f68b32f8cb39623e7c608c6fb2966f279891d27867ce + image: gcr.io/knative-releases/knative.dev/eventing-kafka-broker/control-plane/cmd/kafka-controller@sha256:cd5844a467d23b59836adeb643e903cecf84230f5d8ae57e68f687330a71f49d imagePullPolicy: IfNotPresent env: - name: BROKER_DATA_PLANE_CONFIG_MAP_NAMESPACE @@ -1522,8 +1971,6 @@ spec: value: knative-eventing - name: SINK_DATA_PLANE_CONFIG_MAP_NAMESPACE value: knative-eventing - - name: SOURCE_DATA_PLANE_CONFIG_MAP_NAMESPACE - value: knative-eventing - name: BROKER_CONTRACT_CONFIG_MAP_NAME value: kafka-broker-brokers-triggers - name: CHANNEL_CONTRACT_CONFIG_MAP_NAME @@ -1532,20 +1979,16 @@ spec: value: kafka-sink-sinks - name: BROKER_DATA_PLANE_CONFIG_CONFIG_MAP_NAME value: config-kafka-broker-data-plane - - name: SOURCE_DATA_PLANE_CONFIG_CONFIG_MAP_NAME - value: config-kafka-source-data-plane - name: SINK_DATA_PLANE_CONFIG_CONFIG_MAP_NAME - value: config-kafka-source-data-plane + value: config-kafka-sink-data-plane - name: CHANNEL_DATA_PLANE_CONFIG_CONFIG_MAP_NAME - value: config-kafka-source-data-plane + value: config-kafka-channel-data-plane - name: BROKER_CONTRACT_CONFIG_MAP_FORMAT value: json - name: CHANNEL_CONTRACT_CONFIG_MAP_FORMAT value: json - name: SINK_CONTRACT_CONFIG_MAP_FORMAT value: json - - name: SOURCE_CONTRACT_CONFIG_MAP_FORMAT - value: json - name: CONSUMER_CONTRACT_CONFIG_MAP_FORMAT value: json - name: BROKER_INGRESS_NAME @@ -1554,22 +1997,24 @@ spec: value: kafka-channel-ingress - name: SINK_INGRESS_NAME value: kafka-sink-ingress - - name: SOURCE_INGRESS_NAME - value: kafka-source-ingress - name: BROKER_GENERAL_CONFIG_MAP_NAME value: kafka-broker-config - name: CHANNEL_GENERAL_CONFIG_MAP_NAME value: kafka-channel-config - name: SINK_GENERAL_CONFIG_MAP_NAME value: kafka-broker-config - - name: SOURCE_GENERAL_CONFIG_MAP_NAME - value: kafka-broker-config - name: BROKER_INGRESS_POD_PORT value: "8080" - name: CHANNEL_INGRESS_POD_PORT value: "8080" - name: SINK_INGRESS_POD_PORT value: "8080" + - name: BROKER_INGRESS_POD_TLS_PORT + value: "8443" + - name: CHANNEL_INGRESS_POD_TLS_PORT + value: "8443" + - name: SINK_INGRESS_POD_TLS_PORT + value: "8443" - name: BROKER_SYSTEM_NAMESPACE valueFrom: fieldRef: @@ -1582,10 +2027,6 @@ spec: valueFrom: fieldRef: fieldPath: metadata.namespace - - name: SOURCE_SYSTEM_NAMESPACE - valueFrom: - fieldRef: - fieldPath: metadata.namespace - name: BROKER_DEFAULT_BACKOFF_DELAY_MS value: "1000" # 1 second - name: CHANNEL_DEFAULT_BACKOFF_DELAY_MS @@ -1604,6 +2045,8 @@ spec: value: 'config-kafka-scheduler' - name: DESCHEDULER_CONFIG value: 'config-kafka-descheduler' + - name: AUTOSCALER_CONFIG + value: 'config-kafka-autoscaler' - name: CONFIG_LEADERELECTION_NAME value: config-kafka-leader-election - name: CONFIG_LOGGING_NAME @@ -1654,7 +2097,7 @@ kind: ClusterRole metadata: name: kafka-webhook-eventing labels: - kafka.eventing.knative.dev/release: "f4b0fce3181870b96980b0f6b4d36899a9fc7ab0" + app.kubernetes.io/version: "64635c2cbff2fe10390b3e37392af59bf6ccc8f0" rules: # For watching logging configuration and getting certs. - apiGroups: @@ -1756,7 +2199,7 @@ metadata: name: kafka-webhook-eventing namespace: knative-eventing labels: - kafka.eventing.knative.dev/release: "f4b0fce3181870b96980b0f6b4d36899a9fc7ab0" + app.kubernetes.io/version: "64635c2cbff2fe10390b3e37392af59bf6ccc8f0" --- # Copyright 2020 The Knative Authors @@ -1777,7 +2220,7 @@ kind: ClusterRoleBinding metadata: name: kafka-webhook-eventing labels: - kafka.eventing.knative.dev/release: "f4b0fce3181870b96980b0f6b4d36899a9fc7ab0" + app.kubernetes.io/version: "64635c2cbff2fe10390b3e37392af59bf6ccc8f0" subjects: - kind: ServiceAccount name: kafka-webhook-eventing @@ -1807,7 +2250,7 @@ kind: MutatingWebhookConfiguration metadata: name: defaulting.webhook.kafka.eventing.knative.dev labels: - kafka.eventing.knative.dev/release: "f4b0fce3181870b96980b0f6b4d36899a9fc7ab0" + app.kubernetes.io/version: "64635c2cbff2fe10390b3e37392af59bf6ccc8f0" webhooks: - admissionReviewVersions: ["v1", "v1beta1"] clientConfig: @@ -1839,7 +2282,7 @@ kind: MutatingWebhookConfiguration metadata: name: pods.defaulting.webhook.kafka.eventing.knative.dev labels: - kafka.eventing.knative.dev/release: "f4b0fce3181870b96980b0f6b4d36899a9fc7ab0" + app.kubernetes.io/version: "64635c2cbff2fe10390b3e37392af59bf6ccc8f0" webhooks: # Dispatcher pods webhook config. - admissionReviewVersions: ["v1", "v1beta1"] @@ -1855,10 +2298,10 @@ webhooks: matchPolicy: Equivalent namespaceSelector: matchLabels: - app.kubernetes.io/name: knative-eventing + kubernetes.io/metadata.name: knative-eventing objectSelector: matchLabels: - app.kubernetes.io/component: kafka-dispatcher + app.kubernetes.io/kind: kafka-dispatcher --- # Copyright 2020 The Knative Authors @@ -1881,7 +2324,7 @@ metadata: name: kafka-webhook-eventing-certs namespace: knative-eventing labels: - kafka.eventing.knative.dev/release: "f4b0fce3181870b96980b0f6b4d36899a9fc7ab0" + app.kubernetes.io/version: "64635c2cbff2fe10390b3e37392af59bf6ccc8f0" # The data is populated at install time. --- @@ -1904,7 +2347,7 @@ kind: ValidatingWebhookConfiguration metadata: name: validation.webhook.kafka.eventing.knative.dev labels: - kafka.eventing.knative.dev/release: "f4b0fce3181870b96980b0f6b4d36899a9fc7ab0" + app.kubernetes.io/version: "64635c2cbff2fe10390b3e37392af59bf6ccc8f0" webhooks: - admissionReviewVersions: ["v1", "v1beta1"] clientConfig: @@ -1938,7 +2381,9 @@ metadata: namespace: knative-eventing labels: app: kafka-webhook-eventing - kafka.eventing.knative.dev/release: "f4b0fce3181870b96980b0f6b4d36899a9fc7ab0" + app.kubernetes.io/version: "64635c2cbff2fe10390b3e37392af59bf6ccc8f0" + app.kubernetes.io/component: kafka-webhook-eventing + app.kubernetes.io/name: knative-eventing spec: selector: matchLabels: @@ -1947,7 +2392,9 @@ spec: metadata: labels: app: kafka-webhook-eventing - kafka.eventing.knative.dev/release: "f4b0fce3181870b96980b0f6b4d36899a9fc7ab0" + app.kubernetes.io/version: "64635c2cbff2fe10390b3e37392af59bf6ccc8f0" + app.kubernetes.io/component: kafka-webhook-eventing + app.kubernetes.io/name: knative-eventing spec: # To avoid node becoming SPOF, spread our replicas to different nodes. affinity: @@ -1965,7 +2412,7 @@ spec: containers: - name: kafka-webhook-eventing terminationMessagePolicy: FallbackToLogsOnError - image: gcr.io/knative-releases/knative.dev/eventing-kafka-broker/control-plane/cmd/webhook-kafka@sha256:c3c5af42870f18f39486b3d5275248206f3c425fb48c038ca405d0b990bbc957 + image: gcr.io/knative-releases/knative.dev/eventing-kafka-broker/control-plane/cmd/webhook-kafka@sha256:ab324036388c8d073318639af0427420de93d0faa5c05732c5cc1e45bbb732f8 resources: requests: cpu: 20m @@ -2029,7 +2476,9 @@ metadata: namespace: knative-eventing labels: app: kafka-webhook-eventing - kafka.eventing.knative.dev/release: "f4b0fce3181870b96980b0f6b4d36899a9fc7ab0" + app.kubernetes.io/version: "64635c2cbff2fe10390b3e37392af59bf6ccc8f0" + app.kubernetes.io/component: kafka-webhook-eventing + app.kubernetes.io/name: knative-eventing spec: ports: - name: https-webhook diff --git a/cmd/operator/kodata/eventing-source/1.8/kafka/eventing-kafka-post-install.yaml b/cmd/operator/kodata/eventing-source/1.12/kafka/eventing-kafka-post-install.yaml similarity index 63% rename from cmd/operator/kodata/eventing-source/1.8/kafka/eventing-kafka-post-install.yaml rename to cmd/operator/kodata/eventing-source/1.12/kafka/eventing-kafka-post-install.yaml index 012a40185f..948bf675d9 100644 --- a/cmd/operator/kodata/eventing-source/1.8/kafka/eventing-kafka-post-install.yaml +++ b/cmd/operator/kodata/eventing-source/1.12/kafka/eventing-kafka-post-install.yaml @@ -16,183 +16,8 @@ kind: ClusterRole metadata: name: knative-kafka-controller-post-install labels: - kafka.eventing.knative.dev/release: "f4b0fce3181870b96980b0f6b4d36899a9fc7ab0" -rules: - - apiGroups: - - apps - resources: - - deployments - verbs: - - delete - - deletecollection - - apiGroups: - - "apps" - resources: - - statefulsets - verbs: - - get - - list - # sources.knative.dev resources and finalizers we care about. - - apiGroups: - - sources.knative.dev - resources: - - kafkasources - - kafkasources/status - verbs: - - get - - list - - apiGroups: - - admissionregistration.k8s.io - resources: - - mutatingwebhookconfigurations - resourceNames: - - defaulting.webhook.kafka.sources.knative.dev - - defaulting.webhook.kafka.messaging.knative.dev - verbs: - - delete - - apiGroups: - - admissionregistration.k8s.io - resources: - - validatingwebhookconfigurations - resourceNames: - - validation.webhook.kafka.sources.knative.dev - - config.webhook.kafka.sources.knative.dev - - validation.webhook.kafka.messaging.knative.dev - verbs: - - delete - - apiGroups: - - "*" - resources: - - services - resourceNames: - - kafka-source-webhook - - kafka-controller - - kafka-webhook - - kafka-ch-dispatcher - verbs: - - delete - # to be able to list channel services and patch them - - apiGroups: - - "*" - resources: - - services - verbs: - - list - - patch - - apiGroups: - - apps - resources: - - deployments - resourceNames: - - kafka-controller-manager - - kafka-webhook - - kafka-ch-controller - - kafka-ch-dispatcher - - kafka-source-dispatcher - verbs: - - delete - # to be able to check readiness of the new dataplane - - apiGroups: - - apps - resources: - - deployments - resourceNames: - - kafka-channel-dispatcher - - kafka-channel-receiver - - kafka-controller - verbs: - - get - - apiGroups: - - rbac.authorization.k8s.io - resources: - - clusterrolebindings - resourceNames: - - eventing-sources-kafka-controller - - eventing-sources-kafka-controller-addressable-resolver - - kafka-webhook - - kafka-ch-controller - - kafka-ch-dispatcher - - eventing-sources-kafka-controller-podspecable-binding - verbs: - - delete - - apiGroups: - - rbac.authorization.k8s.io - resources: - - clusterroles - resourceNames: - - eventing-sources-kafka-controller - - kafka-webhook - - kafka-ch-controller - - kafka-addressable-resolver - - kafka-channelable-manipulator - - kafka-ch-dispatcher - verbs: - - delete - - apiGroups: - - "*" - resources: - - serviceaccounts - resourceNames: - - kafka-controller-manager - - kafka-webhook - - kafka-ch-controller - - kafka-ch-dispatcher - verbs: - - delete - - apiGroups: - - "*" - resources: - - secrets - resourceNames: - - kafka-source-webhook-certs - - messaging-webhook-certs - verbs: - - delete - - apiGroups: - - "*" - resources: - - horizontalpodautoscalers - resourceNames: - - kafka-webhook - verbs: - - delete - - apiGroups: - - "*" - resources: - - poddisruptionbudgets - resourceNames: - - kafka-webhook - verbs: - - delete - - apiGroups: - - "*" - resources: - - leases - resourceNames: - - kafkachannel-dispatcher.knative.dev.eventing-kafka.pkg.channel.consolidated.reconciler.dispatcher.reconciler.00-of-01 - verbs: - - delete - # to be able to read the old configmap and migrate - # and then delete them - - apiGroups: - - "*" - resources: - - configmaps - resourceNames: - - config-leader-election-kafkachannel - - config-kafka - verbs: - - get - - delete - # to be able update config in the new configmap - - apiGroups: - - "*" - resources: - - configmaps - resourceNames: - - kafka-channel-config - verbs: - - patch + app.kubernetes.io/version: "64635c2cbff2fe10390b3e37392af59bf6ccc8f0" +rules: [] --- # Copyright 2022 The Knative Authors @@ -214,7 +39,7 @@ metadata: name: knative-kafka-controller-post-install namespace: knative-eventing labels: - kafka.eventing.knative.dev/release: "f4b0fce3181870b96980b0f6b4d36899a9fc7ab0" + app.kubernetes.io/version: "64635c2cbff2fe10390b3e37392af59bf6ccc8f0" --- # Copyright 2020 The Knative Authors @@ -236,7 +61,7 @@ kind: ClusterRole metadata: name: knative-kafka-storage-version-migrator labels: - kafka.eventing.knative.dev/release: "f4b0fce3181870b96980b0f6b4d36899a9fc7ab0" + app.kubernetes.io/version: "64635c2cbff2fe10390b3e37392af59bf6ccc8f0" rules: # Storage version upgrader needs to be able to patch CRDs. - apiGroups: @@ -319,14 +144,14 @@ metadata: name: knative-kafka-storage-version-migrator namespace: knative-eventing labels: - kafka.eventing.knative.dev/release: "f4b0fce3181870b96980b0f6b4d36899a9fc7ab0" + app.kubernetes.io/version: "64635c2cbff2fe10390b3e37392af59bf6ccc8f0" --- apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRoleBinding metadata: name: knative-kafka-storage-version-migrator labels: - kafka.eventing.knative.dev/release: "f4b0fce3181870b96980b0f6b4d36899a9fc7ab0" + app.kubernetes.io/version: "64635c2cbff2fe10390b3e37392af59bf6ccc8f0" subjects: - kind: ServiceAccount name: knative-kafka-storage-version-migrator @@ -355,7 +180,7 @@ kind: ClusterRoleBinding metadata: name: knative-kafka-controller-post-install labels: - kafka.eventing.knative.dev/release: "f4b0fce3181870b96980b0f6b4d36899a9fc7ab0" + app.kubernetes.io/version: "64635c2cbff2fe10390b3e37392af59bf6ccc8f0" subjects: - kind: ServiceAccount name: knative-kafka-controller-post-install @@ -387,7 +212,7 @@ metadata: namespace: knative-eventing labels: app: kafka-controller-post-install - kafka.eventing.knative.dev/release: "f4b0fce3181870b96980b0f6b4d36899a9fc7ab0" + app.kubernetes.io/version: "64635c2cbff2fe10390b3e37392af59bf6ccc8f0" spec: ttlSecondsAfterFinished: 600 backoffLimit: 10 @@ -395,7 +220,7 @@ spec: metadata: labels: app: kafka-controller-post-install - kafka.eventing.knative.dev/release: "f4b0fce3181870b96980b0f6b4d36899a9fc7ab0" + app.kubernetes.io/version: "64635c2cbff2fe10390b3e37392af59bf6ccc8f0" annotations: sidecar.istio.io/inject: "false" spec: @@ -403,7 +228,7 @@ spec: restartPolicy: OnFailure containers: - name: post-install - image: gcr.io/knative-releases/knative.dev/eventing-kafka-broker/control-plane/cmd/post-install@sha256:6a7d82e5bb9ee3e8d8bfeea4eb5564f076e6ce35c712f50eadaa3e0a4393b7a6 + image: gcr.io/knative-releases/knative.dev/eventing-kafka-broker/control-plane/cmd/post-install@sha256:4f7d23f07b8646a5519203d69930f2b9ece3232d65f1da12246a6d8373420537 env: - name: SYSTEM_NAMESPACE valueFrom: @@ -443,7 +268,7 @@ metadata: namespace: knative-eventing labels: app: "knative-kafka-storage-version-migrator" - kafka.eventing.knative.dev/release: "f4b0fce3181870b96980b0f6b4d36899a9fc7ab0" + app.kubernetes.io/version: "64635c2cbff2fe10390b3e37392af59bf6ccc8f0" spec: ttlSecondsAfterFinished: 600 backoffLimit: 10 @@ -451,7 +276,7 @@ spec: metadata: labels: app: "knative-kafka-storage-version-migrator" - kafka.eventing.knative.dev/release: "f4b0fce3181870b96980b0f6b4d36899a9fc7ab0" + app.kubernetes.io/version: "64635c2cbff2fe10390b3e37392af59bf6ccc8f0" annotations: sidecar.istio.io/inject: "false" spec: @@ -459,7 +284,7 @@ spec: restartPolicy: OnFailure containers: - name: migrate - image: gcr.io/knative-releases/knative.dev/pkg/apiextensions/storageversion/cmd/migrate@sha256:580d17a61de17cae5debb9979f4dc4da3da323b848afe0542a01c2bbf8376c38 + image: gcr.io/knative-releases/knative.dev/pkg/apiextensions/storageversion/cmd/migrate@sha256:a99af588fc93db9b8682f21a27bfe14b8a539567993d0e624218962da358f972 env: - name: IGNORE_NOT_FOUND value: "true" @@ -496,183 +321,8 @@ kind: ClusterRole metadata: name: knative-kafka-controller-post-install labels: - kafka.eventing.knative.dev/release: "f4b0fce3181870b96980b0f6b4d36899a9fc7ab0" -rules: - - apiGroups: - - apps - resources: - - deployments - verbs: - - delete - - deletecollection - - apiGroups: - - "apps" - resources: - - statefulsets - verbs: - - get - - list - # sources.knative.dev resources and finalizers we care about. - - apiGroups: - - sources.knative.dev - resources: - - kafkasources - - kafkasources/status - verbs: - - get - - list - - apiGroups: - - admissionregistration.k8s.io - resources: - - mutatingwebhookconfigurations - resourceNames: - - defaulting.webhook.kafka.sources.knative.dev - - defaulting.webhook.kafka.messaging.knative.dev - verbs: - - delete - - apiGroups: - - admissionregistration.k8s.io - resources: - - validatingwebhookconfigurations - resourceNames: - - validation.webhook.kafka.sources.knative.dev - - config.webhook.kafka.sources.knative.dev - - validation.webhook.kafka.messaging.knative.dev - verbs: - - delete - - apiGroups: - - "*" - resources: - - services - resourceNames: - - kafka-source-webhook - - kafka-controller - - kafka-webhook - - kafka-ch-dispatcher - verbs: - - delete - # to be able to list channel services and patch them - - apiGroups: - - "*" - resources: - - services - verbs: - - list - - patch - - apiGroups: - - apps - resources: - - deployments - resourceNames: - - kafka-controller-manager - - kafka-webhook - - kafka-ch-controller - - kafka-ch-dispatcher - - kafka-source-dispatcher - verbs: - - delete - # to be able to check readiness of the new dataplane - - apiGroups: - - apps - resources: - - deployments - resourceNames: - - kafka-channel-dispatcher - - kafka-channel-receiver - - kafka-controller - verbs: - - get - - apiGroups: - - rbac.authorization.k8s.io - resources: - - clusterrolebindings - resourceNames: - - eventing-sources-kafka-controller - - eventing-sources-kafka-controller-addressable-resolver - - kafka-webhook - - kafka-ch-controller - - kafka-ch-dispatcher - - eventing-sources-kafka-controller-podspecable-binding - verbs: - - delete - - apiGroups: - - rbac.authorization.k8s.io - resources: - - clusterroles - resourceNames: - - eventing-sources-kafka-controller - - kafka-webhook - - kafka-ch-controller - - kafka-addressable-resolver - - kafka-channelable-manipulator - - kafka-ch-dispatcher - verbs: - - delete - - apiGroups: - - "*" - resources: - - serviceaccounts - resourceNames: - - kafka-controller-manager - - kafka-webhook - - kafka-ch-controller - - kafka-ch-dispatcher - verbs: - - delete - - apiGroups: - - "*" - resources: - - secrets - resourceNames: - - kafka-source-webhook-certs - - messaging-webhook-certs - verbs: - - delete - - apiGroups: - - "*" - resources: - - horizontalpodautoscalers - resourceNames: - - kafka-webhook - verbs: - - delete - - apiGroups: - - "*" - resources: - - poddisruptionbudgets - resourceNames: - - kafka-webhook - verbs: - - delete - - apiGroups: - - "*" - resources: - - leases - resourceNames: - - kafkachannel-dispatcher.knative.dev.eventing-kafka.pkg.channel.consolidated.reconciler.dispatcher.reconciler.00-of-01 - verbs: - - delete - # to be able to read the old configmap and migrate - # and then delete them - - apiGroups: - - "*" - resources: - - configmaps - resourceNames: - - config-leader-election-kafkachannel - - config-kafka - verbs: - - get - - delete - # to be able update config in the new configmap - - apiGroups: - - "*" - resources: - - configmaps - resourceNames: - - kafka-channel-config - verbs: - - patch + app.kubernetes.io/version: "64635c2cbff2fe10390b3e37392af59bf6ccc8f0" +rules: [] --- # Copyright 2022 The Knative Authors @@ -694,7 +344,7 @@ metadata: name: knative-kafka-controller-post-install namespace: knative-eventing labels: - kafka.eventing.knative.dev/release: "f4b0fce3181870b96980b0f6b4d36899a9fc7ab0" + app.kubernetes.io/version: "64635c2cbff2fe10390b3e37392af59bf6ccc8f0" --- # Copyright 2020 The Knative Authors @@ -716,7 +366,7 @@ kind: ClusterRole metadata: name: knative-kafka-storage-version-migrator labels: - kafka.eventing.knative.dev/release: "f4b0fce3181870b96980b0f6b4d36899a9fc7ab0" + app.kubernetes.io/version: "64635c2cbff2fe10390b3e37392af59bf6ccc8f0" rules: # Storage version upgrader needs to be able to patch CRDs. - apiGroups: @@ -799,14 +449,14 @@ metadata: name: knative-kafka-storage-version-migrator namespace: knative-eventing labels: - kafka.eventing.knative.dev/release: "f4b0fce3181870b96980b0f6b4d36899a9fc7ab0" + app.kubernetes.io/version: "64635c2cbff2fe10390b3e37392af59bf6ccc8f0" --- apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRoleBinding metadata: name: knative-kafka-storage-version-migrator labels: - kafka.eventing.knative.dev/release: "f4b0fce3181870b96980b0f6b4d36899a9fc7ab0" + app.kubernetes.io/version: "64635c2cbff2fe10390b3e37392af59bf6ccc8f0" subjects: - kind: ServiceAccount name: knative-kafka-storage-version-migrator @@ -835,7 +485,7 @@ kind: ClusterRoleBinding metadata: name: knative-kafka-controller-post-install labels: - kafka.eventing.knative.dev/release: "f4b0fce3181870b96980b0f6b4d36899a9fc7ab0" + app.kubernetes.io/version: "64635c2cbff2fe10390b3e37392af59bf6ccc8f0" subjects: - kind: ServiceAccount name: knative-kafka-controller-post-install @@ -867,7 +517,7 @@ metadata: namespace: knative-eventing labels: app: kafka-controller-post-install - kafka.eventing.knative.dev/release: "f4b0fce3181870b96980b0f6b4d36899a9fc7ab0" + app.kubernetes.io/version: "64635c2cbff2fe10390b3e37392af59bf6ccc8f0" spec: ttlSecondsAfterFinished: 600 backoffLimit: 10 @@ -875,7 +525,7 @@ spec: metadata: labels: app: kafka-controller-post-install - kafka.eventing.knative.dev/release: "f4b0fce3181870b96980b0f6b4d36899a9fc7ab0" + app.kubernetes.io/version: "64635c2cbff2fe10390b3e37392af59bf6ccc8f0" annotations: sidecar.istio.io/inject: "false" spec: @@ -883,7 +533,7 @@ spec: restartPolicy: OnFailure containers: - name: post-install - image: gcr.io/knative-releases/knative.dev/eventing-kafka-broker/control-plane/cmd/post-install@sha256:6a7d82e5bb9ee3e8d8bfeea4eb5564f076e6ce35c712f50eadaa3e0a4393b7a6 + image: gcr.io/knative-releases/knative.dev/eventing-kafka-broker/control-plane/cmd/post-install@sha256:4f7d23f07b8646a5519203d69930f2b9ece3232d65f1da12246a6d8373420537 env: - name: SYSTEM_NAMESPACE valueFrom: @@ -923,7 +573,7 @@ metadata: namespace: knative-eventing labels: app: "knative-kafka-storage-version-migrator" - kafka.eventing.knative.dev/release: "f4b0fce3181870b96980b0f6b4d36899a9fc7ab0" + app.kubernetes.io/version: "64635c2cbff2fe10390b3e37392af59bf6ccc8f0" spec: ttlSecondsAfterFinished: 600 backoffLimit: 10 @@ -931,7 +581,7 @@ spec: metadata: labels: app: "knative-kafka-storage-version-migrator" - kafka.eventing.knative.dev/release: "f4b0fce3181870b96980b0f6b4d36899a9fc7ab0" + app.kubernetes.io/version: "64635c2cbff2fe10390b3e37392af59bf6ccc8f0" annotations: sidecar.istio.io/inject: "false" spec: @@ -939,7 +589,7 @@ spec: restartPolicy: OnFailure containers: - name: migrate - image: gcr.io/knative-releases/knative.dev/pkg/apiextensions/storageversion/cmd/migrate@sha256:580d17a61de17cae5debb9979f4dc4da3da323b848afe0542a01c2bbf8376c38 + image: gcr.io/knative-releases/knative.dev/pkg/apiextensions/storageversion/cmd/migrate@sha256:a99af588fc93db9b8682f21a27bfe14b8a539567993d0e624218962da358f972 env: - name: IGNORE_NOT_FOUND value: "true" diff --git a/cmd/operator/kodata/eventing-source/1.8/kafka/eventing-kafka-source.yaml b/cmd/operator/kodata/eventing-source/1.12/kafka/eventing-kafka-source.yaml similarity index 95% rename from cmd/operator/kodata/eventing-source/1.8/kafka/eventing-kafka-source.yaml rename to cmd/operator/kodata/eventing-source/1.12/kafka/eventing-kafka-source.yaml index ef22d7478f..a49505fc25 100644 --- a/cmd/operator/kodata/eventing-source/1.8/kafka/eventing-kafka-source.yaml +++ b/cmd/operator/kodata/eventing-source/1.12/kafka/eventing-kafka-source.yaml @@ -17,7 +17,7 @@ metadata: name: config-kafka-source-data-plane namespace: knative-eventing labels: - kafka.eventing.knative.dev/release: "f4b0fce3181870b96980b0f6b4d36899a9fc7ab0" + app.kubernetes.io/version: "64635c2cbff2fe10390b3e37392af59bf6ccc8f0" annotations: knative.dev/example-checksum: "8157ecb1" data: @@ -178,10 +178,10 @@ kind: ClusterRole metadata: name: knative-kafka-source-data-plane labels: - kafka.eventing.knative.dev/release: "f4b0fce3181870b96980b0f6b4d36899a9fc7ab0" + app.kubernetes.io/version: "64635c2cbff2fe10390b3e37392af59bf6ccc8f0" rules: - apiGroups: - - "*" + - "" resources: - secrets verbs: @@ -209,7 +209,7 @@ metadata: name: knative-kafka-source-data-plane namespace: knative-eventing labels: - kafka.eventing.knative.dev/release: "f4b0fce3181870b96980b0f6b4d36899a9fc7ab0" + app.kubernetes.io/version: "64635c2cbff2fe10390b3e37392af59bf6ccc8f0" --- # Copyright 2021 The Knative Authors @@ -230,7 +230,7 @@ kind: ClusterRoleBinding metadata: name: knative-kafka-source-data-plane labels: - kafka.eventing.knative.dev/release: "f4b0fce3181870b96980b0f6b4d36899a9fc7ab0" + app.kubernetes.io/version: "64635c2cbff2fe10390b3e37392af59bf6ccc8f0" subjects: - kind: ServiceAccount name: knative-kafka-source-data-plane @@ -261,7 +261,9 @@ metadata: namespace: knative-eventing labels: app: kafka-source-dispatcher - kafka.eventing.knative.dev/release: "f4b0fce3181870b96980b0f6b4d36899a9fc7ab0" + app.kubernetes.io/version: "64635c2cbff2fe10390b3e37392af59bf6ccc8f0" + app.kubernetes.io/component: kafka-source-dispatcher + app.kubernetes.io/name: knative-eventing spec: serviceName: kafka-source-dispatcher podManagementPolicy: "Parallel" @@ -273,8 +275,10 @@ spec: name: kafka-source-dispatcher labels: app: kafka-source-dispatcher - app.kubernetes.io/component: kafka-dispatcher - kafka.eventing.knative.dev/release: "f4b0fce3181870b96980b0f6b4d36899a9fc7ab0" + app.kubernetes.io/version: "64635c2cbff2fe10390b3e37392af59bf6ccc8f0" + app.kubernetes.io/component: kafka-channel-dispatcher + app.kubernetes.io/name: knative-eventing + app.kubernetes.io/kind: kafka-dispatcher spec: # To avoid node becoming SPOF, spread our replicas to different nodes and zones. topologySpreadConstraints: @@ -298,7 +302,7 @@ spec: runAsNonRoot: true containers: - name: kafka-source-dispatcher - image: gcr.io/knative-releases/knative-kafka-broker-dispatcher:v1.8.10 + image: gcr.io/knative-releases/knative-kafka-broker-dispatcher:v1.12.0 imagePullPolicy: IfNotPresent volumeMounts: - mountPath: /etc/config diff --git a/cmd/operator/kodata/eventing-source/1.8/rabbitmq/rabbitmq-source.yaml b/cmd/operator/kodata/eventing-source/1.12/rabbitmq/rabbitmq-source.yaml similarity index 96% rename from cmd/operator/kodata/eventing-source/1.8/rabbitmq/rabbitmq-source.yaml rename to cmd/operator/kodata/eventing-source/1.12/rabbitmq/rabbitmq-source.yaml index 95f21775d6..1b47947923 100644 --- a/cmd/operator/kodata/eventing-source/1.8/rabbitmq/rabbitmq-source.yaml +++ b/cmd/operator/kodata/eventing-source/1.12/rabbitmq/rabbitmq-source.yaml @@ -17,7 +17,7 @@ kind: Namespace metadata: name: knative-sources labels: - rabbitmq.eventing.knative.dev/release: "v1.8.4" + rabbitmq.eventing.knative.dev/release: "v1.12.0" --- # Copyright 2020 The Knative Authors @@ -40,7 +40,7 @@ metadata: name: rabbitmq-controller-manager namespace: knative-sources labels: - rabbitmq.eventing.knative.dev/release: "v1.8.4" + rabbitmq.eventing.knative.dev/release: "v1.12.0" secrets: - name: rabbitmq-source-key --- @@ -73,7 +73,7 @@ kind: ClusterRole metadata: name: rabbitmq-webhook labels: - rabbitmq.eventing.knative.dev/release: "v1.8.4" + rabbitmq.eventing.knative.dev/release: "v1.12.0" rules: # For watching logging configuration and getting certs. - apiGroups: @@ -157,7 +157,7 @@ kind: ClusterRole metadata: name: eventing-sources-rabbitmq-controller labels: - rabbitmq.eventing.knative.dev/release: "v1.8.4" + rabbitmq.eventing.knative.dev/release: "v1.12.0" rules: - apiGroups: - sources.knative.dev @@ -270,14 +270,14 @@ metadata: name: rabbitmq-webhook namespace: knative-sources labels: - rabbitmq.eventing.knative.dev/release: "v1.8.4" + rabbitmq.eventing.knative.dev/release: "v1.12.0" --- apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRoleBinding metadata: name: rabbitmq-webhook labels: - rabbitmq.eventing.knative.dev/release: "v1.8.4" + rabbitmq.eventing.knative.dev/release: "v1.12.0" subjects: - kind: ServiceAccount name: rabbitmq-webhook @@ -307,7 +307,7 @@ kind: ClusterRoleBinding metadata: name: eventing-sources-rabbitmq-controller labels: - rabbitmq.eventing.knative.dev/release: "v1.8.4" + rabbitmq.eventing.knative.dev/release: "v1.12.0" subjects: - kind: ServiceAccount name: rabbitmq-controller-manager @@ -322,7 +322,7 @@ kind: ClusterRoleBinding metadata: name: eventing-sources-rabbitmq-controller-addressable-resolver labels: - rabbitmq.eventing.knative.dev/release: "v1.8.4" + rabbitmq.eventing.knative.dev/release: "v1.12.0" subjects: - kind: ServiceAccount name: rabbitmq-controller-manager @@ -552,7 +552,7 @@ metadata: name: rabbitmq-controller namespace: knative-sources labels: - rabbitmq.eventing.knative.dev/release: "v1.8.4" + rabbitmq.eventing.knative.dev/release: "v1.12.0" control-plane: rabbitmq-controller-manager spec: selector: @@ -577,13 +577,20 @@ spec: # limitations under the License. apiVersion: v1 -kind: Secret +kind: Service metadata: - name: rabbitmq-webhook-certs - namespace: knative-sources labels: - rabbitmq.eventing.knative.dev/release: "v1.8.4" -# The data is populated at install time. + rabbitmq.eventing.knative.dev/release: "v1.12.0" + role: rabbitmq-source-webhook + name: rabbitmq-source-webhook + namespace: knative-sources +spec: + ports: + - name: https-webhook + port: 443 + targetPort: 8443 + selector: + role: rabbitmq-source-webhook --- # Copyright 2020 The Knative Authors @@ -606,7 +613,7 @@ metadata: name: rabbitmq-controller-manager namespace: knative-sources labels: - rabbitmq.eventing.knative.dev/release: "v1.8.4" + rabbitmq.eventing.knative.dev/release: "v1.12.0" control-plane: rabbitmq-controller-manager spec: replicas: 1 @@ -620,7 +627,7 @@ spec: serviceAccountName: rabbitmq-controller-manager containers: - name: manager - image: gcr.io/knative-releases/knative.dev/eventing-rabbitmq/cmd/controller/source@sha256:5235e952bfca27a95efb2a9ea5c4714404eee894eab8592d19e6b144179cb92d + image: gcr.io/knative-releases/knative.dev/eventing-rabbitmq/cmd/controller/source@sha256:2e2bf7f97867687aa149c77c87982a1c1cac405885717575d997d5c51e93777c imagePullPolicy: IfNotPresent env: - name: SYSTEM_NAMESPACE @@ -632,7 +639,7 @@ spec: - name: CONFIG_OBSERVABILITY_NAME value: config-observability - name: RABBITMQ_RA_IMAGE - value: gcr.io/knative-releases/knative.dev/eventing-rabbitmq/cmd/receive_adapter@sha256:52526b577f2515efad301a7116cb899be03b7714d60e00e187f4d12e2d3deb2c + value: gcr.io/knative-releases/knative.dev/eventing-rabbitmq/cmd/receive_adapter@sha256:9bdee9bedafadbf392b7796c706440c2575b7d054d05ee76fb6bb7f69ff8d283 securityContext: allowPrivilegeEscalation: false readOnlyRootFilesystem: true @@ -668,7 +675,7 @@ kind: ValidatingWebhookConfiguration metadata: name: config.webhook.rabbitmq.sources.knative.dev labels: - rabbitmq.eventing.knative.dev/release: "v1.8.4" + rabbitmq.eventing.knative.dev/release: "v1.12.0" webhooks: - admissionReviewVersions: ["v1", "v1beta1"] clientConfig: @@ -704,7 +711,7 @@ kind: MutatingWebhookConfiguration metadata: name: webhook.rabbitmq.sources.knative.dev labels: - rabbitmq.eventing.knative.dev/release: "v1.8.4" + rabbitmq.eventing.knative.dev/release: "v1.12.0" webhooks: - admissionReviewVersions: ["v1", "v1beta1"] clientConfig: @@ -736,7 +743,7 @@ kind: ValidatingWebhookConfiguration metadata: name: validation.webhook.rabbitmq.sources.knative.dev labels: - rabbitmq.eventing.knative.dev/release: "v1.8.4" + rabbitmq.eventing.knative.dev/release: "v1.12.0" webhooks: - admissionReviewVersions: ["v1", "v1beta1"] clientConfig: @@ -769,7 +776,7 @@ metadata: name: rabbitmq-webhook-certs namespace: knative-sources labels: - rabbitmq.eventing.knative.dev/release: "v1.8.4" + rabbitmq.eventing.knative.dev/release: "v1.12.0" # The data is populated at install time. --- @@ -792,7 +799,7 @@ kind: MutatingWebhookConfiguration metadata: name: sinkbindings.webhook.sources.knative.dev labels: - rabbitmq.eventing.knative.dev/release: "v1.8.4" + rabbitmq.eventing.knative.dev/release: "v1.12.0" webhooks: - admissionReviewVersions: ["v1", "v1beta1"] clientConfig: @@ -825,7 +832,7 @@ metadata: name: rabbitmq-webhook namespace: knative-sources labels: - rabbitmq.eventing.knative.dev/release: "v1.8.4" + rabbitmq.eventing.knative.dev/release: "v1.12.0" spec: replicas: 1 selector: @@ -853,7 +860,7 @@ spec: terminationMessagePolicy: FallbackToLogsOnError # This is the Go import path for the binary that is containerized # and substituted here. - image: gcr.io/knative-releases/knative.dev/eventing-rabbitmq/cmd/webhook/source@sha256:456076ffaeeec8ce7f438be890e54fb73dc81cc60d0697d34d10517a31f790a1 + image: gcr.io/knative-releases/knative.dev/eventing-rabbitmq/cmd/webhook/source@sha256:d9383a28ee6dd8b159715f7fc2ca2dd4db866582fcc0c85807bb36e50fa60a55 resources: requests: # taken from serving. @@ -909,7 +916,7 @@ apiVersion: v1 kind: Service metadata: labels: - rabbitmq.eventing.knative.dev/release: "v1.8.4" + rabbitmq.eventing.knative.dev/release: "v1.12.0" role: rabbitmq-webhook name: rabbitmq-webhook namespace: knative-sources @@ -998,7 +1005,7 @@ data: # logging.fluentd-sidecar-image provides the fluentd sidecar image # to inject as a sidecar to collect logs from /var/log. # Must be presented if logging.enable-var-log-collection is true. - logging.fluentd-sidecar-image: k8s.gcr.io/fluentd-elasticsearch:v2.0.4 + logging.fluentd-sidecar-image: registry.k8s.io/fluentd-elasticsearch:v2.0.4 # logging.fluentd-sidecar-output-config provides the configuration # for the fluentd sidecar, which will be placed into a configmap and diff --git a/cmd/operator/kodata/eventing-source/1.8/redis/redis-source.yaml b/cmd/operator/kodata/eventing-source/1.12/redis/redis-source.yaml similarity index 98% rename from cmd/operator/kodata/eventing-source/1.8/redis/redis-source.yaml rename to cmd/operator/kodata/eventing-source/1.12/redis/redis-source.yaml index 997774045f..f86333bf16 100644 --- a/cmd/operator/kodata/eventing-source/1.8/redis/redis-source.yaml +++ b/cmd/operator/kodata/eventing-source/1.12/redis/redis-source.yaml @@ -201,7 +201,7 @@ kind: ClusterRole metadata: name: redis-webhook labels: - contrib.eventing.knative.dev/release: "v1.8.1" + contrib.eventing.knative.dev/release: "v1.12.0" rules: # For watching logging configuration and getting certs. - apiGroups: @@ -656,7 +656,7 @@ metadata: name: redis-controller-manager namespace: knative-sources labels: - contrib.eventing.knative.dev/release: "v1.8.1" + contrib.eventing.knative.dev/release: "v1.12.0" control-plane: redis-controller-manager spec: selector: @@ -669,7 +669,7 @@ spec: spec: serviceAccountName: redis-controller-manager containers: - - image: gcr.io/knative-releases/knative.dev/eventing-redis/cmd/source/controller@sha256:edfb616254acab43b5283685e98b24450376d23316c0e4b253834803f1903cfe + - image: gcr.io/knative-releases/knative.dev/eventing-redis/cmd/source/controller@sha256:fe6c673c00ec9b3e3064969b0ce0b72ff2bcd532794f0d82f7345e023914e76e name: manager env: - name: SYSTEM_NAMESPACE @@ -685,7 +685,7 @@ spec: - name: CONFIG_LEADERELECTION_NAME value: config-leader-election-redis - name: STREAMSOURCE_RA_IMAGE - value: gcr.io/knative-releases/knative.dev/eventing-redis/cmd/source/receive_adapter@sha256:120016514d81d876305872b9805df3bf9a75f9be692313256c38b1104665fa26 + value: gcr.io/knative-releases/knative.dev/eventing-redis/cmd/source/receive_adapter@sha256:e8f6900887a14915f2f5aab2a5f44f8fac4dab418f700293f3cc095bf7f11fe3 - name: CONFIG_REDIS_NUMCONSUMERS value: config-redis - name: SECRET_TLS_TLSCERTIFICATE @@ -713,7 +713,7 @@ metadata: name: config-leader-election-redis namespace: knative-sources labels: - contrib.eventing.knative.dev/release: "v1.8.1" + contrib.eventing.knative.dev/release: "v1.12.0" data: # An inactive but valid configuration follows; see example. resourceLock: "leases" @@ -852,7 +852,7 @@ data: # logging.fluentd-sidecar-image provides the fluentd sidecar image # to inject as a sidecar to collect logs from /var/log. # Must be presented if logging.enable-var-log-collection is true. - logging.fluentd-sidecar-image: k8s.gcr.io/fluentd-elasticsearch:v2.0.4 + logging.fluentd-sidecar-image: registry.k8s.io/fluentd-elasticsearch:v2.0.4 # logging.fluentd-sidecar-output-config provides the configuration # for the fluentd sidecar, which will be placed into a configmap and diff --git a/cmd/operator/kodata/ingress/1.8/contour/net-contour.yaml b/cmd/operator/kodata/ingress/1.12/contour/net-contour.yaml similarity index 84% rename from cmd/operator/kodata/ingress/1.8/contour/net-contour.yaml rename to cmd/operator/kodata/ingress/1.12/contour/net-contour.yaml index da3a33404f..d82b15ba9d 100644 --- a/cmd/operator/kodata/ingress/1.8/contour/net-contour.yaml +++ b/cmd/operator/kodata/ingress/1.12/contour/net-contour.yaml @@ -8,7 +8,7 @@ metadata: networking.knative.dev/ingress-provider: contour app.kubernetes.io/component: net-contour app.kubernetes.io/name: knative-serving - app.kubernetes.io/version: "1.8.3" + app.kubernetes.io/version: "1.12.0" serving.knative.dev/controller: "true" rules: - apiGroups: ["projectcontour.io"] @@ -38,7 +38,7 @@ metadata: networking.knative.dev/ingress-provider: contour app.kubernetes.io/component: net-contour app.kubernetes.io/name: knative-serving - app.kubernetes.io/version: "1.8.3" + app.kubernetes.io/version: "1.12.0" data: _example: | ################################ @@ -93,6 +93,9 @@ metadata: namespace: knative-serving labels: networking.knative.dev/ingress-provider: contour + app.kubernetes.io/component: net-contour + app.kubernetes.io/name: knative-serving + app.kubernetes.io/version: "1.12.0" spec: replicas: 1 selector: @@ -104,14 +107,14 @@ spec: app: net-contour-controller app.kubernetes.io/component: net-contour app.kubernetes.io/name: knative-serving - app.kubernetes.io/version: "1.8.3" + app.kubernetes.io/version: "1.12.0" spec: serviceAccountName: controller containers: - name: controller # This is the Go import path for the binary that is containerized # and substituted here. - image: gcr.io/knative-releases/knative.dev/net-contour/cmd/controller@sha256:9909711ece2a0707686140eb29cab5717c49976c8007f2b23b15678369029718 + image: gcr.io/knative-releases/knative.dev/net-contour/cmd/controller@sha256:94247b697a63e8f115be54617cb29cbb31ded2458f033d6ab7a86627632fad52 resources: requests: cpu: 40m @@ -141,6 +144,25 @@ spec: runAsNonRoot: true capabilities: drop: - - all + - ALL + seccompProfile: + type: RuntimeDefault +--- +#! Used when internal-encryption is set to "true" +apiVersion: projectcontour.io/v1 +kind: TLSCertificateDelegation +metadata: + name: knative-serving-certs + namespace: knative-serving + labels: + networking.knative.dev/ingress-provider: contour + app.kubernetes.io/component: net-contour + app.kubernetes.io/name: knative-serving + app.kubernetes.io/version: "1.12.0" +spec: + delegations: + - secretName: knative-serving-certs + targetNamespaces: + - "*" --- diff --git a/cmd/operator/kodata/ingress/1.8/istio/net-istio.yaml b/cmd/operator/kodata/ingress/1.12/istio/net-istio.yaml similarity index 85% rename from cmd/operator/kodata/ingress/1.8/istio/net-istio.yaml rename to cmd/operator/kodata/ingress/1.12/istio/net-istio.yaml index 5ceeb58a06..5ac040e1d6 100644 --- a/cmd/operator/kodata/ingress/1.8/istio/net-istio.yaml +++ b/cmd/operator/kodata/ingress/1.12/istio/net-istio.yaml @@ -1,4 +1,4 @@ -# Generated when HEAD was d4fce5da8b34ca56c7dd2724a389d85dba13ef69 +# Generated when HEAD was ca5d919f8a720e4cc2ac0a976e55a13fc12935cb # # Copyright 2019 The Knative Authors # @@ -22,7 +22,7 @@ metadata: labels: app.kubernetes.io/component: net-istio app.kubernetes.io/name: knative-serving - app.kubernetes.io/version: "1.8.3" + app.kubernetes.io/version: "1.12.0" serving.knative.dev/controller: "true" networking.knative.dev/ingress-provider: istio rules: @@ -46,7 +46,7 @@ rules: # limitations under the License. # This is the shared Gateway for all Knative routes to use. -apiVersion: networking.istio.io/v1alpha3 +apiVersion: networking.istio.io/v1beta1 kind: Gateway metadata: name: knative-ingress-gateway @@ -54,7 +54,7 @@ metadata: labels: app.kubernetes.io/component: net-istio app.kubernetes.io/name: knative-serving - app.kubernetes.io/version: "1.8.3" + app.kubernetes.io/version: "1.12.0" networking.knative.dev/ingress-provider: istio spec: selector: @@ -85,7 +85,7 @@ spec: # A cluster local gateway to allow pods outside of the mesh to access # Services and Routes not exposing through an ingress. If the users # do have a service mesh setup, this isn't required. -apiVersion: networking.istio.io/v1alpha3 +apiVersion: networking.istio.io/v1beta1 kind: Gateway metadata: name: knative-local-gateway @@ -93,7 +93,7 @@ metadata: labels: app.kubernetes.io/component: net-istio app.kubernetes.io/name: knative-serving - app.kubernetes.io/version: "1.8.3" + app.kubernetes.io/version: "1.12.0" networking.knative.dev/ingress-provider: istio spec: selector: @@ -114,7 +114,7 @@ metadata: labels: app.kubernetes.io/component: net-istio app.kubernetes.io/name: knative-serving - app.kubernetes.io/version: "1.8.3" + app.kubernetes.io/version: "1.12.0" networking.knative.dev/ingress-provider: istio experimental.istio.io/disable-gateway-port-translation: "true" spec: @@ -149,7 +149,7 @@ metadata: labels: app.kubernetes.io/component: net-istio app.kubernetes.io/name: knative-serving - app.kubernetes.io/version: "1.8.3" + app.kubernetes.io/version: "1.12.0" networking.knative.dev/ingress-provider: istio data: # TODO(nghia): Extract the .svc.cluster.local suffix into its own config. @@ -192,11 +192,6 @@ data: # `knative-serving` local-gateway.knative-serving.knative-local-gateway: "knative-local-gateway.istio-system.svc.cluster.local" - # If true, knative will use the Istio VirtualService's status to determine - # endpoint readiness. Otherwise, probe as usual. - # NOTE: This feature is currently experimental and should not be used in production. - enable-virtualservice-status: "false" - --- # Allows the Webhooks to be reached by kube-api with or without # sidecar injection and with mTLS PERMISSIVE and STRICT. @@ -208,7 +203,7 @@ metadata: labels: app.kubernetes.io/component: net-istio app.kubernetes.io/name: knative-serving - app.kubernetes.io/version: "1.8.3" + app.kubernetes.io/version: "1.12.0" networking.knative.dev/ingress-provider: istio spec: selector: @@ -220,31 +215,13 @@ spec: --- apiVersion: "security.istio.io/v1beta1" kind: "PeerAuthentication" -metadata: - name: "domainmapping-webhook" - namespace: "knative-serving" - labels: - app.kubernetes.io/component: net-istio - app.kubernetes.io/name: knative-serving - app.kubernetes.io/version: "1.8.3" - networking.knative.dev/ingress-provider: istio -spec: - selector: - matchLabels: - app: domainmapping-webhook - portLevelMtls: - "8443": - mode: PERMISSIVE ---- -apiVersion: "security.istio.io/v1beta1" -kind: "PeerAuthentication" metadata: name: "net-istio-webhook" namespace: "knative-serving" labels: app.kubernetes.io/component: net-istio app.kubernetes.io/name: knative-serving - app.kubernetes.io/version: "1.8.3" + app.kubernetes.io/version: "1.12.0" networking.knative.dev/ingress-provider: istio spec: selector: @@ -277,7 +254,7 @@ metadata: labels: app.kubernetes.io/component: net-istio app.kubernetes.io/name: knative-serving - app.kubernetes.io/version: "1.8.3" + app.kubernetes.io/version: "1.12.0" networking.knative.dev/ingress-provider: istio spec: selector: @@ -286,7 +263,6 @@ spec: template: metadata: annotations: - cluster-autoscaler.kubernetes.io/safe-to-evict: "true" # This must be outside of the mesh to probe the gateways. # NOTE: this is allowed here and not elsewhere because # this is the Istio controller, and so it may be Istio-aware. @@ -295,14 +271,14 @@ spec: app: net-istio-controller app.kubernetes.io/component: net-istio app.kubernetes.io/name: knative-serving - app.kubernetes.io/version: "1.8.3" + app.kubernetes.io/version: "1.12.0" spec: serviceAccountName: controller containers: - name: controller # This is the Go import path for the binary that is containerized # and substituted here. - image: gcr.io/knative-releases/knative.dev/net-istio/cmd/controller@sha256:a76d0854c07c82266b59efd646d2df0e8dc6cd9671de780d892c9202641347ef + image: gcr.io/knative-releases/knative.dev/net-istio/cmd/controller@sha256:db922edc67f4c9ff7f821354ad2f39968733c00c3d2ef9b2b8289630c9508fb9 resources: requests: cpu: 30m @@ -333,11 +309,27 @@ spec: - ALL seccompProfile: type: RuntimeDefault + readinessProbe: + httpGet: + path: /readiness + port: probes + scheme: HTTP + periodSeconds: 5 + failureThreshold: 3 + livenessProbe: + httpGet: + path: /health + port: probes + scheme: HTTP + periodSeconds: 5 + failureThreshold: 6 ports: - name: metrics containerPort: 9090 - name: profiling containerPort: 8008 + - name: probes + containerPort: 8080 # Unlike other controllers, this doesn't need a Service defined for metrics and # profiling because it opts out of the mesh (see annotation above). @@ -365,7 +357,7 @@ metadata: labels: app.kubernetes.io/component: net-istio app.kubernetes.io/name: knative-serving - app.kubernetes.io/version: "1.8.3" + app.kubernetes.io/version: "1.12.0" networking.knative.dev/ingress-provider: istio spec: selector: @@ -374,21 +366,19 @@ spec: role: net-istio-webhook template: metadata: - annotations: - cluster-autoscaler.kubernetes.io/safe-to-evict: "false" labels: app: net-istio-webhook role: net-istio-webhook app.kubernetes.io/component: net-istio app.kubernetes.io/name: knative-serving - app.kubernetes.io/version: "1.8.3" + app.kubernetes.io/version: "1.12.0" spec: serviceAccountName: controller containers: - name: webhook # This is the Go import path for the binary that is containerized # and substituted here. - image: gcr.io/knative-releases/knative.dev/net-istio/cmd/webhook@sha256:e716c21c7aaa7ece064dae9690103c66598b5556bc1ce3f9ee4c4a71bc8630af + image: gcr.io/knative-releases/knative.dev/net-istio/cmd/webhook@sha256:d1c7111853283218afb0b4fd14ad69087f609a956b431387b48da4c7c0430711 resources: requests: cpu: 20m @@ -410,6 +400,10 @@ spec: value: knative.dev/net-istio - name: WEBHOOK_NAME value: net-istio-webhook + # If you change WEBHOOK_PORT, you will also need to change the + # containerPort "https-webhook" to the same value. + - name: WEBHOOK_PORT + value: "8443" securityContext: runAsNonRoot: true allowPrivilegeEscalation: false @@ -418,6 +412,25 @@ spec: - ALL seccompProfile: type: RuntimeDefault + readinessProbe: + periodSeconds: 1 + httpGet: + scheme: HTTPS + port: 8443 + httpHeaders: + - name: k-kubelet-probe + value: "webhook" + failureThreshold: 3 + livenessProbe: + periodSeconds: 1 + httpGet: + scheme: HTTPS + port: 8443 + httpHeaders: + - name: k-kubelet-probe + value: "webhook" + failureThreshold: 6 + initialDelaySeconds: 20 ports: - name: metrics containerPort: 9090 @@ -449,7 +462,7 @@ metadata: labels: app.kubernetes.io/component: net-istio app.kubernetes.io/name: knative-serving - app.kubernetes.io/version: "1.8.3" + app.kubernetes.io/version: "1.12.0" networking.knative.dev/ingress-provider: istio --- @@ -476,20 +489,20 @@ metadata: role: net-istio-webhook app.kubernetes.io/component: net-istio app.kubernetes.io/name: knative-serving - app.kubernetes.io/version: "1.8.3" + app.kubernetes.io/version: "1.12.0" networking.knative.dev/ingress-provider: istio spec: ports: # Define metrics and profiling for them to be accessible within service meshes. - name: http-metrics port: 9090 - targetPort: 9090 + targetPort: metrics - name: http-profiling port: 8008 - targetPort: 8008 + targetPort: profiling - name: https-webhook port: 443 - targetPort: 8443 + targetPort: https-webhook selector: app: net-istio-webhook @@ -515,7 +528,7 @@ metadata: labels: app.kubernetes.io/component: net-istio app.kubernetes.io/name: knative-serving - app.kubernetes.io/version: "1.8.3" + app.kubernetes.io/version: "1.12.0" networking.knative.dev/ingress-provider: istio webhooks: - admissionReviewVersions: @@ -554,7 +567,7 @@ metadata: labels: app.kubernetes.io/component: net-istio app.kubernetes.io/name: knative-serving - app.kubernetes.io/version: "1.8.3" + app.kubernetes.io/version: "1.12.0" networking.knative.dev/ingress-provider: istio webhooks: - admissionReviewVersions: @@ -573,3 +586,28 @@ webhooks: app.kubernetes.io/component: net-istio --- +# Copyright 2023 The Knative Authors +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# https://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +apiVersion: v1 +kind: Secret +metadata: + name: routing-serving-certs + namespace: istio-system + labels: + serving-certs-ctrl: "data-plane-routing" + networking.internal.knative.dev/certificate-uid: "serving-certs" +# The data is populated when system-internal-tls is enabled. + +--- diff --git a/cmd/operator/kodata/ingress/1.8/kourier/kourier.yaml b/cmd/operator/kodata/ingress/1.12/kourier/kourier.yaml similarity index 78% rename from cmd/operator/kodata/ingress/1.8/kourier/kourier.yaml rename to cmd/operator/kodata/ingress/1.12/kourier/kourier.yaml index 48b90541b3..d248abd265 100644 --- a/cmd/operator/kodata/ingress/1.8/kourier/kourier.yaml +++ b/cmd/operator/kodata/ingress/1.12/kourier/kourier.yaml @@ -20,7 +20,7 @@ metadata: networking.knative.dev/ingress-provider: kourier app.kubernetes.io/name: knative-serving app.kubernetes.io/component: net-kourier - app.kubernetes.io/version: "1.8.3" + app.kubernetes.io/version: "1.12.0" --- # Copyright 2020 The Knative Authors @@ -45,7 +45,7 @@ metadata: labels: networking.knative.dev/ingress-provider: kourier app.kubernetes.io/component: net-kourier - app.kubernetes.io/version: "1.8.3" + app.kubernetes.io/version: "1.12.0" app.kubernetes.io/name: knative-serving data: envoy-bootstrap.yaml: | @@ -90,11 +90,11 @@ data: routes: - match: safe_regex: - google_re2: {} regex: '/(certs|stats(/prometheus)?|server_info|clusters|listeners|ready)?' headers: - name: ':method' - exact_match: GET + string_match: + exact: GET route: cluster: service_stats clusters: @@ -132,7 +132,10 @@ data: port_value: 18000 type: STRICT_DNS admin: - access_log_path: "/dev/stdout" + access_log: + - name: envoy.access_loggers.stdout + typed_config: + "@type": type.googleapis.com/envoy.extensions.access_loggers.stream.v3.StdoutAccessLog address: pipe: path: /tmp/envoy.admin @@ -165,7 +168,7 @@ metadata: labels: networking.knative.dev/ingress-provider: kourier app.kubernetes.io/component: net-kourier - app.kubernetes.io/version: "1.8.3" + app.kubernetes.io/version: "1.12.0" app.kubernetes.io/name: knative-serving data: _example: | @@ -208,16 +211,19 @@ data: # The default, 0s, imposes no timeout at all. stream-idle-timeout: "0s" - # Control the desired level of incoming traffic isolation. - # - # When set to an empty value (default), all incoming traffic flows through - # a shared ingress and listeners. - # - # When set to "port", incoming traffic is isolated by using different - # listener ports. - # - # NOTE: This flag is in an alpha state. - traffic-isolation: "" + # Specifies whether to use CryptoMB private key provider in order to + # acclerate the TLS handshake. + # NOTE THAT THIS IS AN EXPERIMENTAL / ALPHA FEATURE. + enable-cryptomb: "false" + + # Configures the number of additional ingress proxy hops from the + # right side of the x-forwarded-for HTTP header to trust. + trusted-hops-count: "0" + + # Specifies the cipher suites for TLS external listener. + # Use ',' separated values like "ECDHE-ECDSA-AES128-GCM-SHA256,ECDHE-ECDSA-CHACHA20-POLY1305" + # The default uses the default cipher suites of the envoy version. + cipher-suites: "" --- # Copyright 2020 The Knative Authors @@ -242,7 +248,7 @@ metadata: labels: networking.knative.dev/ingress-provider: kourier app.kubernetes.io/component: net-kourier - app.kubernetes.io/version: "1.8.3" + app.kubernetes.io/version: "1.12.0" app.kubernetes.io/name: knative-serving --- apiVersion: rbac.authorization.k8s.io/v1 @@ -252,7 +258,7 @@ metadata: labels: networking.knative.dev/ingress-provider: kourier app.kubernetes.io/component: net-kourier - app.kubernetes.io/version: "1.8.3" + app.kubernetes.io/version: "1.12.0" app.kubernetes.io/name: knative-serving rules: - apiGroups: [""] @@ -264,9 +270,6 @@ rules: - apiGroups: [""] resources: ["configmaps"] verbs: ["get", "list", "watch"] - - apiGroups: [""] - resources: ["namespaces"] - verbs: ["get", "list", "watch"] - apiGroups: ["coordination.k8s.io"] resources: ["leases"] verbs: ["get", "list", "create", "update", "delete", "patch", "watch"] @@ -284,7 +287,7 @@ metadata: labels: networking.knative.dev/ingress-provider: kourier app.kubernetes.io/component: net-kourier - app.kubernetes.io/version: "1.8.3" + app.kubernetes.io/version: "1.12.0" app.kubernetes.io/name: knative-serving roleRef: apiGroup: rbac.authorization.k8s.io @@ -318,20 +321,29 @@ metadata: labels: networking.knative.dev/ingress-provider: kourier app.kubernetes.io/component: net-kourier - app.kubernetes.io/version: "1.8.3" + app.kubernetes.io/version: "1.12.0" app.kubernetes.io/name: knative-serving spec: + strategy: + type: RollingUpdate + rollingUpdate: + maxUnavailable: 0 + maxSurge: 100% replicas: 1 selector: matchLabels: app: net-kourier-controller template: metadata: + annotations: + prometheus.io/scrape: "true" + prometheus.io/port: "9090" + prometheus.io/path: "/metrics" labels: app: net-kourier-controller spec: containers: - - image: gcr.io/knative-releases/knative.dev/net-kourier/cmd/kourier@sha256:489f96cf06565e7be3cdba8191151199fe2f5ec4da3cd7040817eb370c0ca366 + - image: gcr.io/knative-releases/knative.dev/net-kourier/cmd/kourier@sha256:8b3d4b78b469a4f50141c216141a19e0d37beff16d60f845ac6eb9aa4e9dc9d2 name: controller env: - name: CERTS_SECRET_NAMESPACE @@ -348,13 +360,27 @@ spec: value: "kourier-system" - name: ENABLE_SECRET_INFORMER_FILTERING_BY_CERT_UID value: "false" + # KUBE_API_BURST and KUBE_API_QPS allows to configure maximum burst for throttle and maximum QPS to the server from the client. + # Setting these values using env vars is possible since https://github.com/knative/pkg/pull/2755. + # 200 is an arbitrary value, but it speeds up kourier startup duration, and the whole ingress reconciliation process as a whole. + - name: KUBE_API_BURST + value: "200" + - name: KUBE_API_QPS + value: "200" ports: - name: http2-xds containerPort: 18000 protocol: TCP readinessProbe: - exec: - command: ["/ko-app/kourier", "-probe-addr=:18000"] + grpc: + port: 18000 + periodSeconds: 10 + failureThreshold: 3 + livenessProbe: + grpc: + port: 18000 + periodSeconds: 10 + failureThreshold: 6 securityContext: allowPrivilegeEscalation: false readOnlyRootFilesystem: true @@ -364,6 +390,13 @@ spec: - ALL seccompProfile: type: RuntimeDefault + resources: + requests: + cpu: 200m + memory: 200Mi + limits: + cpu: 500m + memory: 500Mi restartPolicy: Always serviceAccountName: net-kourier --- @@ -375,7 +408,7 @@ metadata: labels: networking.knative.dev/ingress-provider: kourier app.kubernetes.io/component: net-kourier - app.kubernetes.io/version: "1.8.3" + app.kubernetes.io/version: "1.12.0" app.kubernetes.io/name: knative-serving spec: ports: @@ -410,14 +443,14 @@ metadata: labels: networking.knative.dev/ingress-provider: kourier app.kubernetes.io/component: net-kourier - app.kubernetes.io/version: "1.8.3" + app.kubernetes.io/version: "1.12.0" app.kubernetes.io/name: knative-serving spec: strategy: type: RollingUpdate rollingUpdate: maxUnavailable: 0 - maxSurge: 1 + maxSurge: 100% selector: matchLabels: app: 3scale-kourier-gateway @@ -429,6 +462,9 @@ spec: # v0.26 supports envoy v3 API, so # adding this label to restart pod. networking.knative.dev/poke: "v0.26" + prometheus.io/scrape: "true" + prometheus.io/port: "9000" + prometheus.io/path: "/stats/prometheus" spec: containers: - args: @@ -437,7 +473,7 @@ spec: - --log-level info command: - /usr/local/bin/envoy - image: docker.io/envoyproxy/envoy:v1.21-latest + image: docker.io/envoyproxy/envoy:v1.25-latest name: kourier-gateway ports: - name: http2-external @@ -483,6 +519,25 @@ spec: scheme: HTTP initialDelaySeconds: 10 periodSeconds: 5 + failureThreshold: 3 + livenessProbe: + httpGet: + httpHeaders: + - name: Host + value: internalkourier + path: /ready + port: 8081 + scheme: HTTP + initialDelaySeconds: 10 + periodSeconds: 5 + failureThreshold: 6 + resources: + requests: + cpu: 200m + memory: 200Mi + limits: + cpu: 500m + memory: 500Mi volumes: - name: config-volume configMap: @@ -497,7 +552,7 @@ metadata: labels: networking.knative.dev/ingress-provider: kourier app.kubernetes.io/component: net-kourier - app.kubernetes.io/version: "1.8.3" + app.kubernetes.io/version: "1.12.0" app.kubernetes.io/name: knative-serving spec: ports: @@ -521,7 +576,7 @@ metadata: labels: networking.knative.dev/ingress-provider: kourier app.kubernetes.io/component: net-kourier - app.kubernetes.io/version: "1.8.3" + app.kubernetes.io/version: "1.12.0" app.kubernetes.io/name: knative-serving spec: ports: @@ -536,5 +591,47 @@ spec: selector: app: 3scale-kourier-gateway type: ClusterIP +--- +apiVersion: autoscaling/v2 +kind: HorizontalPodAutoscaler +metadata: + name: 3scale-kourier-gateway + namespace: kourier-system + labels: + networking.knative.dev/ingress-provider: kourier + app.kubernetes.io/component: net-kourier + app.kubernetes.io/version: "1.12.0" + app.kubernetes.io/name: knative-serving +spec: + minReplicas: 1 + maxReplicas: 10 + scaleTargetRef: + apiVersion: apps/v1 + kind: Deployment + name: 3scale-kourier-gateway + metrics: + - type: Resource + resource: + name: cpu + target: + type: Utilization + # Percentage of the requested CPU + averageUtilization: 100 +--- +apiVersion: policy/v1 +kind: PodDisruptionBudget +metadata: + name: 3scale-kourier-gateway-pdb + namespace: kourier-system + labels: + networking.knative.dev/ingress-provider: kourier + app.kubernetes.io/component: net-kourier + app.kubernetes.io/version: "1.12.0" + app.kubernetes.io/name: knative-serving +spec: + minAvailable: 80% + selector: + matchLabels: + app: 3scale-kourier-gateway --- diff --git a/cmd/operator/kodata/knative-eventing/1.8.1/1-eventing-crds.yaml b/cmd/operator/kodata/knative-eventing/1.12.0/1-eventing-crds.yaml similarity index 83% rename from cmd/operator/kodata/knative-eventing/1.8.1/1-eventing-crds.yaml rename to cmd/operator/kodata/knative-eventing/1.12.0/1-eventing-crds.yaml index ad15930399..a775490262 100644 --- a/cmd/operator/kodata/knative-eventing/1.8.1/1-eventing-crds.yaml +++ b/cmd/operator/kodata/knative-eventing/1.12.0/1-eventing-crds.yaml @@ -17,22 +17,39 @@ kind: CustomResourceDefinition metadata: creationTimestamp: null labels: - eventing.knative.dev/release: "v1.8.1" eventing.knative.dev/source: "true" duck.knative.dev/source: "true" knative.dev/crd-install: "true" - app.kubernetes.io/version: "1.8.1" + app.kubernetes.io/version: "1.12.0" app.kubernetes.io/name: knative-eventing annotations: - # TODO add schemas and descriptions + # TODO add schemas registry.knative.dev/eventTypes: | [ - { "type": "dev.knative.apiserver.resource.add" }, - { "type": "dev.knative.apiserver.resource.delete" }, - { "type": "dev.knative.apiserver.resource.update" }, - { "type": "dev.knative.apiserver.ref.add" }, - { "type": "dev.knative.apiserver.ref.delete" }, - { "type": "dev.knative.apiserver.ref.update" } + { + "type": "dev.knative.apiserver.resource.add", + "description": "CloudEvent type used for add operations when in Resource mode" + }, + { + "type": "dev.knative.apiserver.resource.delete", + "description": "CloudEvent type used for delete operations when in Resource mode" + }, + { + "type": "dev.knative.apiserver.resource.update", + "description": "CloudEvent type used for update operations when in Resource mode" + }, + { + "type": "dev.knative.apiserver.ref.add", + "description": "CloudEvent type used for add operations when in Reference mode" + }, + { + "type": "dev.knative.apiserver.ref.delete", + "description": "CloudEvent type used for delete operations when in Reference mode" + }, + { + "type": "dev.knative.apiserver.ref.update", + "description": "CloudEvent type used for update operations when in Reference mode" + } ] name: apiserversources.sources.knative.dev spec: @@ -137,6 +154,37 @@ spec: uri: description: URI can be an absolute URL(non-empty scheme and non-empty host) pointing to the target or a relative URI. Relative URIs will be resolved using the base URI retrieved from Ref. type: string + CACerts: + description: CACerts is the Certification Authority (CA) certificates in PEM format that the source trusts when sending events to the sink. + type: string + audience: + description: Audience is the OIDC audience. This only needs to be set if the target is not an Addressable and thus the Audience can't be received from the Addressable itself. If the target is an Addressable and specifies an Audience, the target's Audience takes precedence. + type: string + namespaceSelector: + description: NamespaceSelector is a label selector to capture the namespaces that should be watched by the source. + type: object + properties: + matchExpressions: + description: matchExpressions is a list of label selector requirements. The requirements are ANDed. + type: array + items: + type: object + properties: + key: + description: key is the label key that the selector applies to. + type: string + operator: + description: operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + type: string + values: + description: values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + type: array + items: + type: string + matchLabels: + description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + type: object + x-kubernetes-preserve-unknown-fields: true status: type: object properties: @@ -144,6 +192,13 @@ spec: description: Annotations is additional Status fields for the Resource to save some additional State as well as convey more information to the user. This is roughly akin to Annotations on any k8s resource, just the reconciler conveying richer information outwards. type: object x-kubernetes-preserve-unknown-fields: true + auth: + description: Auth provides the relevant information for OIDC authentication. + type: object + properties: + serviceAccountName: + description: ServiceAccountName is the name of the generated service account used for this components OIDC authentication. + type: string ceAttributes: description: CloudEventAttributes are the specific attributes that the Source uses as part of its CloudEvents. type: array @@ -190,6 +245,14 @@ spec: sinkUri: description: SinkURI is the current active sink URI that has been configured for the Source. type: string + sinkCACerts: + description: CACerts is the Certification Authority (CA) certificates in PEM format that the source trusts when sending events to the sink. + type: string + namespaces: + description: Namespaces show the namespaces currently watched by the ApiServerSource + type: array + items: + type: string additionalPrinterColumns: - name: Sink type: string @@ -233,10 +296,9 @@ kind: CustomResourceDefinition metadata: name: brokers.eventing.knative.dev labels: - eventing.knative.dev/release: "v1.8.1" knative.dev/crd-install: "true" duck.knative.dev/addressable: "true" - app.kubernetes.io/version: "1.8.1" + app.kubernetes.io/version: "1.12.0" app.kubernetes.io/name: knative-eventing spec: group: eventing.knative.dev @@ -304,6 +366,12 @@ spec: uri: description: URI can be an absolute URL(non-empty scheme and non-empty host) pointing to the target or a relative URI. Relative URIs will be resolved using the base URI retrieved from Ref. type: string + CACerts: + description: Certification Authority (CA) certificates in PEM format that the source trusts when sending events to the sink. + type: string + audience: + description: Audience is the OIDC audience. This only needs to be set if the target is not an Addressable and thus the Audience can't be received from the Addressable itself. If the target is an Addressable and specifies an Audience, the target's Audience takes precedence. + type: string retry: description: Retry is the minimum number of retries the sender should attempt when sending an event before moving it to the dead letter sink. type: integer @@ -317,8 +385,28 @@ spec: description: Broker is Addressable. It exposes the endpoint as an URI to get events delivered into the Broker mesh. type: object properties: + name: + type: string url: type: string + CACerts: + type: string + audience: + type: string + addresses: + description: Broker is Addressable. It exposes the endpoints as URIs to get events delivered into the Broker mesh. + type: array + items: + type: object + properties: + name: + type: string + url: + type: string + CACerts: + type: string + audience: + type: string annotations: description: Annotations is additional Status fields for the Resource to save some additional State as well as convey more information to the user. This is roughly akin to Annotations on any k8s resource, just the reconciler conveying richer information outwards. type: object @@ -353,6 +441,9 @@ spec: deadLetterSinkUri: description: DeadLetterSinkURI is the resolved URI of the dead letter sink that will be used as a fallback when not specified by Triggers. type: string + deadLetterSinkCACerts: + description: Certification Authority (CA) certificates in PEM format according to https://www.rfc-editor.org/rfc/rfc7468. + type: string observedGeneration: description: ObservedGeneration is the 'Generation' of the Service that was last processed by the controller. type: integer @@ -370,6 +461,10 @@ spec: - name: Reason type: string jsonPath: ".status.conditions[?(@.type==\"Ready\")].reason" + - name: Class + type: string + priority: 1 + jsonPath: '.metadata.annotations.eventing\.knative\.dev/broker\.class' names: kind: Broker plural: brokers @@ -400,11 +495,10 @@ kind: CustomResourceDefinition metadata: name: channels.messaging.knative.dev labels: - eventing.knative.dev/release: "v1.8.1" knative.dev/crd-install: "true" messaging.knative.dev/subscribable: "true" duck.knative.dev/addressable: "true" - app.kubernetes.io/version: "1.8.1" + app.kubernetes.io/version: "1.12.0" app.kubernetes.io/name: knative-eventing spec: group: messaging.knative.dev @@ -483,6 +577,12 @@ spec: uri: description: URI can be an absolute URL(non-empty scheme and non-empty host) pointing to the target or a relative URI. Relative URIs will be resolved using the base URI retrieved from Ref. type: string + CACerts: + description: Certification Authority (CA) certificates in PEM format that the source trusts when sending events to the sink. + type: string + audience: + description: Audience is the OIDC audience. This only needs to be set if the target is not an Addressable and thus the Audience can't be received from the Addressable itself. If the target is an Addressable and specifies an Audience, the target's Audience takes precedence. + type: string retry: description: Retry is the minimum number of retries the sender should attempt when sending an event before moving it to the dead letter sink. type: integer @@ -539,9 +639,21 @@ spec: replyUri: description: ReplyURI is the endpoint for the reply type: string + replyCACerts: + description: Certification Authority (CA) certificates in PEM format according to https://www.rfc-editor.org/rfc/rfc7468. + type: string + replyAudience: + description: ReplyAudience is the OIDC audience for the replyUri. + type: string subscriberUri: description: SubscriberURI is the endpoint for the subscriber type: string + subscriberCACerts: + description: Certification Authority (CA) certificates in PEM format according to https://www.rfc-editor.org/rfc/rfc7468. + type: string + subscriberAudience: + description: SubscriberAudience is the OIDC audience for the subscriberUri. + type: string uid: description: UID is used to understand the origin of the subscriber. type: string @@ -550,10 +662,31 @@ spec: type: object properties: address: + description: Channel is Addressable. It exposes the endpoint as an URI to get events delivered into the Channel mesh. type: object properties: + name: + type: string url: type: string + CACerts: + type: string + audience: + type: string + addresses: + description: Channel is Addressable. It exposes the endpoints as URIs to get events delivered into the Channel mesh. + type: array + items: + type: object + properties: + name: + type: string + url: + type: string + CACerts: + type: string + audience: + type: string annotations: description: Annotations is additional Status fields for the Resource to save some additional State as well as convey more information to the user. This is roughly akin to Annotations on any k8s resource, just the reconciler conveying richer information outwards. type: object @@ -620,6 +753,9 @@ spec: deadLetterSinkUri: description: DeadLetterSinkURI is the resolved URI of the dead letter sink that will be used as a fallback when not specified by Triggers. type: string + deadLetterSinkCACerts: + description: Certification Authority (CA) certificates in PEM format according to https://www.rfc-editor.org/rfc/rfc7468. + type: string observedGeneration: description: ObservedGeneration is the 'Generation' of the Service that was last processed by the controller. type: integer @@ -643,6 +779,13 @@ spec: uid: description: UID is used to understand the origin of the subscriber. type: string + auth: + description: Auth provides the relevant information for OIDC authentication. + type: object + properties: + serviceAccountName: + description: ServiceAccountName is the name of the generated service account used for this components OIDC authentication. + type: string names: kind: Channel plural: channels @@ -675,11 +818,10 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: labels: - eventing.knative.dev/release: "v1.8.1" eventing.knative.dev/source: "true" duck.knative.dev/source: "true" knative.dev/crd-install: "true" - app.kubernetes.io/version: "1.8.1" + app.kubernetes.io/version: "1.12.0" app.kubernetes.io/name: knative-eventing name: containersources.sources.knative.dev spec: @@ -729,6 +871,12 @@ spec: uri: description: URI can be an absolute URL(non-empty scheme and non-empty host) pointing to the target or a relative URI. Relative URIs will be resolved using the base URI retrieved from Ref. type: string + CACerts: + description: CACerts is the Certification Authority (CA) certificates in PEM format that the source trusts when sending events to the sink. + type: string + audience: + description: Audience is the OIDC audience. This only needs to be set if the target is not an Addressable and thus the Audience can't be received from the Addressable itself. If the target is an Addressable and specifies an Audience, the target's Audience takes precedence. + type: string # WARNING: the schema tool can not parse PodTemplateSpec, stub here and redirect to Deployment documentation. template: type: object @@ -741,6 +889,13 @@ spec: description: Annotations is additional Status fields for the Resource to save some additional State as well as convey more information to the user. This is roughly akin to Annotations on any k8s resource, just the reconciler conveying richer information outwards. type: object x-kubernetes-preserve-unknown-fields: true + auth: + description: Auth provides the relevant information for OIDC authentication. + type: object + properties: + serviceAccountName: + description: ServiceAccountName is the name of the generated service account used for this components OIDC authentication. + type: string ceAttributes: description: CloudEventAttributes are the specific attributes that the Source uses as part of its CloudEvents. type: array @@ -787,6 +942,9 @@ spec: sinkUri: description: SinkURI is the current active sink URI that has been configured for the Source. type: string + sinkCACerts: + description: CACerts is the Certification Authority (CA) certificates in PEM format that the source trusts when sending events to the sink. + type: string additionalPrinterColumns: - name: Sink type: string @@ -829,14 +987,14 @@ kind: CustomResourceDefinition metadata: name: eventtypes.eventing.knative.dev labels: - eventing.knative.dev/release: "v1.8.1" knative.dev/crd-install: "true" - app.kubernetes.io/version: "1.8.1" + app.kubernetes.io/version: "1.12.0" app.kubernetes.io/name: knative-eventing spec: group: eventing.knative.dev versions: - - name: v1beta1 + - &version + name: v1beta1 served: true storage: true subresources: @@ -852,6 +1010,22 @@ spec: properties: broker: type: string + reference: + description: Reference Broker. For example + type: object + properties: + apiVersion: + description: API version of the referent. + type: string + kind: + description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + namespace: + description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ This is an optional field, it gets defaulted to the object holding it if left out.' + type: string description: description: 'Description is an optional field used to describe the EventType, in any meaningful way.' type: string @@ -916,19 +1090,26 @@ spec: - name: Schema type: string jsonPath: ".spec.schema" - - name: Broker + - name: Reference Name + type: string + jsonPath: ".spec.reference.name" + - name: Reference Kind type: string - jsonPath: ".spec.broker" + jsonPath: ".spec.reference.kind" - name: Description type: string jsonPath: ".spec.description" - # TODO remove Status https://github.com/knative/eventing/issues/2750 - name: Ready type: string jsonPath: ".status.conditions[?(@.type==\"Ready\")].status" - name: Reason type: string jsonPath: ".status.conditions[?(@.type==\"Ready\")].reason" + - !!merge <<: *version + name: v1beta2 + served: true + storage: false + # v1beta1 schema is identical to the v1beta2 schema names: kind: EventType plural: eventtypes @@ -938,6 +1119,14 @@ spec: - knative - eventing scope: Namespaced + conversion: + strategy: Webhook + webhook: + conversionReviewVersions: ["v1", "v1beta1"] + clientConfig: + service: + name: eventing-webhook + namespace: knative-eventing --- # Copyright 2020 The Knative Authors @@ -958,10 +1147,9 @@ kind: CustomResourceDefinition metadata: name: parallels.flows.knative.dev labels: - eventing.knative.dev/release: "v1.8.1" knative.dev/crd-install: "true" duck.knative.dev/addressable: "true" - app.kubernetes.io/version: "1.8.1" + app.kubernetes.io/version: "1.12.0" app.kubernetes.io/name: knative-eventing spec: group: flows.knative.dev @@ -1020,6 +1208,12 @@ spec: uri: description: URI can be an absolute URL(non-empty scheme and non-empty host) pointing to the target or a relative URI. Relative URIs will be resolved using the base URI retrieved from Ref. type: string + CACerts: + description: Certification Authority (CA) certificates in PEM format that the source trusts when sending events to the sink. + type: string + audience: + description: Audience is the OIDC audience. This only needs to be set if the target is not an Addressable and thus the Audience can't be received from the Addressable itself. If the target is an Addressable and specifies an Audience, the target's Audience takes precedence. + type: string retry: description: Retry is the minimum number of retries the sender should attempt when sending an event before moving it to the dead letter sink. type: integer @@ -1064,14 +1258,42 @@ spec: type: object properties: address: + description: Parallel is Addressable. It exposes the endpoint as an URI to get events delivered into the Parallel. type: object properties: + name: + type: string url: type: string + CACerts: + type: string + audience: + type: string + addresses: + description: Parallel is Addressable. It exposes the endpoints as URIs to get events delivered into the Parallel. + type: array + items: + type: object + properties: + name: + type: string + url: + type: string + CACerts: + type: string + audience: + type: string annotations: description: Annotations is additional Status fields for the Resource to save some additional State as well as convey more information to the user. This is roughly akin to Annotations on any k8s resource, just the reconciler conveying richer information outwards. type: object x-kubernetes-preserve-unknown-fields: true + auth: + description: Auth provides the relevant information for OIDC authentication. + type: object + properties: + serviceAccountName: + description: ServiceAccountName is the name of the generated service account used for this components OIDC authentication. + type: string branchStatuses: description: BranchStatuses is an array of corresponding to branch statuses. Matches the Spec.Branches array in the order. type: array @@ -1213,17 +1435,19 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: labels: - eventing.knative.dev/release: "v1.8.1" eventing.knative.dev/source: "true" duck.knative.dev/source: "true" knative.dev/crd-install: "true" - app.kubernetes.io/version: "1.8.1" + app.kubernetes.io/version: "1.12.0" app.kubernetes.io/name: knative-eventing annotations: - # TODO add schemas and descriptions + # TODO add schema registry.knative.dev/eventTypes: | [ - { "type": "dev.knative.sources.ping" } + { + "type": "dev.knative.sources.ping", + "description": "CloudEvent type for fixed payloads on a specified cron schedule" + } ] name: pingsources.sources.knative.dev spec: @@ -1289,6 +1513,12 @@ spec: uri: description: 'URI can be an absolute URL(non-empty scheme and non-empty host) pointing to the target or a relative URI. Relative URIs will be resolved using the base URI retrieved from Ref.' type: string + CACerts: + description: CACerts is the Certification Authority (CA) certificates in PEM format that the source trusts when sending events to the sink. + type: string + audience: + description: Audience is the OIDC audience. This only needs to be set if the target is not an Addressable and thus the Audience can't be received from the Addressable itself. If the target is an Addressable and specifies an Audience, the target's Audience takes precedence. + type: string timezone: description: 'Timezone modifies the actual time relative to the specified timezone. Defaults to the system time zone. More general information about time zones: https://www.iana.org/time-zones List of valid timezone values: https://en.wikipedia.org/wiki/List_of_tz_database_time_zones' type: string @@ -1300,6 +1530,13 @@ spec: description: 'Annotations is additional Status fields for the Resource to save some additional State as well as convey more information to the user. This is roughly akin to Annotations on any k8s resource, just the reconciler conveying richer information outwards.' type: object x-kubernetes-preserve-unknown-fields: true + auth: + description: Auth provides the relevant information for OIDC authentication. + type: object + properties: + serviceAccountName: + description: ServiceAccountName is the name of the generated service account used for this components OIDC authentication. + type: string ceAttributes: description: 'CloudEventAttributes are the specific attributes that the Source uses as part of its CloudEvents.' type: array @@ -1346,6 +1583,9 @@ spec: sinkUri: description: 'SinkURI is the current active sink URI that has been configured for the Source.' type: string + sinkCACerts: + description: CACerts is the Certification Authority (CA) certificates in PEM format that the source trusts when sending events to the sink. + type: string additionalPrinterColumns: - name: Sink type: string @@ -1404,10 +1644,9 @@ kind: CustomResourceDefinition metadata: name: sequences.flows.knative.dev labels: - eventing.knative.dev/release: "v1.8.1" knative.dev/crd-install: "true" duck.knative.dev/addressable: "true" - app.kubernetes.io/version: "1.8.1" + app.kubernetes.io/version: "1.12.0" app.kubernetes.io/name: knative-eventing spec: group: flows.knative.dev @@ -1502,6 +1741,12 @@ spec: uri: description: URI can be an absolute URL(non-empty scheme and non-empty host) pointing to the target or a relative URI. Relative URIs will be resolved using the base URI retrieved from Ref. type: string + CACerts: + description: Certification Authority (CA) certificates in PEM format that the source trusts when sending events to the sink. + type: string + audience: + description: Audience is the OIDC audience. This only needs to be set if the target is not an Addressable and thus the Audience can't be received from the Addressable itself. If the target is an Addressable and specifies an Audience, the target's Audience takes precedence. + type: string retry: description: Retry is the minimum number of retries the sender should attempt when sending an event before moving it to the dead letter sink. type: integer @@ -1526,19 +1771,53 @@ spec: uri: description: URI can be an absolute URL(non-empty scheme and non-empty host) pointing to the target or a relative URI. Relative URIs will be resolved using the base URI retrieved from Ref. type: string + CACerts: + description: Certification Authority (CA) certificates in PEM format that the source trusts when sending events to the sink. + type: string + audience: + description: Audience is the OIDC audience. This only needs to be set if the target is not an Addressable and thus the Audience can't be received from the Addressable itself. If the target is an Addressable and specifies an Audience, the target's Audience takes precedence. + type: string status: description: Status represents the current state of the Sequence. This data may be out of date. type: object properties: address: + description: Sequence is Addressable. It exposes the endpoint as an URI to get events delivered into the Sequence. type: object properties: + name: + type: string url: type: string + CACerts: + type: string + audience: + type: string + addresses: + description: Sequence is Addressable. It exposes the endpoints as URIs to get events delivered into the Sequence. + type: array + items: + type: object + properties: + name: + type: string + url: + type: string + CACerts: + type: string + audience: + type: string annotations: description: Annotations is additional Status fields for the Resource to save some additional State as well as convey more information to the user. This is roughly akin to Annotations on any k8s resource, just the reconciler conveying richer information outwards. type: object x-kubernetes-preserve-unknown-fields: true + auth: + description: Auth provides the relevant information for OIDC authentication. + type: object + properties: + serviceAccountName: + description: ServiceAccountName is the name of the generated service account used for this components OIDC authentication. + type: string channelStatuses: description: ChannelStatuses is an array of corresponding Channel statuses. Matches the Spec.Steps array in the order. type: array @@ -1724,12 +2003,11 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: labels: - eventing.knative.dev/release: "v1.8.1" eventing.knative.dev/source: "true" duck.knative.dev/source: "true" duck.knative.dev/binding: "true" knative.dev/crd-install: "true" - app.kubernetes.io/version: "1.8.1" + app.kubernetes.io/version: "1.12.0" app.kubernetes.io/name: knative-eventing name: sinkbindings.sources.knative.dev spec: @@ -1779,6 +2057,12 @@ spec: uri: description: URI can be an absolute URL(non-empty scheme and non-empty host) pointing to the target or a relative URI. Relative URIs will be resolved using the base URI retrieved from Ref. type: string + CACerts: + description: CACerts is the Certification Authority (CA) certificates in PEM format that the source trusts when sending events to the sink. + type: string + audience: + description: Audience is the OIDC audience. This only needs to be set if the target is not an Addressable and thus the Audience can't be received from the Addressable itself. If the target is an Addressable and specifies an Audience, the target's Audience takes precedence. + type: string subject: description: Subject references the resource(s) whose "runtime contract" should be augmented by Binding implementations. type: object @@ -1827,6 +2111,13 @@ spec: description: Annotations is additional Status fields for the Resource to save some additional State as well as convey more information to the user. This is roughly akin to Annotations on any k8s resource, just the reconciler conveying richer information outwards. type: object x-kubernetes-preserve-unknown-fields: true + auth: + description: Auth provides the relevant information for OIDC authentication. + type: object + properties: + serviceAccountName: + description: ServiceAccountName is the name of the generated service account used for this components OIDC authentication. + type: string ceAttributes: description: CloudEventAttributes are the specific attributes that the Source uses as part of its CloudEvents. type: array @@ -1873,6 +2164,9 @@ spec: sinkUri: description: SinkURI is the current active sink URI that has been configured for the Source. type: string + sinkCACerts: + description: CACerts is the Certification Authority (CA) certificates in PEM format that the source trusts when sending events to the sink. + type: string additionalPrinterColumns: - name: Sink type: string @@ -1916,9 +2210,8 @@ kind: CustomResourceDefinition metadata: name: subscriptions.messaging.knative.dev labels: - eventing.knative.dev/release: "v1.8.1" knative.dev/crd-install: "true" - app.kubernetes.io/version: "1.8.1" + app.kubernetes.io/version: "1.12.0" app.kubernetes.io/name: knative-eventing spec: group: messaging.knative.dev @@ -1983,6 +2276,12 @@ spec: uri: description: URI can be an absolute URL(non-empty scheme and non-empty host) pointing to the target or a relative URI. Relative URIs will be resolved using the base URI retrieved from Ref. type: string + CACerts: + description: Certification Authority (CA) certificates in PEM format that the source trusts when sending events to the sink. + type: string + audience: + description: Audience is the OIDC audience. This only needs to be set if the target is not an Addressable and thus the Audience can't be received from the Addressable itself. If the target is an Addressable and specifies an Audience, the target's Audience takes precedence. + type: string retry: description: Retry is the minimum number of retries the sender should attempt when sending an event before moving it to the dead letter sink. type: integer @@ -2011,6 +2310,12 @@ spec: uri: description: URI can be an absolute URL(non-empty scheme and non-empty host) pointing to the target or a relative URI. Relative URIs will be resolved using the base URI retrieved from Ref. type: string + CACerts: + description: Certification Authority (CA) certificates in PEM format that the source trusts when sending events to the sink. + type: string + audience: + description: Audience is the OIDC audience. This only needs to be set if the target is not an Addressable and thus the Audience can't be received from the Addressable itself. If the target is an Addressable and specifies an Audience, the target's Audience takes precedence. + type: string subscriber: description: Subscriber is reference to (optional) function for processing events. Events from the Channel will be delivered here and replies are sent to a Destination as specified by the Reply. type: object @@ -2035,6 +2340,12 @@ spec: uri: description: URI can be an absolute URL(non-empty scheme and non-empty host) pointing to the target or a relative URI. Relative URIs will be resolved using the base URI retrieved from Ref. type: string + CACerts: + description: Certification Authority (CA) certificates in PEM format that the subscription trusts when sending events to the sink. + type: string + audience: + description: Audience is the OIDC audience. This only needs to be set if the target is not an Addressable and thus the Audience can't be received from the Addressable itself. If the target is an Addressable and specifies an Audience, the target's Audience takes precedence. + type: string status: type: object properties: @@ -2042,6 +2353,13 @@ spec: description: Annotations is additional Status fields for the Resource to save some additional State as well as convey more information to the user. This is roughly akin to Annotations on any k8s resource, just the reconciler conveying richer information outwards. type: object x-kubernetes-preserve-unknown-fields: true + auth: + description: Auth provides the relevant information for OIDC authentication. + type: object + properties: + serviceAccountName: + description: ServiceAccountName is the name of the generated service account used for this components OIDC authentication. + type: string conditions: description: Conditions the latest available observations of a resource's current state. type: array @@ -2080,12 +2398,27 @@ spec: deadLetterSinkUri: description: ReplyURI is the fully resolved URI for the spec.delivery.deadLetterSink. type: string + deadLetterSinkCACerts: + description: Certification Authority (CA) certificates in PEM format according to https://www.rfc-editor.org/rfc/rfc7468. + type: string replyUri: description: ReplyURI is the fully resolved URI for the spec.reply. type: string + replyCACerts: + description: Certification Authority (CA) certificates in PEM format according to https://www.rfc-editor.org/rfc/rfc7468. + type: string + replyAudience: + description: ReplyAudience is the OIDC audience for the replyUri. + type: string subscriberUri: description: SubscriberURI is the fully resolved URI for spec.subscriber. type: string + subscriberCACerts: + description: Certification Authority (CA) certificates in PEM format according to https://www.rfc-editor.org/rfc/rfc7468. + type: string + subscriberAudience: + description: SubscriberAudience is the OIDC audience for the subscriberUri. + type: string additionalPrinterColumns: - name: Age type: date @@ -2128,9 +2461,8 @@ kind: CustomResourceDefinition metadata: name: triggers.eventing.knative.dev labels: - eventing.knative.dev/release: "v1.8.1" knative.dev/crd-install: "true" - app.kubernetes.io/version: "1.8.1" + app.kubernetes.io/version: "1.12.0" app.kubernetes.io/name: knative-eventing spec: group: eventing.knative.dev @@ -2203,6 +2535,12 @@ spec: uri: description: URI can be an absolute URL(non-empty scheme and non-empty host) pointing to the target or a relative URI. Relative URIs will be resolved using the base URI retrieved from Ref. type: string + CACerts: + description: Certification Authority (CA) certificates in PEM format that the source trusts when sending events to the sink. + type: string + audience: + description: Audience is the OIDC audience. This only needs to be set if the target is not an Addressable and thus the Audience can't be received from the Addressable itself. If the target is an Addressable and specifies an Audience, the target's Audience takes precedence. + type: string retry: description: Retry is the minimum number of retries the sender should attempt when sending an event before moving it to the dead letter sink. type: integer @@ -2238,6 +2576,12 @@ spec: uri: description: URI can be an absolute URL(non-empty scheme and non-empty host) pointing to the target or a relative URI. Relative URIs will be resolved using the base URI retrieved from Ref. type: string + CACerts: + description: Certification Authority (CA) certificates in PEM format that the source trusts when sending events to the sink. + type: string + audience: + description: Audience is the OIDC audience. This only needs to be set if the target is not an Addressable and thus the Audience can't be received from the Addressable itself. If the target is an Addressable and specifies an Audience, the target's Audience takes precedence. + type: string status: description: Status represents the current state of the Trigger. This data may be out of date. type: object @@ -2246,6 +2590,13 @@ spec: description: Annotations is additional Status fields for the Resource to save some additional State as well as convey more information to the user. This is roughly akin to Annotations on any k8s resource, just the reconciler conveying richer information outwards. type: object x-kubernetes-preserve-unknown-fields: true + auth: + description: Auth provides the relevant information for OIDC authentication. + type: object + properties: + serviceAccountName: + description: ServiceAccountName is the name of the generated service account used for this components OIDC authentication. + type: string conditions: description: Conditions the latest available observations of a resource's current state. type: array @@ -2276,6 +2627,9 @@ spec: deadLetterSinkUri: description: DeadLetterSinkURI is the resolved URI of the dead letter sink for this Trigger, in case there is none this will fallback to it's Broker status DeadLetterSinkURI. type: string + deadLetterSinkCACerts: + description: Certification Authority (CA) certificates in PEM format according to https://www.rfc-editor.org/rfc/rfc7468. + type: string observedGeneration: description: ObservedGeneration is the 'Generation' of the Service that was last processed by the controller. type: integer @@ -2283,6 +2637,9 @@ spec: subscriberUri: description: SubscriberURI is the resolved URI of the receiver for this Trigger. type: string + subscriberCACerts: + description: Certification Authority (CA) certificates in PEM format according to https://www.rfc-editor.org/rfc/rfc7468. + type: string names: kind: Trigger plural: triggers diff --git a/cmd/operator/kodata/knative-eventing/1.8.2/2-eventing-core.yaml b/cmd/operator/kodata/knative-eventing/1.12.0/2-eventing-core.yaml similarity index 87% rename from cmd/operator/kodata/knative-eventing/1.8.2/2-eventing-core.yaml rename to cmd/operator/kodata/knative-eventing/1.12.0/2-eventing-core.yaml index 85c0186fb4..3c40cfaf03 100644 --- a/cmd/operator/kodata/knative-eventing/1.8.2/2-eventing-core.yaml +++ b/cmd/operator/kodata/knative-eventing/1.12.0/2-eventing-core.yaml @@ -16,8 +16,7 @@ kind: Namespace metadata: name: knative-eventing labels: - eventing.knative.dev/release: "v1.8.2" - app.kubernetes.io/version: "1.8.2" + app.kubernetes.io/version: "1.12.0" app.kubernetes.io/name: knative-eventing --- @@ -41,8 +40,7 @@ metadata: name: eventing-controller namespace: knative-eventing labels: - eventing.knative.dev/release: "v1.8.2" - app.kubernetes.io/version: "1.8.2" + app.kubernetes.io/version: "1.12.0" app.kubernetes.io/name: knative-eventing --- apiVersion: rbac.authorization.k8s.io/v1 @@ -50,8 +48,7 @@ kind: ClusterRoleBinding metadata: name: eventing-controller labels: - eventing.knative.dev/release: "v1.8.2" - app.kubernetes.io/version: "1.8.2" + app.kubernetes.io/version: "1.12.0" app.kubernetes.io/name: knative-eventing subjects: - kind: ServiceAccount @@ -67,8 +64,7 @@ kind: ClusterRoleBinding metadata: name: eventing-controller-resolver labels: - eventing.knative.dev/release: "v1.8.2" - app.kubernetes.io/version: "1.8.2" + app.kubernetes.io/version: "1.12.0" app.kubernetes.io/name: knative-eventing subjects: - kind: ServiceAccount @@ -84,8 +80,7 @@ kind: ClusterRoleBinding metadata: name: eventing-controller-source-observer labels: - eventing.knative.dev/release: "v1.8.2" - app.kubernetes.io/version: "1.8.2" + app.kubernetes.io/version: "1.12.0" app.kubernetes.io/name: knative-eventing subjects: - kind: ServiceAccount @@ -101,8 +96,7 @@ kind: ClusterRoleBinding metadata: name: eventing-controller-sources-controller labels: - eventing.knative.dev/release: "v1.8.2" - app.kubernetes.io/version: "1.8.2" + app.kubernetes.io/version: "1.12.0" app.kubernetes.io/name: knative-eventing subjects: - kind: ServiceAccount @@ -118,8 +112,7 @@ kind: ClusterRoleBinding metadata: name: eventing-controller-manipulator labels: - eventing.knative.dev/release: "v1.8.2" - app.kubernetes.io/version: "1.8.2" + app.kubernetes.io/version: "1.12.0" app.kubernetes.io/name: knative-eventing subjects: - kind: ServiceAccount @@ -151,8 +144,7 @@ metadata: name: pingsource-mt-adapter namespace: knative-eventing labels: - eventing.knative.dev/release: "v1.8.2" - app.kubernetes.io/version: "1.8.2" + app.kubernetes.io/version: "1.12.0" app.kubernetes.io/name: knative-eventing --- apiVersion: rbac.authorization.k8s.io/v1 @@ -160,8 +152,7 @@ kind: ClusterRoleBinding metadata: name: knative-eventing-pingsource-mt-adapter labels: - eventing.knative.dev/release: "v1.8.2" - app.kubernetes.io/version: "1.8.2" + app.kubernetes.io/version: "1.12.0" app.kubernetes.io/name: knative-eventing subjects: - kind: ServiceAccount @@ -193,8 +184,7 @@ metadata: name: eventing-webhook namespace: knative-eventing labels: - eventing.knative.dev/release: "v1.8.2" - app.kubernetes.io/version: "1.8.2" + app.kubernetes.io/version: "1.12.0" app.kubernetes.io/name: knative-eventing --- apiVersion: rbac.authorization.k8s.io/v1 @@ -202,8 +192,7 @@ kind: ClusterRoleBinding metadata: name: eventing-webhook labels: - eventing.knative.dev/release: "v1.8.2" - app.kubernetes.io/version: "1.8.2" + app.kubernetes.io/version: "1.12.0" app.kubernetes.io/name: knative-eventing subjects: - kind: ServiceAccount @@ -220,8 +209,7 @@ metadata: namespace: knative-eventing name: eventing-webhook labels: - eventing.knative.dev/release: "v1.8.2" - app.kubernetes.io/version: "1.8.2" + app.kubernetes.io/version: "1.12.0" app.kubernetes.io/name: knative-eventing subjects: - kind: ServiceAccount @@ -237,8 +225,7 @@ kind: ClusterRoleBinding metadata: name: eventing-webhook-resolver labels: - eventing.knative.dev/release: "v1.8.2" - app.kubernetes.io/version: "1.8.2" + app.kubernetes.io/version: "1.12.0" app.kubernetes.io/name: knative-eventing subjects: - kind: ServiceAccount @@ -254,8 +241,7 @@ kind: ClusterRoleBinding metadata: name: eventing-webhook-podspecable-binding labels: - eventing.knative.dev/release: "v1.8.2" - app.kubernetes.io/version: "1.8.2" + app.kubernetes.io/version: "1.12.0" app.kubernetes.io/name: knative-eventing subjects: - kind: ServiceAccount @@ -287,8 +273,7 @@ metadata: name: config-br-default-channel namespace: knative-eventing labels: - eventing.knative.dev/release: "v1.8.2" - app.kubernetes.io/version: "1.8.2" + app.kubernetes.io/version: "1.12.0" app.kubernetes.io/name: knative-eventing data: channel-template-spec: | @@ -316,8 +301,7 @@ metadata: name: config-br-defaults namespace: knative-eventing labels: - eventing.knative.dev/release: "v1.8.2" - app.kubernetes.io/version: "1.8.2" + app.kubernetes.io/version: "1.12.0" app.kubernetes.io/name: knative-eventing data: # Configures the default for any Broker that does not specify a spec.config or Broker class. @@ -354,8 +338,7 @@ metadata: name: default-ch-webhook namespace: knative-eventing labels: - eventing.knative.dev/release: "v1.8.2" - app.kubernetes.io/version: "1.8.2" + app.kubernetes.io/version: "1.12.0" app.kubernetes.io/name: knative-eventing data: # Configuration for defaulting channels that do not specify CRD implementations. @@ -389,10 +372,9 @@ metadata: name: config-ping-defaults namespace: knative-eventing labels: - eventing.knative.dev/release: "v1.8.2" annotations: knative.dev/example-checksum: "9185c153" - app.kubernetes.io/version: "1.8.2" + app.kubernetes.io/version: "1.12.0" app.kubernetes.io/name: knative-eventing data: _example: | @@ -436,10 +418,9 @@ metadata: name: config-features namespace: knative-eventing labels: - eventing.knative.dev/release: "v1.8.2" knative.dev/config-propagation: original knative.dev/config-category: eventing - app.kubernetes.io/version: "1.8.2" + app.kubernetes.io/version: "1.12.0" app.kubernetes.io/name: knative-eventing data: # ALPHA feature: The kreference-group allows you to use the Group field in KReferences. @@ -454,13 +435,19 @@ data: # ALPHA feature: The kreference-mapping allows you to map kreference onto templated URI # For more details: https://github.com/knative/eventing/issues/5593 kreference-mapping: "disabled" - # BETA feature: The subscriber-strict flag force subscriptions to define a subscriber - # For more details: https://github.com/knative/eventing/issues/5756 - strict-subscriber: "enabled" - # ALPHA feature: The new-trigger-filters flag allows you to use the new `filters` field + # BETA feature: The new-trigger-filters flag allows you to use the new `filters` field # in Trigger objects with its rich filtering capabilities. # For more details: https://github.com/knative/eventing/issues/5204 - new-trigger-filters: "disabled" + new-trigger-filters: "enabled" + # ALPHA feature: The transport-encryption flag allows you to encrypt events in transit using the transport layer security (TLS) protocol. + # For more details: https://github.com/knative/eventing/issues/5957 + transport-encryption: "disabled" + # ALPHA feature: The eventtype-auto-create flag allows automatic creation of Even Type instances based on Event's type being processed. + # For more details: https://github.com/knative/eventing/issues/6909 + eventtype-auto-create: "disabled" + # ALPHA feature: The authentication.oidc flag allows you to use OIDC authentication for Eventing. + # For more details: https://github.com/knative/eventing/issues/7174 + authentication.oidc: "disabled" --- # Copyright 2021 The Knative Authors @@ -483,7 +470,6 @@ metadata: name: config-kreference-mapping namespace: knative-eventing labels: - eventing.knative.dev/release: "v1.8.2" knative.dev/config-propagation: original knative.dev/config-category: eventing annotations: @@ -532,8 +518,7 @@ metadata: name: config-leader-election namespace: knative-eventing labels: - eventing.knative.dev/release: "v1.8.2" - app.kubernetes.io/version: "1.8.2" + app.kubernetes.io/version: "1.12.0" app.kubernetes.io/name: knative-eventing annotations: knative.dev/example-checksum: "f7948630" @@ -594,10 +579,9 @@ metadata: name: config-logging namespace: knative-eventing labels: - eventing.knative.dev/release: "v1.8.2" knative.dev/config-propagation: original knative.dev/config-category: eventing - app.kubernetes.io/version: "1.8.2" + app.kubernetes.io/version: "1.12.0" app.kubernetes.io/name: knative-eventing data: # Common configuration for all Knative codebase @@ -648,10 +632,9 @@ metadata: name: config-observability namespace: knative-eventing labels: - eventing.knative.dev/release: "v1.8.2" knative.dev/config-propagation: original knative.dev/config-category: eventing - app.kubernetes.io/version: "1.8.2" + app.kubernetes.io/version: "1.12.0" app.kubernetes.io/name: knative-eventing annotations: knative.dev/example-checksum: "f46cf09d" @@ -725,8 +708,7 @@ metadata: name: config-sugar namespace: knative-eventing labels: - eventing.knative.dev/release: "v1.8.2" - app.kubernetes.io/version: "1.8.2" + app.kubernetes.io/version: "1.12.0" app.kubernetes.io/name: knative-eventing annotations: knative.dev/example-checksum: "62dfac6f" @@ -783,10 +765,9 @@ metadata: name: config-tracing namespace: knative-eventing labels: - eventing.knative.dev/release: "v1.8.2" knative.dev/config-propagation: original knative.dev/config-category: eventing - app.kubernetes.io/version: "1.8.2" + app.kubernetes.io/version: "1.12.0" app.kubernetes.io/name: knative-eventing annotations: knative.dev/example-checksum: "0492ceb0" @@ -841,10 +822,9 @@ metadata: name: eventing-controller namespace: knative-eventing labels: - eventing.knative.dev/release: "v1.8.2" knative.dev/high-availability: "true" app.kubernetes.io/component: eventing-controller - app.kubernetes.io/version: "1.8.2" + app.kubernetes.io/version: "1.12.0" app.kubernetes.io/name: knative-eventing spec: selector: @@ -854,9 +834,8 @@ spec: metadata: labels: app: eventing-controller - eventing.knative.dev/release: "v1.8.2" app.kubernetes.io/component: eventing-controller - app.kubernetes.io/version: "1.8.2" + app.kubernetes.io/version: "1.12.0" app.kubernetes.io/name: knative-eventing spec: # To avoid node becoming SPOF, spread our replicas to different nodes. @@ -874,7 +853,7 @@ spec: containers: - name: eventing-controller terminationMessagePolicy: FallbackToLogsOnError - image: gcr.io/knative-releases/knative.dev/eventing/cmd/controller@sha256:8173dc726d0037e3b55a1021e7786f7f22d5f393e620e50044c22691bbc8b8a0 + image: gcr.io/knative-releases/knative.dev/eventing/cmd/controller@sha256:bda5dd2e4a3b67cbbee4170919a6e34d92dd35d5bc232b907f88069c845db74d resources: requests: cpu: 100m @@ -892,7 +871,7 @@ spec: value: knative.dev/eventing # APIServerSource - name: APISERVER_RA_IMAGE - value: gcr.io/knative-releases/knative.dev/eventing/cmd/apiserver_receive_adapter@sha256:5e886a004a96c1f58253ad7eb4c046b5dee88f009530e936165fd98fc8e5b9e7 + value: gcr.io/knative-releases/knative.dev/eventing/cmd/apiserver_receive_adapter@sha256:a4d2cc10ac098547002989a0dced0413e2f2d0a7d99b5e9ab054a0dec71166ef - name: POD_NAME valueFrom: fieldRef: @@ -961,9 +940,8 @@ metadata: name: pingsource-mt-adapter namespace: knative-eventing labels: - eventing.knative.dev/release: "v1.8.2" app.kubernetes.io/component: pingsource-mt-adapter - app.kubernetes.io/version: "1.8.2" + app.kubernetes.io/version: "1.12.0" app.kubernetes.io/name: knative-eventing spec: # when set to 0 (and only 0) will be set to 1 when the first PingSource is created. @@ -976,9 +954,8 @@ spec: metadata: labels: !!merge <<: *labels - eventing.knative.dev/release: "v1.8.2" app.kubernetes.io/component: pingsource-mt-adapter - app.kubernetes.io/version: "1.8.2" + app.kubernetes.io/version: "1.12.0" app.kubernetes.io/name: knative-eventing spec: affinity: @@ -992,7 +969,7 @@ spec: enableServiceLinks: false containers: - name: dispatcher - image: gcr.io/knative-releases/knative.dev/eventing/cmd/mtping@sha256:127c3cf4df11eea8d6997f13052fbc33e659b7607b97e591eef915704f327a87 + image: gcr.io/knative-releases/knative.dev/eventing/cmd/mtping@sha256:784bd4be603d6ac188ce60079d9fe854c3b55577b9cc3abb30886bfbd5d5a776 env: - name: SYSTEM_NAMESPACE value: '' @@ -1065,9 +1042,8 @@ metadata: name: eventing-webhook namespace: knative-eventing labels: - eventing.knative.dev/release: "v1.8.2" app.kubernetes.io/component: eventing-webhook - app.kubernetes.io/version: "1.8.2" + app.kubernetes.io/version: "1.12.0" app.kubernetes.io/name: knative-eventing spec: scaleTargetRef: @@ -1091,9 +1067,8 @@ metadata: name: eventing-webhook namespace: knative-eventing labels: - eventing.knative.dev/release: "v1.8.2" app.kubernetes.io/component: eventing-webhook - app.kubernetes.io/version: "1.8.2" + app.kubernetes.io/version: "1.12.0" app.kubernetes.io/name: knative-eventing spec: minAvailable: 80% @@ -1122,9 +1097,8 @@ metadata: name: eventing-webhook namespace: knative-eventing labels: - eventing.knative.dev/release: "v1.8.2" app.kubernetes.io/component: eventing-webhook - app.kubernetes.io/version: "1.8.2" + app.kubernetes.io/version: "1.12.0" app.kubernetes.io/name: knative-eventing spec: selector: @@ -1135,9 +1109,8 @@ spec: metadata: labels: !!merge <<: *labels - eventing.knative.dev/release: "v1.8.2" app.kubernetes.io/component: eventing-webhook - app.kubernetes.io/version: "1.8.2" + app.kubernetes.io/version: "1.12.0" app.kubernetes.io/name: knative-eventing spec: # To avoid node becoming SPOF, spread our replicas to different nodes. @@ -1157,7 +1130,7 @@ spec: terminationMessagePolicy: FallbackToLogsOnError # This is the Go import path for the binary that is containerized # and substituted here. - image: gcr.io/knative-releases/knative.dev/eventing/cmd/webhook@sha256:fb484c2d2495d9ec62624f664bf22fc37253b4b57e4281f23df358c01e95a96c + image: gcr.io/knative-releases/knative.dev/eventing/cmd/webhook@sha256:f8269a953534c4549b74305e53a1d5b02aa14fb05754d65b051f79426439cb60 resources: requests: # taken from serving. @@ -1228,10 +1201,9 @@ apiVersion: v1 kind: Service metadata: labels: - eventing.knative.dev/release: "v1.8.2" role: eventing-webhook app.kubernetes.io/component: eventing-webhook - app.kubernetes.io/version: "1.8.2" + app.kubernetes.io/version: "1.12.0" app.kubernetes.io/name: knative-eventing name: eventing-webhook namespace: knative-eventing @@ -1263,22 +1235,39 @@ kind: CustomResourceDefinition metadata: creationTimestamp: null labels: - eventing.knative.dev/release: "v1.8.2" eventing.knative.dev/source: "true" duck.knative.dev/source: "true" knative.dev/crd-install: "true" - app.kubernetes.io/version: "1.8.2" + app.kubernetes.io/version: "1.12.0" app.kubernetes.io/name: knative-eventing annotations: - # TODO add schemas and descriptions + # TODO add schemas registry.knative.dev/eventTypes: | [ - { "type": "dev.knative.apiserver.resource.add" }, - { "type": "dev.knative.apiserver.resource.delete" }, - { "type": "dev.knative.apiserver.resource.update" }, - { "type": "dev.knative.apiserver.ref.add" }, - { "type": "dev.knative.apiserver.ref.delete" }, - { "type": "dev.knative.apiserver.ref.update" } + { + "type": "dev.knative.apiserver.resource.add", + "description": "CloudEvent type used for add operations when in Resource mode" + }, + { + "type": "dev.knative.apiserver.resource.delete", + "description": "CloudEvent type used for delete operations when in Resource mode" + }, + { + "type": "dev.knative.apiserver.resource.update", + "description": "CloudEvent type used for update operations when in Resource mode" + }, + { + "type": "dev.knative.apiserver.ref.add", + "description": "CloudEvent type used for add operations when in Reference mode" + }, + { + "type": "dev.knative.apiserver.ref.delete", + "description": "CloudEvent type used for delete operations when in Reference mode" + }, + { + "type": "dev.knative.apiserver.ref.update", + "description": "CloudEvent type used for update operations when in Reference mode" + } ] name: apiserversources.sources.knative.dev spec: @@ -1383,6 +1372,37 @@ spec: uri: description: URI can be an absolute URL(non-empty scheme and non-empty host) pointing to the target or a relative URI. Relative URIs will be resolved using the base URI retrieved from Ref. type: string + CACerts: + description: CACerts is the Certification Authority (CA) certificates in PEM format that the source trusts when sending events to the sink. + type: string + audience: + description: Audience is the OIDC audience. This only needs to be set if the target is not an Addressable and thus the Audience can't be received from the Addressable itself. If the target is an Addressable and specifies an Audience, the target's Audience takes precedence. + type: string + namespaceSelector: + description: NamespaceSelector is a label selector to capture the namespaces that should be watched by the source. + type: object + properties: + matchExpressions: + description: matchExpressions is a list of label selector requirements. The requirements are ANDed. + type: array + items: + type: object + properties: + key: + description: key is the label key that the selector applies to. + type: string + operator: + description: operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + type: string + values: + description: values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + type: array + items: + type: string + matchLabels: + description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + type: object + x-kubernetes-preserve-unknown-fields: true status: type: object properties: @@ -1390,6 +1410,13 @@ spec: description: Annotations is additional Status fields for the Resource to save some additional State as well as convey more information to the user. This is roughly akin to Annotations on any k8s resource, just the reconciler conveying richer information outwards. type: object x-kubernetes-preserve-unknown-fields: true + auth: + description: Auth provides the relevant information for OIDC authentication. + type: object + properties: + serviceAccountName: + description: ServiceAccountName is the name of the generated service account used for this components OIDC authentication. + type: string ceAttributes: description: CloudEventAttributes are the specific attributes that the Source uses as part of its CloudEvents. type: array @@ -1436,6 +1463,14 @@ spec: sinkUri: description: SinkURI is the current active sink URI that has been configured for the Source. type: string + sinkCACerts: + description: CACerts is the Certification Authority (CA) certificates in PEM format that the source trusts when sending events to the sink. + type: string + namespaces: + description: Namespaces show the namespaces currently watched by the ApiServerSource + type: array + items: + type: string additionalPrinterColumns: - name: Sink type: string @@ -1479,10 +1514,9 @@ kind: CustomResourceDefinition metadata: name: brokers.eventing.knative.dev labels: - eventing.knative.dev/release: "v1.8.2" knative.dev/crd-install: "true" duck.knative.dev/addressable: "true" - app.kubernetes.io/version: "1.8.2" + app.kubernetes.io/version: "1.12.0" app.kubernetes.io/name: knative-eventing spec: group: eventing.knative.dev @@ -1550,6 +1584,12 @@ spec: uri: description: URI can be an absolute URL(non-empty scheme and non-empty host) pointing to the target or a relative URI. Relative URIs will be resolved using the base URI retrieved from Ref. type: string + CACerts: + description: Certification Authority (CA) certificates in PEM format that the source trusts when sending events to the sink. + type: string + audience: + description: Audience is the OIDC audience. This only needs to be set if the target is not an Addressable and thus the Audience can't be received from the Addressable itself. If the target is an Addressable and specifies an Audience, the target's Audience takes precedence. + type: string retry: description: Retry is the minimum number of retries the sender should attempt when sending an event before moving it to the dead letter sink. type: integer @@ -1563,8 +1603,28 @@ spec: description: Broker is Addressable. It exposes the endpoint as an URI to get events delivered into the Broker mesh. type: object properties: + name: + type: string url: type: string + CACerts: + type: string + audience: + type: string + addresses: + description: Broker is Addressable. It exposes the endpoints as URIs to get events delivered into the Broker mesh. + type: array + items: + type: object + properties: + name: + type: string + url: + type: string + CACerts: + type: string + audience: + type: string annotations: description: Annotations is additional Status fields for the Resource to save some additional State as well as convey more information to the user. This is roughly akin to Annotations on any k8s resource, just the reconciler conveying richer information outwards. type: object @@ -1599,6 +1659,9 @@ spec: deadLetterSinkUri: description: DeadLetterSinkURI is the resolved URI of the dead letter sink that will be used as a fallback when not specified by Triggers. type: string + deadLetterSinkCACerts: + description: Certification Authority (CA) certificates in PEM format according to https://www.rfc-editor.org/rfc/rfc7468. + type: string observedGeneration: description: ObservedGeneration is the 'Generation' of the Service that was last processed by the controller. type: integer @@ -1616,6 +1679,10 @@ spec: - name: Reason type: string jsonPath: ".status.conditions[?(@.type==\"Ready\")].reason" + - name: Class + type: string + priority: 1 + jsonPath: '.metadata.annotations.eventing\.knative\.dev/broker\.class' names: kind: Broker plural: brokers @@ -1646,11 +1713,10 @@ kind: CustomResourceDefinition metadata: name: channels.messaging.knative.dev labels: - eventing.knative.dev/release: "v1.8.2" knative.dev/crd-install: "true" messaging.knative.dev/subscribable: "true" duck.knative.dev/addressable: "true" - app.kubernetes.io/version: "1.8.2" + app.kubernetes.io/version: "1.12.0" app.kubernetes.io/name: knative-eventing spec: group: messaging.knative.dev @@ -1729,6 +1795,12 @@ spec: uri: description: URI can be an absolute URL(non-empty scheme and non-empty host) pointing to the target or a relative URI. Relative URIs will be resolved using the base URI retrieved from Ref. type: string + CACerts: + description: Certification Authority (CA) certificates in PEM format that the source trusts when sending events to the sink. + type: string + audience: + description: Audience is the OIDC audience. This only needs to be set if the target is not an Addressable and thus the Audience can't be received from the Addressable itself. If the target is an Addressable and specifies an Audience, the target's Audience takes precedence. + type: string retry: description: Retry is the minimum number of retries the sender should attempt when sending an event before moving it to the dead letter sink. type: integer @@ -1785,9 +1857,21 @@ spec: replyUri: description: ReplyURI is the endpoint for the reply type: string + replyCACerts: + description: Certification Authority (CA) certificates in PEM format according to https://www.rfc-editor.org/rfc/rfc7468. + type: string + replyAudience: + description: ReplyAudience is the OIDC audience for the replyUri. + type: string subscriberUri: description: SubscriberURI is the endpoint for the subscriber type: string + subscriberCACerts: + description: Certification Authority (CA) certificates in PEM format according to https://www.rfc-editor.org/rfc/rfc7468. + type: string + subscriberAudience: + description: SubscriberAudience is the OIDC audience for the subscriberUri. + type: string uid: description: UID is used to understand the origin of the subscriber. type: string @@ -1796,10 +1880,31 @@ spec: type: object properties: address: + description: Channel is Addressable. It exposes the endpoint as an URI to get events delivered into the Channel mesh. type: object properties: + name: + type: string url: type: string + CACerts: + type: string + audience: + type: string + addresses: + description: Channel is Addressable. It exposes the endpoints as URIs to get events delivered into the Channel mesh. + type: array + items: + type: object + properties: + name: + type: string + url: + type: string + CACerts: + type: string + audience: + type: string annotations: description: Annotations is additional Status fields for the Resource to save some additional State as well as convey more information to the user. This is roughly akin to Annotations on any k8s resource, just the reconciler conveying richer information outwards. type: object @@ -1866,6 +1971,9 @@ spec: deadLetterSinkUri: description: DeadLetterSinkURI is the resolved URI of the dead letter sink that will be used as a fallback when not specified by Triggers. type: string + deadLetterSinkCACerts: + description: Certification Authority (CA) certificates in PEM format according to https://www.rfc-editor.org/rfc/rfc7468. + type: string observedGeneration: description: ObservedGeneration is the 'Generation' of the Service that was last processed by the controller. type: integer @@ -1889,6 +1997,13 @@ spec: uid: description: UID is used to understand the origin of the subscriber. type: string + auth: + description: Auth provides the relevant information for OIDC authentication. + type: object + properties: + serviceAccountName: + description: ServiceAccountName is the name of the generated service account used for this components OIDC authentication. + type: string names: kind: Channel plural: channels @@ -1921,11 +2036,10 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: labels: - eventing.knative.dev/release: "v1.8.2" eventing.knative.dev/source: "true" duck.knative.dev/source: "true" knative.dev/crd-install: "true" - app.kubernetes.io/version: "1.8.2" + app.kubernetes.io/version: "1.12.0" app.kubernetes.io/name: knative-eventing name: containersources.sources.knative.dev spec: @@ -1975,6 +2089,12 @@ spec: uri: description: URI can be an absolute URL(non-empty scheme and non-empty host) pointing to the target or a relative URI. Relative URIs will be resolved using the base URI retrieved from Ref. type: string + CACerts: + description: CACerts is the Certification Authority (CA) certificates in PEM format that the source trusts when sending events to the sink. + type: string + audience: + description: Audience is the OIDC audience. This only needs to be set if the target is not an Addressable and thus the Audience can't be received from the Addressable itself. If the target is an Addressable and specifies an Audience, the target's Audience takes precedence. + type: string # WARNING: the schema tool can not parse PodTemplateSpec, stub here and redirect to Deployment documentation. template: type: object @@ -1987,6 +2107,13 @@ spec: description: Annotations is additional Status fields for the Resource to save some additional State as well as convey more information to the user. This is roughly akin to Annotations on any k8s resource, just the reconciler conveying richer information outwards. type: object x-kubernetes-preserve-unknown-fields: true + auth: + description: Auth provides the relevant information for OIDC authentication. + type: object + properties: + serviceAccountName: + description: ServiceAccountName is the name of the generated service account used for this components OIDC authentication. + type: string ceAttributes: description: CloudEventAttributes are the specific attributes that the Source uses as part of its CloudEvents. type: array @@ -2033,6 +2160,9 @@ spec: sinkUri: description: SinkURI is the current active sink URI that has been configured for the Source. type: string + sinkCACerts: + description: CACerts is the Certification Authority (CA) certificates in PEM format that the source trusts when sending events to the sink. + type: string additionalPrinterColumns: - name: Sink type: string @@ -2075,14 +2205,14 @@ kind: CustomResourceDefinition metadata: name: eventtypes.eventing.knative.dev labels: - eventing.knative.dev/release: "v1.8.2" knative.dev/crd-install: "true" - app.kubernetes.io/version: "1.8.2" + app.kubernetes.io/version: "1.12.0" app.kubernetes.io/name: knative-eventing spec: group: eventing.knative.dev versions: - - name: v1beta1 + - &version + name: v1beta1 served: true storage: true subresources: @@ -2098,6 +2228,22 @@ spec: properties: broker: type: string + reference: + description: Reference Broker. For example + type: object + properties: + apiVersion: + description: API version of the referent. + type: string + kind: + description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + namespace: + description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ This is an optional field, it gets defaulted to the object holding it if left out.' + type: string description: description: 'Description is an optional field used to describe the EventType, in any meaningful way.' type: string @@ -2162,19 +2308,26 @@ spec: - name: Schema type: string jsonPath: ".spec.schema" - - name: Broker + - name: Reference Name + type: string + jsonPath: ".spec.reference.name" + - name: Reference Kind type: string - jsonPath: ".spec.broker" + jsonPath: ".spec.reference.kind" - name: Description type: string jsonPath: ".spec.description" - # TODO remove Status https://github.com/knative/eventing/issues/2750 - name: Ready type: string jsonPath: ".status.conditions[?(@.type==\"Ready\")].status" - name: Reason type: string jsonPath: ".status.conditions[?(@.type==\"Ready\")].reason" + - !!merge <<: *version + name: v1beta2 + served: true + storage: false + # v1beta1 schema is identical to the v1beta2 schema names: kind: EventType plural: eventtypes @@ -2184,6 +2337,14 @@ spec: - knative - eventing scope: Namespaced + conversion: + strategy: Webhook + webhook: + conversionReviewVersions: ["v1", "v1beta1"] + clientConfig: + service: + name: eventing-webhook + namespace: knative-eventing --- # Copyright 2020 The Knative Authors @@ -2204,10 +2365,9 @@ kind: CustomResourceDefinition metadata: name: parallels.flows.knative.dev labels: - eventing.knative.dev/release: "v1.8.2" knative.dev/crd-install: "true" duck.knative.dev/addressable: "true" - app.kubernetes.io/version: "1.8.2" + app.kubernetes.io/version: "1.12.0" app.kubernetes.io/name: knative-eventing spec: group: flows.knative.dev @@ -2266,6 +2426,12 @@ spec: uri: description: URI can be an absolute URL(non-empty scheme and non-empty host) pointing to the target or a relative URI. Relative URIs will be resolved using the base URI retrieved from Ref. type: string + CACerts: + description: Certification Authority (CA) certificates in PEM format that the source trusts when sending events to the sink. + type: string + audience: + description: Audience is the OIDC audience. This only needs to be set if the target is not an Addressable and thus the Audience can't be received from the Addressable itself. If the target is an Addressable and specifies an Audience, the target's Audience takes precedence. + type: string retry: description: Retry is the minimum number of retries the sender should attempt when sending an event before moving it to the dead letter sink. type: integer @@ -2310,14 +2476,42 @@ spec: type: object properties: address: + description: Parallel is Addressable. It exposes the endpoint as an URI to get events delivered into the Parallel. type: object properties: + name: + type: string url: type: string + CACerts: + type: string + audience: + type: string + addresses: + description: Parallel is Addressable. It exposes the endpoints as URIs to get events delivered into the Parallel. + type: array + items: + type: object + properties: + name: + type: string + url: + type: string + CACerts: + type: string + audience: + type: string annotations: description: Annotations is additional Status fields for the Resource to save some additional State as well as convey more information to the user. This is roughly akin to Annotations on any k8s resource, just the reconciler conveying richer information outwards. type: object x-kubernetes-preserve-unknown-fields: true + auth: + description: Auth provides the relevant information for OIDC authentication. + type: object + properties: + serviceAccountName: + description: ServiceAccountName is the name of the generated service account used for this components OIDC authentication. + type: string branchStatuses: description: BranchStatuses is an array of corresponding to branch statuses. Matches the Spec.Branches array in the order. type: array @@ -2459,17 +2653,19 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: labels: - eventing.knative.dev/release: "v1.8.2" eventing.knative.dev/source: "true" duck.knative.dev/source: "true" knative.dev/crd-install: "true" - app.kubernetes.io/version: "1.8.2" + app.kubernetes.io/version: "1.12.0" app.kubernetes.io/name: knative-eventing annotations: - # TODO add schemas and descriptions + # TODO add schema registry.knative.dev/eventTypes: | [ - { "type": "dev.knative.sources.ping" } + { + "type": "dev.knative.sources.ping", + "description": "CloudEvent type for fixed payloads on a specified cron schedule" + } ] name: pingsources.sources.knative.dev spec: @@ -2535,6 +2731,12 @@ spec: uri: description: 'URI can be an absolute URL(non-empty scheme and non-empty host) pointing to the target or a relative URI. Relative URIs will be resolved using the base URI retrieved from Ref.' type: string + CACerts: + description: CACerts is the Certification Authority (CA) certificates in PEM format that the source trusts when sending events to the sink. + type: string + audience: + description: Audience is the OIDC audience. This only needs to be set if the target is not an Addressable and thus the Audience can't be received from the Addressable itself. If the target is an Addressable and specifies an Audience, the target's Audience takes precedence. + type: string timezone: description: 'Timezone modifies the actual time relative to the specified timezone. Defaults to the system time zone. More general information about time zones: https://www.iana.org/time-zones List of valid timezone values: https://en.wikipedia.org/wiki/List_of_tz_database_time_zones' type: string @@ -2546,6 +2748,13 @@ spec: description: 'Annotations is additional Status fields for the Resource to save some additional State as well as convey more information to the user. This is roughly akin to Annotations on any k8s resource, just the reconciler conveying richer information outwards.' type: object x-kubernetes-preserve-unknown-fields: true + auth: + description: Auth provides the relevant information for OIDC authentication. + type: object + properties: + serviceAccountName: + description: ServiceAccountName is the name of the generated service account used for this components OIDC authentication. + type: string ceAttributes: description: 'CloudEventAttributes are the specific attributes that the Source uses as part of its CloudEvents.' type: array @@ -2592,6 +2801,9 @@ spec: sinkUri: description: 'SinkURI is the current active sink URI that has been configured for the Source.' type: string + sinkCACerts: + description: CACerts is the Certification Authority (CA) certificates in PEM format that the source trusts when sending events to the sink. + type: string additionalPrinterColumns: - name: Sink type: string @@ -2650,10 +2862,9 @@ kind: CustomResourceDefinition metadata: name: sequences.flows.knative.dev labels: - eventing.knative.dev/release: "v1.8.2" knative.dev/crd-install: "true" duck.knative.dev/addressable: "true" - app.kubernetes.io/version: "1.8.2" + app.kubernetes.io/version: "1.12.0" app.kubernetes.io/name: knative-eventing spec: group: flows.knative.dev @@ -2748,6 +2959,12 @@ spec: uri: description: URI can be an absolute URL(non-empty scheme and non-empty host) pointing to the target or a relative URI. Relative URIs will be resolved using the base URI retrieved from Ref. type: string + CACerts: + description: Certification Authority (CA) certificates in PEM format that the source trusts when sending events to the sink. + type: string + audience: + description: Audience is the OIDC audience. This only needs to be set if the target is not an Addressable and thus the Audience can't be received from the Addressable itself. If the target is an Addressable and specifies an Audience, the target's Audience takes precedence. + type: string retry: description: Retry is the minimum number of retries the sender should attempt when sending an event before moving it to the dead letter sink. type: integer @@ -2772,19 +2989,53 @@ spec: uri: description: URI can be an absolute URL(non-empty scheme and non-empty host) pointing to the target or a relative URI. Relative URIs will be resolved using the base URI retrieved from Ref. type: string + CACerts: + description: Certification Authority (CA) certificates in PEM format that the source trusts when sending events to the sink. + type: string + audience: + description: Audience is the OIDC audience. This only needs to be set if the target is not an Addressable and thus the Audience can't be received from the Addressable itself. If the target is an Addressable and specifies an Audience, the target's Audience takes precedence. + type: string status: description: Status represents the current state of the Sequence. This data may be out of date. type: object properties: address: + description: Sequence is Addressable. It exposes the endpoint as an URI to get events delivered into the Sequence. type: object properties: + name: + type: string url: type: string + CACerts: + type: string + audience: + type: string + addresses: + description: Sequence is Addressable. It exposes the endpoints as URIs to get events delivered into the Sequence. + type: array + items: + type: object + properties: + name: + type: string + url: + type: string + CACerts: + type: string + audience: + type: string annotations: description: Annotations is additional Status fields for the Resource to save some additional State as well as convey more information to the user. This is roughly akin to Annotations on any k8s resource, just the reconciler conveying richer information outwards. type: object x-kubernetes-preserve-unknown-fields: true + auth: + description: Auth provides the relevant information for OIDC authentication. + type: object + properties: + serviceAccountName: + description: ServiceAccountName is the name of the generated service account used for this components OIDC authentication. + type: string channelStatuses: description: ChannelStatuses is an array of corresponding Channel statuses. Matches the Spec.Steps array in the order. type: array @@ -2970,12 +3221,11 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: labels: - eventing.knative.dev/release: "v1.8.2" eventing.knative.dev/source: "true" duck.knative.dev/source: "true" duck.knative.dev/binding: "true" knative.dev/crd-install: "true" - app.kubernetes.io/version: "1.8.2" + app.kubernetes.io/version: "1.12.0" app.kubernetes.io/name: knative-eventing name: sinkbindings.sources.knative.dev spec: @@ -3025,6 +3275,12 @@ spec: uri: description: URI can be an absolute URL(non-empty scheme and non-empty host) pointing to the target or a relative URI. Relative URIs will be resolved using the base URI retrieved from Ref. type: string + CACerts: + description: CACerts is the Certification Authority (CA) certificates in PEM format that the source trusts when sending events to the sink. + type: string + audience: + description: Audience is the OIDC audience. This only needs to be set if the target is not an Addressable and thus the Audience can't be received from the Addressable itself. If the target is an Addressable and specifies an Audience, the target's Audience takes precedence. + type: string subject: description: Subject references the resource(s) whose "runtime contract" should be augmented by Binding implementations. type: object @@ -3073,6 +3329,13 @@ spec: description: Annotations is additional Status fields for the Resource to save some additional State as well as convey more information to the user. This is roughly akin to Annotations on any k8s resource, just the reconciler conveying richer information outwards. type: object x-kubernetes-preserve-unknown-fields: true + auth: + description: Auth provides the relevant information for OIDC authentication. + type: object + properties: + serviceAccountName: + description: ServiceAccountName is the name of the generated service account used for this components OIDC authentication. + type: string ceAttributes: description: CloudEventAttributes are the specific attributes that the Source uses as part of its CloudEvents. type: array @@ -3119,6 +3382,9 @@ spec: sinkUri: description: SinkURI is the current active sink URI that has been configured for the Source. type: string + sinkCACerts: + description: CACerts is the Certification Authority (CA) certificates in PEM format that the source trusts when sending events to the sink. + type: string additionalPrinterColumns: - name: Sink type: string @@ -3162,9 +3428,8 @@ kind: CustomResourceDefinition metadata: name: subscriptions.messaging.knative.dev labels: - eventing.knative.dev/release: "v1.8.2" knative.dev/crd-install: "true" - app.kubernetes.io/version: "1.8.2" + app.kubernetes.io/version: "1.12.0" app.kubernetes.io/name: knative-eventing spec: group: messaging.knative.dev @@ -3229,6 +3494,12 @@ spec: uri: description: URI can be an absolute URL(non-empty scheme and non-empty host) pointing to the target or a relative URI. Relative URIs will be resolved using the base URI retrieved from Ref. type: string + CACerts: + description: Certification Authority (CA) certificates in PEM format that the source trusts when sending events to the sink. + type: string + audience: + description: Audience is the OIDC audience. This only needs to be set if the target is not an Addressable and thus the Audience can't be received from the Addressable itself. If the target is an Addressable and specifies an Audience, the target's Audience takes precedence. + type: string retry: description: Retry is the minimum number of retries the sender should attempt when sending an event before moving it to the dead letter sink. type: integer @@ -3257,6 +3528,12 @@ spec: uri: description: URI can be an absolute URL(non-empty scheme and non-empty host) pointing to the target or a relative URI. Relative URIs will be resolved using the base URI retrieved from Ref. type: string + CACerts: + description: Certification Authority (CA) certificates in PEM format that the source trusts when sending events to the sink. + type: string + audience: + description: Audience is the OIDC audience. This only needs to be set if the target is not an Addressable and thus the Audience can't be received from the Addressable itself. If the target is an Addressable and specifies an Audience, the target's Audience takes precedence. + type: string subscriber: description: Subscriber is reference to (optional) function for processing events. Events from the Channel will be delivered here and replies are sent to a Destination as specified by the Reply. type: object @@ -3281,6 +3558,12 @@ spec: uri: description: URI can be an absolute URL(non-empty scheme and non-empty host) pointing to the target or a relative URI. Relative URIs will be resolved using the base URI retrieved from Ref. type: string + CACerts: + description: Certification Authority (CA) certificates in PEM format that the subscription trusts when sending events to the sink. + type: string + audience: + description: Audience is the OIDC audience. This only needs to be set if the target is not an Addressable and thus the Audience can't be received from the Addressable itself. If the target is an Addressable and specifies an Audience, the target's Audience takes precedence. + type: string status: type: object properties: @@ -3288,6 +3571,13 @@ spec: description: Annotations is additional Status fields for the Resource to save some additional State as well as convey more information to the user. This is roughly akin to Annotations on any k8s resource, just the reconciler conveying richer information outwards. type: object x-kubernetes-preserve-unknown-fields: true + auth: + description: Auth provides the relevant information for OIDC authentication. + type: object + properties: + serviceAccountName: + description: ServiceAccountName is the name of the generated service account used for this components OIDC authentication. + type: string conditions: description: Conditions the latest available observations of a resource's current state. type: array @@ -3326,12 +3616,27 @@ spec: deadLetterSinkUri: description: ReplyURI is the fully resolved URI for the spec.delivery.deadLetterSink. type: string + deadLetterSinkCACerts: + description: Certification Authority (CA) certificates in PEM format according to https://www.rfc-editor.org/rfc/rfc7468. + type: string replyUri: description: ReplyURI is the fully resolved URI for the spec.reply. type: string + replyCACerts: + description: Certification Authority (CA) certificates in PEM format according to https://www.rfc-editor.org/rfc/rfc7468. + type: string + replyAudience: + description: ReplyAudience is the OIDC audience for the replyUri. + type: string subscriberUri: description: SubscriberURI is the fully resolved URI for spec.subscriber. type: string + subscriberCACerts: + description: Certification Authority (CA) certificates in PEM format according to https://www.rfc-editor.org/rfc/rfc7468. + type: string + subscriberAudience: + description: SubscriberAudience is the OIDC audience for the subscriberUri. + type: string additionalPrinterColumns: - name: Age type: date @@ -3374,9 +3679,8 @@ kind: CustomResourceDefinition metadata: name: triggers.eventing.knative.dev labels: - eventing.knative.dev/release: "v1.8.2" knative.dev/crd-install: "true" - app.kubernetes.io/version: "1.8.2" + app.kubernetes.io/version: "1.12.0" app.kubernetes.io/name: knative-eventing spec: group: eventing.knative.dev @@ -3449,6 +3753,12 @@ spec: uri: description: URI can be an absolute URL(non-empty scheme and non-empty host) pointing to the target or a relative URI. Relative URIs will be resolved using the base URI retrieved from Ref. type: string + CACerts: + description: Certification Authority (CA) certificates in PEM format that the source trusts when sending events to the sink. + type: string + audience: + description: Audience is the OIDC audience. This only needs to be set if the target is not an Addressable and thus the Audience can't be received from the Addressable itself. If the target is an Addressable and specifies an Audience, the target's Audience takes precedence. + type: string retry: description: Retry is the minimum number of retries the sender should attempt when sending an event before moving it to the dead letter sink. type: integer @@ -3484,6 +3794,12 @@ spec: uri: description: URI can be an absolute URL(non-empty scheme and non-empty host) pointing to the target or a relative URI. Relative URIs will be resolved using the base URI retrieved from Ref. type: string + CACerts: + description: Certification Authority (CA) certificates in PEM format that the source trusts when sending events to the sink. + type: string + audience: + description: Audience is the OIDC audience. This only needs to be set if the target is not an Addressable and thus the Audience can't be received from the Addressable itself. If the target is an Addressable and specifies an Audience, the target's Audience takes precedence. + type: string status: description: Status represents the current state of the Trigger. This data may be out of date. type: object @@ -3492,6 +3808,13 @@ spec: description: Annotations is additional Status fields for the Resource to save some additional State as well as convey more information to the user. This is roughly akin to Annotations on any k8s resource, just the reconciler conveying richer information outwards. type: object x-kubernetes-preserve-unknown-fields: true + auth: + description: Auth provides the relevant information for OIDC authentication. + type: object + properties: + serviceAccountName: + description: ServiceAccountName is the name of the generated service account used for this components OIDC authentication. + type: string conditions: description: Conditions the latest available observations of a resource's current state. type: array @@ -3522,6 +3845,9 @@ spec: deadLetterSinkUri: description: DeadLetterSinkURI is the resolved URI of the dead letter sink for this Trigger, in case there is none this will fallback to it's Broker status DeadLetterSinkURI. type: string + deadLetterSinkCACerts: + description: Certification Authority (CA) certificates in PEM format according to https://www.rfc-editor.org/rfc/rfc7468. + type: string observedGeneration: description: ObservedGeneration is the 'Generation' of the Service that was last processed by the controller. type: integer @@ -3529,6 +3855,9 @@ spec: subscriberUri: description: SubscriberURI is the resolved URI of the receiver for this Trigger. type: string + subscriberCACerts: + description: Certification Authority (CA) certificates in PEM format according to https://www.rfc-editor.org/rfc/rfc7468. + type: string names: kind: Trigger plural: triggers @@ -3560,8 +3889,7 @@ kind: ClusterRole metadata: name: addressable-resolver labels: - eventing.knative.dev/release: "v1.8.2" - app.kubernetes.io/version: "1.8.2" + app.kubernetes.io/version: "1.12.0" app.kubernetes.io/name: knative-eventing aggregationRule: clusterRoleSelectors: @@ -3574,9 +3902,8 @@ apiVersion: rbac.authorization.k8s.io/v1 metadata: name: service-addressable-resolver labels: - eventing.knative.dev/release: "v1.8.2" duck.knative.dev/addressable: "true" - app.kubernetes.io/version: "1.8.2" + app.kubernetes.io/version: "1.12.0" app.kubernetes.io/name: knative-eventing # Do not use this role directly. These rules will be added to the "addressable-resolver" role. rules: @@ -3594,9 +3921,8 @@ apiVersion: rbac.authorization.k8s.io/v1 metadata: name: serving-addressable-resolver labels: - eventing.knative.dev/release: "v1.8.2" duck.knative.dev/addressable: "true" - app.kubernetes.io/version: "1.8.2" + app.kubernetes.io/version: "1.12.0" app.kubernetes.io/name: knative-eventing # Do not use this role directly. These rules will be added to the "addressable-resolver" role. rules: @@ -3617,9 +3943,8 @@ apiVersion: rbac.authorization.k8s.io/v1 metadata: name: channel-addressable-resolver labels: - eventing.knative.dev/release: "v1.8.2" duck.knative.dev/addressable: "true" - app.kubernetes.io/version: "1.8.2" + app.kubernetes.io/version: "1.12.0" app.kubernetes.io/name: knative-eventing # Do not use this role directly. These rules will be added to the "addressable-resolver" role. rules: @@ -3644,9 +3969,8 @@ apiVersion: rbac.authorization.k8s.io/v1 metadata: name: broker-addressable-resolver labels: - eventing.knative.dev/release: "v1.8.2" duck.knative.dev/addressable: "true" - app.kubernetes.io/version: "1.8.2" + app.kubernetes.io/version: "1.12.0" app.kubernetes.io/name: knative-eventing # Do not use this role directly. These rules will be added to the "addressable-resolver" role. rules: @@ -3665,9 +3989,8 @@ apiVersion: rbac.authorization.k8s.io/v1 metadata: name: flows-addressable-resolver labels: - eventing.knative.dev/release: "v1.8.2" duck.knative.dev/addressable: "true" - app.kubernetes.io/version: "1.8.2" + app.kubernetes.io/version: "1.12.0" app.kubernetes.io/name: knative-eventing # Do not use this role directly. These rules will be added to the "addressable-resolver" role. rules: @@ -3703,8 +4026,7 @@ kind: ClusterRole metadata: name: eventing-broker-filter labels: - eventing.knative.dev/release: "v1.8.2" - app.kubernetes.io/version: "1.8.2" + app.kubernetes.io/version: "1.12.0" app.kubernetes.io/name: knative-eventing rules: - apiGroups: @@ -3730,8 +4052,7 @@ kind: ClusterRole metadata: name: eventing-broker-ingress labels: - eventing.knative.dev/release: "v1.8.2" - app.kubernetes.io/version: "1.8.2" + app.kubernetes.io/version: "1.12.0" app.kubernetes.io/name: knative-eventing rules: - apiGroups: @@ -3748,8 +4069,7 @@ kind: ClusterRole metadata: name: eventing-config-reader labels: - eventing.knative.dev/release: "v1.8.2" - app.kubernetes.io/version: "1.8.2" + app.kubernetes.io/version: "1.12.0" app.kubernetes.io/name: knative-eventing rules: - apiGroups: @@ -3782,8 +4102,7 @@ kind: ClusterRole metadata: name: channelable-manipulator labels: - eventing.knative.dev/release: "v1.8.2" - app.kubernetes.io/version: "1.8.2" + app.kubernetes.io/version: "1.12.0" app.kubernetes.io/name: knative-eventing aggregationRule: clusterRoleSelectors: @@ -3796,9 +4115,8 @@ kind: ClusterRole metadata: name: meta-channelable-manipulator labels: - eventing.knative.dev/release: "v1.8.2" duck.knative.dev/channelable: "true" - app.kubernetes.io/version: "1.8.2" + app.kubernetes.io/version: "1.12.0" app.kubernetes.io/name: knative-eventing # Do not use this role directly. These rules will be added to the "channelable-manipulator" role. rules: @@ -3836,9 +4154,8 @@ apiVersion: rbac.authorization.k8s.io/v1 metadata: name: knative-eventing-namespaced-admin labels: - eventing.knative.dev/release: "v1.8.2" rbac.authorization.k8s.io/aggregate-to-admin: "true" - app.kubernetes.io/version: "1.8.2" + app.kubernetes.io/version: "1.12.0" app.kubernetes.io/name: knative-eventing rules: - apiGroups: ["eventing.knative.dev"] @@ -3850,9 +4167,8 @@ apiVersion: rbac.authorization.k8s.io/v1 metadata: name: knative-messaging-namespaced-admin labels: - eventing.knative.dev/release: "v1.8.2" rbac.authorization.k8s.io/aggregate-to-admin: "true" - app.kubernetes.io/version: "1.8.2" + app.kubernetes.io/version: "1.12.0" app.kubernetes.io/name: knative-eventing rules: - apiGroups: ["messaging.knative.dev"] @@ -3864,9 +4180,8 @@ apiVersion: rbac.authorization.k8s.io/v1 metadata: name: knative-flows-namespaced-admin labels: - eventing.knative.dev/release: "v1.8.2" rbac.authorization.k8s.io/aggregate-to-admin: "true" - app.kubernetes.io/version: "1.8.2" + app.kubernetes.io/version: "1.12.0" app.kubernetes.io/name: knative-eventing rules: - apiGroups: ["flows.knative.dev"] @@ -3878,9 +4193,8 @@ apiVersion: rbac.authorization.k8s.io/v1 metadata: name: knative-sources-namespaced-admin labels: - eventing.knative.dev/release: "v1.8.2" rbac.authorization.k8s.io/aggregate-to-admin: "true" - app.kubernetes.io/version: "1.8.2" + app.kubernetes.io/version: "1.12.0" app.kubernetes.io/name: knative-eventing rules: - apiGroups: ["sources.knative.dev"] @@ -3892,9 +4206,8 @@ apiVersion: rbac.authorization.k8s.io/v1 metadata: name: knative-bindings-namespaced-admin labels: - eventing.knative.dev/release: "v1.8.2" rbac.authorization.k8s.io/aggregate-to-admin: "true" - app.kubernetes.io/version: "1.8.2" + app.kubernetes.io/version: "1.12.0" app.kubernetes.io/name: knative-eventing rules: - apiGroups: ["bindings.knative.dev"] @@ -3907,8 +4220,7 @@ metadata: name: knative-eventing-namespaced-edit labels: rbac.authorization.k8s.io/aggregate-to-edit: "true" - eventing.knative.dev/release: "v1.8.2" - app.kubernetes.io/version: "1.8.2" + app.kubernetes.io/version: "1.12.0" app.kubernetes.io/name: knative-eventing rules: - apiGroups: ["eventing.knative.dev", "messaging.knative.dev", "sources.knative.dev", "flows.knative.dev", "bindings.knative.dev"] @@ -3921,8 +4233,7 @@ metadata: name: knative-eventing-namespaced-view labels: rbac.authorization.k8s.io/aggregate-to-view: "true" - eventing.knative.dev/release: "v1.8.2" - app.kubernetes.io/version: "1.8.2" + app.kubernetes.io/version: "1.12.0" app.kubernetes.io/name: knative-eventing rules: - apiGroups: ["eventing.knative.dev", "messaging.knative.dev", "sources.knative.dev", "flows.knative.dev", "bindings.knative.dev"] @@ -3949,8 +4260,7 @@ kind: ClusterRole metadata: name: knative-eventing-controller labels: - eventing.knative.dev/release: "v1.8.2" - app.kubernetes.io/version: "1.8.2" + app.kubernetes.io/version: "1.12.0" app.kubernetes.io/name: knative-eventing rules: - apiGroups: @@ -4085,8 +4395,7 @@ kind: ClusterRole metadata: name: knative-eventing-pingsource-mt-adapter labels: - eventing.knative.dev/release: "v1.8.2" - app.kubernetes.io/version: "1.8.2" + app.kubernetes.io/version: "1.12.0" app.kubernetes.io/name: knative-eventing rules: - apiGroups: @@ -4153,8 +4462,7 @@ kind: ClusterRole metadata: name: podspecable-binding labels: - eventing.knative.dev/release: "v1.8.2" - app.kubernetes.io/version: "1.8.2" + app.kubernetes.io/version: "1.12.0" app.kubernetes.io/name: knative-eventing aggregationRule: clusterRoleSelectors: @@ -4167,9 +4475,8 @@ apiVersion: rbac.authorization.k8s.io/v1 metadata: name: builtin-podspecable-binding labels: - eventing.knative.dev/release: "v1.8.2" duck.knative.dev/podspecable: "true" - app.kubernetes.io/version: "1.8.2" + app.kubernetes.io/version: "1.12.0" app.kubernetes.io/name: knative-eventing # Do not use this role directly. These rules will be added to the "podspecable-binding role. rules: @@ -4215,8 +4522,7 @@ kind: ClusterRole metadata: name: source-observer labels: - eventing.knative.dev/release: "v1.8.2" - app.kubernetes.io/version: "1.8.2" + app.kubernetes.io/version: "1.12.0" app.kubernetes.io/name: knative-eventing aggregationRule: clusterRoleSelectors: @@ -4229,9 +4535,8 @@ apiVersion: rbac.authorization.k8s.io/v1 metadata: name: eventing-sources-source-observer labels: - eventing.knative.dev/release: "v1.8.2" duck.knative.dev/source: "true" - app.kubernetes.io/version: "1.8.2" + app.kubernetes.io/version: "1.12.0" app.kubernetes.io/name: knative-eventing # Do not use this role directly. These rules will be added to the "source-observer" role. rules: @@ -4267,8 +4572,7 @@ kind: ClusterRole metadata: name: knative-eventing-sources-controller labels: - eventing.knative.dev/release: "v1.8.2" - app.kubernetes.io/version: "1.8.2" + app.kubernetes.io/version: "1.12.0" app.kubernetes.io/name: knative-eventing rules: - apiGroups: @@ -4354,8 +4658,7 @@ kind: ClusterRole metadata: name: knative-eventing-webhook labels: - eventing.knative.dev/release: "v1.8.2" - app.kubernetes.io/version: "1.8.2" + app.kubernetes.io/version: "1.12.0" app.kubernetes.io/name: knative-eventing rules: # For watching logging configuration and getting certs. @@ -4427,6 +4730,23 @@ rules: resources: - "leases" verbs: *everything + # For creating events + - apiGroups: + - "" + - "events.k8s.io" + resources: + - "events" + verbs: + - "get" + - "list" + - "create" + - "patch" + # For the SinkBinding reconciler adding the OIDC identity service accounts + - apiGroups: + - "" + resources: + - "serviceaccounts" + verbs: *everything # Necessary for conversion webhook. These are copied from the serving # TODO: Do we really need all these permissions? - apiGroups: ["apiextensions.k8s.io"] @@ -4454,8 +4774,7 @@ metadata: namespace: knative-eventing name: knative-eventing-webhook labels: - eventing.knative.dev/release: "v1.8.2" - app.kubernetes.io/version: "1.8.2" + app.kubernetes.io/version: "1.12.0" app.kubernetes.io/name: knative-eventing rules: # For manipulating certs into secrets. @@ -4491,8 +4810,7 @@ kind: ValidatingWebhookConfiguration metadata: name: config.webhook.eventing.knative.dev labels: - eventing.knative.dev/release: "v1.8.2" - app.kubernetes.io/version: "1.8.2" + app.kubernetes.io/version: "1.12.0" app.kubernetes.io/name: knative-eventing webhooks: - admissionReviewVersions: ["v1", "v1beta1"] @@ -4505,8 +4823,6 @@ webhooks: name: config.webhook.eventing.knative.dev namespaceSelector: matchExpressions: - - key: eventing.knative.dev/release - operator: Exists timeoutSeconds: 10 --- @@ -4529,8 +4845,7 @@ kind: MutatingWebhookConfiguration metadata: name: webhook.eventing.knative.dev labels: - eventing.knative.dev/release: "v1.8.2" - app.kubernetes.io/version: "1.8.2" + app.kubernetes.io/version: "1.12.0" app.kubernetes.io/name: knative-eventing webhooks: - admissionReviewVersions: ["v1", "v1beta1"] @@ -4563,8 +4878,7 @@ kind: ValidatingWebhookConfiguration metadata: name: validation.webhook.eventing.knative.dev labels: - eventing.knative.dev/release: "v1.8.2" - app.kubernetes.io/version: "1.8.2" + app.kubernetes.io/version: "1.12.0" app.kubernetes.io/name: knative-eventing webhooks: - admissionReviewVersions: ["v1", "v1beta1"] @@ -4598,8 +4912,7 @@ metadata: name: eventing-webhook-certs namespace: knative-eventing labels: - eventing.knative.dev/release: "v1.8.2" - app.kubernetes.io/version: "1.8.2" + app.kubernetes.io/version: "1.12.0" app.kubernetes.io/name: knative-eventing # The data is populated at install time. @@ -4623,8 +4936,7 @@ kind: MutatingWebhookConfiguration metadata: name: sinkbindings.webhook.sources.knative.dev labels: - eventing.knative.dev/release: "v1.8.2" - app.kubernetes.io/version: "1.8.2" + app.kubernetes.io/version: "1.12.0" app.kubernetes.io/name: knative-eventing webhooks: - admissionReviewVersions: ["v1", "v1beta1"] diff --git a/cmd/operator/kodata/knative-eventing/1.12.0/3-eventing-tls-networking.yaml b/cmd/operator/kodata/knative-eventing/1.12.0/3-eventing-tls-networking.yaml new file mode 100644 index 0000000000..223fe89286 --- /dev/null +++ b/cmd/operator/kodata/knative-eventing/1.12.0/3-eventing-tls-networking.yaml @@ -0,0 +1,205 @@ +# Copyright 2023 The Knative Authors +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +# This is the issuer that every Eventing component should use to issue their server's certs. +apiVersion: cert-manager.io/v1 +kind: Issuer +metadata: + name: selfsigned-ca-issuer + namespace: knative-eventing +spec: + ca: + secretName: eventing-ca + +--- +# Copyright 2023 The Knative Authors +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +# This is the root issuer to bootstrap the eventing CA. +apiVersion: cert-manager.io/v1 +kind: Issuer +metadata: + name: selfsigned-issuer + namespace: knative-eventing +spec: + selfSigned: {} +--- +# This is the Eventing CA certificate. +apiVersion: cert-manager.io/v1 +kind: Certificate +metadata: + name: selfsigned-ca + namespace: knative-eventing +spec: + secretName: eventing-ca + isCA: true + commonName: selfsigned-ca + privateKey: + algorithm: ECDSA + size: 256 + issuerRef: + name: selfsigned-issuer + kind: Issuer + group: cert-manager.io + +--- +# Copyright 2023 The Knative Authors +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +apiVersion: cert-manager.io/v1 +kind: Certificate +metadata: + name: imc-dispatcher-server-tls + namespace: knative-eventing +spec: + # Secret names are always required. + secretName: imc-dispatcher-server-tls + secretTemplate: + labels: + app.kubernetes.io/component: imc-dispatcher + app.kubernetes.io/name: knative-eventing + # Use 0m0s so that we don't run into https://github.com/cert-manager/cert-manager/issues/6408 on the operator + duration: 2160h0m0s # 90d + renewBefore: 360h0m0s # 15d + subject: + organizations: + - local + privateKey: + algorithm: RSA + encoding: PKCS1 + size: 2048 + rotationPolicy: Always + dnsNames: + - imc-dispatcher.knative-eventing.svc.cluster.local + - imc-dispatcher.knative-eventing.svc + issuerRef: + name: selfsigned-ca-issuer + kind: Issuer + group: cert-manager.io + +--- +# Copyright 2023 The Knative Authors +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +apiVersion: cert-manager.io/v1 +kind: Certificate +metadata: + name: mt-broker-filter-server-tls + namespace: knative-eventing +spec: + # Secret names are always required. + secretName: mt-broker-filter-server-tls + secretTemplate: + labels: + app.kubernetes.io/component: broker-filter + app.kubernetes.io/name: knative-eventing + # Use 0m0s so that we don't run into https://github.com/cert-manager/cert-manager/issues/6408 on the operator + duration: 2160h0m0s # 90d + renewBefore: 360h0m0s # 15d + subject: + organizations: + - local + privateKey: + algorithm: RSA + encoding: PKCS1 + size: 2048 + rotationPolicy: Always + dnsNames: + - broker-filter.knative-eventing.svc.cluster.local + - broker-filter.knative-eventing.svc + issuerRef: + name: selfsigned-ca-issuer + kind: Issuer + group: cert-manager.io + +--- +# Copyright 2023 The Knative Authors +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +apiVersion: cert-manager.io/v1 +kind: Certificate +metadata: + name: mt-broker-ingress-server-tls + namespace: knative-eventing +spec: + # Secret names are always required. + secretName: mt-broker-ingress-server-tls + secretTemplate: + labels: + app.kubernetes.io/component: broker-ingress + app.kubernetes.io/name: knative-eventing + # Use 0m0s so that we don't run into https://github.com/cert-manager/cert-manager/issues/6408 on the operator + duration: 2160h0m0s # 90d + renewBefore: 360h0m0s # 15d + subject: + organizations: + - local + privateKey: + algorithm: RSA + encoding: PKCS1 + size: 2048 + rotationPolicy: Always + dnsNames: + - broker-ingress.knative-eventing.svc.cluster.local + - broker-ingress.knative-eventing.svc + issuerRef: + name: selfsigned-ca-issuer + kind: Issuer + group: cert-manager.io + +--- diff --git a/cmd/operator/kodata/knative-eventing/1.8.3/3-in-memory-channel.yaml b/cmd/operator/kodata/knative-eventing/1.12.0/4-in-memory-channel.yaml similarity index 87% rename from cmd/operator/kodata/knative-eventing/1.8.3/3-in-memory-channel.yaml rename to cmd/operator/kodata/knative-eventing/1.12.0/4-in-memory-channel.yaml index 439ba081bf..29f509ea23 100644 --- a/cmd/operator/kodata/knative-eventing/1.8.3/3-in-memory-channel.yaml +++ b/cmd/operator/kodata/knative-eventing/1.12.0/4-in-memory-channel.yaml @@ -18,8 +18,7 @@ metadata: name: imc-controller namespace: knative-eventing labels: - eventing.knative.dev/release: "v1.8.3" - app.kubernetes.io/version: "1.8.3" + app.kubernetes.io/version: "1.12.0" app.kubernetes.io/name: knative-eventing --- apiVersion: rbac.authorization.k8s.io/v1 @@ -27,8 +26,7 @@ kind: ClusterRoleBinding metadata: name: imc-controller labels: - eventing.knative.dev/release: "v1.8.3" - app.kubernetes.io/version: "1.8.3" + app.kubernetes.io/version: "1.12.0" app.kubernetes.io/name: knative-eventing subjects: - kind: ServiceAccount @@ -45,8 +43,7 @@ metadata: namespace: knative-eventing name: imc-controller labels: - eventing.knative.dev/release: "v1.8.3" - app.kubernetes.io/version: "1.8.3" + app.kubernetes.io/version: "1.12.0" app.kubernetes.io/name: knative-eventing subjects: - kind: ServiceAccount @@ -62,8 +59,7 @@ kind: ClusterRoleBinding metadata: name: imc-controller-resolver labels: - eventing.knative.dev/release: "v1.8.3" - app.kubernetes.io/version: "1.8.3" + app.kubernetes.io/version: "1.12.0" app.kubernetes.io/name: knative-eventing subjects: - kind: ServiceAccount @@ -95,8 +91,7 @@ metadata: name: imc-dispatcher namespace: knative-eventing labels: - eventing.knative.dev/release: "v1.8.3" - app.kubernetes.io/version: "1.8.3" + app.kubernetes.io/version: "1.12.0" app.kubernetes.io/name: knative-eventing --- apiVersion: rbac.authorization.k8s.io/v1 @@ -104,8 +99,7 @@ kind: ClusterRoleBinding metadata: name: imc-dispatcher labels: - eventing.knative.dev/release: "v1.8.3" - app.kubernetes.io/version: "1.8.3" + app.kubernetes.io/version: "1.12.0" app.kubernetes.io/name: knative-eventing subjects: - kind: ServiceAccount @@ -115,6 +109,35 @@ roleRef: kind: ClusterRole name: imc-dispatcher apiGroup: rbac.authorization.k8s.io +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: RoleBinding +metadata: + name: imc-dispatcher-tls-role-binding + namespace: knative-eventing +subjects: + - kind: ServiceAccount + name: imc-dispatcher + apiGroup: "" +roleRef: + kind: Role + name: imc-dispatcher-tls-role + apiGroup: rbac.authorization.k8s.io +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: Role +metadata: + name: imc-dispatcher-tls-role + namespace: knative-eventing +rules: + - apiGroups: + - "" + resources: + - secrets + verbs: + - get + - list + - watch --- # Copyright 2020 The Knative Authors @@ -137,9 +160,8 @@ metadata: name: config-imc-event-dispatcher namespace: knative-eventing labels: - eventing.knative.dev/release: "v1.8.3" app.kubernetes.io/component: imc-controller - app.kubernetes.io/version: "1.8.3" + app.kubernetes.io/version: "1.12.0" app.kubernetes.io/name: knative-eventing data: MaxIdleConnections: "1000" @@ -166,10 +188,9 @@ metadata: name: config-observability namespace: knative-eventing labels: - eventing.knative.dev/release: "v1.8.3" knative.dev/config-propagation: original knative.dev/config-category: eventing - app.kubernetes.io/version: "1.8.3" + app.kubernetes.io/version: "1.12.0" app.kubernetes.io/name: knative-eventing annotations: knative.dev/example-checksum: "f46cf09d" @@ -243,10 +264,9 @@ metadata: name: config-tracing namespace: knative-eventing labels: - eventing.knative.dev/release: "v1.8.3" knative.dev/config-propagation: original knative.dev/config-category: eventing - app.kubernetes.io/version: "1.8.3" + app.kubernetes.io/version: "1.12.0" app.kubernetes.io/name: knative-eventing annotations: knative.dev/example-checksum: "0492ceb0" @@ -301,10 +321,9 @@ metadata: name: imc-controller namespace: knative-eventing labels: - eventing.knative.dev/release: "v1.8.3" knative.dev/high-availability: "true" app.kubernetes.io/component: imc-controller - app.kubernetes.io/version: "1.8.3" + app.kubernetes.io/version: "1.12.0" app.kubernetes.io/name: knative-eventing spec: selector: @@ -316,7 +335,7 @@ spec: labels: !!merge <<: *labels app.kubernetes.io/component: imc-controller - app.kubernetes.io/version: "1.8.3" + app.kubernetes.io/version: "1.12.0" app.kubernetes.io/name: knative-eventing spec: affinity: @@ -331,7 +350,7 @@ spec: enableServiceLinks: false containers: - name: controller - image: gcr.io/knative-releases/knative.dev/eventing/cmd/in_memory/channel_controller@sha256:0da617dc432e41e271b12ac87aaf5ac3c6e8f3ec15cd686401c001aa43d8cd6f + image: gcr.io/knative-releases/knative.dev/eventing/cmd/in_memory/channel_controller@sha256:22b94a6356b270bf43e79816c06a82b209f44f67ec7e6d7e05d5ba4e20a9c134 env: - name: WEBHOOK_NAME value: inmemorychannel-webhook @@ -348,7 +367,7 @@ spec: fieldRef: fieldPath: metadata.namespace - name: DISPATCHER_IMAGE - value: gcr.io/knative-releases/knative.dev/eventing/cmd/in_memory/channel_dispatcher@sha256:83726b84a13913767551ab390f426b09e29359145e9b3e066f7a84923b1dd264 + value: gcr.io/knative-releases/knative.dev/eventing/cmd/in_memory/channel_dispatcher@sha256:7f3e9b74fed3ec1d8d5ed5e8dee852873eb19684bab9121a13317834ab5646da - name: POD_NAME valueFrom: fieldRef: @@ -389,9 +408,8 @@ kind: Service metadata: labels: app.kubernetes.io/component: imc-controller - app.kubernetes.io/version: "1.8.3" + app.kubernetes.io/version: "1.12.0" app.kubernetes.io/name: knative-eventing - eventing.knative.dev/release: "v1.8.3" name: inmemorychannel-webhook namespace: knative-eventing spec: @@ -429,11 +447,10 @@ metadata: name: imc-dispatcher namespace: knative-eventing labels: - eventing.knative.dev/release: "v1.8.3" messaging.knative.dev/channel: in-memory-channel messaging.knative.dev/role: dispatcher app.kubernetes.io/component: imc-dispatcher - app.kubernetes.io/version: "1.8.3" + app.kubernetes.io/version: "1.12.0" app.kubernetes.io/name: knative-eventing spec: selector: @@ -444,6 +461,10 @@ spec: port: 80 protocol: TCP targetPort: 8080 + - name: https-dispatcher + port: 443 + protocol: TCP + targetPort: 8443 - name: http-metrics port: 9090 targetPort: 9090 @@ -469,10 +490,9 @@ metadata: name: imc-dispatcher namespace: knative-eventing labels: - eventing.knative.dev/release: "v1.8.3" knative.dev/high-availability: "true" app.kubernetes.io/component: imc-dispatcher - app.kubernetes.io/version: "1.8.3" + app.kubernetes.io/version: "1.12.0" app.kubernetes.io/name: knative-eventing spec: selector: @@ -484,7 +504,7 @@ spec: labels: !!merge <<: *labels app.kubernetes.io/component: imc-dispatcher - app.kubernetes.io/version: "1.8.3" + app.kubernetes.io/version: "1.12.0" app.kubernetes.io/name: knative-eventing spec: affinity: @@ -499,7 +519,7 @@ spec: enableServiceLinks: false containers: - name: dispatcher - image: gcr.io/knative-releases/knative.dev/eventing/cmd/in_memory/channel_dispatcher@sha256:83726b84a13913767551ab390f426b09e29359145e9b3e066f7a84923b1dd264 + image: gcr.io/knative-releases/knative.dev/eventing/cmd/in_memory/channel_dispatcher@sha256:7f3e9b74fed3ec1d8d5ed5e8dee852873eb19684bab9121a13317834ab5646da readinessProbe: &probe failureThreshold: 3 httpGet: @@ -537,6 +557,9 @@ spec: - containerPort: 8080 name: http protocol: TCP + - containerPort: 8443 + name: https + protocol: TCP - containerPort: 9090 name: metrics securityContext: @@ -568,11 +591,10 @@ kind: CustomResourceDefinition metadata: name: inmemorychannels.messaging.knative.dev labels: - eventing.knative.dev/release: "v1.8.3" knative.dev/crd-install: "true" messaging.knative.dev/subscribable: "true" duck.knative.dev/addressable: "true" - app.kubernetes.io/version: "1.8.3" + app.kubernetes.io/version: "1.12.0" app.kubernetes.io/name: knative-eventing spec: group: messaging.knative.dev @@ -624,6 +646,12 @@ spec: uri: description: URI can be an absolute URL(non-empty scheme and non-empty host) pointing to the target or a relative URI. Relative URIs will be resolved using the base URI retrieved from Ref. type: string + CACerts: + description: Certification Authority (CA) certificates in PEM format that the source trusts when sending events to the sink. + type: string + audience: + description: Audience is the OIDC audience. This only needs to be set if the target is not an Addressable and thus the Audience can't be received from the Addressable itself. If the target is an Addressable and specifies an Audience, the target's Audience takes precedence. + type: string retry: description: Retry is the minimum number of retries the sender should attempt when sending an event before moving it to the dead letter sink. type: integer @@ -668,6 +696,12 @@ spec: uri: description: URI can be an absolute URL(non-empty scheme and non-empty host) pointing to the target or a relative URI. Relative URIs will be resolved using the base URI retrieved from Ref. type: string + CACerts: + description: Certification Authority (CA) certificates in PEM format that the source trusts when sending events to the sink. + type: string + audience: + description: Audience is the OIDC audience. This only needs to be set if the target is not an Addressable and thus the Audience can't be received from the Addressable itself. If the target is an Addressable and specifies an Audience, the target's Audience takes precedence. + type: string retry: description: Retry is the minimum number of retries the sender should attempt when sending an event before moving it to the dead letter sink. type: integer @@ -680,9 +714,21 @@ spec: replyUri: description: ReplyURI is the endpoint for the reply type: string + replyCACerts: + description: Certification Authority (CA) certificates in PEM format according to https://www.rfc-editor.org/rfc/rfc7468. + type: string + replyAudience: + description: ReplyAudience is the OIDC audience for the replyUri. + type: string subscriberUri: description: SubscriberURI is the endpoint for the subscriber type: string + subscriberCACerts: + description: Certification Authority (CA) certificates in PEM format according to https://www.rfc-editor.org/rfc/rfc7468. + type: string + subscriberAudience: + description: SubscriberAudience is the OIDC audience for the subscriberUri. + type: string uid: description: UID is used to understand the origin of the subscriber. type: string @@ -691,10 +737,31 @@ spec: type: object properties: address: + description: InMemoryChannel is Addressable. It exposes the endpoint as an URI to get events delivered into the channel mesh. type: object properties: + name: + type: string url: type: string + CACerts: + type: string + audience: + type: string + addresses: + description: InMemoryChannel is Addressable. It exposes the endpoints as URIs to get events delivered into the channel mesh. + type: array + items: + type: object + properties: + name: + type: string + url: + type: string + CACerts: + type: string + audience: + type: string annotations: description: Annotations is additional Status fields for the Resource to save some additional State as well as convey more information to the user. This is roughly akin to Annotations on any k8s resource, just the reconciler conveying richer information outwards. type: object @@ -745,6 +812,9 @@ spec: deadLetterSinkUri: description: DeadLetterSinkURI is the resolved URI of the dead letter ref if one is specified in the Spec.Delivery. type: string + deadLetterSinkCACerts: + description: Certification Authority (CA) certificates in PEM format according to https://www.rfc-editor.org/rfc/rfc7468. + type: string observedGeneration: description: ObservedGeneration is the 'Generation' of the Service that was last processed by the controller. type: integer @@ -768,6 +838,13 @@ spec: uid: description: UID is used to understand the origin of the subscriber. type: string + auth: + description: Auth provides the relevant information for OIDC authentication. + type: object + properties: + serviceAccountName: + description: ServiceAccountName is the name of the generated service account used for this components OIDC authentication. + type: string additionalPrinterColumns: - name: URL type: string @@ -814,9 +891,8 @@ kind: ClusterRole metadata: name: imc-addressable-resolver labels: - eventing.knative.dev/release: "v1.8.3" duck.knative.dev/addressable: "true" - app.kubernetes.io/version: "1.8.3" + app.kubernetes.io/version: "1.12.0" app.kubernetes.io/name: knative-eventing # Do not use this role directly. These rules will be added to the "addressable-resolver" role. rules: @@ -850,9 +926,8 @@ kind: ClusterRole metadata: name: imc-channelable-manipulator labels: - eventing.knative.dev/release: "v1.8.3" duck.knative.dev/channelable: "true" - app.kubernetes.io/version: "1.8.3" + app.kubernetes.io/version: "1.12.0" app.kubernetes.io/name: knative-eventing # Do not use this role directly. These rules will be added to the "channelable-manipulator" role. rules: @@ -890,8 +965,7 @@ kind: ClusterRole metadata: name: imc-controller labels: - eventing.knative.dev/release: "v1.8.3" - app.kubernetes.io/version: "1.8.3" + app.kubernetes.io/version: "1.12.0" app.kubernetes.io/name: knative-eventing rules: - apiGroups: @@ -1029,8 +1103,7 @@ kind: ClusterRole metadata: name: imc-dispatcher labels: - eventing.knative.dev/release: "v1.8.3" - app.kubernetes.io/version: "1.8.3" + app.kubernetes.io/version: "1.12.0" app.kubernetes.io/name: knative-eventing rules: - apiGroups: @@ -1079,6 +1152,15 @@ rules: - create - update - patch + - apiGroups: + - eventing.knative.dev + resources: + - eventtypes + verbs: + - create + - get + - list + - watch --- # Copyright 2020 The Knative Authors @@ -1101,8 +1183,7 @@ metadata: namespace: knative-eventing name: knative-inmemorychannel-webhook labels: - eventing.knative.dev/release: "v1.8.3" - app.kubernetes.io/version: "1.8.3" + app.kubernetes.io/version: "1.12.0" app.kubernetes.io/name: knative-eventing rules: # For manipulating certs into secrets. @@ -1138,8 +1219,7 @@ kind: MutatingWebhookConfiguration metadata: name: inmemorychannel.eventing.knative.dev labels: - eventing.knative.dev/release: "v1.8.3" - app.kubernetes.io/version: "1.8.3" + app.kubernetes.io/version: "1.12.0" app.kubernetes.io/name: knative-eventing webhooks: - admissionReviewVersions: ["v1"] @@ -1172,8 +1252,7 @@ kind: ValidatingWebhookConfiguration metadata: name: validation.inmemorychannel.eventing.knative.dev labels: - eventing.knative.dev/release: "v1.8.3" - app.kubernetes.io/version: "1.8.3" + app.kubernetes.io/version: "1.12.0" app.kubernetes.io/name: knative-eventing webhooks: - admissionReviewVersions: ["v1"] @@ -1207,8 +1286,7 @@ metadata: name: inmemorychannel-webhook-certs namespace: knative-eventing labels: - eventing.knative.dev/release: "v1.8.3" - app.kubernetes.io/version: "1.8.3" + app.kubernetes.io/version: "1.12.0" app.kubernetes.io/name: knative-eventing # The data is populated at install time. diff --git a/cmd/operator/kodata/knative-eventing/1.8.1/4-mt-channel-broker.yaml b/cmd/operator/kodata/knative-eventing/1.12.0/5-mt-channel-broker.yaml similarity index 79% rename from cmd/operator/kodata/knative-eventing/1.8.1/4-mt-channel-broker.yaml rename to cmd/operator/kodata/knative-eventing/1.12.0/5-mt-channel-broker.yaml index c8628d6680..207f0d8c1b 100644 --- a/cmd/operator/kodata/knative-eventing/1.8.1/4-mt-channel-broker.yaml +++ b/cmd/operator/kodata/knative-eventing/1.12.0/5-mt-channel-broker.yaml @@ -16,8 +16,7 @@ kind: ClusterRole metadata: name: knative-eventing-mt-channel-broker-controller labels: - eventing.knative.dev/release: "v1.8.1" - app.kubernetes.io/version: "1.8.1" + app.kubernetes.io/version: "1.12.0" app.kubernetes.io/name: knative-eventing rules: # Configs resources and status we care about. @@ -59,8 +58,7 @@ kind: ClusterRole metadata: name: knative-eventing-mt-broker-filter labels: - eventing.knative.dev/release: "v1.8.1" - app.kubernetes.io/version: "1.8.1" + app.kubernetes.io/version: "1.12.0" app.kubernetes.io/name: knative-eventing rules: - apiGroups: @@ -81,6 +79,36 @@ rules: - list - watch +--- +# Copyright 2023 The Knative Authors +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +apiVersion: rbac.authorization.k8s.io/v1 +kind: Role +metadata: + name: mt-broker-filter + namespace: knative-eventing +rules: + - apiGroups: + - "" + resources: + - "secrets" + verbs: + - get + - list + - watch + --- # Copyright 2020 The Knative Authors # @@ -101,8 +129,7 @@ metadata: name: mt-broker-filter namespace: knative-eventing labels: - eventing.knative.dev/release: "v1.8.1" - app.kubernetes.io/version: "1.8.1" + app.kubernetes.io/version: "1.12.0" app.kubernetes.io/name: knative-eventing --- @@ -124,10 +151,18 @@ kind: ClusterRole metadata: name: knative-eventing-mt-broker-ingress labels: - eventing.knative.dev/release: "v1.8.1" - app.kubernetes.io/version: "1.8.1" + app.kubernetes.io/version: "1.12.0" app.kubernetes.io/name: knative-eventing rules: + - apiGroups: + - eventing.knative.dev + resources: + - eventtypes + verbs: + - create + - get + - list + - watch - apiGroups: - eventing.knative.dev resources: @@ -145,6 +180,35 @@ rules: - list - watch +--- +# Copyright 2023 The Knative Authors +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +apiVersion: rbac.authorization.k8s.io/v1 +kind: Role +metadata: + name: mt-broker-ingress + namespace: knative-eventing +rules: + - apiGroups: + - "" + resources: + - "secrets" + verbs: + - get + - list + - watch + --- # Copyright 2020 The Knative Authors # @@ -165,8 +229,7 @@ metadata: name: mt-broker-ingress namespace: knative-eventing labels: - eventing.knative.dev/release: "v1.8.1" - app.kubernetes.io/version: "1.8.1" + app.kubernetes.io/version: "1.12.0" app.kubernetes.io/name: knative-eventing --- @@ -189,8 +252,7 @@ kind: ClusterRoleBinding metadata: name: eventing-mt-channel-broker-controller labels: - eventing.knative.dev/release: "v1.8.1" - app.kubernetes.io/version: "1.8.1" + app.kubernetes.io/version: "1.12.0" app.kubernetes.io/name: knative-eventing subjects: - kind: ServiceAccount @@ -221,8 +283,7 @@ kind: ClusterRoleBinding metadata: name: knative-eventing-mt-broker-filter labels: - eventing.knative.dev/release: "v1.8.1" - app.kubernetes.io/version: "1.8.1" + app.kubernetes.io/version: "1.12.0" app.kubernetes.io/name: knative-eventing subjects: - kind: ServiceAccount @@ -233,6 +294,35 @@ roleRef: name: knative-eventing-mt-broker-filter apiGroup: rbac.authorization.k8s.io +--- +# Copyright 2023 The Knative Authors +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +apiVersion: rbac.authorization.k8s.io/v1 +kind: RoleBinding +metadata: + name: mt-broker-filter + namespace: knative-eventing +subjects: + - kind: ServiceAccount + name: mt-broker-filter + namespace: knative-eventing +roleRef: + kind: Role + name: mt-broker-filter + apiGroup: rbac.authorization.k8s.io + --- # Copyright 2020 The Knative Authors # @@ -253,8 +343,7 @@ kind: ClusterRoleBinding metadata: name: knative-eventing-mt-broker-ingress labels: - eventing.knative.dev/release: "v1.8.1" - app.kubernetes.io/version: "1.8.1" + app.kubernetes.io/version: "1.12.0" app.kubernetes.io/name: knative-eventing subjects: - kind: ServiceAccount @@ -265,6 +354,34 @@ roleRef: name: knative-eventing-mt-broker-ingress apiGroup: rbac.authorization.k8s.io +--- +# Copyright 2023 The Knative Authors +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +apiVersion: rbac.authorization.k8s.io/v1 +kind: RoleBinding +metadata: + name: mt-broker-ingress + namespace: knative-eventing +subjects: + - kind: ServiceAccount + name: mt-broker-ingress + namespace: knative-eventing +roleRef: + kind: Role + name: mt-broker-ingress + apiGroup: rbac.authorization.k8s.io + --- # Copyright 2020 The Knative Authors # @@ -286,9 +403,8 @@ metadata: name: mt-broker-filter namespace: knative-eventing labels: - eventing.knative.dev/release: "v1.8.1" app.kubernetes.io/component: broker-filter - app.kubernetes.io/version: "1.8.1" + app.kubernetes.io/version: "1.12.0" app.kubernetes.io/name: knative-eventing spec: selector: @@ -298,9 +414,8 @@ spec: metadata: labels: eventing.knative.dev/brokerRole: filter - eventing.knative.dev/release: "v1.8.1" app.kubernetes.io/component: broker-filter - app.kubernetes.io/version: "1.8.1" + app.kubernetes.io/version: "1.12.0" app.kubernetes.io/name: knative-eventing spec: serviceAccountName: mt-broker-filter @@ -308,7 +423,7 @@ spec: containers: - name: filter terminationMessagePolicy: FallbackToLogsOnError - image: gcr.io/knative-releases/knative.dev/eventing/cmd/broker/filter@sha256:1155e66059a84b83d21e3360e03dcc28e933566e8a049c8882e75b541862b0cc + image: gcr.io/knative-releases/knative.dev/eventing/cmd/broker/filter@sha256:27a6bfe21fe0b304fd56ceb2e6f9d0ac506a98afe587bfdd1a2993b8d0461132 readinessProbe: &probe failureThreshold: 3 httpGet: @@ -329,6 +444,9 @@ spec: - containerPort: 8080 name: http protocol: TCP + - containerPort: 8443 + name: https + protocol: TCP - containerPort: 9092 name: metrics protocol: TCP @@ -358,6 +476,8 @@ spec: value: knative.dev/internal/eventing - name: FILTER_PORT value: "8080" + - name: FILTER_PORT_HTTPS + value: "8443" securityContext: allowPrivilegeEscalation: false readOnlyRootFilesystem: true @@ -373,9 +493,8 @@ kind: Service metadata: labels: eventing.knative.dev/brokerRole: filter - eventing.knative.dev/release: "v1.8.1" app.kubernetes.io/component: broker-filter - app.kubernetes.io/version: "1.8.1" + app.kubernetes.io/version: "1.12.0" app.kubernetes.io/name: knative-eventing name: broker-filter namespace: knative-eventing @@ -385,6 +504,10 @@ spec: port: 80 protocol: TCP targetPort: 8080 + - name: https + port: 443 + protocol: TCP + targetPort: 8443 - name: http-metrics port: 9092 protocol: TCP @@ -413,9 +536,8 @@ metadata: name: mt-broker-ingress namespace: knative-eventing labels: - eventing.knative.dev/release: "v1.8.1" app.kubernetes.io/component: broker-ingress - app.kubernetes.io/version: "1.8.1" + app.kubernetes.io/version: "1.12.0" app.kubernetes.io/name: knative-eventing spec: selector: @@ -425,9 +547,8 @@ spec: metadata: labels: eventing.knative.dev/brokerRole: ingress - eventing.knative.dev/release: "v1.8.1" app.kubernetes.io/component: broker-ingress - app.kubernetes.io/version: "1.8.1" + app.kubernetes.io/version: "1.12.0" app.kubernetes.io/name: knative-eventing spec: serviceAccountName: mt-broker-ingress @@ -435,7 +556,7 @@ spec: containers: - name: ingress terminationMessagePolicy: FallbackToLogsOnError - image: gcr.io/knative-releases/knative.dev/eventing/cmd/broker/ingress@sha256:5529e577c6262d78530531b26b3e940da5dec071304e9c639d00400f644463f8 + image: gcr.io/knative-releases/knative.dev/eventing/cmd/broker/ingress@sha256:10ef656d45c59304189294a0f60c8d0648b5722ca2c503fa03b1499e0a727758 readinessProbe: &probe failureThreshold: 3 httpGet: @@ -456,6 +577,9 @@ spec: - containerPort: 8080 name: http protocol: TCP + - containerPort: 8443 + name: https + protocol: TCP - containerPort: 9092 name: metrics protocol: TCP @@ -485,6 +609,8 @@ spec: value: knative.dev/internal/eventing - name: INGRESS_PORT value: "8080" + - name: INGRESS_PORT_HTTPS + value: "8443" securityContext: allowPrivilegeEscalation: false readOnlyRootFilesystem: true @@ -500,9 +626,8 @@ kind: Service metadata: labels: eventing.knative.dev/brokerRole: ingress - eventing.knative.dev/release: "v1.8.1" app.kubernetes.io/component: broker-ingress - app.kubernetes.io/version: "1.8.1" + app.kubernetes.io/version: "1.12.0" app.kubernetes.io/name: knative-eventing name: broker-ingress namespace: knative-eventing @@ -512,6 +637,10 @@ spec: port: 80 protocol: TCP targetPort: 8080 + - name: https + port: 443 + protocol: TCP + targetPort: 8443 - name: http-metrics port: 9092 protocol: TCP @@ -540,9 +669,8 @@ metadata: name: mt-broker-controller namespace: knative-eventing labels: - eventing.knative.dev/release: "v1.8.1" app.kubernetes.io/component: mt-broker-controller - app.kubernetes.io/version: "1.8.1" + app.kubernetes.io/version: "1.12.0" app.kubernetes.io/name: knative-eventing spec: selector: @@ -552,9 +680,8 @@ spec: metadata: labels: app: mt-broker-controller - eventing.knative.dev/release: "v1.8.1" app.kubernetes.io/component: broker-controller - app.kubernetes.io/version: "1.8.1" + app.kubernetes.io/version: "1.12.0" app.kubernetes.io/name: knative-eventing spec: # To avoid node becoming SPOF, spread our replicas to different nodes. @@ -572,7 +699,7 @@ spec: containers: - name: mt-broker-controller terminationMessagePolicy: FallbackToLogsOnError - image: gcr.io/knative-releases/knative.dev/eventing/cmd/mtchannel_broker@sha256:1f2783738c0ba4e8f72cbbdd4bf5cef8a1dd7bfa57d0297f288c64f853ed58ef + image: gcr.io/knative-releases/knative.dev/eventing/cmd/mtchannel_broker@sha256:c0a6c410b37b9551b36be700c6a85d2419fb10341a6b1d0e78ece75aca5313d0 resources: requests: cpu: 100m @@ -628,9 +755,8 @@ metadata: name: broker-ingress-hpa namespace: knative-eventing labels: - eventing.knative.dev/release: "v1.8.1" app.kubernetes.io/component: broker-ingress - app.kubernetes.io/version: "1.8.1" + app.kubernetes.io/version: "1.12.0" app.kubernetes.io/name: knative-eventing spec: scaleTargetRef: @@ -653,9 +779,8 @@ metadata: name: broker-filter-hpa namespace: knative-eventing labels: - eventing.knative.dev/release: "v1.8.1" app.kubernetes.io/component: broker-filter - app.kubernetes.io/version: "1.8.1" + app.kubernetes.io/version: "1.12.0" app.kubernetes.io/name: knative-eventing spec: scaleTargetRef: diff --git a/cmd/operator/kodata/knative-eventing/1.8.0/5-eventing-post-install.yaml b/cmd/operator/kodata/knative-eventing/1.12.0/6-eventing-post-install.yaml similarity index 92% rename from cmd/operator/kodata/knative-eventing/1.8.0/5-eventing-post-install.yaml rename to cmd/operator/kodata/knative-eventing/1.12.0/6-eventing-post-install.yaml index ae26e802e3..6514aebfb4 100644 --- a/cmd/operator/kodata/knative-eventing/1.8.0/5-eventing-post-install.yaml +++ b/cmd/operator/kodata/knative-eventing/1.12.0/6-eventing-post-install.yaml @@ -17,9 +17,8 @@ kind: ClusterRole metadata: name: knative-eventing-post-install-job-role labels: - app.kubernetes.io/version: "1.8.0" + app.kubernetes.io/version: "1.12.0" app.kubernetes.io/name: knative-eventing - eventing.knative.dev/release: "v1.8.0" rules: # Storage version upgrader needs to be able to patch CRDs. - apiGroups: @@ -139,8 +138,7 @@ metadata: name: knative-eventing-post-install-job namespace: knative-eventing labels: - eventing.knative.dev/release: "v1.8.0" - app.kubernetes.io/version: "1.8.0" + app.kubernetes.io/version: "1.12.0" app.kubernetes.io/name: knative-eventing --- apiVersion: rbac.authorization.k8s.io/v1 @@ -148,8 +146,7 @@ kind: ClusterRoleBinding metadata: name: knative-eventing-post-install-job-role-binding labels: - eventing.knative.dev/release: "v1.8.0" - app.kubernetes.io/version: "1.8.0" + app.kubernetes.io/version: "1.12.0" app.kubernetes.io/name: knative-eventing subjects: - kind: ServiceAccount @@ -184,8 +181,7 @@ metadata: app: "storage-version-migration-eventing" app.kubernetes.io/name: knative-eventing app.kubernetes.io/component: storage-version-migration-job - app.kubernetes.io/version: "1.8.0" - eventing.knative.dev/release: "v1.8.0" + app.kubernetes.io/version: "1.12.0" spec: ttlSecondsAfterFinished: 600 backoffLimit: 10 @@ -195,8 +191,7 @@ spec: app: "storage-version-migration-eventing" app.kubernetes.io/name: knative-eventing app.kubernetes.io/component: storage-version-migration-job - app.kubernetes.io/version: "1.8.0" - eventing.knative.dev/release: "v1.8.0" + app.kubernetes.io/version: "1.12.0" annotations: sidecar.istio.io/inject: "false" spec: @@ -204,7 +199,7 @@ spec: restartPolicy: OnFailure containers: - name: migrate - image: gcr.io/knative-releases/knative.dev/pkg/apiextensions/storageversion/cmd/migrate@sha256:59431cf8337532edcd9a4bcd030591866cc867f13bee875d81757c960a53668d + image: gcr.io/knative-releases/knative.dev/pkg/apiextensions/storageversion/cmd/migrate@sha256:4728878ecefec5b7f1e7745c36b3e092923a896f743365ab8a77d9790d108ffa args: - "apiserversources.sources.knative.dev" - "brokers.eventing.knative.dev" diff --git a/cmd/operator/kodata/knative-eventing/1.8.0/1-eventing-crds.yaml b/cmd/operator/kodata/knative-eventing/1.8.0/1-eventing-crds.yaml deleted file mode 100644 index bcd3cb90a7..0000000000 --- a/cmd/operator/kodata/knative-eventing/1.8.0/1-eventing-crds.yaml +++ /dev/null @@ -1,2296 +0,0 @@ -# Copyright 2020 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - creationTimestamp: null - labels: - eventing.knative.dev/release: "v1.8.0" - eventing.knative.dev/source: "true" - duck.knative.dev/source: "true" - knative.dev/crd-install: "true" - app.kubernetes.io/version: "1.8.0" - app.kubernetes.io/name: knative-eventing - annotations: - # TODO add schemas and descriptions - registry.knative.dev/eventTypes: | - [ - { "type": "dev.knative.apiserver.resource.add" }, - { "type": "dev.knative.apiserver.resource.delete" }, - { "type": "dev.knative.apiserver.resource.update" }, - { "type": "dev.knative.apiserver.ref.add" }, - { "type": "dev.knative.apiserver.ref.delete" }, - { "type": "dev.knative.apiserver.ref.update" } - ] - name: apiserversources.sources.knative.dev -spec: - group: sources.knative.dev - versions: - - name: v1 - served: true - storage: true - subresources: - status: {} - schema: - openAPIV3Schema: - description: 'ApiServerSource is an event source that brings Kubernetes API server events into Knative.' - type: object - properties: - spec: - type: object - required: - - resources - properties: - ceOverrides: - description: CloudEventOverrides defines overrides to control the output format and modifications of the event sent to the sink. - type: object - properties: - extensions: - description: Extensions specify what attribute are added or overridden on the outbound event. Each `Extensions` key-value pair are set on the event as an attribute extension independently. - type: object - x-kubernetes-preserve-unknown-fields: true - mode: - description: EventMode controls the format of the event. `Reference` sends a dataref event type for the resource under watch. `Resource` send the full resource lifecycle event. Defaults to `Reference` - type: string - owner: - description: ResourceOwner is an additional filter to only track resources that are owned by a specific resource type. If ResourceOwner matches Resources[n] then Resources[n] is allowed to pass the ResourceOwner filter. - type: object - properties: - apiVersion: - description: APIVersion - the API version of the resource to watch. - type: string - kind: - description: 'Kind of the resource to watch. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - resources: - description: Resource are the resources this source will track and send related lifecycle events from the Kubernetes ApiServer, with an optional label selector to help filter. - type: array - items: - type: object - properties: - apiVersion: - description: APIVersion - the API version of the resource to watch. - type: string - kind: - description: 'Kind of the resource to watch. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - selector: - description: 'LabelSelector filters this source to objects to those resources pass the label selector. More info: http://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#label-selectors' - type: object - properties: - matchExpressions: - description: matchExpressions is a list of label selector requirements. The requirements are ANDed. - type: array - items: - type: object - properties: - key: - description: key is the label key that the selector applies to. - type: string - operator: - description: operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. - type: string - values: - description: values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. - type: array - items: - type: string - matchLabels: - description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. - type: object - x-kubernetes-preserve-unknown-fields: true - serviceAccountName: - description: ServiceAccountName is the name of the ServiceAccount to use to run this source. Defaults to default if not set. - type: string - sink: - description: Sink is a reference to an object that will resolve to a uri to use as the sink. - type: object - properties: - ref: - description: Ref points to an Addressable. - type: object - properties: - apiVersion: - description: API version of the referent. - type: string - kind: - description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - namespace: - description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ This is optional field, it gets defaulted to the object holding it if left out.' - type: string - uri: - description: URI can be an absolute URL(non-empty scheme and non-empty host) pointing to the target or a relative URI. Relative URIs will be resolved using the base URI retrieved from Ref. - type: string - status: - type: object - properties: - annotations: - description: Annotations is additional Status fields for the Resource to save some additional State as well as convey more information to the user. This is roughly akin to Annotations on any k8s resource, just the reconciler conveying richer information outwards. - type: object - x-kubernetes-preserve-unknown-fields: true - ceAttributes: - description: CloudEventAttributes are the specific attributes that the Source uses as part of its CloudEvents. - type: array - items: - type: object - properties: - source: - description: Source is the CloudEvents source attribute. - type: string - type: - description: Type refers to the CloudEvent type attribute. - type: string - conditions: - description: Conditions the latest available observations of a resource's current state. - type: array - items: - type: object - required: - - type - - status - properties: - lastTransitionTime: - description: LastTransitionTime is the last time the condition transitioned from one status to another. We use VolatileTime in place of metav1.Time to exclude this from creating equality.Semantic differences (all other things held constant). - type: string - message: - description: A human readable message indicating details about the transition. - type: string - reason: - description: The reason for the condition's last transition. - type: string - severity: - description: Severity with which to treat failures of this type of condition. When this is not specified, it defaults to Error. - type: string - status: - description: Status of the condition, one of True, False, Unknown. - type: string - type: - description: Type of condition. - type: string - observedGeneration: - description: ObservedGeneration is the 'Generation' of the Service that was last processed by the controller. - type: integer - format: int64 - sinkUri: - description: SinkURI is the current active sink URI that has been configured for the Source. - type: string - additionalPrinterColumns: - - name: Sink - type: string - jsonPath: ".status.sinkUri" - - name: Age - type: date - jsonPath: .metadata.creationTimestamp - - name: Ready - type: string - jsonPath: ".status.conditions[?(@.type==\"Ready\")].status" - - name: Reason - type: string - jsonPath: ".status.conditions[?(@.type==\"Ready\")].reason" - names: - categories: - - all - - knative - - sources - kind: ApiServerSource - plural: apiserversources - singular: apiserversource - scope: Namespaced - ---- -# Copyright 2020 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - name: brokers.eventing.knative.dev - labels: - eventing.knative.dev/release: "v1.8.0" - knative.dev/crd-install: "true" - duck.knative.dev/addressable: "true" - app.kubernetes.io/version: "1.8.0" - app.kubernetes.io/name: knative-eventing -spec: - group: eventing.knative.dev - versions: - - name: v1 - served: true - storage: true - subresources: - status: {} - schema: - openAPIV3Schema: - description: 'Broker collects a pool of events that are consumable using Triggers. Brokers provide a well-known endpoint for event delivery that senders can use with minimal knowledge of the event routing strategy. Subscribers use Triggers to request delivery of events from a Broker''s pool to a specific URL or Addressable endpoint.' - type: object - properties: - spec: - description: Spec defines the desired state of the Broker. - type: object - properties: - config: - description: Config is a KReference to the configuration that specifies configuration options for this Broker. For example, this could be a pointer to a ConfigMap. - type: object - properties: - apiVersion: - description: API version of the referent. - type: string - kind: - description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - namespace: - description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ This is optional field, it gets defaulted to the object holding it if left out.' - type: string - delivery: - description: Delivery contains the delivery spec for each trigger to this Broker. Each trigger delivery spec, if any, overrides this global delivery spec. - type: object - properties: - backoffDelay: - description: 'BackoffDelay is the delay before retrying. More information on Duration format: - https://www.iso.org/iso-8601-date-and-time-format.html - https://en.wikipedia.org/wiki/ISO_8601 For linear policy, backoff delay is backoffDelay*. For exponential policy, backoff delay is backoffDelay*2^.' - type: string - backoffPolicy: - description: BackoffPolicy is the retry backoff policy (linear, exponential). - type: string - deadLetterSink: - description: DeadLetterSink is the sink receiving event that could not be sent to a destination. - type: object - properties: - ref: - description: Ref points to an Addressable. - type: object - properties: - apiVersion: - description: API version of the referent. - type: string - kind: - description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - namespace: - description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ This is optional field, it gets defaulted to the object holding it if left out.' - type: string - uri: - description: URI can be an absolute URL(non-empty scheme and non-empty host) pointing to the target or a relative URI. Relative URIs will be resolved using the base URI retrieved from Ref. - type: string - retry: - description: Retry is the minimum number of retries the sender should attempt when sending an event before moving it to the dead letter sink. - type: integer - format: int32 - x-kubernetes-preserve-unknown-fields: true # This is necessary to enable the experimental feature delivery-timeout - status: - description: Status represents the current state of the Broker. This data may be out of date. - type: object - properties: - address: - description: Broker is Addressable. It exposes the endpoint as an URI to get events delivered into the Broker mesh. - type: object - properties: - url: - type: string - annotations: - description: Annotations is additional Status fields for the Resource to save some additional State as well as convey more information to the user. This is roughly akin to Annotations on any k8s resource, just the reconciler conveying richer information outwards. - type: object - x-kubernetes-preserve-unknown-fields: true - conditions: - description: Conditions the latest available observations of a resource's current state. - type: array - items: - type: object - required: - - type - - status - properties: - lastTransitionTime: - description: 'LastTransitionTime is the last time the condition transitioned from one status to another. We use VolatileTime in place of metav1.Time to exclude this from creating equality.Semantic differences (all other things held constant).' - type: string - message: - description: 'A human readable message indicating details about the transition.' - type: string - reason: - description: 'The reason for the condition''s last transition.' - type: string - severity: - description: 'Severity with which to treat failures of this type of condition. When this is not specified, it defaults to Error.' - type: string - status: - description: 'Status of the condition, one of True, False, Unknown.' - type: string - type: - description: 'Type of condition.' - type: string - deadLetterSinkUri: - description: DeadLetterSinkURI is the resolved URI of the dead letter sink that will be used as a fallback when not specified by Triggers. - type: string - observedGeneration: - description: ObservedGeneration is the 'Generation' of the Service that was last processed by the controller. - type: integer - format: int64 - additionalPrinterColumns: - - name: URL - type: string - jsonPath: .status.address.url - - name: Age - type: date - jsonPath: .metadata.creationTimestamp - - name: Ready - type: string - jsonPath: ".status.conditions[?(@.type==\"Ready\")].status" - - name: Reason - type: string - jsonPath: ".status.conditions[?(@.type==\"Ready\")].reason" - names: - kind: Broker - plural: brokers - singular: broker - categories: - - all - - knative - - eventing - scope: Namespaced - ---- -# Copyright 2020 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - name: channels.messaging.knative.dev - labels: - eventing.knative.dev/release: "v1.8.0" - knative.dev/crd-install: "true" - messaging.knative.dev/subscribable: "true" - duck.knative.dev/addressable: "true" - app.kubernetes.io/version: "1.8.0" - app.kubernetes.io/name: knative-eventing -spec: - group: messaging.knative.dev - versions: - - name: v1 - served: true - storage: true - subresources: - status: {} - additionalPrinterColumns: - - name: URL - type: string - jsonPath: .status.address.url - - name: Age - type: date - jsonPath: .metadata.creationTimestamp - - name: Ready - type: string - jsonPath: ".status.conditions[?(@.type==\"Ready\")].status" - - name: Reason - type: string - jsonPath: ".status.conditions[?(@.type==\"Ready\")].reason" - schema: - openAPIV3Schema: - description: 'Channel represents a generic Channel. It is normally used when we want a Channel, but do not need a specific Channel implementation.' - type: object - properties: - spec: - description: Spec defines the desired state of the Channel. - type: object - properties: - channelTemplate: - description: ChannelTemplate specifies which Channel CRD to use to create the CRD Channel backing this Channel. This is immutable after creation. Normally this is set by the Channel defaulter, not directly by the user. - type: object - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - spec: - description: Spec defines the Spec to use for each channel created. Passed in verbatim to the Channel CRD as Spec section. - type: object - x-kubernetes-preserve-unknown-fields: true - delivery: - description: DeliverySpec contains the default delivery spec for each subscription to this Channelable. Each subscription delivery spec, if any, overrides this global delivery spec. - type: object - properties: - backoffDelay: - description: 'BackoffDelay is the delay before retrying. More information on Duration format: - https://www.iso.org/iso-8601-date-and-time-format.html - https://en.wikipedia.org/wiki/ISO_8601 For linear policy, backoff delay is backoffDelay*. For exponential policy, backoff delay is backoffDelay*2^.' - type: string - backoffPolicy: - description: BackoffPolicy is the retry backoff policy (linear, exponential). - type: string - deadLetterSink: - description: DeadLetterSink is the sink receiving event that could not be sent to a destination. - type: object - properties: - ref: - description: Ref points to an Addressable. - type: object - properties: - apiVersion: - description: API version of the referent. - type: string - kind: - description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - namespace: - description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ This is optional field, it gets defaulted to the object holding it if left out.' - type: string - uri: - description: URI can be an absolute URL(non-empty scheme and non-empty host) pointing to the target or a relative URI. Relative URIs will be resolved using the base URI retrieved from Ref. - type: string - retry: - description: Retry is the minimum number of retries the sender should attempt when sending an event before moving it to the dead letter sink. - type: integer - format: int32 - x-kubernetes-preserve-unknown-fields: true # This is necessary to enable the experimental feature delivery-timeout - subscribers: - description: This is the list of subscriptions for this subscribable. - type: array - items: - type: object - properties: - delivery: - description: DeliverySpec contains options controlling the event delivery - type: object - properties: - backoffDelay: - description: 'BackoffDelay is the delay before retrying. More information on Duration format: - https://www.iso.org/iso-8601-date-and-time-format.html - https://en.wikipedia.org/wiki/ISO_8601 For linear policy, backoff delay is backoffDelay*. For exponential policy, backoff delay is backoffDelay*2^.' - type: string - backoffPolicy: - description: BackoffPolicy is the retry backoff policy (linear, exponential). - type: string - deadLetterSink: - description: DeadLetterSink is the sink receiving event that could not be sent to a destination. - type: object - properties: - ref: - description: Ref points to an Addressable. - type: object - properties: - apiVersion: - description: API version of the referent. - type: string - kind: - description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - namespace: - description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ This is optional field, it gets defaulted to the object holding it if left out.' - type: string - uri: - description: URI can be an absolute URL(non-empty scheme and non-empty host) pointing to the target or a relative URI. Relative URIs will be resolved using the base URI retrieved from Ref. - type: string - retry: - description: Retry is the minimum number of retries the sender should attempt when sending an event before moving it to the dead letter sink. - type: integer - format: int32 - x-kubernetes-preserve-unknown-fields: true # This is necessary to enable the experimental feature - generation: - description: Generation of the origin of the subscriber with uid:UID. - type: integer - format: int64 - replyUri: - description: ReplyURI is the endpoint for the reply - type: string - subscriberUri: - description: SubscriberURI is the endpoint for the subscriber - type: string - uid: - description: UID is used to understand the origin of the subscriber. - type: string - status: - description: Status represents the current state of the Channel. This data may be out of date. - type: object - properties: - address: - type: object - properties: - url: - type: string - annotations: - description: Annotations is additional Status fields for the Resource to save some additional State as well as convey more information to the user. This is roughly akin to Annotations on any k8s resource, just the reconciler conveying richer information outwards. - type: object - x-kubernetes-preserve-unknown-fields: true - channel: - description: Channel is an KReference to the Channel CRD backing this Channel. - type: object - properties: - apiVersion: - description: API version of the referent. - type: string - kind: - description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - namespace: - description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ This is optional field, it gets defaulted to the object holding it if left out.' - type: string - conditions: - description: Conditions the latest available observations of a resource's current state. - type: array - items: - type: object - required: - - type - - status - properties: - lastTransitionTime: - description: LastTransitionTime is the last time the condition transitioned from one status to another. We use VolatileTime in place of metav1.Time to exclude this from creating equality.Semantic differences (all other things held constant). - type: string - message: - description: A human readable message indicating details about the transition. - type: string - reason: - description: The reason for the condition's last transition. - type: string - severity: - description: Severity with which to treat failures of this type of condition. When this is not specified, it defaults to Error. - type: string - status: - description: Status of the condition, one of True, False, Unknown. - type: string - type: - description: Type of condition. - type: string - deadLetterChannel: - description: DeadLetterChannel is a KReference and is set by the channel when it supports native error handling via a channel Failed messages are delivered here. - type: object - properties: - apiVersion: - description: API version of the referent. - type: string - kind: - description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - namespace: - description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ This is optional field, it gets defaulted to the object holding it if left out.' - type: string - deadLetterSinkUri: - description: DeadLetterSinkURI is the resolved URI of the dead letter sink that will be used as a fallback when not specified by Triggers. - type: string - observedGeneration: - description: ObservedGeneration is the 'Generation' of the Service that was last processed by the controller. - type: integer - format: int64 - subscribers: - description: This is the list of subscription's statuses for this channel. - type: array - items: - type: object - properties: - message: - description: A human readable message indicating details of Ready status. - type: string - observedGeneration: - description: Generation of the origin of the subscriber with uid:UID. - type: integer - format: int64 - ready: - description: Status of the subscriber. - type: string - uid: - description: UID is used to understand the origin of the subscriber. - type: string - names: - kind: Channel - plural: channels - singular: channel - categories: - - all - - knative - - messaging - - channel - shortNames: - - ch - scope: Namespaced - ---- -# Copyright 2020 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - labels: - eventing.knative.dev/release: "v1.8.0" - eventing.knative.dev/source: "true" - duck.knative.dev/source: "true" - knative.dev/crd-install: "true" - app.kubernetes.io/version: "1.8.0" - app.kubernetes.io/name: knative-eventing - name: containersources.sources.knative.dev -spec: - group: sources.knative.dev - versions: - - name: v1 - served: true - storage: true - subresources: - status: {} - schema: - openAPIV3Schema: - description: 'ContainerSource is an event source that starts a container image which generates events under certain situations and sends messages to a sink URI' - type: object - properties: - spec: - type: object - properties: - ceOverrides: - description: CloudEventOverrides defines overrides to control the output format and modifications of the event sent to the sink. - type: object - properties: - extensions: - description: Extensions specify what attribute are added or overridden on the outbound event. Each `Extensions` key-value pair are set on the event as an attribute extension independently. - type: object - x-kubernetes-preserve-unknown-fields: true - sink: - description: Sink is a reference to an object that will resolve to a uri to use as the sink. - type: object - properties: - ref: - description: Ref points to an Addressable. - type: object - properties: - apiVersion: - description: API version of the referent. - type: string - kind: - description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - namespace: - description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ This is optional field, it gets defaulted to the object holding it if left out.' - type: string - uri: - description: URI can be an absolute URL(non-empty scheme and non-empty host) pointing to the target or a relative URI. Relative URIs will be resolved using the base URI retrieved from Ref. - type: string - # WARNING: the schema tool can not parse PodTemplateSpec, stub here and redirect to Deployment documentation. - template: - type: object - x-kubernetes-preserve-unknown-fields: true - description: 'A template in the shape of `Deployment.spec.template` to be used for this ContainerSource. More info: https://kubernetes.io/docs/concepts/workloads/controllers/deployment/' - status: - type: object - properties: - annotations: - description: Annotations is additional Status fields for the Resource to save some additional State as well as convey more information to the user. This is roughly akin to Annotations on any k8s resource, just the reconciler conveying richer information outwards. - type: object - x-kubernetes-preserve-unknown-fields: true - ceAttributes: - description: CloudEventAttributes are the specific attributes that the Source uses as part of its CloudEvents. - type: array - items: - type: object - properties: - source: - description: Source is the CloudEvents source attribute. - type: string - type: - description: Type refers to the CloudEvent type attribute. - type: string - conditions: - description: Conditions the latest available observations of a resource's current state. - type: array - items: - type: object - required: - - type - - status - properties: - lastTransitionTime: - description: LastTransitionTime is the last time the condition transitioned from one status to another. We use VolatileTime in place of metav1.Time to exclude this from creating equality.Semantic differences (all other things held constant). - type: string - message: - description: A human readable message indicating details about the transition. - type: string - reason: - description: The reason for the condition's last transition. - type: string - severity: - description: Severity with which to treat failures of this type of condition. When this is not specified, it defaults to Error. - type: string - status: - description: Status of the condition, one of True, False, Unknown. - type: string - type: - description: Type of condition. - type: string - observedGeneration: - description: ObservedGeneration is the 'Generation' of the Service that was last processed by the controller. - type: integer - format: int64 - sinkUri: - description: SinkURI is the current active sink URI that has been configured for the Source. - type: string - additionalPrinterColumns: - - name: Sink - type: string - jsonPath: ".status.sinkUri" - - name: Age - type: date - jsonPath: .metadata.creationTimestamp - - name: Ready - type: string - jsonPath: ".status.conditions[?(@.type==\"Ready\")].status" - - name: Reason - type: string - jsonPath: ".status.conditions[?(@.type=='Ready')].reason" - names: - categories: - - all - - knative - - sources - kind: ContainerSource - plural: containersources - singular: containersource - scope: Namespaced - ---- -# Copyright 2020 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - name: eventtypes.eventing.knative.dev - labels: - eventing.knative.dev/release: "v1.8.0" - knative.dev/crd-install: "true" - app.kubernetes.io/version: "1.8.0" - app.kubernetes.io/name: knative-eventing -spec: - group: eventing.knative.dev - versions: - - name: v1beta1 - served: true - storage: true - subresources: - status: {} - schema: - openAPIV3Schema: - type: object - description: 'EventType represents a type of event that can be consumed from a Broker.' - properties: - spec: - description: 'Spec defines the desired state of the EventType.' - type: object - properties: - broker: - type: string - description: - description: 'Description is an optional field used to describe the EventType, in any meaningful way.' - type: string - schema: - description: 'Schema is a URI, it represents the CloudEvents schemaurl extension attribute. It may be a JSON schema, a protobuf schema, etc. It is optional.' - type: string - schemaData: - description: 'SchemaData allows the CloudEvents schema to be stored directly in the EventType. Content is dependent on the encoding. Optional attribute. The contents are not validated or manipulated by the system.' - type: string - source: - description: 'Source is a URI, it represents the CloudEvents source.' - type: string - type: - description: 'Type represents the CloudEvents type. It is authoritative.' - type: string - status: - description: 'Status represents the current state of the EventType. This data may be out of date.' - type: object - properties: - annotations: - description: 'Annotations is additional Status fields for the Resource to save some additional State as well as convey more information to the user. This is roughly akin to Annotations on any k8s resource, just the reconciler conveying richer information outwards.' - type: object - x-kubernetes-preserve-unknown-fields: true - conditions: - description: 'Conditions the latest available observations of a resource''s current state.' - type: array - items: - type: object - required: - - type - - status - properties: - lastTransitionTime: - description: 'LastTransitionTime is the last time the condition transitioned from one status to another. We use VolatileTime in place of metav1.Time to exclude this from creating equality.Semantic differences (all other things held constant).' - type: string - message: - description: 'A human readable message indicating details about the transition.' - type: string - reason: - description: 'The reason for the condition''s last transition.' - type: string - severity: - description: 'Severity with which to treat failures of this type of condition. When this is not specified, it defaults to Error.' - type: string - status: - description: 'Status of the condition, one of True, False, Unknown.' - type: string - type: - description: 'Type of condition.' - type: string - observedGeneration: - description: 'ObservedGeneration is the ''Generation'' of the Service that was last processed by the controller.' - type: integer - format: int64 - additionalPrinterColumns: - - name: Type - type: string - jsonPath: ".spec.type" - - name: Source - type: string - jsonPath: ".spec.source" - - name: Schema - type: string - jsonPath: ".spec.schema" - - name: Broker - type: string - jsonPath: ".spec.broker" - - name: Description - type: string - jsonPath: ".spec.description" - # TODO remove Status https://github.com/knative/eventing/issues/2750 - - name: Ready - type: string - jsonPath: ".status.conditions[?(@.type==\"Ready\")].status" - - name: Reason - type: string - jsonPath: ".status.conditions[?(@.type==\"Ready\")].reason" - names: - kind: EventType - plural: eventtypes - singular: eventtype - categories: - - all - - knative - - eventing - scope: Namespaced - ---- -# Copyright 2020 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - name: parallels.flows.knative.dev - labels: - eventing.knative.dev/release: "v1.8.0" - knative.dev/crd-install: "true" - duck.knative.dev/addressable: "true" - app.kubernetes.io/version: "1.8.0" - app.kubernetes.io/name: knative-eventing -spec: - group: flows.knative.dev - versions: - - name: v1 - served: true - storage: true - subresources: - status: {} - schema: - openAPIV3Schema: - description: 'Parallel defines conditional branches that will be wired in series through Channels and Subscriptions.' - type: object - properties: - spec: - description: Spec defines the desired state of the Parallel. - type: object - properties: - branches: - description: Branches is the list of Filter/Subscribers pairs. - type: array - items: - type: object - x-kubernetes-preserve-unknown-fields: true - properties: - delivery: - description: Delivery is the delivery specification for events to the subscriber This includes things like retries, DLQ, etc. - type: object - properties: - backoffDelay: - description: 'BackoffDelay is the delay before retrying. More information on Duration format: - https://www.iso.org/iso-8601-date-and-time-format.html - https://en.wikipedia.org/wiki/ISO_8601 For linear policy, backoff delay is backoffDelay*. For exponential policy, backoff delay is backoffDelay*2^.' - type: string - backoffPolicy: - description: BackoffPolicy is the retry backoff policy (linear, exponential). - type: string - deadLetterSink: - description: DeadLetterSink is the sink receiving event that could not be sent to a destination. - type: object - properties: &addressableProperties - ref: - description: Ref points to an Addressable. - type: object - properties: - apiVersion: - description: API version of the referent. - type: string - kind: - description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - namespace: - description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ This is optional field, it gets defaulted to the object holding it if left out.' - type: string - uri: - description: URI can be an absolute URL(non-empty scheme and non-empty host) pointing to the target or a relative URI. Relative URIs will be resolved using the base URI retrieved from Ref. - type: string - retry: - description: Retry is the minimum number of retries the sender should attempt when sending an event before moving it to the dead letter sink. - type: integer - format: int32 - x-kubernetes-preserve-unknown-fields: true # This is necessary to enable the experimental feature delivery-timeout - filter: - description: Filter is the expression guarding the branch - type: object - properties: - !!merge <<: *addressableProperties - reply: - description: Reply is a Reference to where the result of Subscriber of this case gets sent to. If not specified, sent the result to the Parallel Reply - type: object - properties: - !!merge <<: *addressableProperties - subscriber: - description: Subscriber receiving the event when the filter passes - type: object - properties: - !!merge <<: *addressableProperties - channelTemplate: - description: ChannelTemplate specifies which Channel CRD to use. If left unspecified, it is set to the default Channel CRD for the namespace (or cluster, in case there are no defaults for the namespace). - type: object - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - spec: - description: Spec defines the Spec to use for each channel created. Passed in verbatim to the Channel CRD as Spec section. - type: object - x-kubernetes-preserve-unknown-fields: true - reply: - description: Reply is a Reference to where the result of a case Subscriber gets sent to when the case does not have a Reply - type: object - properties: - !!merge <<: *addressableProperties - status: - description: Status represents the current state of the Parallel. This data may be out of date. - type: object - properties: - address: - type: object - properties: - url: - type: string - annotations: - description: Annotations is additional Status fields for the Resource to save some additional State as well as convey more information to the user. This is roughly akin to Annotations on any k8s resource, just the reconciler conveying richer information outwards. - type: object - x-kubernetes-preserve-unknown-fields: true - branchStatuses: - description: BranchStatuses is an array of corresponding to branch statuses. Matches the Spec.Branches array in the order. - type: array - items: - type: object - properties: - filterChannelStatus: - description: FilterChannelStatus corresponds to the filter channel status. - type: object - properties: &channelProperties - channel: - description: Channel is the reference to the underlying channel. - type: object - properties: &referentProperties - apiVersion: - description: API version of the referent. - type: string - fieldPath: - description: 'If referring to a piece of an object instead of an entire object, this string should contain a valid JSON/Go field access statement, such as desiredState.manifest.containers[2]. For example, if the object reference is to a container within a pod, this would take on a value like: "spec.containers{name}" (where "name" refers to the name of the container that triggered the event) or if no container name is specified "spec.containers[2]" (container with index 2 in this pod). This syntax is chosen only to have some well-defined way of referencing a part of an object.' - type: string - kind: - description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - namespace: - description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' - type: string - resourceVersion: - description: 'Specific resourceVersion to which this reference is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency' - type: string - uid: - description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids' - type: string - ready: - description: ReadyCondition indicates whether the Channel is ready or not. - type: object - x-kubernetes-preserve-unknown-fields: true - properties: &readyConditionProperties - message: - description: A human readable message indicating details about the transition. - type: string - reason: - description: The reason for the condition's last transition. - type: string - severity: - description: Severity with which to treat failures of this type of condition. When this is not specified, it defaults to Error. - type: string - status: - description: Status of the condition, one of True, False, Unknown. - type: string - type: - description: Type of condition. - type: string - filterSubscriptionStatus: - description: FilterSubscriptionStatus corresponds to the filter subscription status. - type: object - properties: - ready: - description: ReadyCondition indicates whether the Subscription is ready or not. - type: object - properties: - !!merge <<: *readyConditionProperties - subscription: - description: Subscription is the reference to the underlying Subscription. - type: object - properties: - !!merge <<: *referentProperties - subscriberSubscriptionStatus: - description: SubscriptionStatus corresponds to the subscriber subscription status. - type: object - properties: - ready: - description: ReadyCondition indicates whether the Subscription is ready or not. - type: object - properties: - !!merge <<: *readyConditionProperties - subscription: - description: Subscription is the reference to the underlying Subscription. - type: object - properties: - !!merge <<: *referentProperties - conditions: - description: Conditions the latest available observations of a resource's current state. - type: array - items: - type: object - properties: - !!merge <<: *readyConditionProperties - ingressChannelStatus: - description: IngressChannelStatus corresponds to the ingress channel status. - type: object - properties: - !!merge <<: *channelProperties - observedGeneration: - description: ObservedGeneration is the 'Generation' of the Service that was last processed by the controller. - type: integer - format: int64 - additionalPrinterColumns: - - name: URL - type: string - jsonPath: .status.address.url - - name: Age - type: date - jsonPath: .metadata.creationTimestamp - - name: Ready - type: string - jsonPath: ".status.conditions[?(@.type==\"Ready\")].status" - - name: Reason - type: string - jsonPath: ".status.conditions[?(@.type==\"Ready\")].reason" - names: - kind: Parallel - plural: parallels - singular: parallel - categories: - - all - - knative - - flows - scope: Namespaced - ---- -# Copyright 2020 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - labels: - eventing.knative.dev/release: "v1.8.0" - eventing.knative.dev/source: "true" - duck.knative.dev/source: "true" - knative.dev/crd-install: "true" - app.kubernetes.io/version: "1.8.0" - app.kubernetes.io/name: knative-eventing - annotations: - # TODO add schemas and descriptions - registry.knative.dev/eventTypes: | - [ - { "type": "dev.knative.sources.ping" } - ] - name: pingsources.sources.knative.dev -spec: - group: sources.knative.dev - versions: - - &version - name: v1beta2 - served: true - storage: false - subresources: - status: {} - schema: - openAPIV3Schema: - type: object - description: 'PingSource describes an event source with a fixed payload produced on a specified cron schedule.' - properties: - spec: - type: object - description: 'PingSourceSpec defines the desired state of the PingSource (from the client).' - properties: - ceOverrides: - description: 'CloudEventOverrides defines overrides to control the output format and modifications of the event sent to the sink.' - type: object - properties: - extensions: - description: 'Extensions specify what attribute are added or overridden on the outbound event. Each `Extensions` key-value pair are set on the event as an attribute extension independently.' - type: object - additionalProperties: - type: string - x-kubernetes-preserve-unknown-fields: true - contentType: - description: 'ContentType is the media type of `data` or `dataBase64`. Default is empty.' - type: string - data: - description: 'Data is data used as the body of the event posted to the sink. Default is empty. Mutually exclusive with `dataBase64`.' - type: string - dataBase64: - description: "DataBase64 is the base64-encoded string of the actual event's body posted to the sink. Default is empty. Mutually exclusive with `data`." - type: string - schedule: - description: 'Schedule is the cron schedule. Defaults to `* * * * *`.' - type: string - sink: - description: 'Sink is a reference to an object that will resolve to a uri to use as the sink.' - type: object - properties: - ref: - description: 'Ref points to an Addressable.' - type: object - properties: - apiVersion: - description: 'API version of the referent.' - type: string - kind: - description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - namespace: - description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ This is optional field, it gets defaulted to the object holding it if left out.' - type: string - uri: - description: 'URI can be an absolute URL(non-empty scheme and non-empty host) pointing to the target or a relative URI. Relative URIs will be resolved using the base URI retrieved from Ref.' - type: string - timezone: - description: 'Timezone modifies the actual time relative to the specified timezone. Defaults to the system time zone. More general information about time zones: https://www.iana.org/time-zones List of valid timezone values: https://en.wikipedia.org/wiki/List_of_tz_database_time_zones' - type: string - status: - type: object - description: 'PingSourceStatus defines the observed state of PingSource (from the controller).' - properties: - annotations: - description: 'Annotations is additional Status fields for the Resource to save some additional State as well as convey more information to the user. This is roughly akin to Annotations on any k8s resource, just the reconciler conveying richer information outwards.' - type: object - x-kubernetes-preserve-unknown-fields: true - ceAttributes: - description: 'CloudEventAttributes are the specific attributes that the Source uses as part of its CloudEvents.' - type: array - items: - type: object - properties: - source: - description: 'Source is the CloudEvents source attribute.' - type: string - type: - description: 'Type refers to the CloudEvent type attribute.' - type: string - conditions: - description: 'Conditions the latest available observations of a resource''s current state.' - type: array - items: - type: object - required: - - type - - status - properties: - lastTransitionTime: - description: 'LastTransitionTime is the last time the condition transitioned from one status to another. We use VolatileTime in place of metav1.Time to exclude this from creating equality.Semantic differences (all other things held constant).' - type: string - message: - description: 'A human readable message indicating details about the transition.' - type: string - reason: - description: 'The reason for the condition''s last transition.' - type: string - severity: - description: 'Severity with which to treat failures of this type of condition. When this is not specified, it defaults to Error.' - type: string - status: - description: 'Status of the condition, one of True, False, Unknown.' - type: string - type: - description: 'Type of condition.' - type: string - observedGeneration: - description: 'ObservedGeneration is the "Generation" of the Service that was last processed by the controller.' - type: integer - format: int64 - sinkUri: - description: 'SinkURI is the current active sink URI that has been configured for the Source.' - type: string - additionalPrinterColumns: - - name: Sink - type: string - jsonPath: .status.sinkUri - - name: Schedule - type: string - jsonPath: .spec.schedule - - name: Age - type: date - jsonPath: .metadata.creationTimestamp - - name: Ready - type: string - jsonPath: ".status.conditions[?(@.type=='Ready')].status" - - name: Reason - type: string - jsonPath: ".status.conditions[?(@.type=='Ready')].reason" - - !!merge <<: *version - name: v1 - served: true - storage: true - # v1 schema is identical to the v1beta2 schema - names: - categories: - - all - - knative - - sources - kind: PingSource - plural: pingsources - singular: pingsource - scope: Namespaced - conversion: - strategy: Webhook - webhook: - conversionReviewVersions: ["v1", "v1beta1"] - clientConfig: - service: - name: eventing-webhook - namespace: knative-eventing - ---- -# Copyright 2020 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - name: sequences.flows.knative.dev - labels: - eventing.knative.dev/release: "v1.8.0" - knative.dev/crd-install: "true" - duck.knative.dev/addressable: "true" - app.kubernetes.io/version: "1.8.0" - app.kubernetes.io/name: knative-eventing -spec: - group: flows.knative.dev - versions: - - name: v1 - served: true - storage: true - subresources: - status: {} - schema: - openAPIV3Schema: - description: 'Sequence defines a sequence of Subscribers that will be wired in series through Channels and Subscriptions.' - type: object - properties: - spec: - description: Spec defines the desired state of the Sequence. - type: object - properties: - channelTemplate: - description: ChannelTemplate specifies which Channel CRD to use. If left unspecified, it is set to the default Channel CRD for the namespace (or cluster, in case there are no defaults for the namespace). - type: object - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - spec: - description: Spec defines the Spec to use for each channel created. Passed in verbatim to the Channel CRD as Spec section. - type: object - x-kubernetes-preserve-unknown-fields: true - reply: - description: Reply is a Reference to where the result of the last Subscriber gets sent to. - type: object - properties: - ref: - description: Ref points to an Addressable. - type: object - properties: - apiVersion: - description: API version of the referent. - type: string - kind: - description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - namespace: - description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ This is optional field, it gets defaulted to the object holding it if left out.' - type: string - uri: - description: URI can be an absolute URL(non-empty scheme and non-empty host) pointing to the target or a relative URI. Relative URIs will be resolved using the base URI retrieved from Ref. - type: string - steps: - description: Steps is the list of Destinations (processors / functions) that will be called in the order provided. Each step has its own delivery options - type: array - items: - type: object - properties: - delivery: - description: Delivery is the delivery specification for events to the subscriber This includes things like retries, DLQ, etc. - type: object - properties: - backoffDelay: - description: 'BackoffDelay is the delay before retrying. More information on Duration format: - https://www.iso.org/iso-8601-date-and-time-format.html - https://en.wikipedia.org/wiki/ISO_8601 For linear policy, backoff delay is backoffDelay*. For exponential policy, backoff delay is backoffDelay*2^.' - type: string - backoffPolicy: - description: BackoffPolicy is the retry backoff policy (linear, exponential). - type: string - deadLetterSink: - description: DeadLetterSink is the sink receiving event that could not be sent to a destination. - type: object - properties: - ref: - description: Ref points to an Addressable. - type: object - properties: - apiVersion: - description: API version of the referent. - type: string - kind: - description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - namespace: - description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ This is optional field, it gets defaulted to the object holding it if left out.' - type: string - uri: - description: URI can be an absolute URL(non-empty scheme and non-empty host) pointing to the target or a relative URI. Relative URIs will be resolved using the base URI retrieved from Ref. - type: string - retry: - description: Retry is the minimum number of retries the sender should attempt when sending an event before moving it to the dead letter sink. - type: integer - format: int32 - x-kubernetes-preserve-unknown-fields: true # This is necessary to enable the experimental feature delivery-timeout - ref: - description: Ref points to an Addressable. - type: object - properties: - apiVersion: - description: API version of the referent. - type: string - kind: - description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - namespace: - description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ This is optional field, it gets defaulted to the object holding it if left out.' - type: string - uri: - description: URI can be an absolute URL(non-empty scheme and non-empty host) pointing to the target or a relative URI. Relative URIs will be resolved using the base URI retrieved from Ref. - type: string - status: - description: Status represents the current state of the Sequence. This data may be out of date. - type: object - properties: - address: - type: object - properties: - url: - type: string - annotations: - description: Annotations is additional Status fields for the Resource to save some additional State as well as convey more information to the user. This is roughly akin to Annotations on any k8s resource, just the reconciler conveying richer information outwards. - type: object - x-kubernetes-preserve-unknown-fields: true - channelStatuses: - description: ChannelStatuses is an array of corresponding Channel statuses. Matches the Spec.Steps array in the order. - type: array - items: - type: object - properties: - channel: - description: Channel is the reference to the underlying channel. - type: object - properties: - apiVersion: - description: API version of the referent. - type: string - fieldPath: - description: 'If referring to a piece of an object instead of an entire object, this string should contain a valid JSON/Go field access statement, such as desiredState.manifest.containers[2]. For example, if the object reference is to a container within a pod, this would take on a value like: "spec.containers{name}" (where "name" refers to the name of the container that triggered the event) or if no container name is specified "spec.containers[2]" (container with index 2 in this pod). This syntax is chosen only to have some well-defined way of referencing a part of an object.' - type: string - kind: - description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - namespace: - description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' - type: string - resourceVersion: - description: 'Specific resourceVersion to which this reference is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency' - type: string - uid: - description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids' - type: string - ready: - description: ReadyCondition indicates whether the Channel is ready or not. - type: object - required: - - type - - status - properties: - lastTransitionTime: - description: LastTransitionTime is the last time the condition transitioned from one status to another. We use VolatileTime in place of metav1.Time to exclude this from creating equality.Semantic differences (all other things held constant). - type: string - message: - description: A human readable message indicating details about the transition. - type: string - reason: - description: The reason for the condition's last transition. - type: string - severity: - description: Severity with which to treat failures of this type of condition. When this is not specified, it defaults to Error. - type: string - status: - description: Status of the condition, one of True, False, Unknown. - type: string - type: - description: Type of condition. - type: string - conditions: - description: Conditions the latest available observations of a resource's current state. - type: array - items: - type: object - required: - - type - - status - properties: - lastTransitionTime: - description: LastTransitionTime is the last time the condition transitioned from one status to another. We use VolatileTime in place of metav1.Time to exclude this from creating equality.Semantic differences (all other things held constant). - type: string - message: - description: A human readable message indicating details about the transition. - type: string - reason: - description: The reason for the condition's last transition. - type: string - severity: - description: Severity with which to treat failures of this type of condition. When this is not specified, it defaults to Error. - type: string - status: - description: Status of the condition, one of True, False, Unknown. - type: string - type: - description: Type of condition. - type: string - observedGeneration: - description: ObservedGeneration is the 'Generation' of the Service that was last processed by the controller. - type: integer - format: int64 - subscriptionStatuses: - description: SubscriptionStatuses is an array of corresponding Subscription statuses. Matches the Spec.Steps array in the order. - type: array - items: - type: object - properties: - ready: - description: ReadyCondition indicates whether the Subscription is ready or not. - type: object - required: - - type - - status - properties: - lastTransitionTime: - description: LastTransitionTime is the last time the condition transitioned from one status to another. We use VolatileTime in place of metav1.Time to exclude this from creating equality.Semantic differences (all other things held constant). - type: string - message: - description: A human readable message indicating details about the transition. - type: string - reason: - description: The reason for the condition's last transition. - type: string - severity: - description: Severity with which to treat failures of this type of condition. When this is not specified, it defaults to Error. - type: string - status: - description: Status of the condition, one of True, False, Unknown. - type: string - type: - description: Type of condition. - type: string - subscription: - description: Subscription is the reference to the underlying Subscription. - type: object - properties: - apiVersion: - description: API version of the referent. - type: string - fieldPath: - description: 'If referring to a piece of an object instead of an entire object, this string should contain a valid JSON/Go field access statement, such as desiredState.manifest.containers[2]. For example, if the object reference is to a container within a pod, this would take on a value like: "spec.containers{name}" (where "name" refers to the name of the container that triggered the event) or if no container name is specified "spec.containers[2]" (container with index 2 in this pod). This syntax is chosen only to have some well-defined way of referencing a part of an object.' - type: string - kind: - description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - namespace: - description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' - type: string - resourceVersion: - description: 'Specific resourceVersion to which this reference is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency' - type: string - uid: - description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids' - type: string - additionalPrinterColumns: - - name: URL - type: string - jsonPath: .status.address.url - - name: Age - type: date - jsonPath: .metadata.creationTimestamp - - name: Ready - type: string - jsonPath: ".status.conditions[?(@.type==\"Ready\")].status" - - name: Reason - type: string - jsonPath: ".status.conditions[?(@.type==\"Ready\")].reason" - names: - kind: Sequence - plural: sequences - singular: sequence - categories: - - all - - knative - - flows - scope: Namespaced - ---- -# Copyright 2020 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - labels: - eventing.knative.dev/release: "v1.8.0" - eventing.knative.dev/source: "true" - duck.knative.dev/source: "true" - duck.knative.dev/binding: "true" - knative.dev/crd-install: "true" - app.kubernetes.io/version: "1.8.0" - app.kubernetes.io/name: knative-eventing - name: sinkbindings.sources.knative.dev -spec: - group: sources.knative.dev - versions: - - name: v1 - served: true - storage: true - subresources: - status: {} - schema: - openAPIV3Schema: - description: 'SinkBinding describes a Binding that is also a Source. The `sink` (from the Source duck) is resolved to a URL and then projected into the `subject` by augmenting the runtime contract of the referenced containers to have a `K_SINK` environment variable holding the endpoint to which to send cloud events.' - type: object - properties: - spec: - type: object - properties: - ceOverrides: - description: CloudEventOverrides defines overrides to control the output format and modifications of the event sent to the sink. - type: object - properties: - extensions: - description: Extensions specify what attribute are added or overridden on the outbound event. Each `Extensions` key-value pair are set on the event as an attribute extension independently. - type: object - x-kubernetes-preserve-unknown-fields: true - sink: - description: Sink is a reference to an object that will resolve to a uri to use as the sink. - type: object - properties: - ref: - description: Ref points to an Addressable. - type: object - properties: - apiVersion: - description: API version of the referent. - type: string - kind: - description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - namespace: - description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ This is optional field, it gets defaulted to the object holding it if left out.' - type: string - uri: - description: URI can be an absolute URL(non-empty scheme and non-empty host) pointing to the target or a relative URI. Relative URIs will be resolved using the base URI retrieved from Ref. - type: string - subject: - description: Subject references the resource(s) whose "runtime contract" should be augmented by Binding implementations. - type: object - properties: - apiVersion: - description: API version of the referent. - type: string - kind: - description: Kind of the referent. - type: string - name: - description: Name of the referent. Mutually exclusive with Selector. - type: string - namespace: - description: Namespace of the referent. - type: string - selector: - description: Selector of the referents. Mutually exclusive with Name. - type: object - properties: - matchExpressions: - description: matchExpressions is a list of label selector requirements. The requirements are ANDed. - type: array - items: - type: object - properties: - key: - description: key is the label key that the selector applies to. - type: string - operator: - description: operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. - type: string - values: - description: values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. - type: array - items: - type: string - matchLabels: - description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. - type: object - x-kubernetes-preserve-unknown-fields: true - status: - type: object - properties: - annotations: - description: Annotations is additional Status fields for the Resource to save some additional State as well as convey more information to the user. This is roughly akin to Annotations on any k8s resource, just the reconciler conveying richer information outwards. - type: object - x-kubernetes-preserve-unknown-fields: true - ceAttributes: - description: CloudEventAttributes are the specific attributes that the Source uses as part of its CloudEvents. - type: array - items: - type: object - properties: - source: - description: Source is the CloudEvents source attribute. - type: string - type: - description: Type refers to the CloudEvent type attribute. - type: string - conditions: - description: Conditions the latest available observations of a resource's current state. - type: array - items: - type: object - required: - - type - - status - properties: - lastTransitionTime: - description: LastTransitionTime is the last time the condition transitioned from one status to another. We use VolatileTime in place of metav1.Time to exclude this from creating equality.Semantic differences (all other things held constant). - type: string - message: - description: A human readable message indicating details about the transition. - type: string - reason: - description: The reason for the condition's last transition. - type: string - severity: - description: Severity with which to treat failures of this type of condition. When this is not specified, it defaults to Error. - type: string - status: - description: Status of the condition, one of True, False, Unknown. - type: string - type: - description: Type of condition. - type: string - observedGeneration: - description: ObservedGeneration is the 'Generation' of the Service that was last processed by the controller. - type: integer - format: int64 - sinkUri: - description: SinkURI is the current active sink URI that has been configured for the Source. - type: string - additionalPrinterColumns: - - name: Sink - type: string - jsonPath: ".status.sinkUri" - - name: Age - type: date - jsonPath: .metadata.creationTimestamp - - name: Ready - type: string - jsonPath: ".status.conditions[?(@.type=='Ready')].status" - - name: Reason - type: string - jsonPath: ".status.conditions[?(@.type=='Ready')].reason" - names: - categories: - - all - - knative - - sources - - bindings - kind: SinkBinding - plural: sinkbindings - singular: sinkbinding - scope: Namespaced - ---- -# Copyright 2020 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - name: subscriptions.messaging.knative.dev - labels: - eventing.knative.dev/release: "v1.8.0" - knative.dev/crd-install: "true" - app.kubernetes.io/version: "1.8.0" - app.kubernetes.io/name: knative-eventing -spec: - group: messaging.knative.dev - versions: - - name: v1 - served: true - storage: true - subresources: - status: {} - schema: - openAPIV3Schema: - description: 'Subscription routes events received on a Channel to a DNS name and corresponds to the subscriptions.channels.knative.dev CRD.' - type: object - properties: - spec: - type: object - properties: - channel: - description: 'Reference to a channel that will be used to create the subscription. You can specify only the following fields of the KReference: kind, apiVersion and name. The resource pointed by this KReference must meet the contract to the ChannelableSpec duck type. If the resource does not meet this contract it will be reflected in the Subscription''s status. This field is immutable. We have no good answer on what happens to the events that are currently in the channel being consumed from and what the semantics there should be. For now, you can always delete the Subscription and recreate it to point to a different channel, giving the user more control over what semantics should be used (drain the channel first, possibly have events dropped, etc.)' - type: object - properties: - apiVersion: - description: API version of the referent. - type: string - kind: - description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - x-kubernetes-preserve-unknown-fields: true # This is necessary to enable the experimental feature - delivery: - description: Delivery configuration - type: object - properties: - backoffDelay: - description: 'BackoffDelay is the delay before retrying. More information on Duration format: - https://www.iso.org/iso-8601-date-and-time-format.html - https://en.wikipedia.org/wiki/ISO_8601 For linear policy, backoff delay is backoffDelay*. For exponential policy, backoff delay is backoffDelay*2^.' - type: string - backoffPolicy: - description: BackoffPolicy is the retry backoff policy (linear, exponential). - type: string - deadLetterSink: - description: DeadLetterSink is the sink receiving event that could not be sent to a destination. - type: object - properties: - ref: - description: Ref points to an Addressable. - type: object - properties: - apiVersion: - description: API version of the referent. - type: string - kind: - description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - namespace: - description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ This is optional field, it gets defaulted to the object holding it if left out.' - type: string - uri: - description: URI can be an absolute URL(non-empty scheme and non-empty host) pointing to the target or a relative URI. Relative URIs will be resolved using the base URI retrieved from Ref. - type: string - retry: - description: Retry is the minimum number of retries the sender should attempt when sending an event before moving it to the dead letter sink. - type: integer - format: int32 - x-kubernetes-preserve-unknown-fields: true # This is necessary to enable the experimental feature delivery-timeout - reply: - description: Reply specifies (optionally) how to handle events returned from the Subscriber target. - type: object - properties: - ref: - description: Ref points to an Addressable. - type: object - properties: - apiVersion: - description: API version of the referent. - type: string - kind: - description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - namespace: - description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ This is optional field, it gets defaulted to the object holding it if left out.' - type: string - uri: - description: URI can be an absolute URL(non-empty scheme and non-empty host) pointing to the target or a relative URI. Relative URIs will be resolved using the base URI retrieved from Ref. - type: string - subscriber: - description: Subscriber is reference to (optional) function for processing events. Events from the Channel will be delivered here and replies are sent to a Destination as specified by the Reply. - type: object - properties: - ref: - description: Ref points to an Addressable. - type: object - properties: - apiVersion: - description: API version of the referent. - type: string - kind: - description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - namespace: - description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ This is optional field, it gets defaulted to the object holding it if left out.' - type: string - x-kubernetes-preserve-unknown-fields: true # This is necessary to enable the experimental feature - uri: - description: URI can be an absolute URL(non-empty scheme and non-empty host) pointing to the target or a relative URI. Relative URIs will be resolved using the base URI retrieved from Ref. - type: string - status: - type: object - properties: - annotations: - description: Annotations is additional Status fields for the Resource to save some additional State as well as convey more information to the user. This is roughly akin to Annotations on any k8s resource, just the reconciler conveying richer information outwards. - type: object - x-kubernetes-preserve-unknown-fields: true - conditions: - description: Conditions the latest available observations of a resource's current state. - type: array - items: - type: object - required: - - type - - status - properties: - lastTransitionTime: - description: LastTransitionTime is the last time the condition transitioned from one status to another. We use VolatileTime in place of metav1.Time to exclude this from creating equality.Semantic differences (all other things held constant). - type: string - message: - description: A human readable message indicating details about the transition. - type: string - reason: - description: The reason for the condition's last transition. - type: string - severity: - description: Severity with which to treat failures of this type of condition. When this is not specified, it defaults to Error. - type: string - status: - description: Status of the condition, one of True, False, Unknown. - type: string - type: - description: Type of condition. - type: string - observedGeneration: - description: ObservedGeneration is the 'Generation' of the Service that was last processed by the controller. - type: integer - format: int64 - physicalSubscription: - description: PhysicalSubscription is the fully resolved values that this Subscription represents. - type: object - properties: - deadLetterSinkUri: - description: ReplyURI is the fully resolved URI for the spec.delivery.deadLetterSink. - type: string - replyUri: - description: ReplyURI is the fully resolved URI for the spec.reply. - type: string - subscriberUri: - description: SubscriberURI is the fully resolved URI for spec.subscriber. - type: string - additionalPrinterColumns: - - name: Age - type: date - jsonPath: .metadata.creationTimestamp - - name: Ready - type: string - jsonPath: ".status.conditions[?(@.type==\"Ready\")].status" - - name: Reason - type: string - jsonPath: ".status.conditions[?(@.type==\"Ready\")].reason" - names: - kind: Subscription - plural: subscriptions - singular: subscription - categories: - - all - - knative - - messaging - shortNames: - - sub - scope: Namespaced - ---- -# Copyright 2020 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - name: triggers.eventing.knative.dev - labels: - eventing.knative.dev/release: "v1.8.0" - knative.dev/crd-install: "true" - app.kubernetes.io/version: "1.8.0" - app.kubernetes.io/name: knative-eventing -spec: - group: eventing.knative.dev - versions: - - name: v1 - served: true - storage: true - subresources: - status: {} - additionalPrinterColumns: - - name: Broker - type: string - jsonPath: .spec.broker - - name: Subscriber_URI - type: string - jsonPath: .status.subscriberUri - - name: Age - type: date - jsonPath: .metadata.creationTimestamp - - name: Ready - type: string - jsonPath: ".status.conditions[?(@.type==\"Ready\")].status" - - name: Reason - type: string - jsonPath: ".status.conditions[?(@.type==\"Ready\")].reason" - schema: - openAPIV3Schema: - description: 'Trigger represents a request to have events delivered to a subscriber from a Broker''s event pool.' - type: object - properties: - spec: - description: Spec defines the desired state of the Trigger. - type: object - x-kubernetes-preserve-unknown-fields: true - properties: - broker: - description: Broker is the broker that this trigger receives events from. - type: string - delivery: - description: Delivery contains the delivery spec for this specific trigger. - type: object - x-kubernetes-preserve-unknown-fields: true # This is necessary to enable the experimental feature delivery-timeout - properties: - backoffDelay: - description: 'BackoffDelay is the delay before retrying. More information on Duration format: - https://www.iso.org/iso-8601-date-and-time-format.html - https://en.wikipedia.org/wiki/ISO_8601 For linear policy, backoff delay is backoffDelay*. For exponential policy, backoff delay is backoffDelay*2^.' - type: string - backoffPolicy: - description: BackoffPolicy is the retry backoff policy (linear, exponential). - type: string - deadLetterSink: - description: DeadLetterSink is the sink receiving event that could not be sent to a destination. - type: object - properties: - ref: - description: Ref points to an Addressable. - type: object - properties: - apiVersion: - description: API version of the referent. - type: string - kind: - description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - namespace: - description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ This is optional field, it gets defaulted to the object holding it if left out.' - type: string - uri: - description: URI can be an absolute URL(non-empty scheme and non-empty host) pointing to the target or a relative URI. Relative URIs will be resolved using the base URI retrieved from Ref. - type: string - retry: - description: Retry is the minimum number of retries the sender should attempt when sending an event before moving it to the dead letter sink. - type: integer - format: int32 - filter: - description: 'Filter is the filter to apply against all events from the Broker. Only events that pass this filter will be sent to the Subscriber. If not specified, will default to allowing all events. ' - type: object - properties: - attributes: - description: 'Attributes filters events by exact match on event context attributes. Each key in the map is compared with the equivalent key in the event context. An event passes the filter if all values are equal to the specified values. Nested context attributes are not supported as keys. Only string values are supported. ' - type: object - x-kubernetes-preserve-unknown-fields: true - subscriber: - description: Subscriber is the addressable that receives events from the Broker that pass the Filter. It is required. - type: object - properties: - ref: - description: Ref points to an Addressable. - type: object - properties: - apiVersion: - description: API version of the referent. - type: string - kind: - description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - namespace: - description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ This is optional field, it gets defaulted to the object holding it if left out.' - type: string - uri: - description: URI can be an absolute URL(non-empty scheme and non-empty host) pointing to the target or a relative URI. Relative URIs will be resolved using the base URI retrieved from Ref. - type: string - status: - description: Status represents the current state of the Trigger. This data may be out of date. - type: object - properties: - annotations: - description: Annotations is additional Status fields for the Resource to save some additional State as well as convey more information to the user. This is roughly akin to Annotations on any k8s resource, just the reconciler conveying richer information outwards. - type: object - x-kubernetes-preserve-unknown-fields: true - conditions: - description: Conditions the latest available observations of a resource's current state. - type: array - items: - type: object - required: - - type - - status - properties: - lastTransitionTime: - description: 'LastTransitionTime is the last time the condition transitioned from one status to another. We use VolatileTime in place of metav1.Time to exclude this from creating equality.Semantic differences (all other things held constant).' - type: string - message: - description: 'A human readable message indicating details about the transition.' - type: string - reason: - description: 'The reason for the condition''s last transition.' - type: string - severity: - description: 'Severity with which to treat failures of this type of condition. When this is not specified, it defaults to Error.' - type: string - status: - description: 'Status of the condition, one of True, False, Unknown.' - type: string - type: - description: 'Type of condition.' - type: string - deadLetterSinkUri: - description: DeadLetterSinkURI is the resolved URI of the dead letter sink for this Trigger, in case there is none this will fallback to it's Broker status DeadLetterSinkURI. - type: string - observedGeneration: - description: ObservedGeneration is the 'Generation' of the Service that was last processed by the controller. - type: integer - format: int64 - subscriberUri: - description: SubscriberURI is the resolved URI of the receiver for this Trigger. - type: string - names: - kind: Trigger - plural: triggers - singular: trigger - categories: - - all - - knative - - eventing - scope: Namespaced - ---- diff --git a/cmd/operator/kodata/knative-eventing/1.8.0/2-eventing-core.yaml b/cmd/operator/kodata/knative-eventing/1.8.0/2-eventing-core.yaml deleted file mode 100644 index ec00be6563..0000000000 --- a/cmd/operator/kodata/knative-eventing/1.8.0/2-eventing-core.yaml +++ /dev/null @@ -1,4640 +0,0 @@ -# Copyright 2018 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -apiVersion: v1 -kind: Namespace -metadata: - name: knative-eventing - labels: - eventing.knative.dev/release: "v1.8.0" - app.kubernetes.io/version: "1.8.0" - app.kubernetes.io/name: knative-eventing - ---- -# Copyright 2018 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: v1 -kind: ServiceAccount -metadata: - name: eventing-controller - namespace: knative-eventing - labels: - eventing.knative.dev/release: "v1.8.0" - app.kubernetes.io/version: "1.8.0" - app.kubernetes.io/name: knative-eventing ---- -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRoleBinding -metadata: - name: eventing-controller - labels: - eventing.knative.dev/release: "v1.8.0" - app.kubernetes.io/version: "1.8.0" - app.kubernetes.io/name: knative-eventing -subjects: - - kind: ServiceAccount - name: eventing-controller - namespace: knative-eventing -roleRef: - kind: ClusterRole - name: knative-eventing-controller - apiGroup: rbac.authorization.k8s.io ---- -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRoleBinding -metadata: - name: eventing-controller-resolver - labels: - eventing.knative.dev/release: "v1.8.0" - app.kubernetes.io/version: "1.8.0" - app.kubernetes.io/name: knative-eventing -subjects: - - kind: ServiceAccount - name: eventing-controller - namespace: knative-eventing -roleRef: - kind: ClusterRole - name: addressable-resolver - apiGroup: rbac.authorization.k8s.io ---- -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRoleBinding -metadata: - name: eventing-controller-source-observer - labels: - eventing.knative.dev/release: "v1.8.0" - app.kubernetes.io/version: "1.8.0" - app.kubernetes.io/name: knative-eventing -subjects: - - kind: ServiceAccount - name: eventing-controller - namespace: knative-eventing -roleRef: - kind: ClusterRole - name: source-observer - apiGroup: rbac.authorization.k8s.io ---- -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRoleBinding -metadata: - name: eventing-controller-sources-controller - labels: - eventing.knative.dev/release: "v1.8.0" - app.kubernetes.io/version: "1.8.0" - app.kubernetes.io/name: knative-eventing -subjects: - - kind: ServiceAccount - name: eventing-controller - namespace: knative-eventing -roleRef: - kind: ClusterRole - name: knative-eventing-sources-controller - apiGroup: rbac.authorization.k8s.io ---- -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRoleBinding -metadata: - name: eventing-controller-manipulator - labels: - eventing.knative.dev/release: "v1.8.0" - app.kubernetes.io/version: "1.8.0" - app.kubernetes.io/name: knative-eventing -subjects: - - kind: ServiceAccount - name: eventing-controller - namespace: knative-eventing -roleRef: - kind: ClusterRole - name: channelable-manipulator - apiGroup: rbac.authorization.k8s.io - ---- -# Copyright 2020 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: v1 -kind: ServiceAccount -metadata: - name: pingsource-mt-adapter - namespace: knative-eventing - labels: - eventing.knative.dev/release: "v1.8.0" - app.kubernetes.io/version: "1.8.0" - app.kubernetes.io/name: knative-eventing ---- -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRoleBinding -metadata: - name: knative-eventing-pingsource-mt-adapter - labels: - eventing.knative.dev/release: "v1.8.0" - app.kubernetes.io/version: "1.8.0" - app.kubernetes.io/name: knative-eventing -subjects: - - kind: ServiceAccount - name: pingsource-mt-adapter - namespace: knative-eventing -roleRef: - kind: ClusterRole - name: knative-eventing-pingsource-mt-adapter - apiGroup: rbac.authorization.k8s.io - ---- -# Copyright 2018 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: v1 -kind: ServiceAccount -metadata: - name: eventing-webhook - namespace: knative-eventing - labels: - eventing.knative.dev/release: "v1.8.0" - app.kubernetes.io/version: "1.8.0" - app.kubernetes.io/name: knative-eventing ---- -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRoleBinding -metadata: - name: eventing-webhook - labels: - eventing.knative.dev/release: "v1.8.0" - app.kubernetes.io/version: "1.8.0" - app.kubernetes.io/name: knative-eventing -subjects: - - kind: ServiceAccount - name: eventing-webhook - namespace: knative-eventing -roleRef: - kind: ClusterRole - name: knative-eventing-webhook - apiGroup: rbac.authorization.k8s.io ---- -apiVersion: rbac.authorization.k8s.io/v1 -kind: RoleBinding -metadata: - namespace: knative-eventing - name: eventing-webhook - labels: - eventing.knative.dev/release: "v1.8.0" - app.kubernetes.io/version: "1.8.0" - app.kubernetes.io/name: knative-eventing -subjects: - - kind: ServiceAccount - name: eventing-webhook - namespace: knative-eventing -roleRef: - kind: Role - name: knative-eventing-webhook - apiGroup: rbac.authorization.k8s.io ---- -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRoleBinding -metadata: - name: eventing-webhook-resolver - labels: - eventing.knative.dev/release: "v1.8.0" - app.kubernetes.io/version: "1.8.0" - app.kubernetes.io/name: knative-eventing -subjects: - - kind: ServiceAccount - name: eventing-webhook - namespace: knative-eventing -roleRef: - kind: ClusterRole - name: addressable-resolver - apiGroup: rbac.authorization.k8s.io ---- -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRoleBinding -metadata: - name: eventing-webhook-podspecable-binding - labels: - eventing.knative.dev/release: "v1.8.0" - app.kubernetes.io/version: "1.8.0" - app.kubernetes.io/name: knative-eventing -subjects: - - kind: ServiceAccount - name: eventing-webhook - namespace: knative-eventing -roleRef: - kind: ClusterRole - name: podspecable-binding - apiGroup: rbac.authorization.k8s.io - ---- -# Copyright 2020 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: v1 -kind: ConfigMap -metadata: - name: config-br-default-channel - namespace: knative-eventing - labels: - eventing.knative.dev/release: "v1.8.0" - app.kubernetes.io/version: "1.8.0" - app.kubernetes.io/name: knative-eventing -data: - channel-template-spec: | - apiVersion: messaging.knative.dev/v1 - kind: InMemoryChannel - ---- -# Copyright 2021 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: v1 -kind: ConfigMap -metadata: - name: config-br-defaults - namespace: knative-eventing - labels: - eventing.knative.dev/release: "v1.8.0" - app.kubernetes.io/version: "1.8.0" - app.kubernetes.io/name: knative-eventing -data: - # Configures the default for any Broker that does not specify a spec.config or Broker class. - default-br-config: | - clusterDefault: - brokerClass: MTChannelBasedBroker - apiVersion: v1 - kind: ConfigMap - name: config-br-default-channel - namespace: knative-eventing - delivery: - retry: 10 - backoffPolicy: exponential - backoffDelay: PT0.2S - ---- -# Copyright 2018 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: v1 -kind: ConfigMap -metadata: - name: default-ch-webhook - namespace: knative-eventing - labels: - eventing.knative.dev/release: "v1.8.0" - app.kubernetes.io/version: "1.8.0" - app.kubernetes.io/name: knative-eventing -data: - # Configuration for defaulting channels that do not specify CRD implementations. - default-ch-config: | - clusterDefault: - apiVersion: messaging.knative.dev/v1 - kind: InMemoryChannel - namespaceDefaults: - some-namespace: - apiVersion: messaging.knative.dev/v1 - kind: InMemoryChannel - ---- -# Copyright 2020 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: v1 -kind: ConfigMap -metadata: - name: config-ping-defaults - namespace: knative-eventing - labels: - eventing.knative.dev/release: "v1.8.0" - annotations: - knative.dev/example-checksum: "9185c153" - app.kubernetes.io/version: "1.8.0" - app.kubernetes.io/name: knative-eventing -data: - _example: | - ################################ - # # - # EXAMPLE CONFIGURATION # - # # - ################################ - - # This block is not actually functional configuration, - # but serves to illustrate the available configuration - # options and document them in a way that is accessible - # to users that `kubectl edit` this config map. - # - # These sample configuration options may be copied out of - # this example block and unindented to be in the data block - # to actually change the configuration. - - # Max number of bytes allowed to be sent for message excluding any - # base64 decoding. Default is no limit set for data - data-max-size: -1 - ---- -# Copyright 2021 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: v1 -kind: ConfigMap -metadata: - name: config-features - namespace: knative-eventing - labels: - eventing.knative.dev/release: "v1.8.0" - knative.dev/config-propagation: original - knative.dev/config-category: eventing - app.kubernetes.io/version: "1.8.0" - app.kubernetes.io/name: knative-eventing -data: - # ALPHA feature: The kreference-group allows you to use the Group field in KReferences. - # For more details: https://github.com/knative/eventing/issues/5086 - kreference-group: "disabled" - # ALPHA feature: The delivery-retryafter allows you to use the RetryAfter field in DeliverySpec. - # For more details: https://github.com/knative/eventing/issues/5811 - delivery-retryafter: "disabled" - # BETA feature: The delivery-timeout allows you to use the Timeout field in DeliverySpec. - # For more details: https://github.com/knative/eventing/issues/5148 - delivery-timeout: "enabled" - # ALPHA feature: The kreference-mapping allows you to map kreference onto templated URI - # For more details: https://github.com/knative/eventing/issues/5593 - kreference-mapping: "disabled" - # BETA feature: The subscriber-strict flag force subscriptions to define a subscriber - # For more details: https://github.com/knative/eventing/issues/5756 - strict-subscriber: "enabled" - # ALPHA feature: The new-trigger-filters flag allows you to use the new `filters` field - # in Trigger objects with its rich filtering capabilities. - # For more details: https://github.com/knative/eventing/issues/5204 - new-trigger-filters: "disabled" - ---- -# Copyright 2021 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: v1 -kind: ConfigMap -metadata: - name: config-kreference-mapping - namespace: knative-eventing - labels: - eventing.knative.dev/release: "v1.8.0" - knative.dev/config-propagation: original - knative.dev/config-category: eventing - annotations: - knative.dev/example-checksum: "7375dbe1" -data: - _example: | - ################################ - # # - # EXAMPLE CONFIGURATION # - # # - ################################ - - # This block is not actually functional configuration, - # but serves to illustrate the available configuration - # options and document them in a way that is accessible - # to users that `kubectl edit` this config map. - - # this is an example of mapping from pod to addressable-pod service - # the data key must be of the form "kind.version.group" - # the data value must be a valid URL. Valid template data are: - # - Name: reference name - # - Namespace: reference namespace - # - SystemNamespace: knative namespace - # - UID: reference UID - # - # Pod.v1: https://addressable-pod.{{ .SystemNamespace }}.svc.cluster.local/{{ .Name }} - ---- -# Copyright 2018 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: v1 -kind: ConfigMap -metadata: - name: config-leader-election - namespace: knative-eventing - labels: - eventing.knative.dev/release: "v1.8.0" - app.kubernetes.io/version: "1.8.0" - app.kubernetes.io/name: knative-eventing - annotations: - knative.dev/example-checksum: "f7948630" -data: - _example: | - ################################ - # # - # EXAMPLE CONFIGURATION # - # # - ################################ - - # This block is not actually functional configuration, - # but serves to illustrate the available configuration - # options and document them in a way that is accessible - # to users that `kubectl edit` this config map. - # - # These sample configuration options may be copied out of - # this example block and unindented to be in the data block - # to actually change the configuration. - - # lease-duration is how long non-leaders will wait to try to acquire the - # lock; 15 seconds is the value used by core kubernetes controllers. - lease-duration: "15s" - - # renew-deadline is how long a leader will try to renew the lease before - # giving up; 10 seconds is the value used by core kubernetes controllers. - renew-deadline: "10s" - - # retry-period is how long the leader election client waits between tries of - # actions; 2 seconds is the value used by core kubernetes controllers. - retry-period: "2s" - - # buckets is the number of buckets used to partition key space of each - # Reconciler. If this number is M and the replica number of the controller - # is N, the N replicas will compete for the M buckets. The owner of a - # bucket will take care of the reconciling for the keys partitioned into - # that bucket. - buckets: "1" - ---- -# Copyright 2018 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: v1 -kind: ConfigMap -metadata: - name: config-logging - namespace: knative-eventing - labels: - eventing.knative.dev/release: "v1.8.0" - knative.dev/config-propagation: original - knative.dev/config-category: eventing - app.kubernetes.io/version: "1.8.0" - app.kubernetes.io/name: knative-eventing -data: - # Common configuration for all Knative codebase - zap-logger-config: | - { - "level": "info", - "development": false, - "outputPaths": ["stdout"], - "errorOutputPaths": ["stderr"], - "encoding": "json", - "encoderConfig": { - "timeKey": "ts", - "levelKey": "level", - "nameKey": "logger", - "callerKey": "caller", - "messageKey": "msg", - "stacktraceKey": "stacktrace", - "lineEnding": "", - "levelEncoder": "", - "timeEncoder": "iso8601", - "durationEncoder": "", - "callerEncoder": "" - } - } - # Log level overrides - # For all components changes are be picked up immediately. - loglevel.controller: "info" - loglevel.webhook: "info" - ---- -# Copyright 2019 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: v1 -kind: ConfigMap -metadata: - name: config-observability - namespace: knative-eventing - labels: - eventing.knative.dev/release: "v1.8.0" - knative.dev/config-propagation: original - knative.dev/config-category: eventing - app.kubernetes.io/version: "1.8.0" - app.kubernetes.io/name: knative-eventing - annotations: - knative.dev/example-checksum: "f46cf09d" -data: - _example: | - ################################ - # # - # EXAMPLE CONFIGURATION # - # # - ################################ - - # This block is not actually functional configuration, - # but serves to illustrate the available configuration - # options and document them in a way that is accessible - # to users that `kubectl edit` this config map. - # - # These sample configuration options may be copied out of - # this example block and unindented to be in the data block - # to actually change the configuration. - - # metrics.backend-destination field specifies the system metrics destination. - # It supports either prometheus (the default) or stackdriver. - # Note: Using stackdriver will incur additional charges - metrics.backend-destination: prometheus - - # metrics.request-metrics-backend-destination specifies the request metrics - # destination. If non-empty, it enables queue proxy to send request metrics. - # Currently supported values: prometheus, stackdriver. - metrics.request-metrics-backend-destination: prometheus - - # metrics.stackdriver-project-id field specifies the stackdriver project ID. This - # field is optional. When running on GCE, application default credentials will be - # used if this field is not provided. - metrics.stackdriver-project-id: "" - - # metrics.allow-stackdriver-custom-metrics indicates whether it is allowed to send metrics to - # Stackdriver using "global" resource type and custom metric type if the - # metrics are not supported by "knative_broker", "knative_trigger", and "knative_source" resource types. - # Setting this flag to "true" could cause extra Stackdriver charge. - # If metrics.backend-destination is not Stackdriver, this is ignored. - metrics.allow-stackdriver-custom-metrics: "false" - - # profiling.enable indicates whether it is allowed to retrieve runtime profiling data from - # the pods via an HTTP server in the format expected by the pprof visualization tool. When - # enabled, the Knative Eventing pods expose the profiling data on an alternate HTTP port 8008. - # The HTTP context root for profiling is then /debug/pprof/. - profiling.enable: "false" - - # sink-event-error-reporting.enable whether the adapter reports a kube event to the CRD indicating - # a failure to send a cloud event to the sink. - sink-event-error-reporting.enable: "false" - ---- -# Copyright 2022 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: v1 -kind: ConfigMap -metadata: - name: config-sugar - namespace: knative-eventing - labels: - eventing.knative.dev/release: "v1.8.0" - app.kubernetes.io/version: "1.8.0" - app.kubernetes.io/name: knative-eventing - annotations: - knative.dev/example-checksum: "62dfac6f" -data: - _example: | - ################################ - # # - # EXAMPLE CONFIGURATION # - # # - ################################ - # This block is not actually functional configuration, - # but serves to illustrate the available configuration - # options and document them in a way that is accessible - # to users that `kubectl edit` this config map. - # - # These sample configuration options may be copied out of - # this example block and unindented to be in the data block - # to actually change the configuration. - - # namespace-selector specifies a LabelSelector which - # determines which namespaces the Sugar Controller should operate upon - # Use an empty value to disable the feature (this is the default): - namespace-selector: "" - - # Use an empty object as a string to enable for all namespaces - namespace-selector: "{}" - - # trigger-selector specifies a LabelSelector which - # determines which triggers the Sugar Controller should operate upon - # Use an empty value to disable the feature (this is the default): - trigger-selector: "" - - # Use an empty object as string to enable for all triggers - trigger-selector: "{}" - ---- -# Copyright 2019 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: v1 -kind: ConfigMap -metadata: - name: config-tracing - namespace: knative-eventing - labels: - eventing.knative.dev/release: "v1.8.0" - knative.dev/config-propagation: original - knative.dev/config-category: eventing - app.kubernetes.io/version: "1.8.0" - app.kubernetes.io/name: knative-eventing - annotations: - knative.dev/example-checksum: "0492ceb0" -data: - _example: | - ################################ - # # - # EXAMPLE CONFIGURATION # - # # - ################################ - # This block is not actually functional configuration, - # but serves to illustrate the available configuration - # options and document them in a way that is accessible - # to users that `kubectl edit` this config map. - # - # These sample configuration options may be copied out of - # this example block and unindented to be in the data block - # to actually change the configuration. - # - # This may be "zipkin" or "none". the default is "none" - backend: "none" - - # URL to zipkin collector where traces are sent. - # This must be specified when backend is "zipkin" - zipkin-endpoint: "http://zipkin.istio-system.svc.cluster.local:9411/api/v2/spans" - - # Enable zipkin debug mode. This allows all spans to be sent to the server - # bypassing sampling. - debug: "false" - - # Percentage (0-1) of requests to trace - sample-rate: "0.1" - ---- -# Copyright 2018 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: apps/v1 -kind: Deployment -metadata: - name: eventing-controller - namespace: knative-eventing - labels: - eventing.knative.dev/release: "v1.8.0" - knative.dev/high-availability: "true" - app.kubernetes.io/component: eventing-controller - app.kubernetes.io/version: "1.8.0" - app.kubernetes.io/name: knative-eventing -spec: - selector: - matchLabels: - app: eventing-controller - template: - metadata: - labels: - app: eventing-controller - eventing.knative.dev/release: "v1.8.0" - app.kubernetes.io/component: eventing-controller - app.kubernetes.io/version: "1.8.0" - app.kubernetes.io/name: knative-eventing - spec: - # To avoid node becoming SPOF, spread our replicas to different nodes. - affinity: - podAntiAffinity: - preferredDuringSchedulingIgnoredDuringExecution: - - podAffinityTerm: - labelSelector: - matchLabels: - app: eventing-controller - topologyKey: kubernetes.io/hostname - weight: 100 - serviceAccountName: eventing-controller - enableServiceLinks: false - containers: - - name: eventing-controller - terminationMessagePolicy: FallbackToLogsOnError - image: gcr.io/knative-releases/knative.dev/eventing/cmd/controller@sha256:cbc452f35842cc8a78240642adc1ebb11a4c4d7c143c8277edb49012f6cfc5d3 - resources: - requests: - cpu: 100m - memory: 100Mi - env: - - name: SYSTEM_NAMESPACE - valueFrom: - fieldRef: - fieldPath: metadata.namespace - - name: CONFIG_LOGGING_NAME - value: config-logging - - name: CONFIG_OBSERVABILITY_NAME - value: config-observability - - name: METRICS_DOMAIN - value: knative.dev/eventing - # APIServerSource - - name: APISERVER_RA_IMAGE - value: gcr.io/knative-releases/knative.dev/eventing/cmd/apiserver_receive_adapter@sha256:594434cd4b40461729fc66891eee11212d87b9eedef3e750e42f27ed694a8870 - - name: POD_NAME - valueFrom: - fieldRef: - fieldPath: metadata.name - ## Adapter settings - # - name: K_LOGGING_CONFIG - # value: '' - # - name: K_LEADER_ELECTION_CONFIG - # value: '' - # - name: K_NO_SHUTDOWN_AFTER - # value: '' - ## Time in seconds the adapter will wait for the sink to respond. Default is no timeout - # - name: K_SINK_TIMEOUT - # value: '' - securityContext: - allowPrivilegeEscalation: false - readOnlyRootFilesystem: true - runAsNonRoot: true - capabilities: - drop: - - ALL - seccompProfile: - type: RuntimeDefault - livenessProbe: - httpGet: - path: /health - port: probes - scheme: HTTP - initialDelaySeconds: 20 - periodSeconds: 10 - timeoutSeconds: 5 - readinessProbe: - httpGet: - path: /readiness - port: probes - scheme: HTTP - initialDelaySeconds: 20 - periodSeconds: 10 - timeoutSeconds: 5 - ports: - - name: metrics - containerPort: 9090 - - name: profiling - containerPort: 8008 - - name: probes - containerPort: 8080 - ---- -# Copyright 2018 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: apps/v1 -kind: Deployment -metadata: - name: pingsource-mt-adapter - namespace: knative-eventing - labels: - eventing.knative.dev/release: "v1.8.0" - app.kubernetes.io/component: pingsource-mt-adapter - app.kubernetes.io/version: "1.8.0" - app.kubernetes.io/name: knative-eventing -spec: - # when set to 0 (and only 0) will be set to 1 when the first PingSource is created. - replicas: 0 - selector: - matchLabels: &labels - eventing.knative.dev/source: ping-source-controller - sources.knative.dev/role: adapter - template: - metadata: - labels: - !!merge <<: *labels - eventing.knative.dev/release: "v1.8.0" - app.kubernetes.io/component: pingsource-mt-adapter - app.kubernetes.io/version: "1.8.0" - app.kubernetes.io/name: knative-eventing - spec: - affinity: - podAntiAffinity: - preferredDuringSchedulingIgnoredDuringExecution: - - podAffinityTerm: - labelSelector: - matchLabels: *labels - topologyKey: kubernetes.io/hostname - weight: 100 - enableServiceLinks: false - containers: - - name: dispatcher - image: gcr.io/knative-releases/knative.dev/eventing/cmd/mtping@sha256:bc200a12cbad35bea51aabe800a365f28a5bd1dd65b3934b3db2e7e22df37efd - env: - - name: SYSTEM_NAMESPACE - value: '' - valueFrom: - fieldRef: - apiVersion: v1 - fieldPath: metadata.namespace - - name: NAMESPACE - value: '' - valueFrom: - fieldRef: - apiVersion: v1 - fieldPath: metadata.namespace - # DO NOT MODIFY: The values below are being filled by the ping source controller - # See 500-controller.yaml - - name: K_METRICS_CONFIG - value: '' - - name: K_LOGGING_CONFIG - value: '' - - name: K_LEADER_ELECTION_CONFIG - value: '' - - name: K_NO_SHUTDOWN_AFTER - value: '' - - name: K_SINK_TIMEOUT - value: '-1' - - name: POD_NAME - valueFrom: - fieldRef: - fieldPath: metadata.name - ports: - - containerPort: 9090 - name: metrics - protocol: TCP - resources: - requests: - cpu: 125m - memory: 64Mi - limits: - cpu: 1000m - memory: 2048Mi - securityContext: - allowPrivilegeEscalation: false - readOnlyRootFilesystem: true - runAsNonRoot: true - capabilities: - drop: - - ALL - seccompProfile: - type: RuntimeDefault - serviceAccountName: pingsource-mt-adapter - ---- -# Copyright 2021 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: autoscaling/v2 -kind: HorizontalPodAutoscaler -metadata: - name: eventing-webhook - namespace: knative-eventing - labels: - eventing.knative.dev/release: "v1.8.0" - app.kubernetes.io/component: eventing-webhook - app.kubernetes.io/version: "1.8.0" - app.kubernetes.io/name: knative-eventing -spec: - scaleTargetRef: - apiVersion: apps/v1 - kind: Deployment - name: eventing-webhook - minReplicas: 1 - maxReplicas: 5 - metrics: - - type: Resource - resource: - name: cpu - target: - type: Utilization - averageUtilization: 100 ---- -# Webhook PDB. -apiVersion: policy/v1 -kind: PodDisruptionBudget -metadata: - name: eventing-webhook - namespace: knative-eventing - labels: - eventing.knative.dev/release: "v1.8.0" - app.kubernetes.io/component: eventing-webhook - app.kubernetes.io/version: "1.8.0" - app.kubernetes.io/name: knative-eventing -spec: - minAvailable: 80% - selector: - matchLabels: - app: eventing-webhook - ---- -# Copyright 2018 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: apps/v1 -kind: Deployment -metadata: - name: eventing-webhook - namespace: knative-eventing - labels: - eventing.knative.dev/release: "v1.8.0" - app.kubernetes.io/component: eventing-webhook - app.kubernetes.io/version: "1.8.0" - app.kubernetes.io/name: knative-eventing -spec: - selector: - matchLabels: &labels - app: eventing-webhook - role: eventing-webhook - template: - metadata: - labels: - !!merge <<: *labels - eventing.knative.dev/release: "v1.8.0" - app.kubernetes.io/component: eventing-webhook - app.kubernetes.io/version: "1.8.0" - app.kubernetes.io/name: knative-eventing - spec: - # To avoid node becoming SPOF, spread our replicas to different nodes. - affinity: - podAntiAffinity: - preferredDuringSchedulingIgnoredDuringExecution: - - podAffinityTerm: - labelSelector: - matchLabels: - app: eventing-webhook - topologyKey: kubernetes.io/hostname - weight: 100 - serviceAccountName: eventing-webhook - enableServiceLinks: false - containers: - - name: eventing-webhook - terminationMessagePolicy: FallbackToLogsOnError - # This is the Go import path for the binary that is containerized - # and substituted here. - image: gcr.io/knative-releases/knative.dev/eventing/cmd/webhook@sha256:c9c582f530155d22c01b43957ae0dba549b1cc903f77ec6cc1acb9ae9085be62 - resources: - requests: - # taken from serving. - cpu: 100m - memory: 50Mi - limits: - # taken from serving. - cpu: 200m - memory: 200Mi - env: - - name: SYSTEM_NAMESPACE - valueFrom: - fieldRef: - fieldPath: metadata.namespace - - name: CONFIG_LOGGING_NAME - value: config-logging - - name: METRICS_DOMAIN - value: knative.dev/eventing - - name: WEBHOOK_NAME - value: eventing-webhook - - name: WEBHOOK_PORT - value: "8443" - # SINK_BINDING_SELECTION_MODE specifies the NamespaceSelector and ObjectSelector - # for the sinkbinding webhook. - # If `inclusion` is selected, namespaces/objects labelled as `bindings.knative.dev/include:true` - # will be considered by the sinkbinding webhook; - # If `exclusion` is selected, namespaces/objects labelled as `bindings.knative.dev/exclude:true` - # will NOT be considered by the sinkbinding webhook. - # The default is `exclusion`. - - name: SINK_BINDING_SELECTION_MODE - value: "exclusion" - - name: POD_NAME - valueFrom: - fieldRef: - fieldPath: metadata.name - securityContext: - allowPrivilegeEscalation: false - readOnlyRootFilesystem: true - runAsNonRoot: true - capabilities: - drop: - - ALL - seccompProfile: - type: RuntimeDefault - ports: - - name: https-webhook - containerPort: 8443 - - name: metrics - containerPort: 9090 - - name: profiling - containerPort: 8008 - readinessProbe: &probe - periodSeconds: 1 - httpGet: - scheme: HTTPS - port: 8443 - httpHeaders: - - name: k-kubelet-probe - value: "webhook" - livenessProbe: - !!merge <<: *probe - initialDelaySeconds: 120 - # Our webhook should gracefully terminate by lame ducking first, set this to a sufficiently - # high value that we respect whatever value it has configured for the lame duck grace period. - terminationGracePeriodSeconds: 300 ---- -apiVersion: v1 -kind: Service -metadata: - labels: - eventing.knative.dev/release: "v1.8.0" - role: eventing-webhook - app.kubernetes.io/component: eventing-webhook - app.kubernetes.io/version: "1.8.0" - app.kubernetes.io/name: knative-eventing - name: eventing-webhook - namespace: knative-eventing -spec: - ports: - - name: https-webhook - port: 443 - targetPort: 8443 - selector: - role: eventing-webhook - ---- -# Copyright 2020 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - creationTimestamp: null - labels: - eventing.knative.dev/release: "v1.8.0" - eventing.knative.dev/source: "true" - duck.knative.dev/source: "true" - knative.dev/crd-install: "true" - app.kubernetes.io/version: "1.8.0" - app.kubernetes.io/name: knative-eventing - annotations: - # TODO add schemas and descriptions - registry.knative.dev/eventTypes: | - [ - { "type": "dev.knative.apiserver.resource.add" }, - { "type": "dev.knative.apiserver.resource.delete" }, - { "type": "dev.knative.apiserver.resource.update" }, - { "type": "dev.knative.apiserver.ref.add" }, - { "type": "dev.knative.apiserver.ref.delete" }, - { "type": "dev.knative.apiserver.ref.update" } - ] - name: apiserversources.sources.knative.dev -spec: - group: sources.knative.dev - versions: - - name: v1 - served: true - storage: true - subresources: - status: {} - schema: - openAPIV3Schema: - description: 'ApiServerSource is an event source that brings Kubernetes API server events into Knative.' - type: object - properties: - spec: - type: object - required: - - resources - properties: - ceOverrides: - description: CloudEventOverrides defines overrides to control the output format and modifications of the event sent to the sink. - type: object - properties: - extensions: - description: Extensions specify what attribute are added or overridden on the outbound event. Each `Extensions` key-value pair are set on the event as an attribute extension independently. - type: object - x-kubernetes-preserve-unknown-fields: true - mode: - description: EventMode controls the format of the event. `Reference` sends a dataref event type for the resource under watch. `Resource` send the full resource lifecycle event. Defaults to `Reference` - type: string - owner: - description: ResourceOwner is an additional filter to only track resources that are owned by a specific resource type. If ResourceOwner matches Resources[n] then Resources[n] is allowed to pass the ResourceOwner filter. - type: object - properties: - apiVersion: - description: APIVersion - the API version of the resource to watch. - type: string - kind: - description: 'Kind of the resource to watch. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - resources: - description: Resource are the resources this source will track and send related lifecycle events from the Kubernetes ApiServer, with an optional label selector to help filter. - type: array - items: - type: object - properties: - apiVersion: - description: APIVersion - the API version of the resource to watch. - type: string - kind: - description: 'Kind of the resource to watch. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - selector: - description: 'LabelSelector filters this source to objects to those resources pass the label selector. More info: http://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#label-selectors' - type: object - properties: - matchExpressions: - description: matchExpressions is a list of label selector requirements. The requirements are ANDed. - type: array - items: - type: object - properties: - key: - description: key is the label key that the selector applies to. - type: string - operator: - description: operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. - type: string - values: - description: values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. - type: array - items: - type: string - matchLabels: - description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. - type: object - x-kubernetes-preserve-unknown-fields: true - serviceAccountName: - description: ServiceAccountName is the name of the ServiceAccount to use to run this source. Defaults to default if not set. - type: string - sink: - description: Sink is a reference to an object that will resolve to a uri to use as the sink. - type: object - properties: - ref: - description: Ref points to an Addressable. - type: object - properties: - apiVersion: - description: API version of the referent. - type: string - kind: - description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - namespace: - description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ This is optional field, it gets defaulted to the object holding it if left out.' - type: string - uri: - description: URI can be an absolute URL(non-empty scheme and non-empty host) pointing to the target or a relative URI. Relative URIs will be resolved using the base URI retrieved from Ref. - type: string - status: - type: object - properties: - annotations: - description: Annotations is additional Status fields for the Resource to save some additional State as well as convey more information to the user. This is roughly akin to Annotations on any k8s resource, just the reconciler conveying richer information outwards. - type: object - x-kubernetes-preserve-unknown-fields: true - ceAttributes: - description: CloudEventAttributes are the specific attributes that the Source uses as part of its CloudEvents. - type: array - items: - type: object - properties: - source: - description: Source is the CloudEvents source attribute. - type: string - type: - description: Type refers to the CloudEvent type attribute. - type: string - conditions: - description: Conditions the latest available observations of a resource's current state. - type: array - items: - type: object - required: - - type - - status - properties: - lastTransitionTime: - description: LastTransitionTime is the last time the condition transitioned from one status to another. We use VolatileTime in place of metav1.Time to exclude this from creating equality.Semantic differences (all other things held constant). - type: string - message: - description: A human readable message indicating details about the transition. - type: string - reason: - description: The reason for the condition's last transition. - type: string - severity: - description: Severity with which to treat failures of this type of condition. When this is not specified, it defaults to Error. - type: string - status: - description: Status of the condition, one of True, False, Unknown. - type: string - type: - description: Type of condition. - type: string - observedGeneration: - description: ObservedGeneration is the 'Generation' of the Service that was last processed by the controller. - type: integer - format: int64 - sinkUri: - description: SinkURI is the current active sink URI that has been configured for the Source. - type: string - additionalPrinterColumns: - - name: Sink - type: string - jsonPath: ".status.sinkUri" - - name: Age - type: date - jsonPath: .metadata.creationTimestamp - - name: Ready - type: string - jsonPath: ".status.conditions[?(@.type==\"Ready\")].status" - - name: Reason - type: string - jsonPath: ".status.conditions[?(@.type==\"Ready\")].reason" - names: - categories: - - all - - knative - - sources - kind: ApiServerSource - plural: apiserversources - singular: apiserversource - scope: Namespaced - ---- -# Copyright 2020 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - name: brokers.eventing.knative.dev - labels: - eventing.knative.dev/release: "v1.8.0" - knative.dev/crd-install: "true" - duck.knative.dev/addressable: "true" - app.kubernetes.io/version: "1.8.0" - app.kubernetes.io/name: knative-eventing -spec: - group: eventing.knative.dev - versions: - - name: v1 - served: true - storage: true - subresources: - status: {} - schema: - openAPIV3Schema: - description: 'Broker collects a pool of events that are consumable using Triggers. Brokers provide a well-known endpoint for event delivery that senders can use with minimal knowledge of the event routing strategy. Subscribers use Triggers to request delivery of events from a Broker''s pool to a specific URL or Addressable endpoint.' - type: object - properties: - spec: - description: Spec defines the desired state of the Broker. - type: object - properties: - config: - description: Config is a KReference to the configuration that specifies configuration options for this Broker. For example, this could be a pointer to a ConfigMap. - type: object - properties: - apiVersion: - description: API version of the referent. - type: string - kind: - description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - namespace: - description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ This is optional field, it gets defaulted to the object holding it if left out.' - type: string - delivery: - description: Delivery contains the delivery spec for each trigger to this Broker. Each trigger delivery spec, if any, overrides this global delivery spec. - type: object - properties: - backoffDelay: - description: 'BackoffDelay is the delay before retrying. More information on Duration format: - https://www.iso.org/iso-8601-date-and-time-format.html - https://en.wikipedia.org/wiki/ISO_8601 For linear policy, backoff delay is backoffDelay*. For exponential policy, backoff delay is backoffDelay*2^.' - type: string - backoffPolicy: - description: BackoffPolicy is the retry backoff policy (linear, exponential). - type: string - deadLetterSink: - description: DeadLetterSink is the sink receiving event that could not be sent to a destination. - type: object - properties: - ref: - description: Ref points to an Addressable. - type: object - properties: - apiVersion: - description: API version of the referent. - type: string - kind: - description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - namespace: - description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ This is optional field, it gets defaulted to the object holding it if left out.' - type: string - uri: - description: URI can be an absolute URL(non-empty scheme and non-empty host) pointing to the target or a relative URI. Relative URIs will be resolved using the base URI retrieved from Ref. - type: string - retry: - description: Retry is the minimum number of retries the sender should attempt when sending an event before moving it to the dead letter sink. - type: integer - format: int32 - x-kubernetes-preserve-unknown-fields: true # This is necessary to enable the experimental feature delivery-timeout - status: - description: Status represents the current state of the Broker. This data may be out of date. - type: object - properties: - address: - description: Broker is Addressable. It exposes the endpoint as an URI to get events delivered into the Broker mesh. - type: object - properties: - url: - type: string - annotations: - description: Annotations is additional Status fields for the Resource to save some additional State as well as convey more information to the user. This is roughly akin to Annotations on any k8s resource, just the reconciler conveying richer information outwards. - type: object - x-kubernetes-preserve-unknown-fields: true - conditions: - description: Conditions the latest available observations of a resource's current state. - type: array - items: - type: object - required: - - type - - status - properties: - lastTransitionTime: - description: 'LastTransitionTime is the last time the condition transitioned from one status to another. We use VolatileTime in place of metav1.Time to exclude this from creating equality.Semantic differences (all other things held constant).' - type: string - message: - description: 'A human readable message indicating details about the transition.' - type: string - reason: - description: 'The reason for the condition''s last transition.' - type: string - severity: - description: 'Severity with which to treat failures of this type of condition. When this is not specified, it defaults to Error.' - type: string - status: - description: 'Status of the condition, one of True, False, Unknown.' - type: string - type: - description: 'Type of condition.' - type: string - deadLetterSinkUri: - description: DeadLetterSinkURI is the resolved URI of the dead letter sink that will be used as a fallback when not specified by Triggers. - type: string - observedGeneration: - description: ObservedGeneration is the 'Generation' of the Service that was last processed by the controller. - type: integer - format: int64 - additionalPrinterColumns: - - name: URL - type: string - jsonPath: .status.address.url - - name: Age - type: date - jsonPath: .metadata.creationTimestamp - - name: Ready - type: string - jsonPath: ".status.conditions[?(@.type==\"Ready\")].status" - - name: Reason - type: string - jsonPath: ".status.conditions[?(@.type==\"Ready\")].reason" - names: - kind: Broker - plural: brokers - singular: broker - categories: - - all - - knative - - eventing - scope: Namespaced - ---- -# Copyright 2020 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - name: channels.messaging.knative.dev - labels: - eventing.knative.dev/release: "v1.8.0" - knative.dev/crd-install: "true" - messaging.knative.dev/subscribable: "true" - duck.knative.dev/addressable: "true" - app.kubernetes.io/version: "1.8.0" - app.kubernetes.io/name: knative-eventing -spec: - group: messaging.knative.dev - versions: - - name: v1 - served: true - storage: true - subresources: - status: {} - additionalPrinterColumns: - - name: URL - type: string - jsonPath: .status.address.url - - name: Age - type: date - jsonPath: .metadata.creationTimestamp - - name: Ready - type: string - jsonPath: ".status.conditions[?(@.type==\"Ready\")].status" - - name: Reason - type: string - jsonPath: ".status.conditions[?(@.type==\"Ready\")].reason" - schema: - openAPIV3Schema: - description: 'Channel represents a generic Channel. It is normally used when we want a Channel, but do not need a specific Channel implementation.' - type: object - properties: - spec: - description: Spec defines the desired state of the Channel. - type: object - properties: - channelTemplate: - description: ChannelTemplate specifies which Channel CRD to use to create the CRD Channel backing this Channel. This is immutable after creation. Normally this is set by the Channel defaulter, not directly by the user. - type: object - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - spec: - description: Spec defines the Spec to use for each channel created. Passed in verbatim to the Channel CRD as Spec section. - type: object - x-kubernetes-preserve-unknown-fields: true - delivery: - description: DeliverySpec contains the default delivery spec for each subscription to this Channelable. Each subscription delivery spec, if any, overrides this global delivery spec. - type: object - properties: - backoffDelay: - description: 'BackoffDelay is the delay before retrying. More information on Duration format: - https://www.iso.org/iso-8601-date-and-time-format.html - https://en.wikipedia.org/wiki/ISO_8601 For linear policy, backoff delay is backoffDelay*. For exponential policy, backoff delay is backoffDelay*2^.' - type: string - backoffPolicy: - description: BackoffPolicy is the retry backoff policy (linear, exponential). - type: string - deadLetterSink: - description: DeadLetterSink is the sink receiving event that could not be sent to a destination. - type: object - properties: - ref: - description: Ref points to an Addressable. - type: object - properties: - apiVersion: - description: API version of the referent. - type: string - kind: - description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - namespace: - description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ This is optional field, it gets defaulted to the object holding it if left out.' - type: string - uri: - description: URI can be an absolute URL(non-empty scheme and non-empty host) pointing to the target or a relative URI. Relative URIs will be resolved using the base URI retrieved from Ref. - type: string - retry: - description: Retry is the minimum number of retries the sender should attempt when sending an event before moving it to the dead letter sink. - type: integer - format: int32 - x-kubernetes-preserve-unknown-fields: true # This is necessary to enable the experimental feature delivery-timeout - subscribers: - description: This is the list of subscriptions for this subscribable. - type: array - items: - type: object - properties: - delivery: - description: DeliverySpec contains options controlling the event delivery - type: object - properties: - backoffDelay: - description: 'BackoffDelay is the delay before retrying. More information on Duration format: - https://www.iso.org/iso-8601-date-and-time-format.html - https://en.wikipedia.org/wiki/ISO_8601 For linear policy, backoff delay is backoffDelay*. For exponential policy, backoff delay is backoffDelay*2^.' - type: string - backoffPolicy: - description: BackoffPolicy is the retry backoff policy (linear, exponential). - type: string - deadLetterSink: - description: DeadLetterSink is the sink receiving event that could not be sent to a destination. - type: object - properties: - ref: - description: Ref points to an Addressable. - type: object - properties: - apiVersion: - description: API version of the referent. - type: string - kind: - description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - namespace: - description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ This is optional field, it gets defaulted to the object holding it if left out.' - type: string - uri: - description: URI can be an absolute URL(non-empty scheme and non-empty host) pointing to the target or a relative URI. Relative URIs will be resolved using the base URI retrieved from Ref. - type: string - retry: - description: Retry is the minimum number of retries the sender should attempt when sending an event before moving it to the dead letter sink. - type: integer - format: int32 - x-kubernetes-preserve-unknown-fields: true # This is necessary to enable the experimental feature - generation: - description: Generation of the origin of the subscriber with uid:UID. - type: integer - format: int64 - replyUri: - description: ReplyURI is the endpoint for the reply - type: string - subscriberUri: - description: SubscriberURI is the endpoint for the subscriber - type: string - uid: - description: UID is used to understand the origin of the subscriber. - type: string - status: - description: Status represents the current state of the Channel. This data may be out of date. - type: object - properties: - address: - type: object - properties: - url: - type: string - annotations: - description: Annotations is additional Status fields for the Resource to save some additional State as well as convey more information to the user. This is roughly akin to Annotations on any k8s resource, just the reconciler conveying richer information outwards. - type: object - x-kubernetes-preserve-unknown-fields: true - channel: - description: Channel is an KReference to the Channel CRD backing this Channel. - type: object - properties: - apiVersion: - description: API version of the referent. - type: string - kind: - description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - namespace: - description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ This is optional field, it gets defaulted to the object holding it if left out.' - type: string - conditions: - description: Conditions the latest available observations of a resource's current state. - type: array - items: - type: object - required: - - type - - status - properties: - lastTransitionTime: - description: LastTransitionTime is the last time the condition transitioned from one status to another. We use VolatileTime in place of metav1.Time to exclude this from creating equality.Semantic differences (all other things held constant). - type: string - message: - description: A human readable message indicating details about the transition. - type: string - reason: - description: The reason for the condition's last transition. - type: string - severity: - description: Severity with which to treat failures of this type of condition. When this is not specified, it defaults to Error. - type: string - status: - description: Status of the condition, one of True, False, Unknown. - type: string - type: - description: Type of condition. - type: string - deadLetterChannel: - description: DeadLetterChannel is a KReference and is set by the channel when it supports native error handling via a channel Failed messages are delivered here. - type: object - properties: - apiVersion: - description: API version of the referent. - type: string - kind: - description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - namespace: - description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ This is optional field, it gets defaulted to the object holding it if left out.' - type: string - deadLetterSinkUri: - description: DeadLetterSinkURI is the resolved URI of the dead letter sink that will be used as a fallback when not specified by Triggers. - type: string - observedGeneration: - description: ObservedGeneration is the 'Generation' of the Service that was last processed by the controller. - type: integer - format: int64 - subscribers: - description: This is the list of subscription's statuses for this channel. - type: array - items: - type: object - properties: - message: - description: A human readable message indicating details of Ready status. - type: string - observedGeneration: - description: Generation of the origin of the subscriber with uid:UID. - type: integer - format: int64 - ready: - description: Status of the subscriber. - type: string - uid: - description: UID is used to understand the origin of the subscriber. - type: string - names: - kind: Channel - plural: channels - singular: channel - categories: - - all - - knative - - messaging - - channel - shortNames: - - ch - scope: Namespaced - ---- -# Copyright 2020 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - labels: - eventing.knative.dev/release: "v1.8.0" - eventing.knative.dev/source: "true" - duck.knative.dev/source: "true" - knative.dev/crd-install: "true" - app.kubernetes.io/version: "1.8.0" - app.kubernetes.io/name: knative-eventing - name: containersources.sources.knative.dev -spec: - group: sources.knative.dev - versions: - - name: v1 - served: true - storage: true - subresources: - status: {} - schema: - openAPIV3Schema: - description: 'ContainerSource is an event source that starts a container image which generates events under certain situations and sends messages to a sink URI' - type: object - properties: - spec: - type: object - properties: - ceOverrides: - description: CloudEventOverrides defines overrides to control the output format and modifications of the event sent to the sink. - type: object - properties: - extensions: - description: Extensions specify what attribute are added or overridden on the outbound event. Each `Extensions` key-value pair are set on the event as an attribute extension independently. - type: object - x-kubernetes-preserve-unknown-fields: true - sink: - description: Sink is a reference to an object that will resolve to a uri to use as the sink. - type: object - properties: - ref: - description: Ref points to an Addressable. - type: object - properties: - apiVersion: - description: API version of the referent. - type: string - kind: - description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - namespace: - description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ This is optional field, it gets defaulted to the object holding it if left out.' - type: string - uri: - description: URI can be an absolute URL(non-empty scheme and non-empty host) pointing to the target or a relative URI. Relative URIs will be resolved using the base URI retrieved from Ref. - type: string - # WARNING: the schema tool can not parse PodTemplateSpec, stub here and redirect to Deployment documentation. - template: - type: object - x-kubernetes-preserve-unknown-fields: true - description: 'A template in the shape of `Deployment.spec.template` to be used for this ContainerSource. More info: https://kubernetes.io/docs/concepts/workloads/controllers/deployment/' - status: - type: object - properties: - annotations: - description: Annotations is additional Status fields for the Resource to save some additional State as well as convey more information to the user. This is roughly akin to Annotations on any k8s resource, just the reconciler conveying richer information outwards. - type: object - x-kubernetes-preserve-unknown-fields: true - ceAttributes: - description: CloudEventAttributes are the specific attributes that the Source uses as part of its CloudEvents. - type: array - items: - type: object - properties: - source: - description: Source is the CloudEvents source attribute. - type: string - type: - description: Type refers to the CloudEvent type attribute. - type: string - conditions: - description: Conditions the latest available observations of a resource's current state. - type: array - items: - type: object - required: - - type - - status - properties: - lastTransitionTime: - description: LastTransitionTime is the last time the condition transitioned from one status to another. We use VolatileTime in place of metav1.Time to exclude this from creating equality.Semantic differences (all other things held constant). - type: string - message: - description: A human readable message indicating details about the transition. - type: string - reason: - description: The reason for the condition's last transition. - type: string - severity: - description: Severity with which to treat failures of this type of condition. When this is not specified, it defaults to Error. - type: string - status: - description: Status of the condition, one of True, False, Unknown. - type: string - type: - description: Type of condition. - type: string - observedGeneration: - description: ObservedGeneration is the 'Generation' of the Service that was last processed by the controller. - type: integer - format: int64 - sinkUri: - description: SinkURI is the current active sink URI that has been configured for the Source. - type: string - additionalPrinterColumns: - - name: Sink - type: string - jsonPath: ".status.sinkUri" - - name: Age - type: date - jsonPath: .metadata.creationTimestamp - - name: Ready - type: string - jsonPath: ".status.conditions[?(@.type==\"Ready\")].status" - - name: Reason - type: string - jsonPath: ".status.conditions[?(@.type=='Ready')].reason" - names: - categories: - - all - - knative - - sources - kind: ContainerSource - plural: containersources - singular: containersource - scope: Namespaced - ---- -# Copyright 2020 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - name: eventtypes.eventing.knative.dev - labels: - eventing.knative.dev/release: "v1.8.0" - knative.dev/crd-install: "true" - app.kubernetes.io/version: "1.8.0" - app.kubernetes.io/name: knative-eventing -spec: - group: eventing.knative.dev - versions: - - name: v1beta1 - served: true - storage: true - subresources: - status: {} - schema: - openAPIV3Schema: - type: object - description: 'EventType represents a type of event that can be consumed from a Broker.' - properties: - spec: - description: 'Spec defines the desired state of the EventType.' - type: object - properties: - broker: - type: string - description: - description: 'Description is an optional field used to describe the EventType, in any meaningful way.' - type: string - schema: - description: 'Schema is a URI, it represents the CloudEvents schemaurl extension attribute. It may be a JSON schema, a protobuf schema, etc. It is optional.' - type: string - schemaData: - description: 'SchemaData allows the CloudEvents schema to be stored directly in the EventType. Content is dependent on the encoding. Optional attribute. The contents are not validated or manipulated by the system.' - type: string - source: - description: 'Source is a URI, it represents the CloudEvents source.' - type: string - type: - description: 'Type represents the CloudEvents type. It is authoritative.' - type: string - status: - description: 'Status represents the current state of the EventType. This data may be out of date.' - type: object - properties: - annotations: - description: 'Annotations is additional Status fields for the Resource to save some additional State as well as convey more information to the user. This is roughly akin to Annotations on any k8s resource, just the reconciler conveying richer information outwards.' - type: object - x-kubernetes-preserve-unknown-fields: true - conditions: - description: 'Conditions the latest available observations of a resource''s current state.' - type: array - items: - type: object - required: - - type - - status - properties: - lastTransitionTime: - description: 'LastTransitionTime is the last time the condition transitioned from one status to another. We use VolatileTime in place of metav1.Time to exclude this from creating equality.Semantic differences (all other things held constant).' - type: string - message: - description: 'A human readable message indicating details about the transition.' - type: string - reason: - description: 'The reason for the condition''s last transition.' - type: string - severity: - description: 'Severity with which to treat failures of this type of condition. When this is not specified, it defaults to Error.' - type: string - status: - description: 'Status of the condition, one of True, False, Unknown.' - type: string - type: - description: 'Type of condition.' - type: string - observedGeneration: - description: 'ObservedGeneration is the ''Generation'' of the Service that was last processed by the controller.' - type: integer - format: int64 - additionalPrinterColumns: - - name: Type - type: string - jsonPath: ".spec.type" - - name: Source - type: string - jsonPath: ".spec.source" - - name: Schema - type: string - jsonPath: ".spec.schema" - - name: Broker - type: string - jsonPath: ".spec.broker" - - name: Description - type: string - jsonPath: ".spec.description" - # TODO remove Status https://github.com/knative/eventing/issues/2750 - - name: Ready - type: string - jsonPath: ".status.conditions[?(@.type==\"Ready\")].status" - - name: Reason - type: string - jsonPath: ".status.conditions[?(@.type==\"Ready\")].reason" - names: - kind: EventType - plural: eventtypes - singular: eventtype - categories: - - all - - knative - - eventing - scope: Namespaced - ---- -# Copyright 2020 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - name: parallels.flows.knative.dev - labels: - eventing.knative.dev/release: "v1.8.0" - knative.dev/crd-install: "true" - duck.knative.dev/addressable: "true" - app.kubernetes.io/version: "1.8.0" - app.kubernetes.io/name: knative-eventing -spec: - group: flows.knative.dev - versions: - - name: v1 - served: true - storage: true - subresources: - status: {} - schema: - openAPIV3Schema: - description: 'Parallel defines conditional branches that will be wired in series through Channels and Subscriptions.' - type: object - properties: - spec: - description: Spec defines the desired state of the Parallel. - type: object - properties: - branches: - description: Branches is the list of Filter/Subscribers pairs. - type: array - items: - type: object - x-kubernetes-preserve-unknown-fields: true - properties: - delivery: - description: Delivery is the delivery specification for events to the subscriber This includes things like retries, DLQ, etc. - type: object - properties: - backoffDelay: - description: 'BackoffDelay is the delay before retrying. More information on Duration format: - https://www.iso.org/iso-8601-date-and-time-format.html - https://en.wikipedia.org/wiki/ISO_8601 For linear policy, backoff delay is backoffDelay*. For exponential policy, backoff delay is backoffDelay*2^.' - type: string - backoffPolicy: - description: BackoffPolicy is the retry backoff policy (linear, exponential). - type: string - deadLetterSink: - description: DeadLetterSink is the sink receiving event that could not be sent to a destination. - type: object - properties: &addressableProperties - ref: - description: Ref points to an Addressable. - type: object - properties: - apiVersion: - description: API version of the referent. - type: string - kind: - description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - namespace: - description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ This is optional field, it gets defaulted to the object holding it if left out.' - type: string - uri: - description: URI can be an absolute URL(non-empty scheme and non-empty host) pointing to the target or a relative URI. Relative URIs will be resolved using the base URI retrieved from Ref. - type: string - retry: - description: Retry is the minimum number of retries the sender should attempt when sending an event before moving it to the dead letter sink. - type: integer - format: int32 - x-kubernetes-preserve-unknown-fields: true # This is necessary to enable the experimental feature delivery-timeout - filter: - description: Filter is the expression guarding the branch - type: object - properties: - !!merge <<: *addressableProperties - reply: - description: Reply is a Reference to where the result of Subscriber of this case gets sent to. If not specified, sent the result to the Parallel Reply - type: object - properties: - !!merge <<: *addressableProperties - subscriber: - description: Subscriber receiving the event when the filter passes - type: object - properties: - !!merge <<: *addressableProperties - channelTemplate: - description: ChannelTemplate specifies which Channel CRD to use. If left unspecified, it is set to the default Channel CRD for the namespace (or cluster, in case there are no defaults for the namespace). - type: object - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - spec: - description: Spec defines the Spec to use for each channel created. Passed in verbatim to the Channel CRD as Spec section. - type: object - x-kubernetes-preserve-unknown-fields: true - reply: - description: Reply is a Reference to where the result of a case Subscriber gets sent to when the case does not have a Reply - type: object - properties: - !!merge <<: *addressableProperties - status: - description: Status represents the current state of the Parallel. This data may be out of date. - type: object - properties: - address: - type: object - properties: - url: - type: string - annotations: - description: Annotations is additional Status fields for the Resource to save some additional State as well as convey more information to the user. This is roughly akin to Annotations on any k8s resource, just the reconciler conveying richer information outwards. - type: object - x-kubernetes-preserve-unknown-fields: true - branchStatuses: - description: BranchStatuses is an array of corresponding to branch statuses. Matches the Spec.Branches array in the order. - type: array - items: - type: object - properties: - filterChannelStatus: - description: FilterChannelStatus corresponds to the filter channel status. - type: object - properties: &channelProperties - channel: - description: Channel is the reference to the underlying channel. - type: object - properties: &referentProperties - apiVersion: - description: API version of the referent. - type: string - fieldPath: - description: 'If referring to a piece of an object instead of an entire object, this string should contain a valid JSON/Go field access statement, such as desiredState.manifest.containers[2]. For example, if the object reference is to a container within a pod, this would take on a value like: "spec.containers{name}" (where "name" refers to the name of the container that triggered the event) or if no container name is specified "spec.containers[2]" (container with index 2 in this pod). This syntax is chosen only to have some well-defined way of referencing a part of an object.' - type: string - kind: - description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - namespace: - description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' - type: string - resourceVersion: - description: 'Specific resourceVersion to which this reference is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency' - type: string - uid: - description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids' - type: string - ready: - description: ReadyCondition indicates whether the Channel is ready or not. - type: object - x-kubernetes-preserve-unknown-fields: true - properties: &readyConditionProperties - message: - description: A human readable message indicating details about the transition. - type: string - reason: - description: The reason for the condition's last transition. - type: string - severity: - description: Severity with which to treat failures of this type of condition. When this is not specified, it defaults to Error. - type: string - status: - description: Status of the condition, one of True, False, Unknown. - type: string - type: - description: Type of condition. - type: string - filterSubscriptionStatus: - description: FilterSubscriptionStatus corresponds to the filter subscription status. - type: object - properties: - ready: - description: ReadyCondition indicates whether the Subscription is ready or not. - type: object - properties: - !!merge <<: *readyConditionProperties - subscription: - description: Subscription is the reference to the underlying Subscription. - type: object - properties: - !!merge <<: *referentProperties - subscriberSubscriptionStatus: - description: SubscriptionStatus corresponds to the subscriber subscription status. - type: object - properties: - ready: - description: ReadyCondition indicates whether the Subscription is ready or not. - type: object - properties: - !!merge <<: *readyConditionProperties - subscription: - description: Subscription is the reference to the underlying Subscription. - type: object - properties: - !!merge <<: *referentProperties - conditions: - description: Conditions the latest available observations of a resource's current state. - type: array - items: - type: object - properties: - !!merge <<: *readyConditionProperties - ingressChannelStatus: - description: IngressChannelStatus corresponds to the ingress channel status. - type: object - properties: - !!merge <<: *channelProperties - observedGeneration: - description: ObservedGeneration is the 'Generation' of the Service that was last processed by the controller. - type: integer - format: int64 - additionalPrinterColumns: - - name: URL - type: string - jsonPath: .status.address.url - - name: Age - type: date - jsonPath: .metadata.creationTimestamp - - name: Ready - type: string - jsonPath: ".status.conditions[?(@.type==\"Ready\")].status" - - name: Reason - type: string - jsonPath: ".status.conditions[?(@.type==\"Ready\")].reason" - names: - kind: Parallel - plural: parallels - singular: parallel - categories: - - all - - knative - - flows - scope: Namespaced - ---- -# Copyright 2020 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - labels: - eventing.knative.dev/release: "v1.8.0" - eventing.knative.dev/source: "true" - duck.knative.dev/source: "true" - knative.dev/crd-install: "true" - app.kubernetes.io/version: "1.8.0" - app.kubernetes.io/name: knative-eventing - annotations: - # TODO add schemas and descriptions - registry.knative.dev/eventTypes: | - [ - { "type": "dev.knative.sources.ping" } - ] - name: pingsources.sources.knative.dev -spec: - group: sources.knative.dev - versions: - - &version - name: v1beta2 - served: true - storage: false - subresources: - status: {} - schema: - openAPIV3Schema: - type: object - description: 'PingSource describes an event source with a fixed payload produced on a specified cron schedule.' - properties: - spec: - type: object - description: 'PingSourceSpec defines the desired state of the PingSource (from the client).' - properties: - ceOverrides: - description: 'CloudEventOverrides defines overrides to control the output format and modifications of the event sent to the sink.' - type: object - properties: - extensions: - description: 'Extensions specify what attribute are added or overridden on the outbound event. Each `Extensions` key-value pair are set on the event as an attribute extension independently.' - type: object - additionalProperties: - type: string - x-kubernetes-preserve-unknown-fields: true - contentType: - description: 'ContentType is the media type of `data` or `dataBase64`. Default is empty.' - type: string - data: - description: 'Data is data used as the body of the event posted to the sink. Default is empty. Mutually exclusive with `dataBase64`.' - type: string - dataBase64: - description: "DataBase64 is the base64-encoded string of the actual event's body posted to the sink. Default is empty. Mutually exclusive with `data`." - type: string - schedule: - description: 'Schedule is the cron schedule. Defaults to `* * * * *`.' - type: string - sink: - description: 'Sink is a reference to an object that will resolve to a uri to use as the sink.' - type: object - properties: - ref: - description: 'Ref points to an Addressable.' - type: object - properties: - apiVersion: - description: 'API version of the referent.' - type: string - kind: - description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - namespace: - description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ This is optional field, it gets defaulted to the object holding it if left out.' - type: string - uri: - description: 'URI can be an absolute URL(non-empty scheme and non-empty host) pointing to the target or a relative URI. Relative URIs will be resolved using the base URI retrieved from Ref.' - type: string - timezone: - description: 'Timezone modifies the actual time relative to the specified timezone. Defaults to the system time zone. More general information about time zones: https://www.iana.org/time-zones List of valid timezone values: https://en.wikipedia.org/wiki/List_of_tz_database_time_zones' - type: string - status: - type: object - description: 'PingSourceStatus defines the observed state of PingSource (from the controller).' - properties: - annotations: - description: 'Annotations is additional Status fields for the Resource to save some additional State as well as convey more information to the user. This is roughly akin to Annotations on any k8s resource, just the reconciler conveying richer information outwards.' - type: object - x-kubernetes-preserve-unknown-fields: true - ceAttributes: - description: 'CloudEventAttributes are the specific attributes that the Source uses as part of its CloudEvents.' - type: array - items: - type: object - properties: - source: - description: 'Source is the CloudEvents source attribute.' - type: string - type: - description: 'Type refers to the CloudEvent type attribute.' - type: string - conditions: - description: 'Conditions the latest available observations of a resource''s current state.' - type: array - items: - type: object - required: - - type - - status - properties: - lastTransitionTime: - description: 'LastTransitionTime is the last time the condition transitioned from one status to another. We use VolatileTime in place of metav1.Time to exclude this from creating equality.Semantic differences (all other things held constant).' - type: string - message: - description: 'A human readable message indicating details about the transition.' - type: string - reason: - description: 'The reason for the condition''s last transition.' - type: string - severity: - description: 'Severity with which to treat failures of this type of condition. When this is not specified, it defaults to Error.' - type: string - status: - description: 'Status of the condition, one of True, False, Unknown.' - type: string - type: - description: 'Type of condition.' - type: string - observedGeneration: - description: 'ObservedGeneration is the "Generation" of the Service that was last processed by the controller.' - type: integer - format: int64 - sinkUri: - description: 'SinkURI is the current active sink URI that has been configured for the Source.' - type: string - additionalPrinterColumns: - - name: Sink - type: string - jsonPath: .status.sinkUri - - name: Schedule - type: string - jsonPath: .spec.schedule - - name: Age - type: date - jsonPath: .metadata.creationTimestamp - - name: Ready - type: string - jsonPath: ".status.conditions[?(@.type=='Ready')].status" - - name: Reason - type: string - jsonPath: ".status.conditions[?(@.type=='Ready')].reason" - - !!merge <<: *version - name: v1 - served: true - storage: true - # v1 schema is identical to the v1beta2 schema - names: - categories: - - all - - knative - - sources - kind: PingSource - plural: pingsources - singular: pingsource - scope: Namespaced - conversion: - strategy: Webhook - webhook: - conversionReviewVersions: ["v1", "v1beta1"] - clientConfig: - service: - name: eventing-webhook - namespace: knative-eventing - ---- -# Copyright 2020 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - name: sequences.flows.knative.dev - labels: - eventing.knative.dev/release: "v1.8.0" - knative.dev/crd-install: "true" - duck.knative.dev/addressable: "true" - app.kubernetes.io/version: "1.8.0" - app.kubernetes.io/name: knative-eventing -spec: - group: flows.knative.dev - versions: - - name: v1 - served: true - storage: true - subresources: - status: {} - schema: - openAPIV3Schema: - description: 'Sequence defines a sequence of Subscribers that will be wired in series through Channels and Subscriptions.' - type: object - properties: - spec: - description: Spec defines the desired state of the Sequence. - type: object - properties: - channelTemplate: - description: ChannelTemplate specifies which Channel CRD to use. If left unspecified, it is set to the default Channel CRD for the namespace (or cluster, in case there are no defaults for the namespace). - type: object - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - spec: - description: Spec defines the Spec to use for each channel created. Passed in verbatim to the Channel CRD as Spec section. - type: object - x-kubernetes-preserve-unknown-fields: true - reply: - description: Reply is a Reference to where the result of the last Subscriber gets sent to. - type: object - properties: - ref: - description: Ref points to an Addressable. - type: object - properties: - apiVersion: - description: API version of the referent. - type: string - kind: - description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - namespace: - description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ This is optional field, it gets defaulted to the object holding it if left out.' - type: string - uri: - description: URI can be an absolute URL(non-empty scheme and non-empty host) pointing to the target or a relative URI. Relative URIs will be resolved using the base URI retrieved from Ref. - type: string - steps: - description: Steps is the list of Destinations (processors / functions) that will be called in the order provided. Each step has its own delivery options - type: array - items: - type: object - properties: - delivery: - description: Delivery is the delivery specification for events to the subscriber This includes things like retries, DLQ, etc. - type: object - properties: - backoffDelay: - description: 'BackoffDelay is the delay before retrying. More information on Duration format: - https://www.iso.org/iso-8601-date-and-time-format.html - https://en.wikipedia.org/wiki/ISO_8601 For linear policy, backoff delay is backoffDelay*. For exponential policy, backoff delay is backoffDelay*2^.' - type: string - backoffPolicy: - description: BackoffPolicy is the retry backoff policy (linear, exponential). - type: string - deadLetterSink: - description: DeadLetterSink is the sink receiving event that could not be sent to a destination. - type: object - properties: - ref: - description: Ref points to an Addressable. - type: object - properties: - apiVersion: - description: API version of the referent. - type: string - kind: - description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - namespace: - description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ This is optional field, it gets defaulted to the object holding it if left out.' - type: string - uri: - description: URI can be an absolute URL(non-empty scheme and non-empty host) pointing to the target or a relative URI. Relative URIs will be resolved using the base URI retrieved from Ref. - type: string - retry: - description: Retry is the minimum number of retries the sender should attempt when sending an event before moving it to the dead letter sink. - type: integer - format: int32 - x-kubernetes-preserve-unknown-fields: true # This is necessary to enable the experimental feature delivery-timeout - ref: - description: Ref points to an Addressable. - type: object - properties: - apiVersion: - description: API version of the referent. - type: string - kind: - description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - namespace: - description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ This is optional field, it gets defaulted to the object holding it if left out.' - type: string - uri: - description: URI can be an absolute URL(non-empty scheme and non-empty host) pointing to the target or a relative URI. Relative URIs will be resolved using the base URI retrieved from Ref. - type: string - status: - description: Status represents the current state of the Sequence. This data may be out of date. - type: object - properties: - address: - type: object - properties: - url: - type: string - annotations: - description: Annotations is additional Status fields for the Resource to save some additional State as well as convey more information to the user. This is roughly akin to Annotations on any k8s resource, just the reconciler conveying richer information outwards. - type: object - x-kubernetes-preserve-unknown-fields: true - channelStatuses: - description: ChannelStatuses is an array of corresponding Channel statuses. Matches the Spec.Steps array in the order. - type: array - items: - type: object - properties: - channel: - description: Channel is the reference to the underlying channel. - type: object - properties: - apiVersion: - description: API version of the referent. - type: string - fieldPath: - description: 'If referring to a piece of an object instead of an entire object, this string should contain a valid JSON/Go field access statement, such as desiredState.manifest.containers[2]. For example, if the object reference is to a container within a pod, this would take on a value like: "spec.containers{name}" (where "name" refers to the name of the container that triggered the event) or if no container name is specified "spec.containers[2]" (container with index 2 in this pod). This syntax is chosen only to have some well-defined way of referencing a part of an object.' - type: string - kind: - description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - namespace: - description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' - type: string - resourceVersion: - description: 'Specific resourceVersion to which this reference is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency' - type: string - uid: - description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids' - type: string - ready: - description: ReadyCondition indicates whether the Channel is ready or not. - type: object - required: - - type - - status - properties: - lastTransitionTime: - description: LastTransitionTime is the last time the condition transitioned from one status to another. We use VolatileTime in place of metav1.Time to exclude this from creating equality.Semantic differences (all other things held constant). - type: string - message: - description: A human readable message indicating details about the transition. - type: string - reason: - description: The reason for the condition's last transition. - type: string - severity: - description: Severity with which to treat failures of this type of condition. When this is not specified, it defaults to Error. - type: string - status: - description: Status of the condition, one of True, False, Unknown. - type: string - type: - description: Type of condition. - type: string - conditions: - description: Conditions the latest available observations of a resource's current state. - type: array - items: - type: object - required: - - type - - status - properties: - lastTransitionTime: - description: LastTransitionTime is the last time the condition transitioned from one status to another. We use VolatileTime in place of metav1.Time to exclude this from creating equality.Semantic differences (all other things held constant). - type: string - message: - description: A human readable message indicating details about the transition. - type: string - reason: - description: The reason for the condition's last transition. - type: string - severity: - description: Severity with which to treat failures of this type of condition. When this is not specified, it defaults to Error. - type: string - status: - description: Status of the condition, one of True, False, Unknown. - type: string - type: - description: Type of condition. - type: string - observedGeneration: - description: ObservedGeneration is the 'Generation' of the Service that was last processed by the controller. - type: integer - format: int64 - subscriptionStatuses: - description: SubscriptionStatuses is an array of corresponding Subscription statuses. Matches the Spec.Steps array in the order. - type: array - items: - type: object - properties: - ready: - description: ReadyCondition indicates whether the Subscription is ready or not. - type: object - required: - - type - - status - properties: - lastTransitionTime: - description: LastTransitionTime is the last time the condition transitioned from one status to another. We use VolatileTime in place of metav1.Time to exclude this from creating equality.Semantic differences (all other things held constant). - type: string - message: - description: A human readable message indicating details about the transition. - type: string - reason: - description: The reason for the condition's last transition. - type: string - severity: - description: Severity with which to treat failures of this type of condition. When this is not specified, it defaults to Error. - type: string - status: - description: Status of the condition, one of True, False, Unknown. - type: string - type: - description: Type of condition. - type: string - subscription: - description: Subscription is the reference to the underlying Subscription. - type: object - properties: - apiVersion: - description: API version of the referent. - type: string - fieldPath: - description: 'If referring to a piece of an object instead of an entire object, this string should contain a valid JSON/Go field access statement, such as desiredState.manifest.containers[2]. For example, if the object reference is to a container within a pod, this would take on a value like: "spec.containers{name}" (where "name" refers to the name of the container that triggered the event) or if no container name is specified "spec.containers[2]" (container with index 2 in this pod). This syntax is chosen only to have some well-defined way of referencing a part of an object.' - type: string - kind: - description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - namespace: - description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' - type: string - resourceVersion: - description: 'Specific resourceVersion to which this reference is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency' - type: string - uid: - description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids' - type: string - additionalPrinterColumns: - - name: URL - type: string - jsonPath: .status.address.url - - name: Age - type: date - jsonPath: .metadata.creationTimestamp - - name: Ready - type: string - jsonPath: ".status.conditions[?(@.type==\"Ready\")].status" - - name: Reason - type: string - jsonPath: ".status.conditions[?(@.type==\"Ready\")].reason" - names: - kind: Sequence - plural: sequences - singular: sequence - categories: - - all - - knative - - flows - scope: Namespaced - ---- -# Copyright 2020 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - labels: - eventing.knative.dev/release: "v1.8.0" - eventing.knative.dev/source: "true" - duck.knative.dev/source: "true" - duck.knative.dev/binding: "true" - knative.dev/crd-install: "true" - app.kubernetes.io/version: "1.8.0" - app.kubernetes.io/name: knative-eventing - name: sinkbindings.sources.knative.dev -spec: - group: sources.knative.dev - versions: - - name: v1 - served: true - storage: true - subresources: - status: {} - schema: - openAPIV3Schema: - description: 'SinkBinding describes a Binding that is also a Source. The `sink` (from the Source duck) is resolved to a URL and then projected into the `subject` by augmenting the runtime contract of the referenced containers to have a `K_SINK` environment variable holding the endpoint to which to send cloud events.' - type: object - properties: - spec: - type: object - properties: - ceOverrides: - description: CloudEventOverrides defines overrides to control the output format and modifications of the event sent to the sink. - type: object - properties: - extensions: - description: Extensions specify what attribute are added or overridden on the outbound event. Each `Extensions` key-value pair are set on the event as an attribute extension independently. - type: object - x-kubernetes-preserve-unknown-fields: true - sink: - description: Sink is a reference to an object that will resolve to a uri to use as the sink. - type: object - properties: - ref: - description: Ref points to an Addressable. - type: object - properties: - apiVersion: - description: API version of the referent. - type: string - kind: - description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - namespace: - description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ This is optional field, it gets defaulted to the object holding it if left out.' - type: string - uri: - description: URI can be an absolute URL(non-empty scheme and non-empty host) pointing to the target or a relative URI. Relative URIs will be resolved using the base URI retrieved from Ref. - type: string - subject: - description: Subject references the resource(s) whose "runtime contract" should be augmented by Binding implementations. - type: object - properties: - apiVersion: - description: API version of the referent. - type: string - kind: - description: Kind of the referent. - type: string - name: - description: Name of the referent. Mutually exclusive with Selector. - type: string - namespace: - description: Namespace of the referent. - type: string - selector: - description: Selector of the referents. Mutually exclusive with Name. - type: object - properties: - matchExpressions: - description: matchExpressions is a list of label selector requirements. The requirements are ANDed. - type: array - items: - type: object - properties: - key: - description: key is the label key that the selector applies to. - type: string - operator: - description: operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. - type: string - values: - description: values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. - type: array - items: - type: string - matchLabels: - description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. - type: object - x-kubernetes-preserve-unknown-fields: true - status: - type: object - properties: - annotations: - description: Annotations is additional Status fields for the Resource to save some additional State as well as convey more information to the user. This is roughly akin to Annotations on any k8s resource, just the reconciler conveying richer information outwards. - type: object - x-kubernetes-preserve-unknown-fields: true - ceAttributes: - description: CloudEventAttributes are the specific attributes that the Source uses as part of its CloudEvents. - type: array - items: - type: object - properties: - source: - description: Source is the CloudEvents source attribute. - type: string - type: - description: Type refers to the CloudEvent type attribute. - type: string - conditions: - description: Conditions the latest available observations of a resource's current state. - type: array - items: - type: object - required: - - type - - status - properties: - lastTransitionTime: - description: LastTransitionTime is the last time the condition transitioned from one status to another. We use VolatileTime in place of metav1.Time to exclude this from creating equality.Semantic differences (all other things held constant). - type: string - message: - description: A human readable message indicating details about the transition. - type: string - reason: - description: The reason for the condition's last transition. - type: string - severity: - description: Severity with which to treat failures of this type of condition. When this is not specified, it defaults to Error. - type: string - status: - description: Status of the condition, one of True, False, Unknown. - type: string - type: - description: Type of condition. - type: string - observedGeneration: - description: ObservedGeneration is the 'Generation' of the Service that was last processed by the controller. - type: integer - format: int64 - sinkUri: - description: SinkURI is the current active sink URI that has been configured for the Source. - type: string - additionalPrinterColumns: - - name: Sink - type: string - jsonPath: ".status.sinkUri" - - name: Age - type: date - jsonPath: .metadata.creationTimestamp - - name: Ready - type: string - jsonPath: ".status.conditions[?(@.type=='Ready')].status" - - name: Reason - type: string - jsonPath: ".status.conditions[?(@.type=='Ready')].reason" - names: - categories: - - all - - knative - - sources - - bindings - kind: SinkBinding - plural: sinkbindings - singular: sinkbinding - scope: Namespaced - ---- -# Copyright 2020 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - name: subscriptions.messaging.knative.dev - labels: - eventing.knative.dev/release: "v1.8.0" - knative.dev/crd-install: "true" - app.kubernetes.io/version: "1.8.0" - app.kubernetes.io/name: knative-eventing -spec: - group: messaging.knative.dev - versions: - - name: v1 - served: true - storage: true - subresources: - status: {} - schema: - openAPIV3Schema: - description: 'Subscription routes events received on a Channel to a DNS name and corresponds to the subscriptions.channels.knative.dev CRD.' - type: object - properties: - spec: - type: object - properties: - channel: - description: 'Reference to a channel that will be used to create the subscription. You can specify only the following fields of the KReference: kind, apiVersion and name. The resource pointed by this KReference must meet the contract to the ChannelableSpec duck type. If the resource does not meet this contract it will be reflected in the Subscription''s status. This field is immutable. We have no good answer on what happens to the events that are currently in the channel being consumed from and what the semantics there should be. For now, you can always delete the Subscription and recreate it to point to a different channel, giving the user more control over what semantics should be used (drain the channel first, possibly have events dropped, etc.)' - type: object - properties: - apiVersion: - description: API version of the referent. - type: string - kind: - description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - x-kubernetes-preserve-unknown-fields: true # This is necessary to enable the experimental feature - delivery: - description: Delivery configuration - type: object - properties: - backoffDelay: - description: 'BackoffDelay is the delay before retrying. More information on Duration format: - https://www.iso.org/iso-8601-date-and-time-format.html - https://en.wikipedia.org/wiki/ISO_8601 For linear policy, backoff delay is backoffDelay*. For exponential policy, backoff delay is backoffDelay*2^.' - type: string - backoffPolicy: - description: BackoffPolicy is the retry backoff policy (linear, exponential). - type: string - deadLetterSink: - description: DeadLetterSink is the sink receiving event that could not be sent to a destination. - type: object - properties: - ref: - description: Ref points to an Addressable. - type: object - properties: - apiVersion: - description: API version of the referent. - type: string - kind: - description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - namespace: - description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ This is optional field, it gets defaulted to the object holding it if left out.' - type: string - uri: - description: URI can be an absolute URL(non-empty scheme and non-empty host) pointing to the target or a relative URI. Relative URIs will be resolved using the base URI retrieved from Ref. - type: string - retry: - description: Retry is the minimum number of retries the sender should attempt when sending an event before moving it to the dead letter sink. - type: integer - format: int32 - x-kubernetes-preserve-unknown-fields: true # This is necessary to enable the experimental feature delivery-timeout - reply: - description: Reply specifies (optionally) how to handle events returned from the Subscriber target. - type: object - properties: - ref: - description: Ref points to an Addressable. - type: object - properties: - apiVersion: - description: API version of the referent. - type: string - kind: - description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - namespace: - description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ This is optional field, it gets defaulted to the object holding it if left out.' - type: string - uri: - description: URI can be an absolute URL(non-empty scheme and non-empty host) pointing to the target or a relative URI. Relative URIs will be resolved using the base URI retrieved from Ref. - type: string - subscriber: - description: Subscriber is reference to (optional) function for processing events. Events from the Channel will be delivered here and replies are sent to a Destination as specified by the Reply. - type: object - properties: - ref: - description: Ref points to an Addressable. - type: object - properties: - apiVersion: - description: API version of the referent. - type: string - kind: - description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - namespace: - description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ This is optional field, it gets defaulted to the object holding it if left out.' - type: string - x-kubernetes-preserve-unknown-fields: true # This is necessary to enable the experimental feature - uri: - description: URI can be an absolute URL(non-empty scheme and non-empty host) pointing to the target or a relative URI. Relative URIs will be resolved using the base URI retrieved from Ref. - type: string - status: - type: object - properties: - annotations: - description: Annotations is additional Status fields for the Resource to save some additional State as well as convey more information to the user. This is roughly akin to Annotations on any k8s resource, just the reconciler conveying richer information outwards. - type: object - x-kubernetes-preserve-unknown-fields: true - conditions: - description: Conditions the latest available observations of a resource's current state. - type: array - items: - type: object - required: - - type - - status - properties: - lastTransitionTime: - description: LastTransitionTime is the last time the condition transitioned from one status to another. We use VolatileTime in place of metav1.Time to exclude this from creating equality.Semantic differences (all other things held constant). - type: string - message: - description: A human readable message indicating details about the transition. - type: string - reason: - description: The reason for the condition's last transition. - type: string - severity: - description: Severity with which to treat failures of this type of condition. When this is not specified, it defaults to Error. - type: string - status: - description: Status of the condition, one of True, False, Unknown. - type: string - type: - description: Type of condition. - type: string - observedGeneration: - description: ObservedGeneration is the 'Generation' of the Service that was last processed by the controller. - type: integer - format: int64 - physicalSubscription: - description: PhysicalSubscription is the fully resolved values that this Subscription represents. - type: object - properties: - deadLetterSinkUri: - description: ReplyURI is the fully resolved URI for the spec.delivery.deadLetterSink. - type: string - replyUri: - description: ReplyURI is the fully resolved URI for the spec.reply. - type: string - subscriberUri: - description: SubscriberURI is the fully resolved URI for spec.subscriber. - type: string - additionalPrinterColumns: - - name: Age - type: date - jsonPath: .metadata.creationTimestamp - - name: Ready - type: string - jsonPath: ".status.conditions[?(@.type==\"Ready\")].status" - - name: Reason - type: string - jsonPath: ".status.conditions[?(@.type==\"Ready\")].reason" - names: - kind: Subscription - plural: subscriptions - singular: subscription - categories: - - all - - knative - - messaging - shortNames: - - sub - scope: Namespaced - ---- -# Copyright 2020 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - name: triggers.eventing.knative.dev - labels: - eventing.knative.dev/release: "v1.8.0" - knative.dev/crd-install: "true" - app.kubernetes.io/version: "1.8.0" - app.kubernetes.io/name: knative-eventing -spec: - group: eventing.knative.dev - versions: - - name: v1 - served: true - storage: true - subresources: - status: {} - additionalPrinterColumns: - - name: Broker - type: string - jsonPath: .spec.broker - - name: Subscriber_URI - type: string - jsonPath: .status.subscriberUri - - name: Age - type: date - jsonPath: .metadata.creationTimestamp - - name: Ready - type: string - jsonPath: ".status.conditions[?(@.type==\"Ready\")].status" - - name: Reason - type: string - jsonPath: ".status.conditions[?(@.type==\"Ready\")].reason" - schema: - openAPIV3Schema: - description: 'Trigger represents a request to have events delivered to a subscriber from a Broker''s event pool.' - type: object - properties: - spec: - description: Spec defines the desired state of the Trigger. - type: object - x-kubernetes-preserve-unknown-fields: true - properties: - broker: - description: Broker is the broker that this trigger receives events from. - type: string - delivery: - description: Delivery contains the delivery spec for this specific trigger. - type: object - x-kubernetes-preserve-unknown-fields: true # This is necessary to enable the experimental feature delivery-timeout - properties: - backoffDelay: - description: 'BackoffDelay is the delay before retrying. More information on Duration format: - https://www.iso.org/iso-8601-date-and-time-format.html - https://en.wikipedia.org/wiki/ISO_8601 For linear policy, backoff delay is backoffDelay*. For exponential policy, backoff delay is backoffDelay*2^.' - type: string - backoffPolicy: - description: BackoffPolicy is the retry backoff policy (linear, exponential). - type: string - deadLetterSink: - description: DeadLetterSink is the sink receiving event that could not be sent to a destination. - type: object - properties: - ref: - description: Ref points to an Addressable. - type: object - properties: - apiVersion: - description: API version of the referent. - type: string - kind: - description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - namespace: - description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ This is optional field, it gets defaulted to the object holding it if left out.' - type: string - uri: - description: URI can be an absolute URL(non-empty scheme and non-empty host) pointing to the target or a relative URI. Relative URIs will be resolved using the base URI retrieved from Ref. - type: string - retry: - description: Retry is the minimum number of retries the sender should attempt when sending an event before moving it to the dead letter sink. - type: integer - format: int32 - filter: - description: 'Filter is the filter to apply against all events from the Broker. Only events that pass this filter will be sent to the Subscriber. If not specified, will default to allowing all events. ' - type: object - properties: - attributes: - description: 'Attributes filters events by exact match on event context attributes. Each key in the map is compared with the equivalent key in the event context. An event passes the filter if all values are equal to the specified values. Nested context attributes are not supported as keys. Only string values are supported. ' - type: object - x-kubernetes-preserve-unknown-fields: true - subscriber: - description: Subscriber is the addressable that receives events from the Broker that pass the Filter. It is required. - type: object - properties: - ref: - description: Ref points to an Addressable. - type: object - properties: - apiVersion: - description: API version of the referent. - type: string - kind: - description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - namespace: - description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ This is optional field, it gets defaulted to the object holding it if left out.' - type: string - uri: - description: URI can be an absolute URL(non-empty scheme and non-empty host) pointing to the target or a relative URI. Relative URIs will be resolved using the base URI retrieved from Ref. - type: string - status: - description: Status represents the current state of the Trigger. This data may be out of date. - type: object - properties: - annotations: - description: Annotations is additional Status fields for the Resource to save some additional State as well as convey more information to the user. This is roughly akin to Annotations on any k8s resource, just the reconciler conveying richer information outwards. - type: object - x-kubernetes-preserve-unknown-fields: true - conditions: - description: Conditions the latest available observations of a resource's current state. - type: array - items: - type: object - required: - - type - - status - properties: - lastTransitionTime: - description: 'LastTransitionTime is the last time the condition transitioned from one status to another. We use VolatileTime in place of metav1.Time to exclude this from creating equality.Semantic differences (all other things held constant).' - type: string - message: - description: 'A human readable message indicating details about the transition.' - type: string - reason: - description: 'The reason for the condition''s last transition.' - type: string - severity: - description: 'Severity with which to treat failures of this type of condition. When this is not specified, it defaults to Error.' - type: string - status: - description: 'Status of the condition, one of True, False, Unknown.' - type: string - type: - description: 'Type of condition.' - type: string - deadLetterSinkUri: - description: DeadLetterSinkURI is the resolved URI of the dead letter sink for this Trigger, in case there is none this will fallback to it's Broker status DeadLetterSinkURI. - type: string - observedGeneration: - description: ObservedGeneration is the 'Generation' of the Service that was last processed by the controller. - type: integer - format: int64 - subscriberUri: - description: SubscriberURI is the resolved URI of the receiver for this Trigger. - type: string - names: - kind: Trigger - plural: triggers - singular: trigger - categories: - - all - - knative - - eventing - scope: Namespaced - ---- -# Copyright 2019 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -# Use this aggregated ClusterRole when you need readonly access to "Addressables" -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRole -metadata: - name: addressable-resolver - labels: - eventing.knative.dev/release: "v1.8.0" - app.kubernetes.io/version: "1.8.0" - app.kubernetes.io/name: knative-eventing -aggregationRule: - clusterRoleSelectors: - - matchLabels: - duck.knative.dev/addressable: "true" -rules: [] # Rules are automatically filled in by the controller manager. ---- -kind: ClusterRole -apiVersion: rbac.authorization.k8s.io/v1 -metadata: - name: service-addressable-resolver - labels: - eventing.knative.dev/release: "v1.8.0" - duck.knative.dev/addressable: "true" - app.kubernetes.io/version: "1.8.0" - app.kubernetes.io/name: knative-eventing -# Do not use this role directly. These rules will be added to the "addressable-resolver" role. -rules: - - apiGroups: - - "" - resources: - - services - verbs: - - get - - list - - watch ---- -kind: ClusterRole -apiVersion: rbac.authorization.k8s.io/v1 -metadata: - name: serving-addressable-resolver - labels: - eventing.knative.dev/release: "v1.8.0" - duck.knative.dev/addressable: "true" - app.kubernetes.io/version: "1.8.0" - app.kubernetes.io/name: knative-eventing -# Do not use this role directly. These rules will be added to the "addressable-resolver" role. -rules: - - apiGroups: - - serving.knative.dev - resources: - - routes - - routes/status - - services - - services/status - verbs: - - get - - list - - watch ---- -kind: ClusterRole -apiVersion: rbac.authorization.k8s.io/v1 -metadata: - name: channel-addressable-resolver - labels: - eventing.knative.dev/release: "v1.8.0" - duck.knative.dev/addressable: "true" - app.kubernetes.io/version: "1.8.0" - app.kubernetes.io/name: knative-eventing -# Do not use this role directly. These rules will be added to the "addressable-resolver" role. -rules: - - apiGroups: - - messaging.knative.dev - resources: - - channels - - channels/status - verbs: - - get - - list - - watch - - apiGroups: - - messaging.knative.dev - resources: - - channels/finalizers - verbs: - - update ---- -kind: ClusterRole -apiVersion: rbac.authorization.k8s.io/v1 -metadata: - name: broker-addressable-resolver - labels: - eventing.knative.dev/release: "v1.8.0" - duck.knative.dev/addressable: "true" - app.kubernetes.io/version: "1.8.0" - app.kubernetes.io/name: knative-eventing -# Do not use this role directly. These rules will be added to the "addressable-resolver" role. -rules: - - apiGroups: - - eventing.knative.dev - resources: - - brokers - - brokers/status - verbs: - - get - - list - - watch ---- -kind: ClusterRole -apiVersion: rbac.authorization.k8s.io/v1 -metadata: - name: flows-addressable-resolver - labels: - eventing.knative.dev/release: "v1.8.0" - duck.knative.dev/addressable: "true" - app.kubernetes.io/version: "1.8.0" - app.kubernetes.io/name: knative-eventing -# Do not use this role directly. These rules will be added to the "addressable-resolver" role. -rules: - - apiGroups: - - flows.knative.dev - resources: - - sequences - - sequences/status - - parallels - - parallels/status - verbs: - - get - - list - - watch - ---- -# Copyright 2019 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRole -metadata: - name: eventing-broker-filter - labels: - eventing.knative.dev/release: "v1.8.0" - app.kubernetes.io/version: "1.8.0" - app.kubernetes.io/name: knative-eventing -rules: - - apiGroups: - - "" - resources: - - "configmaps" - verbs: - - "get" - - "list" - - "watch" - - apiGroups: - - "eventing.knative.dev" - resources: - - "triggers" - - "triggers/status" - verbs: - - "get" - - "list" - - "watch" ---- -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRole -metadata: - name: eventing-broker-ingress - labels: - eventing.knative.dev/release: "v1.8.0" - app.kubernetes.io/version: "1.8.0" - app.kubernetes.io/name: knative-eventing -rules: - - apiGroups: - - "" - resources: - - "configmaps" - verbs: - - "get" - - "list" - - "watch" ---- -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRole -metadata: - name: eventing-config-reader - labels: - eventing.knative.dev/release: "v1.8.0" - app.kubernetes.io/version: "1.8.0" - app.kubernetes.io/name: knative-eventing -rules: - - apiGroups: - - "" - resources: - - "configmaps" - verbs: - - "get" - - "list" - - "watch" - ---- -# Copyright 2019 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -# Use this aggregated ClusterRole when you need read and update permissions on "Channelables". -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRole -metadata: - name: channelable-manipulator - labels: - eventing.knative.dev/release: "v1.8.0" - app.kubernetes.io/version: "1.8.0" - app.kubernetes.io/name: knative-eventing -aggregationRule: - clusterRoleSelectors: - - matchLabels: - duck.knative.dev/channelable: "true" -rules: [] # Rules are automatically filled in by the controller manager. ---- -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRole -metadata: - name: meta-channelable-manipulator - labels: - eventing.knative.dev/release: "v1.8.0" - duck.knative.dev/channelable: "true" - app.kubernetes.io/version: "1.8.0" - app.kubernetes.io/name: knative-eventing -# Do not use this role directly. These rules will be added to the "channelable-manipulator" role. -rules: - - apiGroups: - - messaging.knative.dev - resources: - - channels - - channels/status - verbs: - - create - - get - - list - - watch - - update - - patch - - delete - ---- -# Copyright 2019 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -kind: ClusterRole -apiVersion: rbac.authorization.k8s.io/v1 -metadata: - name: knative-eventing-namespaced-admin - labels: - eventing.knative.dev/release: "v1.8.0" - rbac.authorization.k8s.io/aggregate-to-admin: "true" - app.kubernetes.io/version: "1.8.0" - app.kubernetes.io/name: knative-eventing -rules: - - apiGroups: ["eventing.knative.dev"] - resources: ["*"] - verbs: ["*"] ---- -kind: ClusterRole -apiVersion: rbac.authorization.k8s.io/v1 -metadata: - name: knative-messaging-namespaced-admin - labels: - eventing.knative.dev/release: "v1.8.0" - rbac.authorization.k8s.io/aggregate-to-admin: "true" - app.kubernetes.io/version: "1.8.0" - app.kubernetes.io/name: knative-eventing -rules: - - apiGroups: ["messaging.knative.dev"] - resources: ["*"] - verbs: ["*"] ---- -kind: ClusterRole -apiVersion: rbac.authorization.k8s.io/v1 -metadata: - name: knative-flows-namespaced-admin - labels: - eventing.knative.dev/release: "v1.8.0" - rbac.authorization.k8s.io/aggregate-to-admin: "true" - app.kubernetes.io/version: "1.8.0" - app.kubernetes.io/name: knative-eventing -rules: - - apiGroups: ["flows.knative.dev"] - resources: ["*"] - verbs: ["*"] ---- -kind: ClusterRole -apiVersion: rbac.authorization.k8s.io/v1 -metadata: - name: knative-sources-namespaced-admin - labels: - eventing.knative.dev/release: "v1.8.0" - rbac.authorization.k8s.io/aggregate-to-admin: "true" - app.kubernetes.io/version: "1.8.0" - app.kubernetes.io/name: knative-eventing -rules: - - apiGroups: ["sources.knative.dev"] - resources: ["*"] - verbs: ["*"] ---- -kind: ClusterRole -apiVersion: rbac.authorization.k8s.io/v1 -metadata: - name: knative-bindings-namespaced-admin - labels: - eventing.knative.dev/release: "v1.8.0" - rbac.authorization.k8s.io/aggregate-to-admin: "true" - app.kubernetes.io/version: "1.8.0" - app.kubernetes.io/name: knative-eventing -rules: - - apiGroups: ["bindings.knative.dev"] - resources: ["*"] - verbs: ["*"] ---- -kind: ClusterRole -apiVersion: rbac.authorization.k8s.io/v1 -metadata: - name: knative-eventing-namespaced-edit - labels: - rbac.authorization.k8s.io/aggregate-to-edit: "true" - eventing.knative.dev/release: "v1.8.0" - app.kubernetes.io/version: "1.8.0" - app.kubernetes.io/name: knative-eventing -rules: - - apiGroups: ["eventing.knative.dev", "messaging.knative.dev", "sources.knative.dev", "flows.knative.dev", "bindings.knative.dev"] - resources: ["*"] - verbs: ["create", "update", "patch", "delete"] ---- -kind: ClusterRole -apiVersion: rbac.authorization.k8s.io/v1 -metadata: - name: knative-eventing-namespaced-view - labels: - rbac.authorization.k8s.io/aggregate-to-view: "true" - eventing.knative.dev/release: "v1.8.0" - app.kubernetes.io/version: "1.8.0" - app.kubernetes.io/name: knative-eventing -rules: - - apiGroups: ["eventing.knative.dev", "messaging.knative.dev", "sources.knative.dev", "flows.knative.dev", "bindings.knative.dev"] - resources: ["*"] - verbs: ["get", "list", "watch"] - ---- -# Copyright 2019 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRole -metadata: - name: knative-eventing-controller - labels: - eventing.knative.dev/release: "v1.8.0" - app.kubernetes.io/version: "1.8.0" - app.kubernetes.io/name: knative-eventing -rules: - - apiGroups: - - "" - resources: - - "namespaces" - - "secrets" - - "configmaps" - - "services" - - "endpoints" - - "events" - - "serviceaccounts" - - "pods" - verbs: &everything - - "get" - - "list" - - "create" - - "update" - - "delete" - - "patch" - - "watch" - # Brokers and the namespace annotation controllers manipulate Deployments. - - apiGroups: - - "apps" - resources: - - "deployments" - verbs: *everything - # PingSource controller manipulates Deployment owner reference - - apiGroups: - - "apps" - resources: - - "deployments/finalizers" - verbs: - - "update" - # The namespace annotation controller needs to manipulate RoleBindings. - - apiGroups: - - "rbac.authorization.k8s.io" - resources: - - "rolebindings" - verbs: *everything - # Our own resources and statuses we care about. - - apiGroups: - - "eventing.knative.dev" - resources: - - "brokers" - - "brokers/status" - - "triggers" - - "triggers/status" - - "eventtypes" - - "eventtypes/status" - verbs: *everything - # Eventing resources and finalizers we care about. - - apiGroups: - - "eventing.knative.dev" - resources: - - "brokers/finalizers" - - "triggers/finalizers" - verbs: - - "update" - # Our own resources and statuses we care about. - - apiGroups: - - "messaging.knative.dev" - resources: - - "sequences" - - "sequences/status" - - "channels" - - "channels/status" - - "parallels" - - "parallels/status" - - "subscriptions" - - "subscriptions/status" - verbs: *everything - # Flow resources and statuses we care about. - - apiGroups: - - "flows.knative.dev" - resources: - - "sequences" - - "sequences/status" - - "parallels" - - "parallels/status" - verbs: *everything - # Messaging resources and finalizers we care about. - - apiGroups: - - "messaging.knative.dev" - resources: - - "sequences/finalizers" - - "parallels/finalizers" - - "channels/finalizers" - verbs: - - "update" - # Flows resources and finalizers we care about. - - apiGroups: - - "flows.knative.dev" - resources: - - "sequences/finalizers" - - "parallels/finalizers" - verbs: - - "update" - # The subscription controller needs to retrieve and watch CustomResourceDefinitions. - - apiGroups: - - "apiextensions.k8s.io" - resources: - - "customresourcedefinitions" - verbs: - - "get" - - "list" - - "watch" - # For leader election - - apiGroups: - - "coordination.k8s.io" - resources: - - "leases" - verbs: *everything - ---- -# Copyright 2020 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRole -metadata: - name: knative-eventing-pingsource-mt-adapter - labels: - eventing.knative.dev/release: "v1.8.0" - app.kubernetes.io/version: "1.8.0" - app.kubernetes.io/name: knative-eventing -rules: - - apiGroups: - - "" - resources: - - "configmaps" - verbs: - - "get" - - "list" - - "watch" - - apiGroups: - - sources.knative.dev - resources: - - pingsources - - pingsources/status - verbs: - - get - - list - - watch - - patch - - apiGroups: - - sources.knative.dev - resources: - - pingsources/finalizers - verbs: - - "patch" - - apiGroups: - - "" - resources: - - events - verbs: - - "create" - - "patch" - - apiGroups: - - coordination.k8s.io - resources: - - leases - verbs: - - get - - list - - watch - - create - - update - - patch - ---- -# Copyright 2019 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -# Use this aggregated ClusterRole when you need readonly access to "PodSpecables" -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRole -metadata: - name: podspecable-binding - labels: - eventing.knative.dev/release: "v1.8.0" - app.kubernetes.io/version: "1.8.0" - app.kubernetes.io/name: knative-eventing -aggregationRule: - clusterRoleSelectors: - - matchLabels: - duck.knative.dev/podspecable: "true" -rules: [] # Rules are automatically filled in by the controller manager. ---- -kind: ClusterRole -apiVersion: rbac.authorization.k8s.io/v1 -metadata: - name: builtin-podspecable-binding - labels: - eventing.knative.dev/release: "v1.8.0" - duck.knative.dev/podspecable: "true" - app.kubernetes.io/version: "1.8.0" - app.kubernetes.io/name: knative-eventing -# Do not use this role directly. These rules will be added to the "podspecable-binding role. -rules: - # To patch the subjects of our bindings - - apiGroups: - - "apps" - resources: - - "deployments" - - "daemonsets" - - "statefulsets" - - "replicasets" - verbs: - - "list" - - "watch" - - "patch" - - apiGroups: - - "batch" - resources: - - "jobs" - verbs: - - "list" - - "watch" - - "patch" - ---- -# Copyright 2019 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -# Use this aggregated ClusterRole when you need to read "Sources". -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRole -metadata: - name: source-observer - labels: - eventing.knative.dev/release: "v1.8.0" - app.kubernetes.io/version: "1.8.0" - app.kubernetes.io/name: knative-eventing -aggregationRule: - clusterRoleSelectors: - - matchLabels: - duck.knative.dev/source: "true" -rules: [] # Rules are automatically filled in by the controller manager. ---- -kind: ClusterRole -apiVersion: rbac.authorization.k8s.io/v1 -metadata: - name: eventing-sources-source-observer - labels: - eventing.knative.dev/release: "v1.8.0" - duck.knative.dev/source: "true" - app.kubernetes.io/version: "1.8.0" - app.kubernetes.io/name: knative-eventing -# Do not use this role directly. These rules will be added to the "source-observer" role. -rules: - - apiGroups: - - sources.knative.dev - resources: - - apiserversources - - pingsources - - sinkbindings - - containersources - verbs: - - get - - list - - watch - ---- -# Copyright 2019 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRole -metadata: - name: knative-eventing-sources-controller - labels: - eventing.knative.dev/release: "v1.8.0" - app.kubernetes.io/version: "1.8.0" - app.kubernetes.io/name: knative-eventing -rules: - - apiGroups: - - "" - resources: - - "secrets" - - "configmaps" - - "services" - verbs: &everything - - "get" - - "list" - - "create" - - "update" - - "delete" - - "patch" - - "watch" - # Deployments admin - - apiGroups: - - "apps" - resources: - - "deployments" - verbs: *everything - # Source resources and statuses we care about. - - apiGroups: - - "sources.knative.dev" - resources: - - "sinkbindings" - - "sinkbindings/status" - - "sinkbindings/finalizers" - - "apiserversources" - - "apiserversources/status" - - "apiserversources/finalizers" - - "pingsources" - - "pingsources/status" - - "pingsources/finalizers" - - "containersources" - - "containersources/status" - - "containersources/finalizers" - verbs: *everything - # Knative Services admin - - apiGroups: - - serving.knative.dev - resources: - - services - verbs: *everything - # EventTypes admin - - apiGroups: - - eventing.knative.dev - resources: - - eventtypes - verbs: *everything - # Events admin - - apiGroups: - - "" - resources: - - events - verbs: *everything - # Authorization checker - - apiGroups: - - authorization.k8s.io - resources: - - subjectaccessreviews - verbs: - - create - ---- -# Copyright 2019 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRole -metadata: - name: knative-eventing-webhook - labels: - eventing.knative.dev/release: "v1.8.0" - app.kubernetes.io/version: "1.8.0" - app.kubernetes.io/name: knative-eventing -rules: - # For watching logging configuration and getting certs. - - apiGroups: - - "" - resources: - - "configmaps" - verbs: - - "get" - - "list" - - "watch" - # For manipulating certs into secrets. - - apiGroups: - - "" - resources: - - "namespaces" - verbs: - - "get" - - "create" - - "update" - - "list" - - "watch" - - "patch" - # finalizers are needed for the owner reference of the webhook - - apiGroups: - - "" - resources: - - "namespaces/finalizers" - verbs: - - "update" - # For getting our Deployment so we can decorate with ownerref. - - apiGroups: - - "apps" - resources: - - "deployments" - verbs: - - "get" - - apiGroups: - - "apps" - resources: - - "deployments/finalizers" - verbs: - - update - # For actually registering our webhook. - - apiGroups: - - "admissionregistration.k8s.io" - resources: - - "mutatingwebhookconfigurations" - - "validatingwebhookconfigurations" - verbs: &everything - - "get" - - "list" - - "create" - - "update" - - "delete" - - "patch" - - "watch" - # For running the SinkBinding reconciler. - - apiGroups: - - "sources.knative.dev" - resources: - - "sinkbindings" - - "sinkbindings/status" - - "sinkbindings/finalizers" - verbs: *everything - # For leader election - - apiGroups: - - "coordination.k8s.io" - resources: - - "leases" - verbs: *everything - # Necessary for conversion webhook. These are copied from the serving - # TODO: Do we really need all these permissions? - - apiGroups: ["apiextensions.k8s.io"] - resources: ["customresourcedefinitions"] - verbs: ["get", "list", "create", "update", "delete", "patch", "watch"] - ---- -# Copyright 2020 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: rbac.authorization.k8s.io/v1 -kind: Role -metadata: - namespace: knative-eventing - name: knative-eventing-webhook - labels: - eventing.knative.dev/release: "v1.8.0" - app.kubernetes.io/version: "1.8.0" - app.kubernetes.io/name: knative-eventing -rules: - # For manipulating certs into secrets. - - apiGroups: - - "" - resources: - - "secrets" - verbs: - - "get" - - "create" - - "update" - - "list" - - "watch" - - "patch" - ---- -# Copyright 2018 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: admissionregistration.k8s.io/v1 -kind: ValidatingWebhookConfiguration -metadata: - name: config.webhook.eventing.knative.dev - labels: - eventing.knative.dev/release: "v1.8.0" - app.kubernetes.io/version: "1.8.0" - app.kubernetes.io/name: knative-eventing -webhooks: - - admissionReviewVersions: ["v1", "v1beta1"] - clientConfig: - service: - name: eventing-webhook - namespace: knative-eventing - sideEffects: None - failurePolicy: Ignore - name: config.webhook.eventing.knative.dev - namespaceSelector: - matchExpressions: - - key: eventing.knative.dev/release - operator: Exists - timeoutSeconds: 10 - ---- -# Copyright 2018 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: admissionregistration.k8s.io/v1 -kind: MutatingWebhookConfiguration -metadata: - name: webhook.eventing.knative.dev - labels: - eventing.knative.dev/release: "v1.8.0" - app.kubernetes.io/version: "1.8.0" - app.kubernetes.io/name: knative-eventing -webhooks: - - admissionReviewVersions: ["v1", "v1beta1"] - clientConfig: - service: - name: eventing-webhook - namespace: knative-eventing - sideEffects: None - failurePolicy: Fail - name: webhook.eventing.knative.dev - timeoutSeconds: 10 - ---- -# Copyright 2018 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: admissionregistration.k8s.io/v1 -kind: ValidatingWebhookConfiguration -metadata: - name: validation.webhook.eventing.knative.dev - labels: - eventing.knative.dev/release: "v1.8.0" - app.kubernetes.io/version: "1.8.0" - app.kubernetes.io/name: knative-eventing -webhooks: - - admissionReviewVersions: ["v1", "v1beta1"] - clientConfig: - service: - name: eventing-webhook - namespace: knative-eventing - sideEffects: None - failurePolicy: Fail - name: validation.webhook.eventing.knative.dev - timeoutSeconds: 10 - ---- -# Copyright 2018 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: v1 -kind: Secret -metadata: - name: eventing-webhook-certs - namespace: knative-eventing - labels: - eventing.knative.dev/release: "v1.8.0" - app.kubernetes.io/version: "1.8.0" - app.kubernetes.io/name: knative-eventing -# The data is populated at install time. - ---- -# Copyright 2018 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: admissionregistration.k8s.io/v1 -kind: MutatingWebhookConfiguration -metadata: - name: sinkbindings.webhook.sources.knative.dev - labels: - eventing.knative.dev/release: "v1.8.0" - app.kubernetes.io/version: "1.8.0" - app.kubernetes.io/name: knative-eventing -webhooks: - - admissionReviewVersions: ["v1", "v1beta1"] - clientConfig: - service: - name: eventing-webhook - namespace: knative-eventing - failurePolicy: Fail - sideEffects: None - name: sinkbindings.webhook.sources.knative.dev - timeoutSeconds: 10 - ---- diff --git a/cmd/operator/kodata/knative-eventing/1.8.0/3-in-memory-channel.yaml b/cmd/operator/kodata/knative-eventing/1.8.0/3-in-memory-channel.yaml deleted file mode 100644 index 69e73033e8..0000000000 --- a/cmd/operator/kodata/knative-eventing/1.8.0/3-in-memory-channel.yaml +++ /dev/null @@ -1,1215 +0,0 @@ -# Copyright 2021 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: v1 -kind: ServiceAccount -metadata: - name: imc-controller - namespace: knative-eventing - labels: - eventing.knative.dev/release: "v1.8.0" - app.kubernetes.io/version: "1.8.0" - app.kubernetes.io/name: knative-eventing ---- -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRoleBinding -metadata: - name: imc-controller - labels: - eventing.knative.dev/release: "v1.8.0" - app.kubernetes.io/version: "1.8.0" - app.kubernetes.io/name: knative-eventing -subjects: - - kind: ServiceAccount - name: imc-controller - namespace: knative-eventing -roleRef: - kind: ClusterRole - name: imc-controller - apiGroup: rbac.authorization.k8s.io ---- -apiVersion: rbac.authorization.k8s.io/v1 -kind: RoleBinding -metadata: - namespace: knative-eventing - name: imc-controller - labels: - eventing.knative.dev/release: "v1.8.0" - app.kubernetes.io/version: "1.8.0" - app.kubernetes.io/name: knative-eventing -subjects: - - kind: ServiceAccount - name: imc-controller - namespace: knative-eventing -roleRef: - kind: Role - name: knative-inmemorychannel-webhook - apiGroup: rbac.authorization.k8s.io ---- -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRoleBinding -metadata: - name: imc-controller-resolver - labels: - eventing.knative.dev/release: "v1.8.0" - app.kubernetes.io/version: "1.8.0" - app.kubernetes.io/name: knative-eventing -subjects: - - kind: ServiceAccount - name: imc-controller - namespace: knative-eventing -roleRef: - kind: ClusterRole - name: addressable-resolver - apiGroup: rbac.authorization.k8s.io - ---- -# Copyright 2021 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: v1 -kind: ServiceAccount -metadata: - name: imc-dispatcher - namespace: knative-eventing - labels: - eventing.knative.dev/release: "v1.8.0" - app.kubernetes.io/version: "1.8.0" - app.kubernetes.io/name: knative-eventing ---- -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRoleBinding -metadata: - name: imc-dispatcher - labels: - eventing.knative.dev/release: "v1.8.0" - app.kubernetes.io/version: "1.8.0" - app.kubernetes.io/name: knative-eventing -subjects: - - kind: ServiceAccount - name: imc-dispatcher - namespace: knative-eventing -roleRef: - kind: ClusterRole - name: imc-dispatcher - apiGroup: rbac.authorization.k8s.io - ---- -# Copyright 2020 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: v1 -kind: ConfigMap -metadata: - name: config-imc-event-dispatcher - namespace: knative-eventing - labels: - eventing.knative.dev/release: "v1.8.0" - app.kubernetes.io/component: imc-controller - app.kubernetes.io/version: "1.8.0" - app.kubernetes.io/name: knative-eventing -data: - MaxIdleConnections: "1000" - MaxIdleConnectionsPerHost: "100" - ---- -# Copyright 2019 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: v1 -kind: ConfigMap -metadata: - name: config-observability - namespace: knative-eventing - labels: - eventing.knative.dev/release: "v1.8.0" - knative.dev/config-propagation: original - knative.dev/config-category: eventing - app.kubernetes.io/version: "1.8.0" - app.kubernetes.io/name: knative-eventing - annotations: - knative.dev/example-checksum: "f46cf09d" -data: - _example: | - ################################ - # # - # EXAMPLE CONFIGURATION # - # # - ################################ - - # This block is not actually functional configuration, - # but serves to illustrate the available configuration - # options and document them in a way that is accessible - # to users that `kubectl edit` this config map. - # - # These sample configuration options may be copied out of - # this example block and unindented to be in the data block - # to actually change the configuration. - - # metrics.backend-destination field specifies the system metrics destination. - # It supports either prometheus (the default) or stackdriver. - # Note: Using stackdriver will incur additional charges - metrics.backend-destination: prometheus - - # metrics.request-metrics-backend-destination specifies the request metrics - # destination. If non-empty, it enables queue proxy to send request metrics. - # Currently supported values: prometheus, stackdriver. - metrics.request-metrics-backend-destination: prometheus - - # metrics.stackdriver-project-id field specifies the stackdriver project ID. This - # field is optional. When running on GCE, application default credentials will be - # used if this field is not provided. - metrics.stackdriver-project-id: "" - - # metrics.allow-stackdriver-custom-metrics indicates whether it is allowed to send metrics to - # Stackdriver using "global" resource type and custom metric type if the - # metrics are not supported by "knative_broker", "knative_trigger", and "knative_source" resource types. - # Setting this flag to "true" could cause extra Stackdriver charge. - # If metrics.backend-destination is not Stackdriver, this is ignored. - metrics.allow-stackdriver-custom-metrics: "false" - - # profiling.enable indicates whether it is allowed to retrieve runtime profiling data from - # the pods via an HTTP server in the format expected by the pprof visualization tool. When - # enabled, the Knative Eventing pods expose the profiling data on an alternate HTTP port 8008. - # The HTTP context root for profiling is then /debug/pprof/. - profiling.enable: "false" - - # sink-event-error-reporting.enable whether the adapter reports a kube event to the CRD indicating - # a failure to send a cloud event to the sink. - sink-event-error-reporting.enable: "false" - ---- -# Copyright 2019 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: v1 -kind: ConfigMap -metadata: - name: config-tracing - namespace: knative-eventing - labels: - eventing.knative.dev/release: "v1.8.0" - knative.dev/config-propagation: original - knative.dev/config-category: eventing - app.kubernetes.io/version: "1.8.0" - app.kubernetes.io/name: knative-eventing - annotations: - knative.dev/example-checksum: "0492ceb0" -data: - _example: | - ################################ - # # - # EXAMPLE CONFIGURATION # - # # - ################################ - # This block is not actually functional configuration, - # but serves to illustrate the available configuration - # options and document them in a way that is accessible - # to users that `kubectl edit` this config map. - # - # These sample configuration options may be copied out of - # this example block and unindented to be in the data block - # to actually change the configuration. - # - # This may be "zipkin" or "none". the default is "none" - backend: "none" - - # URL to zipkin collector where traces are sent. - # This must be specified when backend is "zipkin" - zipkin-endpoint: "http://zipkin.istio-system.svc.cluster.local:9411/api/v2/spans" - - # Enable zipkin debug mode. This allows all spans to be sent to the server - # bypassing sampling. - debug: "false" - - # Percentage (0-1) of requests to trace - sample-rate: "0.1" - ---- -# Copyright 2019 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: apps/v1 -kind: Deployment -metadata: - name: imc-controller - namespace: knative-eventing - labels: - eventing.knative.dev/release: "v1.8.0" - knative.dev/high-availability: "true" - app.kubernetes.io/component: imc-controller - app.kubernetes.io/version: "1.8.0" - app.kubernetes.io/name: knative-eventing -spec: - selector: - matchLabels: &labels - messaging.knative.dev/channel: in-memory-channel - messaging.knative.dev/role: controller - template: - metadata: - labels: - !!merge <<: *labels - app.kubernetes.io/component: imc-controller - app.kubernetes.io/version: "1.8.0" - app.kubernetes.io/name: knative-eventing - spec: - affinity: - podAntiAffinity: - preferredDuringSchedulingIgnoredDuringExecution: - - podAffinityTerm: - labelSelector: - matchLabels: *labels - topologyKey: kubernetes.io/hostname - weight: 100 - serviceAccountName: imc-controller - enableServiceLinks: false - containers: - - name: controller - image: gcr.io/knative-releases/knative.dev/eventing/cmd/in_memory/channel_controller@sha256:3ced549336c7ccf3bb2adf23a558eb55bd1aec7be17837062d21c749dfce8ce5 - env: - - name: WEBHOOK_NAME - value: inmemorychannel-webhook - - name: WEBHOOK_PORT - value: "8443" - - name: CONFIG_LOGGING_NAME - value: config-logging - - name: CONFIG_OBSERVABILITY_NAME - value: config-observability - - name: METRICS_DOMAIN - value: knative.dev/inmemorychannel-controller - - name: SYSTEM_NAMESPACE - valueFrom: - fieldRef: - fieldPath: metadata.namespace - - name: DISPATCHER_IMAGE - value: gcr.io/knative-releases/knative.dev/eventing/cmd/in_memory/channel_dispatcher@sha256:e17bbdf951868359424cd0a0465da8ef44c66ba7111292444ce555c83e280f1a - - name: POD_NAME - valueFrom: - fieldRef: - fieldPath: metadata.name - securityContext: - allowPrivilegeEscalation: false - readOnlyRootFilesystem: true - runAsNonRoot: true - capabilities: - drop: - - ALL - seccompProfile: - type: RuntimeDefault - ports: - - name: metrics - containerPort: 9090 - - name: profiling - containerPort: 8008 - - name: https-webhook - containerPort: 8443 - readinessProbe: &probe - periodSeconds: 1 - httpGet: - scheme: HTTPS - port: 8443 - httpHeaders: - - name: k-kubelet-probe - value: "webhook" - livenessProbe: - !!merge <<: *probe - initialDelaySeconds: 120 - # Our webhook should gracefully terminate by lame ducking first, set this to a sufficiently - # high value that we respect whatever value it has configured for the lame duck grace period. - terminationGracePeriodSeconds: 300 ---- -apiVersion: v1 -kind: Service -metadata: - labels: - app.kubernetes.io/component: imc-controller - app.kubernetes.io/version: "1.8.0" - app.kubernetes.io/name: knative-eventing - eventing.knative.dev/release: "v1.8.0" - name: inmemorychannel-webhook - namespace: knative-eventing -spec: - ports: - - name: https-webhook - port: 443 - targetPort: 8443 - - name: http-metrics - port: 9090 - targetPort: 9090 - - name: http-profiling - port: 8008 - targetPort: 8008 - selector: - messaging.knative.dev/channel: in-memory-channel - messaging.knative.dev/role: controller - ---- -# Copyright 2019 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -apiVersion: v1 -kind: Service -metadata: - name: imc-dispatcher - namespace: knative-eventing - labels: - eventing.knative.dev/release: "v1.8.0" - messaging.knative.dev/channel: in-memory-channel - messaging.knative.dev/role: dispatcher - app.kubernetes.io/component: imc-dispatcher - app.kubernetes.io/version: "1.8.0" - app.kubernetes.io/name: knative-eventing -spec: - selector: - messaging.knative.dev/channel: in-memory-channel - messaging.knative.dev/role: dispatcher - ports: - - name: http-dispatcher - port: 80 - protocol: TCP - targetPort: 8080 - - name: http-metrics - port: 9090 - targetPort: 9090 - ---- -# Copyright 2019 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: apps/v1 -kind: Deployment -metadata: - name: imc-dispatcher - namespace: knative-eventing - labels: - eventing.knative.dev/release: "v1.8.0" - knative.dev/high-availability: "true" - app.kubernetes.io/component: imc-dispatcher - app.kubernetes.io/version: "1.8.0" - app.kubernetes.io/name: knative-eventing -spec: - selector: - matchLabels: &labels - messaging.knative.dev/channel: in-memory-channel - messaging.knative.dev/role: dispatcher - template: - metadata: - labels: - !!merge <<: *labels - app.kubernetes.io/component: imc-dispatcher - app.kubernetes.io/version: "1.8.0" - app.kubernetes.io/name: knative-eventing - spec: - affinity: - podAntiAffinity: - preferredDuringSchedulingIgnoredDuringExecution: - - podAffinityTerm: - labelSelector: - matchLabels: *labels - topologyKey: kubernetes.io/hostname - weight: 100 - serviceAccountName: imc-dispatcher - enableServiceLinks: false - containers: - - name: dispatcher - image: gcr.io/knative-releases/knative.dev/eventing/cmd/in_memory/channel_dispatcher@sha256:e17bbdf951868359424cd0a0465da8ef44c66ba7111292444ce555c83e280f1a - readinessProbe: &probe - failureThreshold: 3 - httpGet: - path: /healthz - port: 8080 - scheme: HTTP - periodSeconds: 2 - successThreshold: 1 - timeoutSeconds: 1 - livenessProbe: - !!merge <<: *probe - initialDelaySeconds: 5 - env: - - name: CONFIG_LOGGING_NAME - value: config-logging - - name: CONFIG_OBSERVABILITY_NAME - value: config-observability - - name: METRICS_DOMAIN - value: knative.dev/inmemorychannel-dispatcher - - name: SYSTEM_NAMESPACE - valueFrom: - fieldRef: - fieldPath: metadata.namespace - - name: POD_NAME - valueFrom: - fieldRef: - fieldPath: metadata.name - - name: CONTAINER_NAME - value: dispatcher - - name: MAX_IDLE_CONNS - value: "1000" - - name: MAX_IDLE_CONNS_PER_HOST - value: "1000" - ports: - - containerPort: 8080 - name: http - protocol: TCP - - containerPort: 9090 - name: metrics - securityContext: - allowPrivilegeEscalation: false - readOnlyRootFilesystem: true - runAsNonRoot: true - capabilities: - drop: - - ALL - seccompProfile: - type: RuntimeDefault - ---- -# Copyright 2019 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - name: inmemorychannels.messaging.knative.dev - labels: - eventing.knative.dev/release: "v1.8.0" - knative.dev/crd-install: "true" - messaging.knative.dev/subscribable: "true" - duck.knative.dev/addressable: "true" - app.kubernetes.io/version: "1.8.0" - app.kubernetes.io/name: knative-eventing -spec: - group: messaging.knative.dev - versions: - - name: v1 - served: true - storage: true - subresources: - status: {} - schema: - openAPIV3Schema: - description: 'InMemoryChannel is a resource representing an in memory channel' - type: object - properties: - spec: - description: Spec defines the desired state of the Channel. - type: object - properties: - delivery: - description: DeliverySpec contains the default delivery spec for each subscription to this Channelable. Each subscription delivery spec, if any, overrides this global delivery spec. - type: object - properties: - backoffDelay: - description: 'BackoffDelay is the delay before retrying. More information on Duration format: - https://www.iso.org/iso-8601-date-and-time-format.html - https://en.wikipedia.org/wiki/ISO_8601 For linear policy, backoff delay is backoffDelay*. For exponential policy, backoff delay is backoffDelay*2^.' - type: string - backoffPolicy: - description: BackoffPolicy is the retry backoff policy (linear, exponential). - type: string - deadLetterSink: - description: DeadLetterSink is the sink receiving event that could not be sent to a destination. - type: object - properties: - ref: - description: Ref points to an Addressable. - type: object - properties: - apiVersion: - description: API version of the referent. - type: string - kind: - description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - namespace: - description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ This is optional field, it gets defaulted to the object holding it if left out.' - type: string - uri: - description: URI can be an absolute URL(non-empty scheme and non-empty host) pointing to the target or a relative URI. Relative URIs will be resolved using the base URI retrieved from Ref. - type: string - retry: - description: Retry is the minimum number of retries the sender should attempt when sending an event before moving it to the dead letter sink. - type: integer - format: int32 - x-kubernetes-preserve-unknown-fields: true # This is necessary to enable the experimental feature delivery-timeout - subscribers: - description: This is the list of subscriptions for this subscribable. - type: array - items: - type: object - properties: - delivery: - description: DeliverySpec contains options controlling the event delivery - type: object - properties: - backoffDelay: - description: 'BackoffDelay is the delay before retrying. More information on Duration format: - https://www.iso.org/iso-8601-date-and-time-format.html - https://en.wikipedia.org/wiki/ISO_8601 For linear policy, backoff delay is backoffDelay*. For exponential policy, backoff delay is backoffDelay*2^.' - type: string - backoffPolicy: - description: BackoffPolicy is the retry backoff policy (linear, exponential). - type: string - deadLetterSink: - description: DeadLetterSink is the sink receiving event that could not be sent to a destination. - type: object - properties: - ref: - description: Ref points to an Addressable. - type: object - properties: - apiVersion: - description: API version of the referent. - type: string - kind: - description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - namespace: - description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ This is optional field, it gets defaulted to the object holding it if left out.' - type: string - uri: - description: URI can be an absolute URL(non-empty scheme and non-empty host) pointing to the target or a relative URI. Relative URIs will be resolved using the base URI retrieved from Ref. - type: string - retry: - description: Retry is the minimum number of retries the sender should attempt when sending an event before moving it to the dead letter sink. - type: integer - format: int32 - x-kubernetes-preserve-unknown-fields: true # This is necessary to enable the experimental feature - generation: - description: Generation of the origin of the subscriber with uid:UID. - type: integer - format: int64 - replyUri: - description: ReplyURI is the endpoint for the reply - type: string - subscriberUri: - description: SubscriberURI is the endpoint for the subscriber - type: string - uid: - description: UID is used to understand the origin of the subscriber. - type: string - status: - description: Status represents the current state of the Channel. This data may be out of date. - type: object - properties: - address: - type: object - properties: - url: - type: string - annotations: - description: Annotations is additional Status fields for the Resource to save some additional State as well as convey more information to the user. This is roughly akin to Annotations on any k8s resource, just the reconciler conveying richer information outwards. - type: object - x-kubernetes-preserve-unknown-fields: true - conditions: - description: Conditions the latest available observations of a resource's current state. - type: array - items: - type: object - required: - - type - - status - properties: - lastTransitionTime: - description: LastTransitionTime is the last time the condition transitioned from one status to another. We use VolatileTime in place of metav1.Time to exclude this from creating equality.Semantic differences (all other things held constant). - type: string - message: - description: A human readable message indicating details about the transition. - type: string - reason: - description: The reason for the condition's last transition. - type: string - severity: - description: Severity with which to treat failures of this type of condition. When this is not specified, it defaults to Error. - type: string - status: - description: Status of the condition, one of True, False, Unknown. - type: string - type: - description: Type of condition. - type: string - deadLetterChannel: - description: DeadLetterChannel is a KReference and is set by the channel when it supports native error handling via a channel Failed messages are delivered here. - type: object - properties: - apiVersion: - description: API version of the referent. - type: string - kind: - description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - namespace: - description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ This is optional field, it gets defaulted to the object holding it if left out.' - type: string - deadLetterSinkUri: - description: DeadLetterSinkURI is the resolved URI of the dead letter ref if one is specified in the Spec.Delivery. - type: string - observedGeneration: - description: ObservedGeneration is the 'Generation' of the Service that was last processed by the controller. - type: integer - format: int64 - subscribers: - description: This is the list of subscription's statuses for this channel. - type: array - items: - type: object - properties: - message: - description: A human readable message indicating details of Ready status. - type: string - observedGeneration: - description: Generation of the origin of the subscriber with uid:UID. - type: integer - format: int64 - ready: - description: Status of the subscriber. - type: string - uid: - description: UID is used to understand the origin of the subscriber. - type: string - additionalPrinterColumns: - - name: URL - type: string - jsonPath: .status.address.url - - name: Age - type: date - jsonPath: .metadata.creationTimestamp - - name: Ready - type: string - jsonPath: ".status.conditions[?(@.type==\"Ready\")].status" - - name: Reason - type: string - jsonPath: ".status.conditions[?(@.type==\"Ready\")].reason" - names: - kind: InMemoryChannel - plural: inmemorychannels - singular: inmemorychannel - categories: - - all - - knative - - messaging - - channel - shortNames: - - imc - scope: Namespaced - ---- -# Copyright 2019 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRole -metadata: - name: imc-addressable-resolver - labels: - eventing.knative.dev/release: "v1.8.0" - duck.knative.dev/addressable: "true" - app.kubernetes.io/version: "1.8.0" - app.kubernetes.io/name: knative-eventing -# Do not use this role directly. These rules will be added to the "addressable-resolver" role. -rules: - - apiGroups: - - messaging.knative.dev - resources: - - inmemorychannels - - inmemorychannels/status - verbs: - - get - - list - - watch - ---- -# Copyright 2019 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRole -metadata: - name: imc-channelable-manipulator - labels: - eventing.knative.dev/release: "v1.8.0" - duck.knative.dev/channelable: "true" - app.kubernetes.io/version: "1.8.0" - app.kubernetes.io/name: knative-eventing -# Do not use this role directly. These rules will be added to the "channelable-manipulator" role. -rules: - - apiGroups: - - messaging.knative.dev - resources: - - inmemorychannels - - inmemorychannels/status - verbs: - - create - - get - - list - - watch - - update - - patch - - delete - ---- -# Copyright 2019 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRole -metadata: - name: imc-controller - labels: - eventing.knative.dev/release: "v1.8.0" - app.kubernetes.io/version: "1.8.0" - app.kubernetes.io/name: knative-eventing -rules: - - apiGroups: - - messaging.knative.dev - resources: - - inmemorychannels - - inmemorychannels/status - verbs: - - get - - list - - watch - - update - - apiGroups: - - messaging.knative.dev - resources: - - inmemorychannels/finalizers - verbs: - - update - - apiGroups: - - messaging.knative.dev - resources: - - inmemorychannels/finalizers - - inmemorychannels/status - - inmemorychannels - verbs: - - patch - - apiGroups: - - "" - resources: - - services - - serviceaccounts - verbs: &everything - - get - - list - - watch - - create - - update - - patch - - apiGroups: - - "" - resources: - - endpoints - verbs: - - get - - list - - watch - - apiGroups: - - "rbac.authorization.k8s.io" - resources: - - rolebindings - verbs: *everything - - apiGroups: - - apps - resources: - - deployments - verbs: *everything - - apiGroups: - - apps - resources: - - deployments/status - verbs: - - get - - list - - watch - - apiGroups: - - "" - resources: - - configmaps - verbs: - - get - - list - - watch - - apiGroups: - - "" - resources: - - events - verbs: - - create - - patch - - apiGroups: - - coordination.k8s.io - resources: - - leases - verbs: *everything - # For actually registering our webhook. - - apiGroups: - - "admissionregistration.k8s.io" - resources: - - "mutatingwebhookconfigurations" - - "validatingwebhookconfigurations" - verbs: &everything - - "get" - - "list" - - "create" - - "update" - - "delete" - - "patch" - - "watch" - # For manipulating certs into secrets. - - apiGroups: - - "" - resources: - - "namespaces" - verbs: - - "get" - - "create" - - "update" - - "list" - - "watch" - - "patch" - # finalizers are needed for the owner reference of the webhook - - apiGroups: - - "" - resources: - - "namespaces/finalizers" - verbs: - - "update" - ---- -# Copyright 2019 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRole -metadata: - name: imc-dispatcher - labels: - eventing.knative.dev/release: "v1.8.0" - app.kubernetes.io/version: "1.8.0" - app.kubernetes.io/name: knative-eventing -rules: - - apiGroups: - - messaging.knative.dev - resources: - - inmemorychannels - - inmemorychannels/status - verbs: - - get - - list - - watch - - apiGroups: - - "" # Core API group. - resources: - - configmaps - verbs: - - get - - list - - watch - - apiGroups: - - "" - resources: - - events - verbs: - - create - - patch - # Updates the finalizer so we can remove our handlers when channel is deleted - # Patches the status.subscribers to reflect when the subscription dataplane has been - # configured. - - apiGroups: - - messaging.knative.dev - resources: - - inmemorychannels/finalizers - - inmemorychannels/status - - inmemorychannels - verbs: - - patch - - apiGroups: - - coordination.k8s.io - resources: - - leases - verbs: - - get - - list - - watch - - create - - update - - patch - ---- -# Copyright 2020 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: rbac.authorization.k8s.io/v1 -kind: Role -metadata: - namespace: knative-eventing - name: knative-inmemorychannel-webhook - labels: - eventing.knative.dev/release: "v1.8.0" - app.kubernetes.io/version: "1.8.0" - app.kubernetes.io/name: knative-eventing -rules: - # For manipulating certs into secrets. - - apiGroups: - - "" - resources: - - "secrets" - verbs: - - "get" - - "create" - - "update" - - "list" - - "watch" - - "patch" - ---- -# Copyright 2021 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: admissionregistration.k8s.io/v1 -kind: MutatingWebhookConfiguration -metadata: - name: inmemorychannel.eventing.knative.dev - labels: - eventing.knative.dev/release: "v1.8.0" - app.kubernetes.io/version: "1.8.0" - app.kubernetes.io/name: knative-eventing -webhooks: - - admissionReviewVersions: ["v1"] - clientConfig: - service: - name: inmemorychannel-webhook - namespace: knative-eventing - sideEffects: None - failurePolicy: Fail - name: inmemorychannel.eventing.knative.dev - timeoutSeconds: 10 - ---- -# Copyright 2021 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: admissionregistration.k8s.io/v1 -kind: ValidatingWebhookConfiguration -metadata: - name: validation.inmemorychannel.eventing.knative.dev - labels: - eventing.knative.dev/release: "v1.8.0" - app.kubernetes.io/version: "1.8.0" - app.kubernetes.io/name: knative-eventing -webhooks: - - admissionReviewVersions: ["v1"] - clientConfig: - service: - name: inmemorychannel-webhook - namespace: knative-eventing - sideEffects: None - failurePolicy: Fail - name: validation.inmemorychannel.eventing.knative.dev - timeoutSeconds: 10 - ---- -# Copyright 2021 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: v1 -kind: Secret -metadata: - name: inmemorychannel-webhook-certs - namespace: knative-eventing - labels: - eventing.knative.dev/release: "v1.8.0" - app.kubernetes.io/version: "1.8.0" - app.kubernetes.io/name: knative-eventing -# The data is populated at install time. - ---- diff --git a/cmd/operator/kodata/knative-eventing/1.8.0/4-mt-channel-broker.yaml b/cmd/operator/kodata/knative-eventing/1.8.0/4-mt-channel-broker.yaml deleted file mode 100644 index 538890f61b..0000000000 --- a/cmd/operator/kodata/knative-eventing/1.8.0/4-mt-channel-broker.yaml +++ /dev/null @@ -1,675 +0,0 @@ -# Copyright 2020 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRole -metadata: - name: knative-eventing-mt-channel-broker-controller - labels: - eventing.knative.dev/release: "v1.8.0" - app.kubernetes.io/version: "1.8.0" - app.kubernetes.io/name: knative-eventing -rules: - # Configs resources and status we care about. - - apiGroups: - - "" - resources: - - "namespaces/finalizers" - verbs: - - "update" - - apiGroups: - - coordination.k8s.io - resources: - - leases - verbs: - - "get" - - "list" - - "create" - - "update" - - "delete" - - "patch" - - "watch" - ---- -# Copyright 2020 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRole -metadata: - name: knative-eventing-mt-broker-filter - labels: - eventing.knative.dev/release: "v1.8.0" - app.kubernetes.io/version: "1.8.0" - app.kubernetes.io/name: knative-eventing -rules: - - apiGroups: - - eventing.knative.dev - resources: - - triggers - - triggers/status - verbs: - - get - - list - - watch - - apiGroups: - - "" - resources: - - "configmaps" - verbs: - - get - - list - - watch - ---- -# Copyright 2020 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -apiVersion: v1 -kind: ServiceAccount -metadata: - name: mt-broker-filter - namespace: knative-eventing - labels: - eventing.knative.dev/release: "v1.8.0" - app.kubernetes.io/version: "1.8.0" - app.kubernetes.io/name: knative-eventing - ---- -# Copyright 2020 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRole -metadata: - name: knative-eventing-mt-broker-ingress - labels: - eventing.knative.dev/release: "v1.8.0" - app.kubernetes.io/version: "1.8.0" - app.kubernetes.io/name: knative-eventing -rules: - - apiGroups: - - eventing.knative.dev - resources: - - brokers - verbs: - - get - - list - - watch - - apiGroups: - - "" - resources: - - "configmaps" - verbs: - - get - - list - - watch - ---- -# Copyright 2020 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -apiVersion: v1 -kind: ServiceAccount -metadata: - name: mt-broker-ingress - namespace: knative-eventing - labels: - eventing.knative.dev/release: "v1.8.0" - app.kubernetes.io/version: "1.8.0" - app.kubernetes.io/name: knative-eventing - ---- -# Copyright 2020 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRoleBinding -metadata: - name: eventing-mt-channel-broker-controller - labels: - eventing.knative.dev/release: "v1.8.0" - app.kubernetes.io/version: "1.8.0" - app.kubernetes.io/name: knative-eventing -subjects: - - kind: ServiceAccount - name: eventing-controller - namespace: knative-eventing -roleRef: - kind: ClusterRole - name: knative-eventing-mt-channel-broker-controller - apiGroup: rbac.authorization.k8s.io - ---- -# Copyright 2020 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRoleBinding -metadata: - name: knative-eventing-mt-broker-filter - labels: - eventing.knative.dev/release: "v1.8.0" - app.kubernetes.io/version: "1.8.0" - app.kubernetes.io/name: knative-eventing -subjects: - - kind: ServiceAccount - name: mt-broker-filter - namespace: knative-eventing -roleRef: - kind: ClusterRole - name: knative-eventing-mt-broker-filter - apiGroup: rbac.authorization.k8s.io - ---- -# Copyright 2020 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRoleBinding -metadata: - name: knative-eventing-mt-broker-ingress - labels: - eventing.knative.dev/release: "v1.8.0" - app.kubernetes.io/version: "1.8.0" - app.kubernetes.io/name: knative-eventing -subjects: - - kind: ServiceAccount - name: mt-broker-ingress - namespace: knative-eventing -roleRef: - kind: ClusterRole - name: knative-eventing-mt-broker-ingress - apiGroup: rbac.authorization.k8s.io - ---- -# Copyright 2020 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: apps/v1 -kind: Deployment -metadata: - name: mt-broker-filter - namespace: knative-eventing - labels: - eventing.knative.dev/release: "v1.8.0" - app.kubernetes.io/component: broker-filter - app.kubernetes.io/version: "1.8.0" - app.kubernetes.io/name: knative-eventing -spec: - selector: - matchLabels: - eventing.knative.dev/brokerRole: filter - template: - metadata: - labels: - eventing.knative.dev/brokerRole: filter - eventing.knative.dev/release: "v1.8.0" - app.kubernetes.io/component: broker-filter - app.kubernetes.io/version: "1.8.0" - app.kubernetes.io/name: knative-eventing - spec: - serviceAccountName: mt-broker-filter - enableServiceLinks: false - containers: - - name: filter - terminationMessagePolicy: FallbackToLogsOnError - image: gcr.io/knative-releases/knative.dev/eventing/cmd/broker/filter@sha256:33ea8a657b974d7bf3d94c0b601a4fc287c1fb33430b3dda028a1a189e3d9526 - readinessProbe: &probe - failureThreshold: 3 - httpGet: - path: /healthz - port: 8080 - scheme: HTTP - periodSeconds: 2 - successThreshold: 1 - timeoutSeconds: 1 - livenessProbe: - !!merge <<: *probe - initialDelaySeconds: 5 - resources: - requests: - cpu: 100m - memory: 100Mi - ports: - - containerPort: 8080 - name: http - protocol: TCP - - containerPort: 9092 - name: metrics - protocol: TCP - terminationMessagePath: /dev/termination-log - env: - - name: SYSTEM_NAMESPACE - valueFrom: - fieldRef: - fieldPath: metadata.namespace - - name: NAMESPACE - valueFrom: - fieldRef: - apiVersion: v1 - fieldPath: metadata.namespace - - name: POD_NAME - valueFrom: - fieldRef: - apiVersion: v1 - fieldPath: metadata.name - - name: CONTAINER_NAME - value: filter - - name: CONFIG_LOGGING_NAME - value: config-logging - - name: CONFIG_OBSERVABILITY_NAME - value: config-observability - - name: METRICS_DOMAIN - value: knative.dev/internal/eventing - - name: FILTER_PORT - value: "8080" - securityContext: - allowPrivilegeEscalation: false - readOnlyRootFilesystem: true - runAsNonRoot: true - capabilities: - drop: - - ALL - seccompProfile: - type: RuntimeDefault ---- -apiVersion: v1 -kind: Service -metadata: - labels: - eventing.knative.dev/brokerRole: filter - eventing.knative.dev/release: "v1.8.0" - app.kubernetes.io/component: broker-filter - app.kubernetes.io/version: "1.8.0" - app.kubernetes.io/name: knative-eventing - name: broker-filter - namespace: knative-eventing -spec: - ports: - - name: http - port: 80 - protocol: TCP - targetPort: 8080 - - name: http-metrics - port: 9092 - protocol: TCP - targetPort: 9092 - selector: - eventing.knative.dev/brokerRole: filter - ---- -# Copyright 2020 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: apps/v1 -kind: Deployment -metadata: - name: mt-broker-ingress - namespace: knative-eventing - labels: - eventing.knative.dev/release: "v1.8.0" - app.kubernetes.io/component: broker-ingress - app.kubernetes.io/version: "1.8.0" - app.kubernetes.io/name: knative-eventing -spec: - selector: - matchLabels: - eventing.knative.dev/brokerRole: ingress - template: - metadata: - labels: - eventing.knative.dev/brokerRole: ingress - eventing.knative.dev/release: "v1.8.0" - app.kubernetes.io/component: broker-ingress - app.kubernetes.io/version: "1.8.0" - app.kubernetes.io/name: knative-eventing - spec: - serviceAccountName: mt-broker-ingress - enableServiceLinks: false - containers: - - name: ingress - terminationMessagePolicy: FallbackToLogsOnError - image: gcr.io/knative-releases/knative.dev/eventing/cmd/broker/ingress@sha256:f4a9dfce9eec5272c90a19dbdf791fffc98bc5a6649ee85cb8a29bd5145635b1 - readinessProbe: &probe - failureThreshold: 3 - httpGet: - path: /healthz - port: 8080 - scheme: HTTP - periodSeconds: 2 - successThreshold: 1 - timeoutSeconds: 1 - livenessProbe: - !!merge <<: *probe - initialDelaySeconds: 5 - resources: - requests: - cpu: 100m - memory: 100Mi - ports: - - containerPort: 8080 - name: http - protocol: TCP - - containerPort: 9092 - name: metrics - protocol: TCP - terminationMessagePath: /dev/termination-log - env: - - name: SYSTEM_NAMESPACE - valueFrom: - fieldRef: - fieldPath: metadata.namespace - - name: NAMESPACE - valueFrom: - fieldRef: - apiVersion: v1 - fieldPath: metadata.namespace - - name: POD_NAME - valueFrom: - fieldRef: - apiVersion: v1 - fieldPath: metadata.name - - name: CONTAINER_NAME - value: ingress - - name: CONFIG_LOGGING_NAME - value: config-logging - - name: CONFIG_OBSERVABILITY_NAME - value: config-observability - - name: METRICS_DOMAIN - value: knative.dev/internal/eventing - - name: INGRESS_PORT - value: "8080" - securityContext: - allowPrivilegeEscalation: false - readOnlyRootFilesystem: true - runAsNonRoot: true - capabilities: - drop: - - ALL - seccompProfile: - type: RuntimeDefault ---- -apiVersion: v1 -kind: Service -metadata: - labels: - eventing.knative.dev/brokerRole: ingress - eventing.knative.dev/release: "v1.8.0" - app.kubernetes.io/component: broker-ingress - app.kubernetes.io/version: "1.8.0" - app.kubernetes.io/name: knative-eventing - name: broker-ingress - namespace: knative-eventing -spec: - ports: - - name: http - port: 80 - protocol: TCP - targetPort: 8080 - - name: http-metrics - port: 9092 - protocol: TCP - targetPort: 9092 - selector: - eventing.knative.dev/brokerRole: ingress - ---- -# Copyright 2020 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: apps/v1 -kind: Deployment -metadata: - name: mt-broker-controller - namespace: knative-eventing - labels: - eventing.knative.dev/release: "v1.8.0" - app.kubernetes.io/component: mt-broker-controller - app.kubernetes.io/version: "1.8.0" - app.kubernetes.io/name: knative-eventing -spec: - selector: - matchLabels: - app: mt-broker-controller - template: - metadata: - labels: - app: mt-broker-controller - eventing.knative.dev/release: "v1.8.0" - app.kubernetes.io/component: broker-controller - app.kubernetes.io/version: "1.8.0" - app.kubernetes.io/name: knative-eventing - spec: - # To avoid node becoming SPOF, spread our replicas to different nodes. - affinity: - podAntiAffinity: - preferredDuringSchedulingIgnoredDuringExecution: - - podAffinityTerm: - labelSelector: - matchLabels: - app: mt-broker-controller - topologyKey: kubernetes.io/hostname - weight: 100 - serviceAccountName: eventing-controller - enableServiceLinks: false - containers: - - name: mt-broker-controller - terminationMessagePolicy: FallbackToLogsOnError - image: gcr.io/knative-releases/knative.dev/eventing/cmd/mtchannel_broker@sha256:c5d3664780b394f6d3e546eb94c972965fbd9357da5e442c66455db7ca94124c - resources: - requests: - cpu: 100m - memory: 100Mi - env: - - name: SYSTEM_NAMESPACE - valueFrom: - fieldRef: - fieldPath: metadata.namespace - - name: CONFIG_LOGGING_NAME - value: config-logging - - name: CONFIG_OBSERVABILITY_NAME - value: config-observability - - name: METRICS_DOMAIN - value: knative.dev/eventing - - name: POD_NAME - valueFrom: - fieldRef: - fieldPath: metadata.name - securityContext: - allowPrivilegeEscalation: false - readOnlyRootFilesystem: true - runAsNonRoot: true - capabilities: - drop: - - ALL - seccompProfile: - type: RuntimeDefault - ports: - - name: metrics - containerPort: 9090 - - name: profiling - containerPort: 8008 - ---- -# Copyright 2020 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: autoscaling/v2 -kind: HorizontalPodAutoscaler -metadata: - name: broker-ingress-hpa - namespace: knative-eventing - labels: - eventing.knative.dev/release: "v1.8.0" - app.kubernetes.io/component: broker-ingress - app.kubernetes.io/version: "1.8.0" - app.kubernetes.io/name: knative-eventing -spec: - scaleTargetRef: - apiVersion: apps/v1 - kind: Deployment - name: mt-broker-ingress - minReplicas: 1 - maxReplicas: 10 - metrics: - - type: Resource - resource: - name: cpu - target: - type: Utilization - averageUtilization: 70 ---- -apiVersion: autoscaling/v2 -kind: HorizontalPodAutoscaler -metadata: - name: broker-filter-hpa - namespace: knative-eventing - labels: - eventing.knative.dev/release: "v1.8.0" - app.kubernetes.io/component: broker-filter - app.kubernetes.io/version: "1.8.0" - app.kubernetes.io/name: knative-eventing -spec: - scaleTargetRef: - apiVersion: apps/v1 - kind: Deployment - name: mt-broker-filter - minReplicas: 1 - maxReplicas: 10 - metrics: - - type: Resource - resource: - name: cpu - target: - type: Utilization - averageUtilization: 70 - ---- diff --git a/cmd/operator/kodata/knative-eventing/1.8.1/2-eventing-core.yaml b/cmd/operator/kodata/knative-eventing/1.8.1/2-eventing-core.yaml deleted file mode 100644 index 67600537f8..0000000000 --- a/cmd/operator/kodata/knative-eventing/1.8.1/2-eventing-core.yaml +++ /dev/null @@ -1,4640 +0,0 @@ -# Copyright 2018 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -apiVersion: v1 -kind: Namespace -metadata: - name: knative-eventing - labels: - eventing.knative.dev/release: "v1.8.1" - app.kubernetes.io/version: "1.8.1" - app.kubernetes.io/name: knative-eventing - ---- -# Copyright 2018 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: v1 -kind: ServiceAccount -metadata: - name: eventing-controller - namespace: knative-eventing - labels: - eventing.knative.dev/release: "v1.8.1" - app.kubernetes.io/version: "1.8.1" - app.kubernetes.io/name: knative-eventing ---- -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRoleBinding -metadata: - name: eventing-controller - labels: - eventing.knative.dev/release: "v1.8.1" - app.kubernetes.io/version: "1.8.1" - app.kubernetes.io/name: knative-eventing -subjects: - - kind: ServiceAccount - name: eventing-controller - namespace: knative-eventing -roleRef: - kind: ClusterRole - name: knative-eventing-controller - apiGroup: rbac.authorization.k8s.io ---- -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRoleBinding -metadata: - name: eventing-controller-resolver - labels: - eventing.knative.dev/release: "v1.8.1" - app.kubernetes.io/version: "1.8.1" - app.kubernetes.io/name: knative-eventing -subjects: - - kind: ServiceAccount - name: eventing-controller - namespace: knative-eventing -roleRef: - kind: ClusterRole - name: addressable-resolver - apiGroup: rbac.authorization.k8s.io ---- -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRoleBinding -metadata: - name: eventing-controller-source-observer - labels: - eventing.knative.dev/release: "v1.8.1" - app.kubernetes.io/version: "1.8.1" - app.kubernetes.io/name: knative-eventing -subjects: - - kind: ServiceAccount - name: eventing-controller - namespace: knative-eventing -roleRef: - kind: ClusterRole - name: source-observer - apiGroup: rbac.authorization.k8s.io ---- -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRoleBinding -metadata: - name: eventing-controller-sources-controller - labels: - eventing.knative.dev/release: "v1.8.1" - app.kubernetes.io/version: "1.8.1" - app.kubernetes.io/name: knative-eventing -subjects: - - kind: ServiceAccount - name: eventing-controller - namespace: knative-eventing -roleRef: - kind: ClusterRole - name: knative-eventing-sources-controller - apiGroup: rbac.authorization.k8s.io ---- -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRoleBinding -metadata: - name: eventing-controller-manipulator - labels: - eventing.knative.dev/release: "v1.8.1" - app.kubernetes.io/version: "1.8.1" - app.kubernetes.io/name: knative-eventing -subjects: - - kind: ServiceAccount - name: eventing-controller - namespace: knative-eventing -roleRef: - kind: ClusterRole - name: channelable-manipulator - apiGroup: rbac.authorization.k8s.io - ---- -# Copyright 2020 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: v1 -kind: ServiceAccount -metadata: - name: pingsource-mt-adapter - namespace: knative-eventing - labels: - eventing.knative.dev/release: "v1.8.1" - app.kubernetes.io/version: "1.8.1" - app.kubernetes.io/name: knative-eventing ---- -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRoleBinding -metadata: - name: knative-eventing-pingsource-mt-adapter - labels: - eventing.knative.dev/release: "v1.8.1" - app.kubernetes.io/version: "1.8.1" - app.kubernetes.io/name: knative-eventing -subjects: - - kind: ServiceAccount - name: pingsource-mt-adapter - namespace: knative-eventing -roleRef: - kind: ClusterRole - name: knative-eventing-pingsource-mt-adapter - apiGroup: rbac.authorization.k8s.io - ---- -# Copyright 2018 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: v1 -kind: ServiceAccount -metadata: - name: eventing-webhook - namespace: knative-eventing - labels: - eventing.knative.dev/release: "v1.8.1" - app.kubernetes.io/version: "1.8.1" - app.kubernetes.io/name: knative-eventing ---- -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRoleBinding -metadata: - name: eventing-webhook - labels: - eventing.knative.dev/release: "v1.8.1" - app.kubernetes.io/version: "1.8.1" - app.kubernetes.io/name: knative-eventing -subjects: - - kind: ServiceAccount - name: eventing-webhook - namespace: knative-eventing -roleRef: - kind: ClusterRole - name: knative-eventing-webhook - apiGroup: rbac.authorization.k8s.io ---- -apiVersion: rbac.authorization.k8s.io/v1 -kind: RoleBinding -metadata: - namespace: knative-eventing - name: eventing-webhook - labels: - eventing.knative.dev/release: "v1.8.1" - app.kubernetes.io/version: "1.8.1" - app.kubernetes.io/name: knative-eventing -subjects: - - kind: ServiceAccount - name: eventing-webhook - namespace: knative-eventing -roleRef: - kind: Role - name: knative-eventing-webhook - apiGroup: rbac.authorization.k8s.io ---- -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRoleBinding -metadata: - name: eventing-webhook-resolver - labels: - eventing.knative.dev/release: "v1.8.1" - app.kubernetes.io/version: "1.8.1" - app.kubernetes.io/name: knative-eventing -subjects: - - kind: ServiceAccount - name: eventing-webhook - namespace: knative-eventing -roleRef: - kind: ClusterRole - name: addressable-resolver - apiGroup: rbac.authorization.k8s.io ---- -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRoleBinding -metadata: - name: eventing-webhook-podspecable-binding - labels: - eventing.knative.dev/release: "v1.8.1" - app.kubernetes.io/version: "1.8.1" - app.kubernetes.io/name: knative-eventing -subjects: - - kind: ServiceAccount - name: eventing-webhook - namespace: knative-eventing -roleRef: - kind: ClusterRole - name: podspecable-binding - apiGroup: rbac.authorization.k8s.io - ---- -# Copyright 2020 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: v1 -kind: ConfigMap -metadata: - name: config-br-default-channel - namespace: knative-eventing - labels: - eventing.knative.dev/release: "v1.8.1" - app.kubernetes.io/version: "1.8.1" - app.kubernetes.io/name: knative-eventing -data: - channel-template-spec: | - apiVersion: messaging.knative.dev/v1 - kind: InMemoryChannel - ---- -# Copyright 2021 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: v1 -kind: ConfigMap -metadata: - name: config-br-defaults - namespace: knative-eventing - labels: - eventing.knative.dev/release: "v1.8.1" - app.kubernetes.io/version: "1.8.1" - app.kubernetes.io/name: knative-eventing -data: - # Configures the default for any Broker that does not specify a spec.config or Broker class. - default-br-config: | - clusterDefault: - brokerClass: MTChannelBasedBroker - apiVersion: v1 - kind: ConfigMap - name: config-br-default-channel - namespace: knative-eventing - delivery: - retry: 10 - backoffPolicy: exponential - backoffDelay: PT0.2S - ---- -# Copyright 2018 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: v1 -kind: ConfigMap -metadata: - name: default-ch-webhook - namespace: knative-eventing - labels: - eventing.knative.dev/release: "v1.8.1" - app.kubernetes.io/version: "1.8.1" - app.kubernetes.io/name: knative-eventing -data: - # Configuration for defaulting channels that do not specify CRD implementations. - default-ch-config: | - clusterDefault: - apiVersion: messaging.knative.dev/v1 - kind: InMemoryChannel - namespaceDefaults: - some-namespace: - apiVersion: messaging.knative.dev/v1 - kind: InMemoryChannel - ---- -# Copyright 2020 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: v1 -kind: ConfigMap -metadata: - name: config-ping-defaults - namespace: knative-eventing - labels: - eventing.knative.dev/release: "v1.8.1" - annotations: - knative.dev/example-checksum: "9185c153" - app.kubernetes.io/version: "1.8.1" - app.kubernetes.io/name: knative-eventing -data: - _example: | - ################################ - # # - # EXAMPLE CONFIGURATION # - # # - ################################ - - # This block is not actually functional configuration, - # but serves to illustrate the available configuration - # options and document them in a way that is accessible - # to users that `kubectl edit` this config map. - # - # These sample configuration options may be copied out of - # this example block and unindented to be in the data block - # to actually change the configuration. - - # Max number of bytes allowed to be sent for message excluding any - # base64 decoding. Default is no limit set for data - data-max-size: -1 - ---- -# Copyright 2021 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: v1 -kind: ConfigMap -metadata: - name: config-features - namespace: knative-eventing - labels: - eventing.knative.dev/release: "v1.8.1" - knative.dev/config-propagation: original - knative.dev/config-category: eventing - app.kubernetes.io/version: "1.8.1" - app.kubernetes.io/name: knative-eventing -data: - # ALPHA feature: The kreference-group allows you to use the Group field in KReferences. - # For more details: https://github.com/knative/eventing/issues/5086 - kreference-group: "disabled" - # ALPHA feature: The delivery-retryafter allows you to use the RetryAfter field in DeliverySpec. - # For more details: https://github.com/knative/eventing/issues/5811 - delivery-retryafter: "disabled" - # BETA feature: The delivery-timeout allows you to use the Timeout field in DeliverySpec. - # For more details: https://github.com/knative/eventing/issues/5148 - delivery-timeout: "enabled" - # ALPHA feature: The kreference-mapping allows you to map kreference onto templated URI - # For more details: https://github.com/knative/eventing/issues/5593 - kreference-mapping: "disabled" - # BETA feature: The subscriber-strict flag force subscriptions to define a subscriber - # For more details: https://github.com/knative/eventing/issues/5756 - strict-subscriber: "enabled" - # ALPHA feature: The new-trigger-filters flag allows you to use the new `filters` field - # in Trigger objects with its rich filtering capabilities. - # For more details: https://github.com/knative/eventing/issues/5204 - new-trigger-filters: "disabled" - ---- -# Copyright 2021 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: v1 -kind: ConfigMap -metadata: - name: config-kreference-mapping - namespace: knative-eventing - labels: - eventing.knative.dev/release: "v1.8.1" - knative.dev/config-propagation: original - knative.dev/config-category: eventing - annotations: - knative.dev/example-checksum: "7375dbe1" -data: - _example: | - ################################ - # # - # EXAMPLE CONFIGURATION # - # # - ################################ - - # This block is not actually functional configuration, - # but serves to illustrate the available configuration - # options and document them in a way that is accessible - # to users that `kubectl edit` this config map. - - # this is an example of mapping from pod to addressable-pod service - # the data key must be of the form "kind.version.group" - # the data value must be a valid URL. Valid template data are: - # - Name: reference name - # - Namespace: reference namespace - # - SystemNamespace: knative namespace - # - UID: reference UID - # - # Pod.v1: https://addressable-pod.{{ .SystemNamespace }}.svc.cluster.local/{{ .Name }} - ---- -# Copyright 2018 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: v1 -kind: ConfigMap -metadata: - name: config-leader-election - namespace: knative-eventing - labels: - eventing.knative.dev/release: "v1.8.1" - app.kubernetes.io/version: "1.8.1" - app.kubernetes.io/name: knative-eventing - annotations: - knative.dev/example-checksum: "f7948630" -data: - _example: | - ################################ - # # - # EXAMPLE CONFIGURATION # - # # - ################################ - - # This block is not actually functional configuration, - # but serves to illustrate the available configuration - # options and document them in a way that is accessible - # to users that `kubectl edit` this config map. - # - # These sample configuration options may be copied out of - # this example block and unindented to be in the data block - # to actually change the configuration. - - # lease-duration is how long non-leaders will wait to try to acquire the - # lock; 15 seconds is the value used by core kubernetes controllers. - lease-duration: "15s" - - # renew-deadline is how long a leader will try to renew the lease before - # giving up; 10 seconds is the value used by core kubernetes controllers. - renew-deadline: "10s" - - # retry-period is how long the leader election client waits between tries of - # actions; 2 seconds is the value used by core kubernetes controllers. - retry-period: "2s" - - # buckets is the number of buckets used to partition key space of each - # Reconciler. If this number is M and the replica number of the controller - # is N, the N replicas will compete for the M buckets. The owner of a - # bucket will take care of the reconciling for the keys partitioned into - # that bucket. - buckets: "1" - ---- -# Copyright 2018 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: v1 -kind: ConfigMap -metadata: - name: config-logging - namespace: knative-eventing - labels: - eventing.knative.dev/release: "v1.8.1" - knative.dev/config-propagation: original - knative.dev/config-category: eventing - app.kubernetes.io/version: "1.8.1" - app.kubernetes.io/name: knative-eventing -data: - # Common configuration for all Knative codebase - zap-logger-config: | - { - "level": "info", - "development": false, - "outputPaths": ["stdout"], - "errorOutputPaths": ["stderr"], - "encoding": "json", - "encoderConfig": { - "timeKey": "ts", - "levelKey": "level", - "nameKey": "logger", - "callerKey": "caller", - "messageKey": "msg", - "stacktraceKey": "stacktrace", - "lineEnding": "", - "levelEncoder": "", - "timeEncoder": "iso8601", - "durationEncoder": "", - "callerEncoder": "" - } - } - # Log level overrides - # For all components changes are be picked up immediately. - loglevel.controller: "info" - loglevel.webhook: "info" - ---- -# Copyright 2019 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: v1 -kind: ConfigMap -metadata: - name: config-observability - namespace: knative-eventing - labels: - eventing.knative.dev/release: "v1.8.1" - knative.dev/config-propagation: original - knative.dev/config-category: eventing - app.kubernetes.io/version: "1.8.1" - app.kubernetes.io/name: knative-eventing - annotations: - knative.dev/example-checksum: "f46cf09d" -data: - _example: | - ################################ - # # - # EXAMPLE CONFIGURATION # - # # - ################################ - - # This block is not actually functional configuration, - # but serves to illustrate the available configuration - # options and document them in a way that is accessible - # to users that `kubectl edit` this config map. - # - # These sample configuration options may be copied out of - # this example block and unindented to be in the data block - # to actually change the configuration. - - # metrics.backend-destination field specifies the system metrics destination. - # It supports either prometheus (the default) or stackdriver. - # Note: Using stackdriver will incur additional charges - metrics.backend-destination: prometheus - - # metrics.request-metrics-backend-destination specifies the request metrics - # destination. If non-empty, it enables queue proxy to send request metrics. - # Currently supported values: prometheus, stackdriver. - metrics.request-metrics-backend-destination: prometheus - - # metrics.stackdriver-project-id field specifies the stackdriver project ID. This - # field is optional. When running on GCE, application default credentials will be - # used if this field is not provided. - metrics.stackdriver-project-id: "" - - # metrics.allow-stackdriver-custom-metrics indicates whether it is allowed to send metrics to - # Stackdriver using "global" resource type and custom metric type if the - # metrics are not supported by "knative_broker", "knative_trigger", and "knative_source" resource types. - # Setting this flag to "true" could cause extra Stackdriver charge. - # If metrics.backend-destination is not Stackdriver, this is ignored. - metrics.allow-stackdriver-custom-metrics: "false" - - # profiling.enable indicates whether it is allowed to retrieve runtime profiling data from - # the pods via an HTTP server in the format expected by the pprof visualization tool. When - # enabled, the Knative Eventing pods expose the profiling data on an alternate HTTP port 8008. - # The HTTP context root for profiling is then /debug/pprof/. - profiling.enable: "false" - - # sink-event-error-reporting.enable whether the adapter reports a kube event to the CRD indicating - # a failure to send a cloud event to the sink. - sink-event-error-reporting.enable: "false" - ---- -# Copyright 2022 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: v1 -kind: ConfigMap -metadata: - name: config-sugar - namespace: knative-eventing - labels: - eventing.knative.dev/release: "v1.8.1" - app.kubernetes.io/version: "1.8.1" - app.kubernetes.io/name: knative-eventing - annotations: - knative.dev/example-checksum: "62dfac6f" -data: - _example: | - ################################ - # # - # EXAMPLE CONFIGURATION # - # # - ################################ - # This block is not actually functional configuration, - # but serves to illustrate the available configuration - # options and document them in a way that is accessible - # to users that `kubectl edit` this config map. - # - # These sample configuration options may be copied out of - # this example block and unindented to be in the data block - # to actually change the configuration. - - # namespace-selector specifies a LabelSelector which - # determines which namespaces the Sugar Controller should operate upon - # Use an empty value to disable the feature (this is the default): - namespace-selector: "" - - # Use an empty object as a string to enable for all namespaces - namespace-selector: "{}" - - # trigger-selector specifies a LabelSelector which - # determines which triggers the Sugar Controller should operate upon - # Use an empty value to disable the feature (this is the default): - trigger-selector: "" - - # Use an empty object as string to enable for all triggers - trigger-selector: "{}" - ---- -# Copyright 2019 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: v1 -kind: ConfigMap -metadata: - name: config-tracing - namespace: knative-eventing - labels: - eventing.knative.dev/release: "v1.8.1" - knative.dev/config-propagation: original - knative.dev/config-category: eventing - app.kubernetes.io/version: "1.8.1" - app.kubernetes.io/name: knative-eventing - annotations: - knative.dev/example-checksum: "0492ceb0" -data: - _example: | - ################################ - # # - # EXAMPLE CONFIGURATION # - # # - ################################ - # This block is not actually functional configuration, - # but serves to illustrate the available configuration - # options and document them in a way that is accessible - # to users that `kubectl edit` this config map. - # - # These sample configuration options may be copied out of - # this example block and unindented to be in the data block - # to actually change the configuration. - # - # This may be "zipkin" or "none". the default is "none" - backend: "none" - - # URL to zipkin collector where traces are sent. - # This must be specified when backend is "zipkin" - zipkin-endpoint: "http://zipkin.istio-system.svc.cluster.local:9411/api/v2/spans" - - # Enable zipkin debug mode. This allows all spans to be sent to the server - # bypassing sampling. - debug: "false" - - # Percentage (0-1) of requests to trace - sample-rate: "0.1" - ---- -# Copyright 2018 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: apps/v1 -kind: Deployment -metadata: - name: eventing-controller - namespace: knative-eventing - labels: - eventing.knative.dev/release: "v1.8.1" - knative.dev/high-availability: "true" - app.kubernetes.io/component: eventing-controller - app.kubernetes.io/version: "1.8.1" - app.kubernetes.io/name: knative-eventing -spec: - selector: - matchLabels: - app: eventing-controller - template: - metadata: - labels: - app: eventing-controller - eventing.knative.dev/release: "v1.8.1" - app.kubernetes.io/component: eventing-controller - app.kubernetes.io/version: "1.8.1" - app.kubernetes.io/name: knative-eventing - spec: - # To avoid node becoming SPOF, spread our replicas to different nodes. - affinity: - podAntiAffinity: - preferredDuringSchedulingIgnoredDuringExecution: - - podAffinityTerm: - labelSelector: - matchLabels: - app: eventing-controller - topologyKey: kubernetes.io/hostname - weight: 100 - serviceAccountName: eventing-controller - enableServiceLinks: false - containers: - - name: eventing-controller - terminationMessagePolicy: FallbackToLogsOnError - image: gcr.io/knative-releases/knative.dev/eventing/cmd/controller@sha256:33d78536e9b38dbb2ec2952207b48ff8e05acb48e7d28c2305bd0a0f7156198f - resources: - requests: - cpu: 100m - memory: 100Mi - env: - - name: SYSTEM_NAMESPACE - valueFrom: - fieldRef: - fieldPath: metadata.namespace - - name: CONFIG_LOGGING_NAME - value: config-logging - - name: CONFIG_OBSERVABILITY_NAME - value: config-observability - - name: METRICS_DOMAIN - value: knative.dev/eventing - # APIServerSource - - name: APISERVER_RA_IMAGE - value: gcr.io/knative-releases/knative.dev/eventing/cmd/apiserver_receive_adapter@sha256:2fd38788ae96abd96e63bf8b7ef3e1b37370513a84a86cd153dfb1cd9442a095 - - name: POD_NAME - valueFrom: - fieldRef: - fieldPath: metadata.name - ## Adapter settings - # - name: K_LOGGING_CONFIG - # value: '' - # - name: K_LEADER_ELECTION_CONFIG - # value: '' - # - name: K_NO_SHUTDOWN_AFTER - # value: '' - ## Time in seconds the adapter will wait for the sink to respond. Default is no timeout - # - name: K_SINK_TIMEOUT - # value: '' - securityContext: - allowPrivilegeEscalation: false - readOnlyRootFilesystem: true - runAsNonRoot: true - capabilities: - drop: - - ALL - seccompProfile: - type: RuntimeDefault - livenessProbe: - httpGet: - path: /health - port: probes - scheme: HTTP - initialDelaySeconds: 20 - periodSeconds: 10 - timeoutSeconds: 5 - readinessProbe: - httpGet: - path: /readiness - port: probes - scheme: HTTP - initialDelaySeconds: 20 - periodSeconds: 10 - timeoutSeconds: 5 - ports: - - name: metrics - containerPort: 9090 - - name: profiling - containerPort: 8008 - - name: probes - containerPort: 8080 - ---- -# Copyright 2018 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: apps/v1 -kind: Deployment -metadata: - name: pingsource-mt-adapter - namespace: knative-eventing - labels: - eventing.knative.dev/release: "v1.8.1" - app.kubernetes.io/component: pingsource-mt-adapter - app.kubernetes.io/version: "1.8.1" - app.kubernetes.io/name: knative-eventing -spec: - # when set to 0 (and only 0) will be set to 1 when the first PingSource is created. - replicas: 0 - selector: - matchLabels: &labels - eventing.knative.dev/source: ping-source-controller - sources.knative.dev/role: adapter - template: - metadata: - labels: - !!merge <<: *labels - eventing.knative.dev/release: "v1.8.1" - app.kubernetes.io/component: pingsource-mt-adapter - app.kubernetes.io/version: "1.8.1" - app.kubernetes.io/name: knative-eventing - spec: - affinity: - podAntiAffinity: - preferredDuringSchedulingIgnoredDuringExecution: - - podAffinityTerm: - labelSelector: - matchLabels: *labels - topologyKey: kubernetes.io/hostname - weight: 100 - enableServiceLinks: false - containers: - - name: dispatcher - image: gcr.io/knative-releases/knative.dev/eventing/cmd/mtping@sha256:282b5265e1ef26309b3343038c9b4f172654e06cbee46f6ddffd23ea9ad9a3be - env: - - name: SYSTEM_NAMESPACE - value: '' - valueFrom: - fieldRef: - apiVersion: v1 - fieldPath: metadata.namespace - - name: NAMESPACE - value: '' - valueFrom: - fieldRef: - apiVersion: v1 - fieldPath: metadata.namespace - # DO NOT MODIFY: The values below are being filled by the ping source controller - # See 500-controller.yaml - - name: K_METRICS_CONFIG - value: '' - - name: K_LOGGING_CONFIG - value: '' - - name: K_LEADER_ELECTION_CONFIG - value: '' - - name: K_NO_SHUTDOWN_AFTER - value: '' - - name: K_SINK_TIMEOUT - value: '-1' - - name: POD_NAME - valueFrom: - fieldRef: - fieldPath: metadata.name - ports: - - containerPort: 9090 - name: metrics - protocol: TCP - resources: - requests: - cpu: 125m - memory: 64Mi - limits: - cpu: 1000m - memory: 2048Mi - securityContext: - allowPrivilegeEscalation: false - readOnlyRootFilesystem: true - runAsNonRoot: true - capabilities: - drop: - - ALL - seccompProfile: - type: RuntimeDefault - serviceAccountName: pingsource-mt-adapter - ---- -# Copyright 2021 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: autoscaling/v2 -kind: HorizontalPodAutoscaler -metadata: - name: eventing-webhook - namespace: knative-eventing - labels: - eventing.knative.dev/release: "v1.8.1" - app.kubernetes.io/component: eventing-webhook - app.kubernetes.io/version: "1.8.1" - app.kubernetes.io/name: knative-eventing -spec: - scaleTargetRef: - apiVersion: apps/v1 - kind: Deployment - name: eventing-webhook - minReplicas: 1 - maxReplicas: 5 - metrics: - - type: Resource - resource: - name: cpu - target: - type: Utilization - averageUtilization: 100 ---- -# Webhook PDB. -apiVersion: policy/v1 -kind: PodDisruptionBudget -metadata: - name: eventing-webhook - namespace: knative-eventing - labels: - eventing.knative.dev/release: "v1.8.1" - app.kubernetes.io/component: eventing-webhook - app.kubernetes.io/version: "1.8.1" - app.kubernetes.io/name: knative-eventing -spec: - minAvailable: 80% - selector: - matchLabels: - app: eventing-webhook - ---- -# Copyright 2018 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: apps/v1 -kind: Deployment -metadata: - name: eventing-webhook - namespace: knative-eventing - labels: - eventing.knative.dev/release: "v1.8.1" - app.kubernetes.io/component: eventing-webhook - app.kubernetes.io/version: "1.8.1" - app.kubernetes.io/name: knative-eventing -spec: - selector: - matchLabels: &labels - app: eventing-webhook - role: eventing-webhook - template: - metadata: - labels: - !!merge <<: *labels - eventing.knative.dev/release: "v1.8.1" - app.kubernetes.io/component: eventing-webhook - app.kubernetes.io/version: "1.8.1" - app.kubernetes.io/name: knative-eventing - spec: - # To avoid node becoming SPOF, spread our replicas to different nodes. - affinity: - podAntiAffinity: - preferredDuringSchedulingIgnoredDuringExecution: - - podAffinityTerm: - labelSelector: - matchLabels: - app: eventing-webhook - topologyKey: kubernetes.io/hostname - weight: 100 - serviceAccountName: eventing-webhook - enableServiceLinks: false - containers: - - name: eventing-webhook - terminationMessagePolicy: FallbackToLogsOnError - # This is the Go import path for the binary that is containerized - # and substituted here. - image: gcr.io/knative-releases/knative.dev/eventing/cmd/webhook@sha256:d217ab7e3452a87f8cbb3b45df65c98b18b8be39551e3e960cd49ea44bb415ba - resources: - requests: - # taken from serving. - cpu: 100m - memory: 50Mi - limits: - # taken from serving. - cpu: 200m - memory: 200Mi - env: - - name: SYSTEM_NAMESPACE - valueFrom: - fieldRef: - fieldPath: metadata.namespace - - name: CONFIG_LOGGING_NAME - value: config-logging - - name: METRICS_DOMAIN - value: knative.dev/eventing - - name: WEBHOOK_NAME - value: eventing-webhook - - name: WEBHOOK_PORT - value: "8443" - # SINK_BINDING_SELECTION_MODE specifies the NamespaceSelector and ObjectSelector - # for the sinkbinding webhook. - # If `inclusion` is selected, namespaces/objects labelled as `bindings.knative.dev/include:true` - # will be considered by the sinkbinding webhook; - # If `exclusion` is selected, namespaces/objects labelled as `bindings.knative.dev/exclude:true` - # will NOT be considered by the sinkbinding webhook. - # The default is `exclusion`. - - name: SINK_BINDING_SELECTION_MODE - value: "exclusion" - - name: POD_NAME - valueFrom: - fieldRef: - fieldPath: metadata.name - securityContext: - allowPrivilegeEscalation: false - readOnlyRootFilesystem: true - runAsNonRoot: true - capabilities: - drop: - - ALL - seccompProfile: - type: RuntimeDefault - ports: - - name: https-webhook - containerPort: 8443 - - name: metrics - containerPort: 9090 - - name: profiling - containerPort: 8008 - readinessProbe: &probe - periodSeconds: 1 - httpGet: - scheme: HTTPS - port: 8443 - httpHeaders: - - name: k-kubelet-probe - value: "webhook" - livenessProbe: - !!merge <<: *probe - initialDelaySeconds: 120 - # Our webhook should gracefully terminate by lame ducking first, set this to a sufficiently - # high value that we respect whatever value it has configured for the lame duck grace period. - terminationGracePeriodSeconds: 300 ---- -apiVersion: v1 -kind: Service -metadata: - labels: - eventing.knative.dev/release: "v1.8.1" - role: eventing-webhook - app.kubernetes.io/component: eventing-webhook - app.kubernetes.io/version: "1.8.1" - app.kubernetes.io/name: knative-eventing - name: eventing-webhook - namespace: knative-eventing -spec: - ports: - - name: https-webhook - port: 443 - targetPort: 8443 - selector: - role: eventing-webhook - ---- -# Copyright 2020 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - creationTimestamp: null - labels: - eventing.knative.dev/release: "v1.8.1" - eventing.knative.dev/source: "true" - duck.knative.dev/source: "true" - knative.dev/crd-install: "true" - app.kubernetes.io/version: "1.8.1" - app.kubernetes.io/name: knative-eventing - annotations: - # TODO add schemas and descriptions - registry.knative.dev/eventTypes: | - [ - { "type": "dev.knative.apiserver.resource.add" }, - { "type": "dev.knative.apiserver.resource.delete" }, - { "type": "dev.knative.apiserver.resource.update" }, - { "type": "dev.knative.apiserver.ref.add" }, - { "type": "dev.knative.apiserver.ref.delete" }, - { "type": "dev.knative.apiserver.ref.update" } - ] - name: apiserversources.sources.knative.dev -spec: - group: sources.knative.dev - versions: - - name: v1 - served: true - storage: true - subresources: - status: {} - schema: - openAPIV3Schema: - description: 'ApiServerSource is an event source that brings Kubernetes API server events into Knative.' - type: object - properties: - spec: - type: object - required: - - resources - properties: - ceOverrides: - description: CloudEventOverrides defines overrides to control the output format and modifications of the event sent to the sink. - type: object - properties: - extensions: - description: Extensions specify what attribute are added or overridden on the outbound event. Each `Extensions` key-value pair are set on the event as an attribute extension independently. - type: object - x-kubernetes-preserve-unknown-fields: true - mode: - description: EventMode controls the format of the event. `Reference` sends a dataref event type for the resource under watch. `Resource` send the full resource lifecycle event. Defaults to `Reference` - type: string - owner: - description: ResourceOwner is an additional filter to only track resources that are owned by a specific resource type. If ResourceOwner matches Resources[n] then Resources[n] is allowed to pass the ResourceOwner filter. - type: object - properties: - apiVersion: - description: APIVersion - the API version of the resource to watch. - type: string - kind: - description: 'Kind of the resource to watch. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - resources: - description: Resource are the resources this source will track and send related lifecycle events from the Kubernetes ApiServer, with an optional label selector to help filter. - type: array - items: - type: object - properties: - apiVersion: - description: APIVersion - the API version of the resource to watch. - type: string - kind: - description: 'Kind of the resource to watch. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - selector: - description: 'LabelSelector filters this source to objects to those resources pass the label selector. More info: http://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#label-selectors' - type: object - properties: - matchExpressions: - description: matchExpressions is a list of label selector requirements. The requirements are ANDed. - type: array - items: - type: object - properties: - key: - description: key is the label key that the selector applies to. - type: string - operator: - description: operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. - type: string - values: - description: values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. - type: array - items: - type: string - matchLabels: - description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. - type: object - x-kubernetes-preserve-unknown-fields: true - serviceAccountName: - description: ServiceAccountName is the name of the ServiceAccount to use to run this source. Defaults to default if not set. - type: string - sink: - description: Sink is a reference to an object that will resolve to a uri to use as the sink. - type: object - properties: - ref: - description: Ref points to an Addressable. - type: object - properties: - apiVersion: - description: API version of the referent. - type: string - kind: - description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - namespace: - description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ This is optional field, it gets defaulted to the object holding it if left out.' - type: string - uri: - description: URI can be an absolute URL(non-empty scheme and non-empty host) pointing to the target or a relative URI. Relative URIs will be resolved using the base URI retrieved from Ref. - type: string - status: - type: object - properties: - annotations: - description: Annotations is additional Status fields for the Resource to save some additional State as well as convey more information to the user. This is roughly akin to Annotations on any k8s resource, just the reconciler conveying richer information outwards. - type: object - x-kubernetes-preserve-unknown-fields: true - ceAttributes: - description: CloudEventAttributes are the specific attributes that the Source uses as part of its CloudEvents. - type: array - items: - type: object - properties: - source: - description: Source is the CloudEvents source attribute. - type: string - type: - description: Type refers to the CloudEvent type attribute. - type: string - conditions: - description: Conditions the latest available observations of a resource's current state. - type: array - items: - type: object - required: - - type - - status - properties: - lastTransitionTime: - description: LastTransitionTime is the last time the condition transitioned from one status to another. We use VolatileTime in place of metav1.Time to exclude this from creating equality.Semantic differences (all other things held constant). - type: string - message: - description: A human readable message indicating details about the transition. - type: string - reason: - description: The reason for the condition's last transition. - type: string - severity: - description: Severity with which to treat failures of this type of condition. When this is not specified, it defaults to Error. - type: string - status: - description: Status of the condition, one of True, False, Unknown. - type: string - type: - description: Type of condition. - type: string - observedGeneration: - description: ObservedGeneration is the 'Generation' of the Service that was last processed by the controller. - type: integer - format: int64 - sinkUri: - description: SinkURI is the current active sink URI that has been configured for the Source. - type: string - additionalPrinterColumns: - - name: Sink - type: string - jsonPath: ".status.sinkUri" - - name: Age - type: date - jsonPath: .metadata.creationTimestamp - - name: Ready - type: string - jsonPath: ".status.conditions[?(@.type==\"Ready\")].status" - - name: Reason - type: string - jsonPath: ".status.conditions[?(@.type==\"Ready\")].reason" - names: - categories: - - all - - knative - - sources - kind: ApiServerSource - plural: apiserversources - singular: apiserversource - scope: Namespaced - ---- -# Copyright 2020 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - name: brokers.eventing.knative.dev - labels: - eventing.knative.dev/release: "v1.8.1" - knative.dev/crd-install: "true" - duck.knative.dev/addressable: "true" - app.kubernetes.io/version: "1.8.1" - app.kubernetes.io/name: knative-eventing -spec: - group: eventing.knative.dev - versions: - - name: v1 - served: true - storage: true - subresources: - status: {} - schema: - openAPIV3Schema: - description: 'Broker collects a pool of events that are consumable using Triggers. Brokers provide a well-known endpoint for event delivery that senders can use with minimal knowledge of the event routing strategy. Subscribers use Triggers to request delivery of events from a Broker''s pool to a specific URL or Addressable endpoint.' - type: object - properties: - spec: - description: Spec defines the desired state of the Broker. - type: object - properties: - config: - description: Config is a KReference to the configuration that specifies configuration options for this Broker. For example, this could be a pointer to a ConfigMap. - type: object - properties: - apiVersion: - description: API version of the referent. - type: string - kind: - description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - namespace: - description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ This is optional field, it gets defaulted to the object holding it if left out.' - type: string - delivery: - description: Delivery contains the delivery spec for each trigger to this Broker. Each trigger delivery spec, if any, overrides this global delivery spec. - type: object - properties: - backoffDelay: - description: 'BackoffDelay is the delay before retrying. More information on Duration format: - https://www.iso.org/iso-8601-date-and-time-format.html - https://en.wikipedia.org/wiki/ISO_8601 For linear policy, backoff delay is backoffDelay*. For exponential policy, backoff delay is backoffDelay*2^.' - type: string - backoffPolicy: - description: BackoffPolicy is the retry backoff policy (linear, exponential). - type: string - deadLetterSink: - description: DeadLetterSink is the sink receiving event that could not be sent to a destination. - type: object - properties: - ref: - description: Ref points to an Addressable. - type: object - properties: - apiVersion: - description: API version of the referent. - type: string - kind: - description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - namespace: - description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ This is optional field, it gets defaulted to the object holding it if left out.' - type: string - uri: - description: URI can be an absolute URL(non-empty scheme and non-empty host) pointing to the target or a relative URI. Relative URIs will be resolved using the base URI retrieved from Ref. - type: string - retry: - description: Retry is the minimum number of retries the sender should attempt when sending an event before moving it to the dead letter sink. - type: integer - format: int32 - x-kubernetes-preserve-unknown-fields: true # This is necessary to enable the experimental feature delivery-timeout - status: - description: Status represents the current state of the Broker. This data may be out of date. - type: object - properties: - address: - description: Broker is Addressable. It exposes the endpoint as an URI to get events delivered into the Broker mesh. - type: object - properties: - url: - type: string - annotations: - description: Annotations is additional Status fields for the Resource to save some additional State as well as convey more information to the user. This is roughly akin to Annotations on any k8s resource, just the reconciler conveying richer information outwards. - type: object - x-kubernetes-preserve-unknown-fields: true - conditions: - description: Conditions the latest available observations of a resource's current state. - type: array - items: - type: object - required: - - type - - status - properties: - lastTransitionTime: - description: 'LastTransitionTime is the last time the condition transitioned from one status to another. We use VolatileTime in place of metav1.Time to exclude this from creating equality.Semantic differences (all other things held constant).' - type: string - message: - description: 'A human readable message indicating details about the transition.' - type: string - reason: - description: 'The reason for the condition''s last transition.' - type: string - severity: - description: 'Severity with which to treat failures of this type of condition. When this is not specified, it defaults to Error.' - type: string - status: - description: 'Status of the condition, one of True, False, Unknown.' - type: string - type: - description: 'Type of condition.' - type: string - deadLetterSinkUri: - description: DeadLetterSinkURI is the resolved URI of the dead letter sink that will be used as a fallback when not specified by Triggers. - type: string - observedGeneration: - description: ObservedGeneration is the 'Generation' of the Service that was last processed by the controller. - type: integer - format: int64 - additionalPrinterColumns: - - name: URL - type: string - jsonPath: .status.address.url - - name: Age - type: date - jsonPath: .metadata.creationTimestamp - - name: Ready - type: string - jsonPath: ".status.conditions[?(@.type==\"Ready\")].status" - - name: Reason - type: string - jsonPath: ".status.conditions[?(@.type==\"Ready\")].reason" - names: - kind: Broker - plural: brokers - singular: broker - categories: - - all - - knative - - eventing - scope: Namespaced - ---- -# Copyright 2020 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - name: channels.messaging.knative.dev - labels: - eventing.knative.dev/release: "v1.8.1" - knative.dev/crd-install: "true" - messaging.knative.dev/subscribable: "true" - duck.knative.dev/addressable: "true" - app.kubernetes.io/version: "1.8.1" - app.kubernetes.io/name: knative-eventing -spec: - group: messaging.knative.dev - versions: - - name: v1 - served: true - storage: true - subresources: - status: {} - additionalPrinterColumns: - - name: URL - type: string - jsonPath: .status.address.url - - name: Age - type: date - jsonPath: .metadata.creationTimestamp - - name: Ready - type: string - jsonPath: ".status.conditions[?(@.type==\"Ready\")].status" - - name: Reason - type: string - jsonPath: ".status.conditions[?(@.type==\"Ready\")].reason" - schema: - openAPIV3Schema: - description: 'Channel represents a generic Channel. It is normally used when we want a Channel, but do not need a specific Channel implementation.' - type: object - properties: - spec: - description: Spec defines the desired state of the Channel. - type: object - properties: - channelTemplate: - description: ChannelTemplate specifies which Channel CRD to use to create the CRD Channel backing this Channel. This is immutable after creation. Normally this is set by the Channel defaulter, not directly by the user. - type: object - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - spec: - description: Spec defines the Spec to use for each channel created. Passed in verbatim to the Channel CRD as Spec section. - type: object - x-kubernetes-preserve-unknown-fields: true - delivery: - description: DeliverySpec contains the default delivery spec for each subscription to this Channelable. Each subscription delivery spec, if any, overrides this global delivery spec. - type: object - properties: - backoffDelay: - description: 'BackoffDelay is the delay before retrying. More information on Duration format: - https://www.iso.org/iso-8601-date-and-time-format.html - https://en.wikipedia.org/wiki/ISO_8601 For linear policy, backoff delay is backoffDelay*. For exponential policy, backoff delay is backoffDelay*2^.' - type: string - backoffPolicy: - description: BackoffPolicy is the retry backoff policy (linear, exponential). - type: string - deadLetterSink: - description: DeadLetterSink is the sink receiving event that could not be sent to a destination. - type: object - properties: - ref: - description: Ref points to an Addressable. - type: object - properties: - apiVersion: - description: API version of the referent. - type: string - kind: - description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - namespace: - description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ This is optional field, it gets defaulted to the object holding it if left out.' - type: string - uri: - description: URI can be an absolute URL(non-empty scheme and non-empty host) pointing to the target or a relative URI. Relative URIs will be resolved using the base URI retrieved from Ref. - type: string - retry: - description: Retry is the minimum number of retries the sender should attempt when sending an event before moving it to the dead letter sink. - type: integer - format: int32 - x-kubernetes-preserve-unknown-fields: true # This is necessary to enable the experimental feature delivery-timeout - subscribers: - description: This is the list of subscriptions for this subscribable. - type: array - items: - type: object - properties: - delivery: - description: DeliverySpec contains options controlling the event delivery - type: object - properties: - backoffDelay: - description: 'BackoffDelay is the delay before retrying. More information on Duration format: - https://www.iso.org/iso-8601-date-and-time-format.html - https://en.wikipedia.org/wiki/ISO_8601 For linear policy, backoff delay is backoffDelay*. For exponential policy, backoff delay is backoffDelay*2^.' - type: string - backoffPolicy: - description: BackoffPolicy is the retry backoff policy (linear, exponential). - type: string - deadLetterSink: - description: DeadLetterSink is the sink receiving event that could not be sent to a destination. - type: object - properties: - ref: - description: Ref points to an Addressable. - type: object - properties: - apiVersion: - description: API version of the referent. - type: string - kind: - description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - namespace: - description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ This is optional field, it gets defaulted to the object holding it if left out.' - type: string - uri: - description: URI can be an absolute URL(non-empty scheme and non-empty host) pointing to the target or a relative URI. Relative URIs will be resolved using the base URI retrieved from Ref. - type: string - retry: - description: Retry is the minimum number of retries the sender should attempt when sending an event before moving it to the dead letter sink. - type: integer - format: int32 - x-kubernetes-preserve-unknown-fields: true # This is necessary to enable the experimental feature - generation: - description: Generation of the origin of the subscriber with uid:UID. - type: integer - format: int64 - replyUri: - description: ReplyURI is the endpoint for the reply - type: string - subscriberUri: - description: SubscriberURI is the endpoint for the subscriber - type: string - uid: - description: UID is used to understand the origin of the subscriber. - type: string - status: - description: Status represents the current state of the Channel. This data may be out of date. - type: object - properties: - address: - type: object - properties: - url: - type: string - annotations: - description: Annotations is additional Status fields for the Resource to save some additional State as well as convey more information to the user. This is roughly akin to Annotations on any k8s resource, just the reconciler conveying richer information outwards. - type: object - x-kubernetes-preserve-unknown-fields: true - channel: - description: Channel is an KReference to the Channel CRD backing this Channel. - type: object - properties: - apiVersion: - description: API version of the referent. - type: string - kind: - description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - namespace: - description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ This is optional field, it gets defaulted to the object holding it if left out.' - type: string - conditions: - description: Conditions the latest available observations of a resource's current state. - type: array - items: - type: object - required: - - type - - status - properties: - lastTransitionTime: - description: LastTransitionTime is the last time the condition transitioned from one status to another. We use VolatileTime in place of metav1.Time to exclude this from creating equality.Semantic differences (all other things held constant). - type: string - message: - description: A human readable message indicating details about the transition. - type: string - reason: - description: The reason for the condition's last transition. - type: string - severity: - description: Severity with which to treat failures of this type of condition. When this is not specified, it defaults to Error. - type: string - status: - description: Status of the condition, one of True, False, Unknown. - type: string - type: - description: Type of condition. - type: string - deadLetterChannel: - description: DeadLetterChannel is a KReference and is set by the channel when it supports native error handling via a channel Failed messages are delivered here. - type: object - properties: - apiVersion: - description: API version of the referent. - type: string - kind: - description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - namespace: - description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ This is optional field, it gets defaulted to the object holding it if left out.' - type: string - deadLetterSinkUri: - description: DeadLetterSinkURI is the resolved URI of the dead letter sink that will be used as a fallback when not specified by Triggers. - type: string - observedGeneration: - description: ObservedGeneration is the 'Generation' of the Service that was last processed by the controller. - type: integer - format: int64 - subscribers: - description: This is the list of subscription's statuses for this channel. - type: array - items: - type: object - properties: - message: - description: A human readable message indicating details of Ready status. - type: string - observedGeneration: - description: Generation of the origin of the subscriber with uid:UID. - type: integer - format: int64 - ready: - description: Status of the subscriber. - type: string - uid: - description: UID is used to understand the origin of the subscriber. - type: string - names: - kind: Channel - plural: channels - singular: channel - categories: - - all - - knative - - messaging - - channel - shortNames: - - ch - scope: Namespaced - ---- -# Copyright 2020 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - labels: - eventing.knative.dev/release: "v1.8.1" - eventing.knative.dev/source: "true" - duck.knative.dev/source: "true" - knative.dev/crd-install: "true" - app.kubernetes.io/version: "1.8.1" - app.kubernetes.io/name: knative-eventing - name: containersources.sources.knative.dev -spec: - group: sources.knative.dev - versions: - - name: v1 - served: true - storage: true - subresources: - status: {} - schema: - openAPIV3Schema: - description: 'ContainerSource is an event source that starts a container image which generates events under certain situations and sends messages to a sink URI' - type: object - properties: - spec: - type: object - properties: - ceOverrides: - description: CloudEventOverrides defines overrides to control the output format and modifications of the event sent to the sink. - type: object - properties: - extensions: - description: Extensions specify what attribute are added or overridden on the outbound event. Each `Extensions` key-value pair are set on the event as an attribute extension independently. - type: object - x-kubernetes-preserve-unknown-fields: true - sink: - description: Sink is a reference to an object that will resolve to a uri to use as the sink. - type: object - properties: - ref: - description: Ref points to an Addressable. - type: object - properties: - apiVersion: - description: API version of the referent. - type: string - kind: - description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - namespace: - description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ This is optional field, it gets defaulted to the object holding it if left out.' - type: string - uri: - description: URI can be an absolute URL(non-empty scheme and non-empty host) pointing to the target or a relative URI. Relative URIs will be resolved using the base URI retrieved from Ref. - type: string - # WARNING: the schema tool can not parse PodTemplateSpec, stub here and redirect to Deployment documentation. - template: - type: object - x-kubernetes-preserve-unknown-fields: true - description: 'A template in the shape of `Deployment.spec.template` to be used for this ContainerSource. More info: https://kubernetes.io/docs/concepts/workloads/controllers/deployment/' - status: - type: object - properties: - annotations: - description: Annotations is additional Status fields for the Resource to save some additional State as well as convey more information to the user. This is roughly akin to Annotations on any k8s resource, just the reconciler conveying richer information outwards. - type: object - x-kubernetes-preserve-unknown-fields: true - ceAttributes: - description: CloudEventAttributes are the specific attributes that the Source uses as part of its CloudEvents. - type: array - items: - type: object - properties: - source: - description: Source is the CloudEvents source attribute. - type: string - type: - description: Type refers to the CloudEvent type attribute. - type: string - conditions: - description: Conditions the latest available observations of a resource's current state. - type: array - items: - type: object - required: - - type - - status - properties: - lastTransitionTime: - description: LastTransitionTime is the last time the condition transitioned from one status to another. We use VolatileTime in place of metav1.Time to exclude this from creating equality.Semantic differences (all other things held constant). - type: string - message: - description: A human readable message indicating details about the transition. - type: string - reason: - description: The reason for the condition's last transition. - type: string - severity: - description: Severity with which to treat failures of this type of condition. When this is not specified, it defaults to Error. - type: string - status: - description: Status of the condition, one of True, False, Unknown. - type: string - type: - description: Type of condition. - type: string - observedGeneration: - description: ObservedGeneration is the 'Generation' of the Service that was last processed by the controller. - type: integer - format: int64 - sinkUri: - description: SinkURI is the current active sink URI that has been configured for the Source. - type: string - additionalPrinterColumns: - - name: Sink - type: string - jsonPath: ".status.sinkUri" - - name: Age - type: date - jsonPath: .metadata.creationTimestamp - - name: Ready - type: string - jsonPath: ".status.conditions[?(@.type==\"Ready\")].status" - - name: Reason - type: string - jsonPath: ".status.conditions[?(@.type=='Ready')].reason" - names: - categories: - - all - - knative - - sources - kind: ContainerSource - plural: containersources - singular: containersource - scope: Namespaced - ---- -# Copyright 2020 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - name: eventtypes.eventing.knative.dev - labels: - eventing.knative.dev/release: "v1.8.1" - knative.dev/crd-install: "true" - app.kubernetes.io/version: "1.8.1" - app.kubernetes.io/name: knative-eventing -spec: - group: eventing.knative.dev - versions: - - name: v1beta1 - served: true - storage: true - subresources: - status: {} - schema: - openAPIV3Schema: - type: object - description: 'EventType represents a type of event that can be consumed from a Broker.' - properties: - spec: - description: 'Spec defines the desired state of the EventType.' - type: object - properties: - broker: - type: string - description: - description: 'Description is an optional field used to describe the EventType, in any meaningful way.' - type: string - schema: - description: 'Schema is a URI, it represents the CloudEvents schemaurl extension attribute. It may be a JSON schema, a protobuf schema, etc. It is optional.' - type: string - schemaData: - description: 'SchemaData allows the CloudEvents schema to be stored directly in the EventType. Content is dependent on the encoding. Optional attribute. The contents are not validated or manipulated by the system.' - type: string - source: - description: 'Source is a URI, it represents the CloudEvents source.' - type: string - type: - description: 'Type represents the CloudEvents type. It is authoritative.' - type: string - status: - description: 'Status represents the current state of the EventType. This data may be out of date.' - type: object - properties: - annotations: - description: 'Annotations is additional Status fields for the Resource to save some additional State as well as convey more information to the user. This is roughly akin to Annotations on any k8s resource, just the reconciler conveying richer information outwards.' - type: object - x-kubernetes-preserve-unknown-fields: true - conditions: - description: 'Conditions the latest available observations of a resource''s current state.' - type: array - items: - type: object - required: - - type - - status - properties: - lastTransitionTime: - description: 'LastTransitionTime is the last time the condition transitioned from one status to another. We use VolatileTime in place of metav1.Time to exclude this from creating equality.Semantic differences (all other things held constant).' - type: string - message: - description: 'A human readable message indicating details about the transition.' - type: string - reason: - description: 'The reason for the condition''s last transition.' - type: string - severity: - description: 'Severity with which to treat failures of this type of condition. When this is not specified, it defaults to Error.' - type: string - status: - description: 'Status of the condition, one of True, False, Unknown.' - type: string - type: - description: 'Type of condition.' - type: string - observedGeneration: - description: 'ObservedGeneration is the ''Generation'' of the Service that was last processed by the controller.' - type: integer - format: int64 - additionalPrinterColumns: - - name: Type - type: string - jsonPath: ".spec.type" - - name: Source - type: string - jsonPath: ".spec.source" - - name: Schema - type: string - jsonPath: ".spec.schema" - - name: Broker - type: string - jsonPath: ".spec.broker" - - name: Description - type: string - jsonPath: ".spec.description" - # TODO remove Status https://github.com/knative/eventing/issues/2750 - - name: Ready - type: string - jsonPath: ".status.conditions[?(@.type==\"Ready\")].status" - - name: Reason - type: string - jsonPath: ".status.conditions[?(@.type==\"Ready\")].reason" - names: - kind: EventType - plural: eventtypes - singular: eventtype - categories: - - all - - knative - - eventing - scope: Namespaced - ---- -# Copyright 2020 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - name: parallels.flows.knative.dev - labels: - eventing.knative.dev/release: "v1.8.1" - knative.dev/crd-install: "true" - duck.knative.dev/addressable: "true" - app.kubernetes.io/version: "1.8.1" - app.kubernetes.io/name: knative-eventing -spec: - group: flows.knative.dev - versions: - - name: v1 - served: true - storage: true - subresources: - status: {} - schema: - openAPIV3Schema: - description: 'Parallel defines conditional branches that will be wired in series through Channels and Subscriptions.' - type: object - properties: - spec: - description: Spec defines the desired state of the Parallel. - type: object - properties: - branches: - description: Branches is the list of Filter/Subscribers pairs. - type: array - items: - type: object - x-kubernetes-preserve-unknown-fields: true - properties: - delivery: - description: Delivery is the delivery specification for events to the subscriber This includes things like retries, DLQ, etc. - type: object - properties: - backoffDelay: - description: 'BackoffDelay is the delay before retrying. More information on Duration format: - https://www.iso.org/iso-8601-date-and-time-format.html - https://en.wikipedia.org/wiki/ISO_8601 For linear policy, backoff delay is backoffDelay*. For exponential policy, backoff delay is backoffDelay*2^.' - type: string - backoffPolicy: - description: BackoffPolicy is the retry backoff policy (linear, exponential). - type: string - deadLetterSink: - description: DeadLetterSink is the sink receiving event that could not be sent to a destination. - type: object - properties: &addressableProperties - ref: - description: Ref points to an Addressable. - type: object - properties: - apiVersion: - description: API version of the referent. - type: string - kind: - description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - namespace: - description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ This is optional field, it gets defaulted to the object holding it if left out.' - type: string - uri: - description: URI can be an absolute URL(non-empty scheme and non-empty host) pointing to the target or a relative URI. Relative URIs will be resolved using the base URI retrieved from Ref. - type: string - retry: - description: Retry is the minimum number of retries the sender should attempt when sending an event before moving it to the dead letter sink. - type: integer - format: int32 - x-kubernetes-preserve-unknown-fields: true # This is necessary to enable the experimental feature delivery-timeout - filter: - description: Filter is the expression guarding the branch - type: object - properties: - !!merge <<: *addressableProperties - reply: - description: Reply is a Reference to where the result of Subscriber of this case gets sent to. If not specified, sent the result to the Parallel Reply - type: object - properties: - !!merge <<: *addressableProperties - subscriber: - description: Subscriber receiving the event when the filter passes - type: object - properties: - !!merge <<: *addressableProperties - channelTemplate: - description: ChannelTemplate specifies which Channel CRD to use. If left unspecified, it is set to the default Channel CRD for the namespace (or cluster, in case there are no defaults for the namespace). - type: object - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - spec: - description: Spec defines the Spec to use for each channel created. Passed in verbatim to the Channel CRD as Spec section. - type: object - x-kubernetes-preserve-unknown-fields: true - reply: - description: Reply is a Reference to where the result of a case Subscriber gets sent to when the case does not have a Reply - type: object - properties: - !!merge <<: *addressableProperties - status: - description: Status represents the current state of the Parallel. This data may be out of date. - type: object - properties: - address: - type: object - properties: - url: - type: string - annotations: - description: Annotations is additional Status fields for the Resource to save some additional State as well as convey more information to the user. This is roughly akin to Annotations on any k8s resource, just the reconciler conveying richer information outwards. - type: object - x-kubernetes-preserve-unknown-fields: true - branchStatuses: - description: BranchStatuses is an array of corresponding to branch statuses. Matches the Spec.Branches array in the order. - type: array - items: - type: object - properties: - filterChannelStatus: - description: FilterChannelStatus corresponds to the filter channel status. - type: object - properties: &channelProperties - channel: - description: Channel is the reference to the underlying channel. - type: object - properties: &referentProperties - apiVersion: - description: API version of the referent. - type: string - fieldPath: - description: 'If referring to a piece of an object instead of an entire object, this string should contain a valid JSON/Go field access statement, such as desiredState.manifest.containers[2]. For example, if the object reference is to a container within a pod, this would take on a value like: "spec.containers{name}" (where "name" refers to the name of the container that triggered the event) or if no container name is specified "spec.containers[2]" (container with index 2 in this pod). This syntax is chosen only to have some well-defined way of referencing a part of an object.' - type: string - kind: - description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - namespace: - description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' - type: string - resourceVersion: - description: 'Specific resourceVersion to which this reference is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency' - type: string - uid: - description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids' - type: string - ready: - description: ReadyCondition indicates whether the Channel is ready or not. - type: object - x-kubernetes-preserve-unknown-fields: true - properties: &readyConditionProperties - message: - description: A human readable message indicating details about the transition. - type: string - reason: - description: The reason for the condition's last transition. - type: string - severity: - description: Severity with which to treat failures of this type of condition. When this is not specified, it defaults to Error. - type: string - status: - description: Status of the condition, one of True, False, Unknown. - type: string - type: - description: Type of condition. - type: string - filterSubscriptionStatus: - description: FilterSubscriptionStatus corresponds to the filter subscription status. - type: object - properties: - ready: - description: ReadyCondition indicates whether the Subscription is ready or not. - type: object - properties: - !!merge <<: *readyConditionProperties - subscription: - description: Subscription is the reference to the underlying Subscription. - type: object - properties: - !!merge <<: *referentProperties - subscriberSubscriptionStatus: - description: SubscriptionStatus corresponds to the subscriber subscription status. - type: object - properties: - ready: - description: ReadyCondition indicates whether the Subscription is ready or not. - type: object - properties: - !!merge <<: *readyConditionProperties - subscription: - description: Subscription is the reference to the underlying Subscription. - type: object - properties: - !!merge <<: *referentProperties - conditions: - description: Conditions the latest available observations of a resource's current state. - type: array - items: - type: object - properties: - !!merge <<: *readyConditionProperties - ingressChannelStatus: - description: IngressChannelStatus corresponds to the ingress channel status. - type: object - properties: - !!merge <<: *channelProperties - observedGeneration: - description: ObservedGeneration is the 'Generation' of the Service that was last processed by the controller. - type: integer - format: int64 - additionalPrinterColumns: - - name: URL - type: string - jsonPath: .status.address.url - - name: Age - type: date - jsonPath: .metadata.creationTimestamp - - name: Ready - type: string - jsonPath: ".status.conditions[?(@.type==\"Ready\")].status" - - name: Reason - type: string - jsonPath: ".status.conditions[?(@.type==\"Ready\")].reason" - names: - kind: Parallel - plural: parallels - singular: parallel - categories: - - all - - knative - - flows - scope: Namespaced - ---- -# Copyright 2020 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - labels: - eventing.knative.dev/release: "v1.8.1" - eventing.knative.dev/source: "true" - duck.knative.dev/source: "true" - knative.dev/crd-install: "true" - app.kubernetes.io/version: "1.8.1" - app.kubernetes.io/name: knative-eventing - annotations: - # TODO add schemas and descriptions - registry.knative.dev/eventTypes: | - [ - { "type": "dev.knative.sources.ping" } - ] - name: pingsources.sources.knative.dev -spec: - group: sources.knative.dev - versions: - - &version - name: v1beta2 - served: true - storage: false - subresources: - status: {} - schema: - openAPIV3Schema: - type: object - description: 'PingSource describes an event source with a fixed payload produced on a specified cron schedule.' - properties: - spec: - type: object - description: 'PingSourceSpec defines the desired state of the PingSource (from the client).' - properties: - ceOverrides: - description: 'CloudEventOverrides defines overrides to control the output format and modifications of the event sent to the sink.' - type: object - properties: - extensions: - description: 'Extensions specify what attribute are added or overridden on the outbound event. Each `Extensions` key-value pair are set on the event as an attribute extension independently.' - type: object - additionalProperties: - type: string - x-kubernetes-preserve-unknown-fields: true - contentType: - description: 'ContentType is the media type of `data` or `dataBase64`. Default is empty.' - type: string - data: - description: 'Data is data used as the body of the event posted to the sink. Default is empty. Mutually exclusive with `dataBase64`.' - type: string - dataBase64: - description: "DataBase64 is the base64-encoded string of the actual event's body posted to the sink. Default is empty. Mutually exclusive with `data`." - type: string - schedule: - description: 'Schedule is the cron schedule. Defaults to `* * * * *`.' - type: string - sink: - description: 'Sink is a reference to an object that will resolve to a uri to use as the sink.' - type: object - properties: - ref: - description: 'Ref points to an Addressable.' - type: object - properties: - apiVersion: - description: 'API version of the referent.' - type: string - kind: - description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - namespace: - description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ This is optional field, it gets defaulted to the object holding it if left out.' - type: string - uri: - description: 'URI can be an absolute URL(non-empty scheme and non-empty host) pointing to the target or a relative URI. Relative URIs will be resolved using the base URI retrieved from Ref.' - type: string - timezone: - description: 'Timezone modifies the actual time relative to the specified timezone. Defaults to the system time zone. More general information about time zones: https://www.iana.org/time-zones List of valid timezone values: https://en.wikipedia.org/wiki/List_of_tz_database_time_zones' - type: string - status: - type: object - description: 'PingSourceStatus defines the observed state of PingSource (from the controller).' - properties: - annotations: - description: 'Annotations is additional Status fields for the Resource to save some additional State as well as convey more information to the user. This is roughly akin to Annotations on any k8s resource, just the reconciler conveying richer information outwards.' - type: object - x-kubernetes-preserve-unknown-fields: true - ceAttributes: - description: 'CloudEventAttributes are the specific attributes that the Source uses as part of its CloudEvents.' - type: array - items: - type: object - properties: - source: - description: 'Source is the CloudEvents source attribute.' - type: string - type: - description: 'Type refers to the CloudEvent type attribute.' - type: string - conditions: - description: 'Conditions the latest available observations of a resource''s current state.' - type: array - items: - type: object - required: - - type - - status - properties: - lastTransitionTime: - description: 'LastTransitionTime is the last time the condition transitioned from one status to another. We use VolatileTime in place of metav1.Time to exclude this from creating equality.Semantic differences (all other things held constant).' - type: string - message: - description: 'A human readable message indicating details about the transition.' - type: string - reason: - description: 'The reason for the condition''s last transition.' - type: string - severity: - description: 'Severity with which to treat failures of this type of condition. When this is not specified, it defaults to Error.' - type: string - status: - description: 'Status of the condition, one of True, False, Unknown.' - type: string - type: - description: 'Type of condition.' - type: string - observedGeneration: - description: 'ObservedGeneration is the "Generation" of the Service that was last processed by the controller.' - type: integer - format: int64 - sinkUri: - description: 'SinkURI is the current active sink URI that has been configured for the Source.' - type: string - additionalPrinterColumns: - - name: Sink - type: string - jsonPath: .status.sinkUri - - name: Schedule - type: string - jsonPath: .spec.schedule - - name: Age - type: date - jsonPath: .metadata.creationTimestamp - - name: Ready - type: string - jsonPath: ".status.conditions[?(@.type=='Ready')].status" - - name: Reason - type: string - jsonPath: ".status.conditions[?(@.type=='Ready')].reason" - - !!merge <<: *version - name: v1 - served: true - storage: true - # v1 schema is identical to the v1beta2 schema - names: - categories: - - all - - knative - - sources - kind: PingSource - plural: pingsources - singular: pingsource - scope: Namespaced - conversion: - strategy: Webhook - webhook: - conversionReviewVersions: ["v1", "v1beta1"] - clientConfig: - service: - name: eventing-webhook - namespace: knative-eventing - ---- -# Copyright 2020 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - name: sequences.flows.knative.dev - labels: - eventing.knative.dev/release: "v1.8.1" - knative.dev/crd-install: "true" - duck.knative.dev/addressable: "true" - app.kubernetes.io/version: "1.8.1" - app.kubernetes.io/name: knative-eventing -spec: - group: flows.knative.dev - versions: - - name: v1 - served: true - storage: true - subresources: - status: {} - schema: - openAPIV3Schema: - description: 'Sequence defines a sequence of Subscribers that will be wired in series through Channels and Subscriptions.' - type: object - properties: - spec: - description: Spec defines the desired state of the Sequence. - type: object - properties: - channelTemplate: - description: ChannelTemplate specifies which Channel CRD to use. If left unspecified, it is set to the default Channel CRD for the namespace (or cluster, in case there are no defaults for the namespace). - type: object - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - spec: - description: Spec defines the Spec to use for each channel created. Passed in verbatim to the Channel CRD as Spec section. - type: object - x-kubernetes-preserve-unknown-fields: true - reply: - description: Reply is a Reference to where the result of the last Subscriber gets sent to. - type: object - properties: - ref: - description: Ref points to an Addressable. - type: object - properties: - apiVersion: - description: API version of the referent. - type: string - kind: - description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - namespace: - description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ This is optional field, it gets defaulted to the object holding it if left out.' - type: string - uri: - description: URI can be an absolute URL(non-empty scheme and non-empty host) pointing to the target or a relative URI. Relative URIs will be resolved using the base URI retrieved from Ref. - type: string - steps: - description: Steps is the list of Destinations (processors / functions) that will be called in the order provided. Each step has its own delivery options - type: array - items: - type: object - properties: - delivery: - description: Delivery is the delivery specification for events to the subscriber This includes things like retries, DLQ, etc. - type: object - properties: - backoffDelay: - description: 'BackoffDelay is the delay before retrying. More information on Duration format: - https://www.iso.org/iso-8601-date-and-time-format.html - https://en.wikipedia.org/wiki/ISO_8601 For linear policy, backoff delay is backoffDelay*. For exponential policy, backoff delay is backoffDelay*2^.' - type: string - backoffPolicy: - description: BackoffPolicy is the retry backoff policy (linear, exponential). - type: string - deadLetterSink: - description: DeadLetterSink is the sink receiving event that could not be sent to a destination. - type: object - properties: - ref: - description: Ref points to an Addressable. - type: object - properties: - apiVersion: - description: API version of the referent. - type: string - kind: - description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - namespace: - description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ This is optional field, it gets defaulted to the object holding it if left out.' - type: string - uri: - description: URI can be an absolute URL(non-empty scheme and non-empty host) pointing to the target or a relative URI. Relative URIs will be resolved using the base URI retrieved from Ref. - type: string - retry: - description: Retry is the minimum number of retries the sender should attempt when sending an event before moving it to the dead letter sink. - type: integer - format: int32 - x-kubernetes-preserve-unknown-fields: true # This is necessary to enable the experimental feature delivery-timeout - ref: - description: Ref points to an Addressable. - type: object - properties: - apiVersion: - description: API version of the referent. - type: string - kind: - description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - namespace: - description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ This is optional field, it gets defaulted to the object holding it if left out.' - type: string - uri: - description: URI can be an absolute URL(non-empty scheme and non-empty host) pointing to the target or a relative URI. Relative URIs will be resolved using the base URI retrieved from Ref. - type: string - status: - description: Status represents the current state of the Sequence. This data may be out of date. - type: object - properties: - address: - type: object - properties: - url: - type: string - annotations: - description: Annotations is additional Status fields for the Resource to save some additional State as well as convey more information to the user. This is roughly akin to Annotations on any k8s resource, just the reconciler conveying richer information outwards. - type: object - x-kubernetes-preserve-unknown-fields: true - channelStatuses: - description: ChannelStatuses is an array of corresponding Channel statuses. Matches the Spec.Steps array in the order. - type: array - items: - type: object - properties: - channel: - description: Channel is the reference to the underlying channel. - type: object - properties: - apiVersion: - description: API version of the referent. - type: string - fieldPath: - description: 'If referring to a piece of an object instead of an entire object, this string should contain a valid JSON/Go field access statement, such as desiredState.manifest.containers[2]. For example, if the object reference is to a container within a pod, this would take on a value like: "spec.containers{name}" (where "name" refers to the name of the container that triggered the event) or if no container name is specified "spec.containers[2]" (container with index 2 in this pod). This syntax is chosen only to have some well-defined way of referencing a part of an object.' - type: string - kind: - description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - namespace: - description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' - type: string - resourceVersion: - description: 'Specific resourceVersion to which this reference is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency' - type: string - uid: - description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids' - type: string - ready: - description: ReadyCondition indicates whether the Channel is ready or not. - type: object - required: - - type - - status - properties: - lastTransitionTime: - description: LastTransitionTime is the last time the condition transitioned from one status to another. We use VolatileTime in place of metav1.Time to exclude this from creating equality.Semantic differences (all other things held constant). - type: string - message: - description: A human readable message indicating details about the transition. - type: string - reason: - description: The reason for the condition's last transition. - type: string - severity: - description: Severity with which to treat failures of this type of condition. When this is not specified, it defaults to Error. - type: string - status: - description: Status of the condition, one of True, False, Unknown. - type: string - type: - description: Type of condition. - type: string - conditions: - description: Conditions the latest available observations of a resource's current state. - type: array - items: - type: object - required: - - type - - status - properties: - lastTransitionTime: - description: LastTransitionTime is the last time the condition transitioned from one status to another. We use VolatileTime in place of metav1.Time to exclude this from creating equality.Semantic differences (all other things held constant). - type: string - message: - description: A human readable message indicating details about the transition. - type: string - reason: - description: The reason for the condition's last transition. - type: string - severity: - description: Severity with which to treat failures of this type of condition. When this is not specified, it defaults to Error. - type: string - status: - description: Status of the condition, one of True, False, Unknown. - type: string - type: - description: Type of condition. - type: string - observedGeneration: - description: ObservedGeneration is the 'Generation' of the Service that was last processed by the controller. - type: integer - format: int64 - subscriptionStatuses: - description: SubscriptionStatuses is an array of corresponding Subscription statuses. Matches the Spec.Steps array in the order. - type: array - items: - type: object - properties: - ready: - description: ReadyCondition indicates whether the Subscription is ready or not. - type: object - required: - - type - - status - properties: - lastTransitionTime: - description: LastTransitionTime is the last time the condition transitioned from one status to another. We use VolatileTime in place of metav1.Time to exclude this from creating equality.Semantic differences (all other things held constant). - type: string - message: - description: A human readable message indicating details about the transition. - type: string - reason: - description: The reason for the condition's last transition. - type: string - severity: - description: Severity with which to treat failures of this type of condition. When this is not specified, it defaults to Error. - type: string - status: - description: Status of the condition, one of True, False, Unknown. - type: string - type: - description: Type of condition. - type: string - subscription: - description: Subscription is the reference to the underlying Subscription. - type: object - properties: - apiVersion: - description: API version of the referent. - type: string - fieldPath: - description: 'If referring to a piece of an object instead of an entire object, this string should contain a valid JSON/Go field access statement, such as desiredState.manifest.containers[2]. For example, if the object reference is to a container within a pod, this would take on a value like: "spec.containers{name}" (where "name" refers to the name of the container that triggered the event) or if no container name is specified "spec.containers[2]" (container with index 2 in this pod). This syntax is chosen only to have some well-defined way of referencing a part of an object.' - type: string - kind: - description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - namespace: - description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' - type: string - resourceVersion: - description: 'Specific resourceVersion to which this reference is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency' - type: string - uid: - description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids' - type: string - additionalPrinterColumns: - - name: URL - type: string - jsonPath: .status.address.url - - name: Age - type: date - jsonPath: .metadata.creationTimestamp - - name: Ready - type: string - jsonPath: ".status.conditions[?(@.type==\"Ready\")].status" - - name: Reason - type: string - jsonPath: ".status.conditions[?(@.type==\"Ready\")].reason" - names: - kind: Sequence - plural: sequences - singular: sequence - categories: - - all - - knative - - flows - scope: Namespaced - ---- -# Copyright 2020 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - labels: - eventing.knative.dev/release: "v1.8.1" - eventing.knative.dev/source: "true" - duck.knative.dev/source: "true" - duck.knative.dev/binding: "true" - knative.dev/crd-install: "true" - app.kubernetes.io/version: "1.8.1" - app.kubernetes.io/name: knative-eventing - name: sinkbindings.sources.knative.dev -spec: - group: sources.knative.dev - versions: - - name: v1 - served: true - storage: true - subresources: - status: {} - schema: - openAPIV3Schema: - description: 'SinkBinding describes a Binding that is also a Source. The `sink` (from the Source duck) is resolved to a URL and then projected into the `subject` by augmenting the runtime contract of the referenced containers to have a `K_SINK` environment variable holding the endpoint to which to send cloud events.' - type: object - properties: - spec: - type: object - properties: - ceOverrides: - description: CloudEventOverrides defines overrides to control the output format and modifications of the event sent to the sink. - type: object - properties: - extensions: - description: Extensions specify what attribute are added or overridden on the outbound event. Each `Extensions` key-value pair are set on the event as an attribute extension independently. - type: object - x-kubernetes-preserve-unknown-fields: true - sink: - description: Sink is a reference to an object that will resolve to a uri to use as the sink. - type: object - properties: - ref: - description: Ref points to an Addressable. - type: object - properties: - apiVersion: - description: API version of the referent. - type: string - kind: - description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - namespace: - description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ This is optional field, it gets defaulted to the object holding it if left out.' - type: string - uri: - description: URI can be an absolute URL(non-empty scheme and non-empty host) pointing to the target or a relative URI. Relative URIs will be resolved using the base URI retrieved from Ref. - type: string - subject: - description: Subject references the resource(s) whose "runtime contract" should be augmented by Binding implementations. - type: object - properties: - apiVersion: - description: API version of the referent. - type: string - kind: - description: Kind of the referent. - type: string - name: - description: Name of the referent. Mutually exclusive with Selector. - type: string - namespace: - description: Namespace of the referent. - type: string - selector: - description: Selector of the referents. Mutually exclusive with Name. - type: object - properties: - matchExpressions: - description: matchExpressions is a list of label selector requirements. The requirements are ANDed. - type: array - items: - type: object - properties: - key: - description: key is the label key that the selector applies to. - type: string - operator: - description: operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. - type: string - values: - description: values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. - type: array - items: - type: string - matchLabels: - description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. - type: object - x-kubernetes-preserve-unknown-fields: true - status: - type: object - properties: - annotations: - description: Annotations is additional Status fields for the Resource to save some additional State as well as convey more information to the user. This is roughly akin to Annotations on any k8s resource, just the reconciler conveying richer information outwards. - type: object - x-kubernetes-preserve-unknown-fields: true - ceAttributes: - description: CloudEventAttributes are the specific attributes that the Source uses as part of its CloudEvents. - type: array - items: - type: object - properties: - source: - description: Source is the CloudEvents source attribute. - type: string - type: - description: Type refers to the CloudEvent type attribute. - type: string - conditions: - description: Conditions the latest available observations of a resource's current state. - type: array - items: - type: object - required: - - type - - status - properties: - lastTransitionTime: - description: LastTransitionTime is the last time the condition transitioned from one status to another. We use VolatileTime in place of metav1.Time to exclude this from creating equality.Semantic differences (all other things held constant). - type: string - message: - description: A human readable message indicating details about the transition. - type: string - reason: - description: The reason for the condition's last transition. - type: string - severity: - description: Severity with which to treat failures of this type of condition. When this is not specified, it defaults to Error. - type: string - status: - description: Status of the condition, one of True, False, Unknown. - type: string - type: - description: Type of condition. - type: string - observedGeneration: - description: ObservedGeneration is the 'Generation' of the Service that was last processed by the controller. - type: integer - format: int64 - sinkUri: - description: SinkURI is the current active sink URI that has been configured for the Source. - type: string - additionalPrinterColumns: - - name: Sink - type: string - jsonPath: ".status.sinkUri" - - name: Age - type: date - jsonPath: .metadata.creationTimestamp - - name: Ready - type: string - jsonPath: ".status.conditions[?(@.type=='Ready')].status" - - name: Reason - type: string - jsonPath: ".status.conditions[?(@.type=='Ready')].reason" - names: - categories: - - all - - knative - - sources - - bindings - kind: SinkBinding - plural: sinkbindings - singular: sinkbinding - scope: Namespaced - ---- -# Copyright 2020 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - name: subscriptions.messaging.knative.dev - labels: - eventing.knative.dev/release: "v1.8.1" - knative.dev/crd-install: "true" - app.kubernetes.io/version: "1.8.1" - app.kubernetes.io/name: knative-eventing -spec: - group: messaging.knative.dev - versions: - - name: v1 - served: true - storage: true - subresources: - status: {} - schema: - openAPIV3Schema: - description: 'Subscription routes events received on a Channel to a DNS name and corresponds to the subscriptions.channels.knative.dev CRD.' - type: object - properties: - spec: - type: object - properties: - channel: - description: 'Reference to a channel that will be used to create the subscription. You can specify only the following fields of the KReference: kind, apiVersion and name. The resource pointed by this KReference must meet the contract to the ChannelableSpec duck type. If the resource does not meet this contract it will be reflected in the Subscription''s status. This field is immutable. We have no good answer on what happens to the events that are currently in the channel being consumed from and what the semantics there should be. For now, you can always delete the Subscription and recreate it to point to a different channel, giving the user more control over what semantics should be used (drain the channel first, possibly have events dropped, etc.)' - type: object - properties: - apiVersion: - description: API version of the referent. - type: string - kind: - description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - x-kubernetes-preserve-unknown-fields: true # This is necessary to enable the experimental feature - delivery: - description: Delivery configuration - type: object - properties: - backoffDelay: - description: 'BackoffDelay is the delay before retrying. More information on Duration format: - https://www.iso.org/iso-8601-date-and-time-format.html - https://en.wikipedia.org/wiki/ISO_8601 For linear policy, backoff delay is backoffDelay*. For exponential policy, backoff delay is backoffDelay*2^.' - type: string - backoffPolicy: - description: BackoffPolicy is the retry backoff policy (linear, exponential). - type: string - deadLetterSink: - description: DeadLetterSink is the sink receiving event that could not be sent to a destination. - type: object - properties: - ref: - description: Ref points to an Addressable. - type: object - properties: - apiVersion: - description: API version of the referent. - type: string - kind: - description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - namespace: - description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ This is optional field, it gets defaulted to the object holding it if left out.' - type: string - uri: - description: URI can be an absolute URL(non-empty scheme and non-empty host) pointing to the target or a relative URI. Relative URIs will be resolved using the base URI retrieved from Ref. - type: string - retry: - description: Retry is the minimum number of retries the sender should attempt when sending an event before moving it to the dead letter sink. - type: integer - format: int32 - x-kubernetes-preserve-unknown-fields: true # This is necessary to enable the experimental feature delivery-timeout - reply: - description: Reply specifies (optionally) how to handle events returned from the Subscriber target. - type: object - properties: - ref: - description: Ref points to an Addressable. - type: object - properties: - apiVersion: - description: API version of the referent. - type: string - kind: - description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - namespace: - description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ This is optional field, it gets defaulted to the object holding it if left out.' - type: string - uri: - description: URI can be an absolute URL(non-empty scheme and non-empty host) pointing to the target or a relative URI. Relative URIs will be resolved using the base URI retrieved from Ref. - type: string - subscriber: - description: Subscriber is reference to (optional) function for processing events. Events from the Channel will be delivered here and replies are sent to a Destination as specified by the Reply. - type: object - properties: - ref: - description: Ref points to an Addressable. - type: object - properties: - apiVersion: - description: API version of the referent. - type: string - kind: - description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - namespace: - description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ This is optional field, it gets defaulted to the object holding it if left out.' - type: string - x-kubernetes-preserve-unknown-fields: true # This is necessary to enable the experimental feature - uri: - description: URI can be an absolute URL(non-empty scheme and non-empty host) pointing to the target or a relative URI. Relative URIs will be resolved using the base URI retrieved from Ref. - type: string - status: - type: object - properties: - annotations: - description: Annotations is additional Status fields for the Resource to save some additional State as well as convey more information to the user. This is roughly akin to Annotations on any k8s resource, just the reconciler conveying richer information outwards. - type: object - x-kubernetes-preserve-unknown-fields: true - conditions: - description: Conditions the latest available observations of a resource's current state. - type: array - items: - type: object - required: - - type - - status - properties: - lastTransitionTime: - description: LastTransitionTime is the last time the condition transitioned from one status to another. We use VolatileTime in place of metav1.Time to exclude this from creating equality.Semantic differences (all other things held constant). - type: string - message: - description: A human readable message indicating details about the transition. - type: string - reason: - description: The reason for the condition's last transition. - type: string - severity: - description: Severity with which to treat failures of this type of condition. When this is not specified, it defaults to Error. - type: string - status: - description: Status of the condition, one of True, False, Unknown. - type: string - type: - description: Type of condition. - type: string - observedGeneration: - description: ObservedGeneration is the 'Generation' of the Service that was last processed by the controller. - type: integer - format: int64 - physicalSubscription: - description: PhysicalSubscription is the fully resolved values that this Subscription represents. - type: object - properties: - deadLetterSinkUri: - description: ReplyURI is the fully resolved URI for the spec.delivery.deadLetterSink. - type: string - replyUri: - description: ReplyURI is the fully resolved URI for the spec.reply. - type: string - subscriberUri: - description: SubscriberURI is the fully resolved URI for spec.subscriber. - type: string - additionalPrinterColumns: - - name: Age - type: date - jsonPath: .metadata.creationTimestamp - - name: Ready - type: string - jsonPath: ".status.conditions[?(@.type==\"Ready\")].status" - - name: Reason - type: string - jsonPath: ".status.conditions[?(@.type==\"Ready\")].reason" - names: - kind: Subscription - plural: subscriptions - singular: subscription - categories: - - all - - knative - - messaging - shortNames: - - sub - scope: Namespaced - ---- -# Copyright 2020 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - name: triggers.eventing.knative.dev - labels: - eventing.knative.dev/release: "v1.8.1" - knative.dev/crd-install: "true" - app.kubernetes.io/version: "1.8.1" - app.kubernetes.io/name: knative-eventing -spec: - group: eventing.knative.dev - versions: - - name: v1 - served: true - storage: true - subresources: - status: {} - additionalPrinterColumns: - - name: Broker - type: string - jsonPath: .spec.broker - - name: Subscriber_URI - type: string - jsonPath: .status.subscriberUri - - name: Age - type: date - jsonPath: .metadata.creationTimestamp - - name: Ready - type: string - jsonPath: ".status.conditions[?(@.type==\"Ready\")].status" - - name: Reason - type: string - jsonPath: ".status.conditions[?(@.type==\"Ready\")].reason" - schema: - openAPIV3Schema: - description: 'Trigger represents a request to have events delivered to a subscriber from a Broker''s event pool.' - type: object - properties: - spec: - description: Spec defines the desired state of the Trigger. - type: object - x-kubernetes-preserve-unknown-fields: true - properties: - broker: - description: Broker is the broker that this trigger receives events from. - type: string - delivery: - description: Delivery contains the delivery spec for this specific trigger. - type: object - x-kubernetes-preserve-unknown-fields: true # This is necessary to enable the experimental feature delivery-timeout - properties: - backoffDelay: - description: 'BackoffDelay is the delay before retrying. More information on Duration format: - https://www.iso.org/iso-8601-date-and-time-format.html - https://en.wikipedia.org/wiki/ISO_8601 For linear policy, backoff delay is backoffDelay*. For exponential policy, backoff delay is backoffDelay*2^.' - type: string - backoffPolicy: - description: BackoffPolicy is the retry backoff policy (linear, exponential). - type: string - deadLetterSink: - description: DeadLetterSink is the sink receiving event that could not be sent to a destination. - type: object - properties: - ref: - description: Ref points to an Addressable. - type: object - properties: - apiVersion: - description: API version of the referent. - type: string - kind: - description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - namespace: - description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ This is optional field, it gets defaulted to the object holding it if left out.' - type: string - uri: - description: URI can be an absolute URL(non-empty scheme and non-empty host) pointing to the target or a relative URI. Relative URIs will be resolved using the base URI retrieved from Ref. - type: string - retry: - description: Retry is the minimum number of retries the sender should attempt when sending an event before moving it to the dead letter sink. - type: integer - format: int32 - filter: - description: 'Filter is the filter to apply against all events from the Broker. Only events that pass this filter will be sent to the Subscriber. If not specified, will default to allowing all events. ' - type: object - properties: - attributes: - description: 'Attributes filters events by exact match on event context attributes. Each key in the map is compared with the equivalent key in the event context. An event passes the filter if all values are equal to the specified values. Nested context attributes are not supported as keys. Only string values are supported. ' - type: object - x-kubernetes-preserve-unknown-fields: true - subscriber: - description: Subscriber is the addressable that receives events from the Broker that pass the Filter. It is required. - type: object - properties: - ref: - description: Ref points to an Addressable. - type: object - properties: - apiVersion: - description: API version of the referent. - type: string - kind: - description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - namespace: - description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ This is optional field, it gets defaulted to the object holding it if left out.' - type: string - uri: - description: URI can be an absolute URL(non-empty scheme and non-empty host) pointing to the target or a relative URI. Relative URIs will be resolved using the base URI retrieved from Ref. - type: string - status: - description: Status represents the current state of the Trigger. This data may be out of date. - type: object - properties: - annotations: - description: Annotations is additional Status fields for the Resource to save some additional State as well as convey more information to the user. This is roughly akin to Annotations on any k8s resource, just the reconciler conveying richer information outwards. - type: object - x-kubernetes-preserve-unknown-fields: true - conditions: - description: Conditions the latest available observations of a resource's current state. - type: array - items: - type: object - required: - - type - - status - properties: - lastTransitionTime: - description: 'LastTransitionTime is the last time the condition transitioned from one status to another. We use VolatileTime in place of metav1.Time to exclude this from creating equality.Semantic differences (all other things held constant).' - type: string - message: - description: 'A human readable message indicating details about the transition.' - type: string - reason: - description: 'The reason for the condition''s last transition.' - type: string - severity: - description: 'Severity with which to treat failures of this type of condition. When this is not specified, it defaults to Error.' - type: string - status: - description: 'Status of the condition, one of True, False, Unknown.' - type: string - type: - description: 'Type of condition.' - type: string - deadLetterSinkUri: - description: DeadLetterSinkURI is the resolved URI of the dead letter sink for this Trigger, in case there is none this will fallback to it's Broker status DeadLetterSinkURI. - type: string - observedGeneration: - description: ObservedGeneration is the 'Generation' of the Service that was last processed by the controller. - type: integer - format: int64 - subscriberUri: - description: SubscriberURI is the resolved URI of the receiver for this Trigger. - type: string - names: - kind: Trigger - plural: triggers - singular: trigger - categories: - - all - - knative - - eventing - scope: Namespaced - ---- -# Copyright 2019 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -# Use this aggregated ClusterRole when you need readonly access to "Addressables" -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRole -metadata: - name: addressable-resolver - labels: - eventing.knative.dev/release: "v1.8.1" - app.kubernetes.io/version: "1.8.1" - app.kubernetes.io/name: knative-eventing -aggregationRule: - clusterRoleSelectors: - - matchLabels: - duck.knative.dev/addressable: "true" -rules: [] # Rules are automatically filled in by the controller manager. ---- -kind: ClusterRole -apiVersion: rbac.authorization.k8s.io/v1 -metadata: - name: service-addressable-resolver - labels: - eventing.knative.dev/release: "v1.8.1" - duck.knative.dev/addressable: "true" - app.kubernetes.io/version: "1.8.1" - app.kubernetes.io/name: knative-eventing -# Do not use this role directly. These rules will be added to the "addressable-resolver" role. -rules: - - apiGroups: - - "" - resources: - - services - verbs: - - get - - list - - watch ---- -kind: ClusterRole -apiVersion: rbac.authorization.k8s.io/v1 -metadata: - name: serving-addressable-resolver - labels: - eventing.knative.dev/release: "v1.8.1" - duck.knative.dev/addressable: "true" - app.kubernetes.io/version: "1.8.1" - app.kubernetes.io/name: knative-eventing -# Do not use this role directly. These rules will be added to the "addressable-resolver" role. -rules: - - apiGroups: - - serving.knative.dev - resources: - - routes - - routes/status - - services - - services/status - verbs: - - get - - list - - watch ---- -kind: ClusterRole -apiVersion: rbac.authorization.k8s.io/v1 -metadata: - name: channel-addressable-resolver - labels: - eventing.knative.dev/release: "v1.8.1" - duck.knative.dev/addressable: "true" - app.kubernetes.io/version: "1.8.1" - app.kubernetes.io/name: knative-eventing -# Do not use this role directly. These rules will be added to the "addressable-resolver" role. -rules: - - apiGroups: - - messaging.knative.dev - resources: - - channels - - channels/status - verbs: - - get - - list - - watch - - apiGroups: - - messaging.knative.dev - resources: - - channels/finalizers - verbs: - - update ---- -kind: ClusterRole -apiVersion: rbac.authorization.k8s.io/v1 -metadata: - name: broker-addressable-resolver - labels: - eventing.knative.dev/release: "v1.8.1" - duck.knative.dev/addressable: "true" - app.kubernetes.io/version: "1.8.1" - app.kubernetes.io/name: knative-eventing -# Do not use this role directly. These rules will be added to the "addressable-resolver" role. -rules: - - apiGroups: - - eventing.knative.dev - resources: - - brokers - - brokers/status - verbs: - - get - - list - - watch ---- -kind: ClusterRole -apiVersion: rbac.authorization.k8s.io/v1 -metadata: - name: flows-addressable-resolver - labels: - eventing.knative.dev/release: "v1.8.1" - duck.knative.dev/addressable: "true" - app.kubernetes.io/version: "1.8.1" - app.kubernetes.io/name: knative-eventing -# Do not use this role directly. These rules will be added to the "addressable-resolver" role. -rules: - - apiGroups: - - flows.knative.dev - resources: - - sequences - - sequences/status - - parallels - - parallels/status - verbs: - - get - - list - - watch - ---- -# Copyright 2019 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRole -metadata: - name: eventing-broker-filter - labels: - eventing.knative.dev/release: "v1.8.1" - app.kubernetes.io/version: "1.8.1" - app.kubernetes.io/name: knative-eventing -rules: - - apiGroups: - - "" - resources: - - "configmaps" - verbs: - - "get" - - "list" - - "watch" - - apiGroups: - - "eventing.knative.dev" - resources: - - "triggers" - - "triggers/status" - verbs: - - "get" - - "list" - - "watch" ---- -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRole -metadata: - name: eventing-broker-ingress - labels: - eventing.knative.dev/release: "v1.8.1" - app.kubernetes.io/version: "1.8.1" - app.kubernetes.io/name: knative-eventing -rules: - - apiGroups: - - "" - resources: - - "configmaps" - verbs: - - "get" - - "list" - - "watch" ---- -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRole -metadata: - name: eventing-config-reader - labels: - eventing.knative.dev/release: "v1.8.1" - app.kubernetes.io/version: "1.8.1" - app.kubernetes.io/name: knative-eventing -rules: - - apiGroups: - - "" - resources: - - "configmaps" - verbs: - - "get" - - "list" - - "watch" - ---- -# Copyright 2019 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -# Use this aggregated ClusterRole when you need read and update permissions on "Channelables". -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRole -metadata: - name: channelable-manipulator - labels: - eventing.knative.dev/release: "v1.8.1" - app.kubernetes.io/version: "1.8.1" - app.kubernetes.io/name: knative-eventing -aggregationRule: - clusterRoleSelectors: - - matchLabels: - duck.knative.dev/channelable: "true" -rules: [] # Rules are automatically filled in by the controller manager. ---- -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRole -metadata: - name: meta-channelable-manipulator - labels: - eventing.knative.dev/release: "v1.8.1" - duck.knative.dev/channelable: "true" - app.kubernetes.io/version: "1.8.1" - app.kubernetes.io/name: knative-eventing -# Do not use this role directly. These rules will be added to the "channelable-manipulator" role. -rules: - - apiGroups: - - messaging.knative.dev - resources: - - channels - - channels/status - verbs: - - create - - get - - list - - watch - - update - - patch - - delete - ---- -# Copyright 2019 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -kind: ClusterRole -apiVersion: rbac.authorization.k8s.io/v1 -metadata: - name: knative-eventing-namespaced-admin - labels: - eventing.knative.dev/release: "v1.8.1" - rbac.authorization.k8s.io/aggregate-to-admin: "true" - app.kubernetes.io/version: "1.8.1" - app.kubernetes.io/name: knative-eventing -rules: - - apiGroups: ["eventing.knative.dev"] - resources: ["*"] - verbs: ["*"] ---- -kind: ClusterRole -apiVersion: rbac.authorization.k8s.io/v1 -metadata: - name: knative-messaging-namespaced-admin - labels: - eventing.knative.dev/release: "v1.8.1" - rbac.authorization.k8s.io/aggregate-to-admin: "true" - app.kubernetes.io/version: "1.8.1" - app.kubernetes.io/name: knative-eventing -rules: - - apiGroups: ["messaging.knative.dev"] - resources: ["*"] - verbs: ["*"] ---- -kind: ClusterRole -apiVersion: rbac.authorization.k8s.io/v1 -metadata: - name: knative-flows-namespaced-admin - labels: - eventing.knative.dev/release: "v1.8.1" - rbac.authorization.k8s.io/aggregate-to-admin: "true" - app.kubernetes.io/version: "1.8.1" - app.kubernetes.io/name: knative-eventing -rules: - - apiGroups: ["flows.knative.dev"] - resources: ["*"] - verbs: ["*"] ---- -kind: ClusterRole -apiVersion: rbac.authorization.k8s.io/v1 -metadata: - name: knative-sources-namespaced-admin - labels: - eventing.knative.dev/release: "v1.8.1" - rbac.authorization.k8s.io/aggregate-to-admin: "true" - app.kubernetes.io/version: "1.8.1" - app.kubernetes.io/name: knative-eventing -rules: - - apiGroups: ["sources.knative.dev"] - resources: ["*"] - verbs: ["*"] ---- -kind: ClusterRole -apiVersion: rbac.authorization.k8s.io/v1 -metadata: - name: knative-bindings-namespaced-admin - labels: - eventing.knative.dev/release: "v1.8.1" - rbac.authorization.k8s.io/aggregate-to-admin: "true" - app.kubernetes.io/version: "1.8.1" - app.kubernetes.io/name: knative-eventing -rules: - - apiGroups: ["bindings.knative.dev"] - resources: ["*"] - verbs: ["*"] ---- -kind: ClusterRole -apiVersion: rbac.authorization.k8s.io/v1 -metadata: - name: knative-eventing-namespaced-edit - labels: - rbac.authorization.k8s.io/aggregate-to-edit: "true" - eventing.knative.dev/release: "v1.8.1" - app.kubernetes.io/version: "1.8.1" - app.kubernetes.io/name: knative-eventing -rules: - - apiGroups: ["eventing.knative.dev", "messaging.knative.dev", "sources.knative.dev", "flows.knative.dev", "bindings.knative.dev"] - resources: ["*"] - verbs: ["create", "update", "patch", "delete"] ---- -kind: ClusterRole -apiVersion: rbac.authorization.k8s.io/v1 -metadata: - name: knative-eventing-namespaced-view - labels: - rbac.authorization.k8s.io/aggregate-to-view: "true" - eventing.knative.dev/release: "v1.8.1" - app.kubernetes.io/version: "1.8.1" - app.kubernetes.io/name: knative-eventing -rules: - - apiGroups: ["eventing.knative.dev", "messaging.knative.dev", "sources.knative.dev", "flows.knative.dev", "bindings.knative.dev"] - resources: ["*"] - verbs: ["get", "list", "watch"] - ---- -# Copyright 2019 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRole -metadata: - name: knative-eventing-controller - labels: - eventing.knative.dev/release: "v1.8.1" - app.kubernetes.io/version: "1.8.1" - app.kubernetes.io/name: knative-eventing -rules: - - apiGroups: - - "" - resources: - - "namespaces" - - "secrets" - - "configmaps" - - "services" - - "endpoints" - - "events" - - "serviceaccounts" - - "pods" - verbs: &everything - - "get" - - "list" - - "create" - - "update" - - "delete" - - "patch" - - "watch" - # Brokers and the namespace annotation controllers manipulate Deployments. - - apiGroups: - - "apps" - resources: - - "deployments" - verbs: *everything - # PingSource controller manipulates Deployment owner reference - - apiGroups: - - "apps" - resources: - - "deployments/finalizers" - verbs: - - "update" - # The namespace annotation controller needs to manipulate RoleBindings. - - apiGroups: - - "rbac.authorization.k8s.io" - resources: - - "rolebindings" - verbs: *everything - # Our own resources and statuses we care about. - - apiGroups: - - "eventing.knative.dev" - resources: - - "brokers" - - "brokers/status" - - "triggers" - - "triggers/status" - - "eventtypes" - - "eventtypes/status" - verbs: *everything - # Eventing resources and finalizers we care about. - - apiGroups: - - "eventing.knative.dev" - resources: - - "brokers/finalizers" - - "triggers/finalizers" - verbs: - - "update" - # Our own resources and statuses we care about. - - apiGroups: - - "messaging.knative.dev" - resources: - - "sequences" - - "sequences/status" - - "channels" - - "channels/status" - - "parallels" - - "parallels/status" - - "subscriptions" - - "subscriptions/status" - verbs: *everything - # Flow resources and statuses we care about. - - apiGroups: - - "flows.knative.dev" - resources: - - "sequences" - - "sequences/status" - - "parallels" - - "parallels/status" - verbs: *everything - # Messaging resources and finalizers we care about. - - apiGroups: - - "messaging.knative.dev" - resources: - - "sequences/finalizers" - - "parallels/finalizers" - - "channels/finalizers" - verbs: - - "update" - # Flows resources and finalizers we care about. - - apiGroups: - - "flows.knative.dev" - resources: - - "sequences/finalizers" - - "parallels/finalizers" - verbs: - - "update" - # The subscription controller needs to retrieve and watch CustomResourceDefinitions. - - apiGroups: - - "apiextensions.k8s.io" - resources: - - "customresourcedefinitions" - verbs: - - "get" - - "list" - - "watch" - # For leader election - - apiGroups: - - "coordination.k8s.io" - resources: - - "leases" - verbs: *everything - ---- -# Copyright 2020 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRole -metadata: - name: knative-eventing-pingsource-mt-adapter - labels: - eventing.knative.dev/release: "v1.8.1" - app.kubernetes.io/version: "1.8.1" - app.kubernetes.io/name: knative-eventing -rules: - - apiGroups: - - "" - resources: - - "configmaps" - verbs: - - "get" - - "list" - - "watch" - - apiGroups: - - sources.knative.dev - resources: - - pingsources - - pingsources/status - verbs: - - get - - list - - watch - - patch - - apiGroups: - - sources.knative.dev - resources: - - pingsources/finalizers - verbs: - - "patch" - - apiGroups: - - "" - resources: - - events - verbs: - - "create" - - "patch" - - apiGroups: - - coordination.k8s.io - resources: - - leases - verbs: - - get - - list - - watch - - create - - update - - patch - ---- -# Copyright 2019 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -# Use this aggregated ClusterRole when you need readonly access to "PodSpecables" -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRole -metadata: - name: podspecable-binding - labels: - eventing.knative.dev/release: "v1.8.1" - app.kubernetes.io/version: "1.8.1" - app.kubernetes.io/name: knative-eventing -aggregationRule: - clusterRoleSelectors: - - matchLabels: - duck.knative.dev/podspecable: "true" -rules: [] # Rules are automatically filled in by the controller manager. ---- -kind: ClusterRole -apiVersion: rbac.authorization.k8s.io/v1 -metadata: - name: builtin-podspecable-binding - labels: - eventing.knative.dev/release: "v1.8.1" - duck.knative.dev/podspecable: "true" - app.kubernetes.io/version: "1.8.1" - app.kubernetes.io/name: knative-eventing -# Do not use this role directly. These rules will be added to the "podspecable-binding role. -rules: - # To patch the subjects of our bindings - - apiGroups: - - "apps" - resources: - - "deployments" - - "daemonsets" - - "statefulsets" - - "replicasets" - verbs: - - "list" - - "watch" - - "patch" - - apiGroups: - - "batch" - resources: - - "jobs" - verbs: - - "list" - - "watch" - - "patch" - ---- -# Copyright 2019 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -# Use this aggregated ClusterRole when you need to read "Sources". -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRole -metadata: - name: source-observer - labels: - eventing.knative.dev/release: "v1.8.1" - app.kubernetes.io/version: "1.8.1" - app.kubernetes.io/name: knative-eventing -aggregationRule: - clusterRoleSelectors: - - matchLabels: - duck.knative.dev/source: "true" -rules: [] # Rules are automatically filled in by the controller manager. ---- -kind: ClusterRole -apiVersion: rbac.authorization.k8s.io/v1 -metadata: - name: eventing-sources-source-observer - labels: - eventing.knative.dev/release: "v1.8.1" - duck.knative.dev/source: "true" - app.kubernetes.io/version: "1.8.1" - app.kubernetes.io/name: knative-eventing -# Do not use this role directly. These rules will be added to the "source-observer" role. -rules: - - apiGroups: - - sources.knative.dev - resources: - - apiserversources - - pingsources - - sinkbindings - - containersources - verbs: - - get - - list - - watch - ---- -# Copyright 2019 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRole -metadata: - name: knative-eventing-sources-controller - labels: - eventing.knative.dev/release: "v1.8.1" - app.kubernetes.io/version: "1.8.1" - app.kubernetes.io/name: knative-eventing -rules: - - apiGroups: - - "" - resources: - - "secrets" - - "configmaps" - - "services" - verbs: &everything - - "get" - - "list" - - "create" - - "update" - - "delete" - - "patch" - - "watch" - # Deployments admin - - apiGroups: - - "apps" - resources: - - "deployments" - verbs: *everything - # Source resources and statuses we care about. - - apiGroups: - - "sources.knative.dev" - resources: - - "sinkbindings" - - "sinkbindings/status" - - "sinkbindings/finalizers" - - "apiserversources" - - "apiserversources/status" - - "apiserversources/finalizers" - - "pingsources" - - "pingsources/status" - - "pingsources/finalizers" - - "containersources" - - "containersources/status" - - "containersources/finalizers" - verbs: *everything - # Knative Services admin - - apiGroups: - - serving.knative.dev - resources: - - services - verbs: *everything - # EventTypes admin - - apiGroups: - - eventing.knative.dev - resources: - - eventtypes - verbs: *everything - # Events admin - - apiGroups: - - "" - resources: - - events - verbs: *everything - # Authorization checker - - apiGroups: - - authorization.k8s.io - resources: - - subjectaccessreviews - verbs: - - create - ---- -# Copyright 2019 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRole -metadata: - name: knative-eventing-webhook - labels: - eventing.knative.dev/release: "v1.8.1" - app.kubernetes.io/version: "1.8.1" - app.kubernetes.io/name: knative-eventing -rules: - # For watching logging configuration and getting certs. - - apiGroups: - - "" - resources: - - "configmaps" - verbs: - - "get" - - "list" - - "watch" - # For manipulating certs into secrets. - - apiGroups: - - "" - resources: - - "namespaces" - verbs: - - "get" - - "create" - - "update" - - "list" - - "watch" - - "patch" - # finalizers are needed for the owner reference of the webhook - - apiGroups: - - "" - resources: - - "namespaces/finalizers" - verbs: - - "update" - # For getting our Deployment so we can decorate with ownerref. - - apiGroups: - - "apps" - resources: - - "deployments" - verbs: - - "get" - - apiGroups: - - "apps" - resources: - - "deployments/finalizers" - verbs: - - update - # For actually registering our webhook. - - apiGroups: - - "admissionregistration.k8s.io" - resources: - - "mutatingwebhookconfigurations" - - "validatingwebhookconfigurations" - verbs: &everything - - "get" - - "list" - - "create" - - "update" - - "delete" - - "patch" - - "watch" - # For running the SinkBinding reconciler. - - apiGroups: - - "sources.knative.dev" - resources: - - "sinkbindings" - - "sinkbindings/status" - - "sinkbindings/finalizers" - verbs: *everything - # For leader election - - apiGroups: - - "coordination.k8s.io" - resources: - - "leases" - verbs: *everything - # Necessary for conversion webhook. These are copied from the serving - # TODO: Do we really need all these permissions? - - apiGroups: ["apiextensions.k8s.io"] - resources: ["customresourcedefinitions"] - verbs: ["get", "list", "create", "update", "delete", "patch", "watch"] - ---- -# Copyright 2020 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: rbac.authorization.k8s.io/v1 -kind: Role -metadata: - namespace: knative-eventing - name: knative-eventing-webhook - labels: - eventing.knative.dev/release: "v1.8.1" - app.kubernetes.io/version: "1.8.1" - app.kubernetes.io/name: knative-eventing -rules: - # For manipulating certs into secrets. - - apiGroups: - - "" - resources: - - "secrets" - verbs: - - "get" - - "create" - - "update" - - "list" - - "watch" - - "patch" - ---- -# Copyright 2018 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: admissionregistration.k8s.io/v1 -kind: ValidatingWebhookConfiguration -metadata: - name: config.webhook.eventing.knative.dev - labels: - eventing.knative.dev/release: "v1.8.1" - app.kubernetes.io/version: "1.8.1" - app.kubernetes.io/name: knative-eventing -webhooks: - - admissionReviewVersions: ["v1", "v1beta1"] - clientConfig: - service: - name: eventing-webhook - namespace: knative-eventing - sideEffects: None - failurePolicy: Ignore - name: config.webhook.eventing.knative.dev - namespaceSelector: - matchExpressions: - - key: eventing.knative.dev/release - operator: Exists - timeoutSeconds: 10 - ---- -# Copyright 2018 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: admissionregistration.k8s.io/v1 -kind: MutatingWebhookConfiguration -metadata: - name: webhook.eventing.knative.dev - labels: - eventing.knative.dev/release: "v1.8.1" - app.kubernetes.io/version: "1.8.1" - app.kubernetes.io/name: knative-eventing -webhooks: - - admissionReviewVersions: ["v1", "v1beta1"] - clientConfig: - service: - name: eventing-webhook - namespace: knative-eventing - sideEffects: None - failurePolicy: Fail - name: webhook.eventing.knative.dev - timeoutSeconds: 10 - ---- -# Copyright 2018 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: admissionregistration.k8s.io/v1 -kind: ValidatingWebhookConfiguration -metadata: - name: validation.webhook.eventing.knative.dev - labels: - eventing.knative.dev/release: "v1.8.1" - app.kubernetes.io/version: "1.8.1" - app.kubernetes.io/name: knative-eventing -webhooks: - - admissionReviewVersions: ["v1", "v1beta1"] - clientConfig: - service: - name: eventing-webhook - namespace: knative-eventing - sideEffects: None - failurePolicy: Fail - name: validation.webhook.eventing.knative.dev - timeoutSeconds: 10 - ---- -# Copyright 2018 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: v1 -kind: Secret -metadata: - name: eventing-webhook-certs - namespace: knative-eventing - labels: - eventing.knative.dev/release: "v1.8.1" - app.kubernetes.io/version: "1.8.1" - app.kubernetes.io/name: knative-eventing -# The data is populated at install time. - ---- -# Copyright 2018 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: admissionregistration.k8s.io/v1 -kind: MutatingWebhookConfiguration -metadata: - name: sinkbindings.webhook.sources.knative.dev - labels: - eventing.knative.dev/release: "v1.8.1" - app.kubernetes.io/version: "1.8.1" - app.kubernetes.io/name: knative-eventing -webhooks: - - admissionReviewVersions: ["v1", "v1beta1"] - clientConfig: - service: - name: eventing-webhook - namespace: knative-eventing - failurePolicy: Fail - sideEffects: None - name: sinkbindings.webhook.sources.knative.dev - timeoutSeconds: 10 - ---- diff --git a/cmd/operator/kodata/knative-eventing/1.8.1/3-in-memory-channel.yaml b/cmd/operator/kodata/knative-eventing/1.8.1/3-in-memory-channel.yaml deleted file mode 100644 index 5577b12504..0000000000 --- a/cmd/operator/kodata/knative-eventing/1.8.1/3-in-memory-channel.yaml +++ /dev/null @@ -1,1215 +0,0 @@ -# Copyright 2021 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: v1 -kind: ServiceAccount -metadata: - name: imc-controller - namespace: knative-eventing - labels: - eventing.knative.dev/release: "v1.8.1" - app.kubernetes.io/version: "1.8.1" - app.kubernetes.io/name: knative-eventing ---- -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRoleBinding -metadata: - name: imc-controller - labels: - eventing.knative.dev/release: "v1.8.1" - app.kubernetes.io/version: "1.8.1" - app.kubernetes.io/name: knative-eventing -subjects: - - kind: ServiceAccount - name: imc-controller - namespace: knative-eventing -roleRef: - kind: ClusterRole - name: imc-controller - apiGroup: rbac.authorization.k8s.io ---- -apiVersion: rbac.authorization.k8s.io/v1 -kind: RoleBinding -metadata: - namespace: knative-eventing - name: imc-controller - labels: - eventing.knative.dev/release: "v1.8.1" - app.kubernetes.io/version: "1.8.1" - app.kubernetes.io/name: knative-eventing -subjects: - - kind: ServiceAccount - name: imc-controller - namespace: knative-eventing -roleRef: - kind: Role - name: knative-inmemorychannel-webhook - apiGroup: rbac.authorization.k8s.io ---- -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRoleBinding -metadata: - name: imc-controller-resolver - labels: - eventing.knative.dev/release: "v1.8.1" - app.kubernetes.io/version: "1.8.1" - app.kubernetes.io/name: knative-eventing -subjects: - - kind: ServiceAccount - name: imc-controller - namespace: knative-eventing -roleRef: - kind: ClusterRole - name: addressable-resolver - apiGroup: rbac.authorization.k8s.io - ---- -# Copyright 2021 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: v1 -kind: ServiceAccount -metadata: - name: imc-dispatcher - namespace: knative-eventing - labels: - eventing.knative.dev/release: "v1.8.1" - app.kubernetes.io/version: "1.8.1" - app.kubernetes.io/name: knative-eventing ---- -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRoleBinding -metadata: - name: imc-dispatcher - labels: - eventing.knative.dev/release: "v1.8.1" - app.kubernetes.io/version: "1.8.1" - app.kubernetes.io/name: knative-eventing -subjects: - - kind: ServiceAccount - name: imc-dispatcher - namespace: knative-eventing -roleRef: - kind: ClusterRole - name: imc-dispatcher - apiGroup: rbac.authorization.k8s.io - ---- -# Copyright 2020 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: v1 -kind: ConfigMap -metadata: - name: config-imc-event-dispatcher - namespace: knative-eventing - labels: - eventing.knative.dev/release: "v1.8.1" - app.kubernetes.io/component: imc-controller - app.kubernetes.io/version: "1.8.1" - app.kubernetes.io/name: knative-eventing -data: - MaxIdleConnections: "1000" - MaxIdleConnectionsPerHost: "100" - ---- -# Copyright 2019 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: v1 -kind: ConfigMap -metadata: - name: config-observability - namespace: knative-eventing - labels: - eventing.knative.dev/release: "v1.8.1" - knative.dev/config-propagation: original - knative.dev/config-category: eventing - app.kubernetes.io/version: "1.8.1" - app.kubernetes.io/name: knative-eventing - annotations: - knative.dev/example-checksum: "f46cf09d" -data: - _example: | - ################################ - # # - # EXAMPLE CONFIGURATION # - # # - ################################ - - # This block is not actually functional configuration, - # but serves to illustrate the available configuration - # options and document them in a way that is accessible - # to users that `kubectl edit` this config map. - # - # These sample configuration options may be copied out of - # this example block and unindented to be in the data block - # to actually change the configuration. - - # metrics.backend-destination field specifies the system metrics destination. - # It supports either prometheus (the default) or stackdriver. - # Note: Using stackdriver will incur additional charges - metrics.backend-destination: prometheus - - # metrics.request-metrics-backend-destination specifies the request metrics - # destination. If non-empty, it enables queue proxy to send request metrics. - # Currently supported values: prometheus, stackdriver. - metrics.request-metrics-backend-destination: prometheus - - # metrics.stackdriver-project-id field specifies the stackdriver project ID. This - # field is optional. When running on GCE, application default credentials will be - # used if this field is not provided. - metrics.stackdriver-project-id: "" - - # metrics.allow-stackdriver-custom-metrics indicates whether it is allowed to send metrics to - # Stackdriver using "global" resource type and custom metric type if the - # metrics are not supported by "knative_broker", "knative_trigger", and "knative_source" resource types. - # Setting this flag to "true" could cause extra Stackdriver charge. - # If metrics.backend-destination is not Stackdriver, this is ignored. - metrics.allow-stackdriver-custom-metrics: "false" - - # profiling.enable indicates whether it is allowed to retrieve runtime profiling data from - # the pods via an HTTP server in the format expected by the pprof visualization tool. When - # enabled, the Knative Eventing pods expose the profiling data on an alternate HTTP port 8008. - # The HTTP context root for profiling is then /debug/pprof/. - profiling.enable: "false" - - # sink-event-error-reporting.enable whether the adapter reports a kube event to the CRD indicating - # a failure to send a cloud event to the sink. - sink-event-error-reporting.enable: "false" - ---- -# Copyright 2019 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: v1 -kind: ConfigMap -metadata: - name: config-tracing - namespace: knative-eventing - labels: - eventing.knative.dev/release: "v1.8.1" - knative.dev/config-propagation: original - knative.dev/config-category: eventing - app.kubernetes.io/version: "1.8.1" - app.kubernetes.io/name: knative-eventing - annotations: - knative.dev/example-checksum: "0492ceb0" -data: - _example: | - ################################ - # # - # EXAMPLE CONFIGURATION # - # # - ################################ - # This block is not actually functional configuration, - # but serves to illustrate the available configuration - # options and document them in a way that is accessible - # to users that `kubectl edit` this config map. - # - # These sample configuration options may be copied out of - # this example block and unindented to be in the data block - # to actually change the configuration. - # - # This may be "zipkin" or "none". the default is "none" - backend: "none" - - # URL to zipkin collector where traces are sent. - # This must be specified when backend is "zipkin" - zipkin-endpoint: "http://zipkin.istio-system.svc.cluster.local:9411/api/v2/spans" - - # Enable zipkin debug mode. This allows all spans to be sent to the server - # bypassing sampling. - debug: "false" - - # Percentage (0-1) of requests to trace - sample-rate: "0.1" - ---- -# Copyright 2019 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: apps/v1 -kind: Deployment -metadata: - name: imc-controller - namespace: knative-eventing - labels: - eventing.knative.dev/release: "v1.8.1" - knative.dev/high-availability: "true" - app.kubernetes.io/component: imc-controller - app.kubernetes.io/version: "1.8.1" - app.kubernetes.io/name: knative-eventing -spec: - selector: - matchLabels: &labels - messaging.knative.dev/channel: in-memory-channel - messaging.knative.dev/role: controller - template: - metadata: - labels: - !!merge <<: *labels - app.kubernetes.io/component: imc-controller - app.kubernetes.io/version: "1.8.1" - app.kubernetes.io/name: knative-eventing - spec: - affinity: - podAntiAffinity: - preferredDuringSchedulingIgnoredDuringExecution: - - podAffinityTerm: - labelSelector: - matchLabels: *labels - topologyKey: kubernetes.io/hostname - weight: 100 - serviceAccountName: imc-controller - enableServiceLinks: false - containers: - - name: controller - image: gcr.io/knative-releases/knative.dev/eventing/cmd/in_memory/channel_controller@sha256:f40825f7b4384ba8baac90018c42e4fd8aa2e37ad7a9e1c00c8858b73ed8d987 - env: - - name: WEBHOOK_NAME - value: inmemorychannel-webhook - - name: WEBHOOK_PORT - value: "8443" - - name: CONFIG_LOGGING_NAME - value: config-logging - - name: CONFIG_OBSERVABILITY_NAME - value: config-observability - - name: METRICS_DOMAIN - value: knative.dev/inmemorychannel-controller - - name: SYSTEM_NAMESPACE - valueFrom: - fieldRef: - fieldPath: metadata.namespace - - name: DISPATCHER_IMAGE - value: gcr.io/knative-releases/knative.dev/eventing/cmd/in_memory/channel_dispatcher@sha256:eef625176c57aab4c3061428b787f844529dfd19b82cf50ccaffc909072d568f - - name: POD_NAME - valueFrom: - fieldRef: - fieldPath: metadata.name - securityContext: - allowPrivilegeEscalation: false - readOnlyRootFilesystem: true - runAsNonRoot: true - capabilities: - drop: - - ALL - seccompProfile: - type: RuntimeDefault - ports: - - name: metrics - containerPort: 9090 - - name: profiling - containerPort: 8008 - - name: https-webhook - containerPort: 8443 - readinessProbe: &probe - periodSeconds: 1 - httpGet: - scheme: HTTPS - port: 8443 - httpHeaders: - - name: k-kubelet-probe - value: "webhook" - livenessProbe: - !!merge <<: *probe - initialDelaySeconds: 120 - # Our webhook should gracefully terminate by lame ducking first, set this to a sufficiently - # high value that we respect whatever value it has configured for the lame duck grace period. - terminationGracePeriodSeconds: 300 ---- -apiVersion: v1 -kind: Service -metadata: - labels: - app.kubernetes.io/component: imc-controller - app.kubernetes.io/version: "1.8.1" - app.kubernetes.io/name: knative-eventing - eventing.knative.dev/release: "v1.8.1" - name: inmemorychannel-webhook - namespace: knative-eventing -spec: - ports: - - name: https-webhook - port: 443 - targetPort: 8443 - - name: http-metrics - port: 9090 - targetPort: 9090 - - name: http-profiling - port: 8008 - targetPort: 8008 - selector: - messaging.knative.dev/channel: in-memory-channel - messaging.knative.dev/role: controller - ---- -# Copyright 2019 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -apiVersion: v1 -kind: Service -metadata: - name: imc-dispatcher - namespace: knative-eventing - labels: - eventing.knative.dev/release: "v1.8.1" - messaging.knative.dev/channel: in-memory-channel - messaging.knative.dev/role: dispatcher - app.kubernetes.io/component: imc-dispatcher - app.kubernetes.io/version: "1.8.1" - app.kubernetes.io/name: knative-eventing -spec: - selector: - messaging.knative.dev/channel: in-memory-channel - messaging.knative.dev/role: dispatcher - ports: - - name: http-dispatcher - port: 80 - protocol: TCP - targetPort: 8080 - - name: http-metrics - port: 9090 - targetPort: 9090 - ---- -# Copyright 2019 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: apps/v1 -kind: Deployment -metadata: - name: imc-dispatcher - namespace: knative-eventing - labels: - eventing.knative.dev/release: "v1.8.1" - knative.dev/high-availability: "true" - app.kubernetes.io/component: imc-dispatcher - app.kubernetes.io/version: "1.8.1" - app.kubernetes.io/name: knative-eventing -spec: - selector: - matchLabels: &labels - messaging.knative.dev/channel: in-memory-channel - messaging.knative.dev/role: dispatcher - template: - metadata: - labels: - !!merge <<: *labels - app.kubernetes.io/component: imc-dispatcher - app.kubernetes.io/version: "1.8.1" - app.kubernetes.io/name: knative-eventing - spec: - affinity: - podAntiAffinity: - preferredDuringSchedulingIgnoredDuringExecution: - - podAffinityTerm: - labelSelector: - matchLabels: *labels - topologyKey: kubernetes.io/hostname - weight: 100 - serviceAccountName: imc-dispatcher - enableServiceLinks: false - containers: - - name: dispatcher - image: gcr.io/knative-releases/knative.dev/eventing/cmd/in_memory/channel_dispatcher@sha256:eef625176c57aab4c3061428b787f844529dfd19b82cf50ccaffc909072d568f - readinessProbe: &probe - failureThreshold: 3 - httpGet: - path: /healthz - port: 8080 - scheme: HTTP - periodSeconds: 2 - successThreshold: 1 - timeoutSeconds: 1 - livenessProbe: - !!merge <<: *probe - initialDelaySeconds: 5 - env: - - name: CONFIG_LOGGING_NAME - value: config-logging - - name: CONFIG_OBSERVABILITY_NAME - value: config-observability - - name: METRICS_DOMAIN - value: knative.dev/inmemorychannel-dispatcher - - name: SYSTEM_NAMESPACE - valueFrom: - fieldRef: - fieldPath: metadata.namespace - - name: POD_NAME - valueFrom: - fieldRef: - fieldPath: metadata.name - - name: CONTAINER_NAME - value: dispatcher - - name: MAX_IDLE_CONNS - value: "1000" - - name: MAX_IDLE_CONNS_PER_HOST - value: "1000" - ports: - - containerPort: 8080 - name: http - protocol: TCP - - containerPort: 9090 - name: metrics - securityContext: - allowPrivilegeEscalation: false - readOnlyRootFilesystem: true - runAsNonRoot: true - capabilities: - drop: - - ALL - seccompProfile: - type: RuntimeDefault - ---- -# Copyright 2019 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - name: inmemorychannels.messaging.knative.dev - labels: - eventing.knative.dev/release: "v1.8.1" - knative.dev/crd-install: "true" - messaging.knative.dev/subscribable: "true" - duck.knative.dev/addressable: "true" - app.kubernetes.io/version: "1.8.1" - app.kubernetes.io/name: knative-eventing -spec: - group: messaging.knative.dev - versions: - - name: v1 - served: true - storage: true - subresources: - status: {} - schema: - openAPIV3Schema: - description: 'InMemoryChannel is a resource representing an in memory channel' - type: object - properties: - spec: - description: Spec defines the desired state of the Channel. - type: object - properties: - delivery: - description: DeliverySpec contains the default delivery spec for each subscription to this Channelable. Each subscription delivery spec, if any, overrides this global delivery spec. - type: object - properties: - backoffDelay: - description: 'BackoffDelay is the delay before retrying. More information on Duration format: - https://www.iso.org/iso-8601-date-and-time-format.html - https://en.wikipedia.org/wiki/ISO_8601 For linear policy, backoff delay is backoffDelay*. For exponential policy, backoff delay is backoffDelay*2^.' - type: string - backoffPolicy: - description: BackoffPolicy is the retry backoff policy (linear, exponential). - type: string - deadLetterSink: - description: DeadLetterSink is the sink receiving event that could not be sent to a destination. - type: object - properties: - ref: - description: Ref points to an Addressable. - type: object - properties: - apiVersion: - description: API version of the referent. - type: string - kind: - description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - namespace: - description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ This is optional field, it gets defaulted to the object holding it if left out.' - type: string - uri: - description: URI can be an absolute URL(non-empty scheme and non-empty host) pointing to the target or a relative URI. Relative URIs will be resolved using the base URI retrieved from Ref. - type: string - retry: - description: Retry is the minimum number of retries the sender should attempt when sending an event before moving it to the dead letter sink. - type: integer - format: int32 - x-kubernetes-preserve-unknown-fields: true # This is necessary to enable the experimental feature delivery-timeout - subscribers: - description: This is the list of subscriptions for this subscribable. - type: array - items: - type: object - properties: - delivery: - description: DeliverySpec contains options controlling the event delivery - type: object - properties: - backoffDelay: - description: 'BackoffDelay is the delay before retrying. More information on Duration format: - https://www.iso.org/iso-8601-date-and-time-format.html - https://en.wikipedia.org/wiki/ISO_8601 For linear policy, backoff delay is backoffDelay*. For exponential policy, backoff delay is backoffDelay*2^.' - type: string - backoffPolicy: - description: BackoffPolicy is the retry backoff policy (linear, exponential). - type: string - deadLetterSink: - description: DeadLetterSink is the sink receiving event that could not be sent to a destination. - type: object - properties: - ref: - description: Ref points to an Addressable. - type: object - properties: - apiVersion: - description: API version of the referent. - type: string - kind: - description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - namespace: - description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ This is optional field, it gets defaulted to the object holding it if left out.' - type: string - uri: - description: URI can be an absolute URL(non-empty scheme and non-empty host) pointing to the target or a relative URI. Relative URIs will be resolved using the base URI retrieved from Ref. - type: string - retry: - description: Retry is the minimum number of retries the sender should attempt when sending an event before moving it to the dead letter sink. - type: integer - format: int32 - x-kubernetes-preserve-unknown-fields: true # This is necessary to enable the experimental feature - generation: - description: Generation of the origin of the subscriber with uid:UID. - type: integer - format: int64 - replyUri: - description: ReplyURI is the endpoint for the reply - type: string - subscriberUri: - description: SubscriberURI is the endpoint for the subscriber - type: string - uid: - description: UID is used to understand the origin of the subscriber. - type: string - status: - description: Status represents the current state of the Channel. This data may be out of date. - type: object - properties: - address: - type: object - properties: - url: - type: string - annotations: - description: Annotations is additional Status fields for the Resource to save some additional State as well as convey more information to the user. This is roughly akin to Annotations on any k8s resource, just the reconciler conveying richer information outwards. - type: object - x-kubernetes-preserve-unknown-fields: true - conditions: - description: Conditions the latest available observations of a resource's current state. - type: array - items: - type: object - required: - - type - - status - properties: - lastTransitionTime: - description: LastTransitionTime is the last time the condition transitioned from one status to another. We use VolatileTime in place of metav1.Time to exclude this from creating equality.Semantic differences (all other things held constant). - type: string - message: - description: A human readable message indicating details about the transition. - type: string - reason: - description: The reason for the condition's last transition. - type: string - severity: - description: Severity with which to treat failures of this type of condition. When this is not specified, it defaults to Error. - type: string - status: - description: Status of the condition, one of True, False, Unknown. - type: string - type: - description: Type of condition. - type: string - deadLetterChannel: - description: DeadLetterChannel is a KReference and is set by the channel when it supports native error handling via a channel Failed messages are delivered here. - type: object - properties: - apiVersion: - description: API version of the referent. - type: string - kind: - description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - namespace: - description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ This is optional field, it gets defaulted to the object holding it if left out.' - type: string - deadLetterSinkUri: - description: DeadLetterSinkURI is the resolved URI of the dead letter ref if one is specified in the Spec.Delivery. - type: string - observedGeneration: - description: ObservedGeneration is the 'Generation' of the Service that was last processed by the controller. - type: integer - format: int64 - subscribers: - description: This is the list of subscription's statuses for this channel. - type: array - items: - type: object - properties: - message: - description: A human readable message indicating details of Ready status. - type: string - observedGeneration: - description: Generation of the origin of the subscriber with uid:UID. - type: integer - format: int64 - ready: - description: Status of the subscriber. - type: string - uid: - description: UID is used to understand the origin of the subscriber. - type: string - additionalPrinterColumns: - - name: URL - type: string - jsonPath: .status.address.url - - name: Age - type: date - jsonPath: .metadata.creationTimestamp - - name: Ready - type: string - jsonPath: ".status.conditions[?(@.type==\"Ready\")].status" - - name: Reason - type: string - jsonPath: ".status.conditions[?(@.type==\"Ready\")].reason" - names: - kind: InMemoryChannel - plural: inmemorychannels - singular: inmemorychannel - categories: - - all - - knative - - messaging - - channel - shortNames: - - imc - scope: Namespaced - ---- -# Copyright 2019 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRole -metadata: - name: imc-addressable-resolver - labels: - eventing.knative.dev/release: "v1.8.1" - duck.knative.dev/addressable: "true" - app.kubernetes.io/version: "1.8.1" - app.kubernetes.io/name: knative-eventing -# Do not use this role directly. These rules will be added to the "addressable-resolver" role. -rules: - - apiGroups: - - messaging.knative.dev - resources: - - inmemorychannels - - inmemorychannels/status - verbs: - - get - - list - - watch - ---- -# Copyright 2019 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRole -metadata: - name: imc-channelable-manipulator - labels: - eventing.knative.dev/release: "v1.8.1" - duck.knative.dev/channelable: "true" - app.kubernetes.io/version: "1.8.1" - app.kubernetes.io/name: knative-eventing -# Do not use this role directly. These rules will be added to the "channelable-manipulator" role. -rules: - - apiGroups: - - messaging.knative.dev - resources: - - inmemorychannels - - inmemorychannels/status - verbs: - - create - - get - - list - - watch - - update - - patch - - delete - ---- -# Copyright 2019 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRole -metadata: - name: imc-controller - labels: - eventing.knative.dev/release: "v1.8.1" - app.kubernetes.io/version: "1.8.1" - app.kubernetes.io/name: knative-eventing -rules: - - apiGroups: - - messaging.knative.dev - resources: - - inmemorychannels - - inmemorychannels/status - verbs: - - get - - list - - watch - - update - - apiGroups: - - messaging.knative.dev - resources: - - inmemorychannels/finalizers - verbs: - - update - - apiGroups: - - messaging.knative.dev - resources: - - inmemorychannels/finalizers - - inmemorychannels/status - - inmemorychannels - verbs: - - patch - - apiGroups: - - "" - resources: - - services - - serviceaccounts - verbs: &everything - - get - - list - - watch - - create - - update - - patch - - apiGroups: - - "" - resources: - - endpoints - verbs: - - get - - list - - watch - - apiGroups: - - "rbac.authorization.k8s.io" - resources: - - rolebindings - verbs: *everything - - apiGroups: - - apps - resources: - - deployments - verbs: *everything - - apiGroups: - - apps - resources: - - deployments/status - verbs: - - get - - list - - watch - - apiGroups: - - "" - resources: - - configmaps - verbs: - - get - - list - - watch - - apiGroups: - - "" - resources: - - events - verbs: - - create - - patch - - apiGroups: - - coordination.k8s.io - resources: - - leases - verbs: *everything - # For actually registering our webhook. - - apiGroups: - - "admissionregistration.k8s.io" - resources: - - "mutatingwebhookconfigurations" - - "validatingwebhookconfigurations" - verbs: &everything - - "get" - - "list" - - "create" - - "update" - - "delete" - - "patch" - - "watch" - # For manipulating certs into secrets. - - apiGroups: - - "" - resources: - - "namespaces" - verbs: - - "get" - - "create" - - "update" - - "list" - - "watch" - - "patch" - # finalizers are needed for the owner reference of the webhook - - apiGroups: - - "" - resources: - - "namespaces/finalizers" - verbs: - - "update" - ---- -# Copyright 2019 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRole -metadata: - name: imc-dispatcher - labels: - eventing.knative.dev/release: "v1.8.1" - app.kubernetes.io/version: "1.8.1" - app.kubernetes.io/name: knative-eventing -rules: - - apiGroups: - - messaging.knative.dev - resources: - - inmemorychannels - - inmemorychannels/status - verbs: - - get - - list - - watch - - apiGroups: - - "" # Core API group. - resources: - - configmaps - verbs: - - get - - list - - watch - - apiGroups: - - "" - resources: - - events - verbs: - - create - - patch - # Updates the finalizer so we can remove our handlers when channel is deleted - # Patches the status.subscribers to reflect when the subscription dataplane has been - # configured. - - apiGroups: - - messaging.knative.dev - resources: - - inmemorychannels/finalizers - - inmemorychannels/status - - inmemorychannels - verbs: - - patch - - apiGroups: - - coordination.k8s.io - resources: - - leases - verbs: - - get - - list - - watch - - create - - update - - patch - ---- -# Copyright 2020 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: rbac.authorization.k8s.io/v1 -kind: Role -metadata: - namespace: knative-eventing - name: knative-inmemorychannel-webhook - labels: - eventing.knative.dev/release: "v1.8.1" - app.kubernetes.io/version: "1.8.1" - app.kubernetes.io/name: knative-eventing -rules: - # For manipulating certs into secrets. - - apiGroups: - - "" - resources: - - "secrets" - verbs: - - "get" - - "create" - - "update" - - "list" - - "watch" - - "patch" - ---- -# Copyright 2021 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: admissionregistration.k8s.io/v1 -kind: MutatingWebhookConfiguration -metadata: - name: inmemorychannel.eventing.knative.dev - labels: - eventing.knative.dev/release: "v1.8.1" - app.kubernetes.io/version: "1.8.1" - app.kubernetes.io/name: knative-eventing -webhooks: - - admissionReviewVersions: ["v1"] - clientConfig: - service: - name: inmemorychannel-webhook - namespace: knative-eventing - sideEffects: None - failurePolicy: Fail - name: inmemorychannel.eventing.knative.dev - timeoutSeconds: 10 - ---- -# Copyright 2021 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: admissionregistration.k8s.io/v1 -kind: ValidatingWebhookConfiguration -metadata: - name: validation.inmemorychannel.eventing.knative.dev - labels: - eventing.knative.dev/release: "v1.8.1" - app.kubernetes.io/version: "1.8.1" - app.kubernetes.io/name: knative-eventing -webhooks: - - admissionReviewVersions: ["v1"] - clientConfig: - service: - name: inmemorychannel-webhook - namespace: knative-eventing - sideEffects: None - failurePolicy: Fail - name: validation.inmemorychannel.eventing.knative.dev - timeoutSeconds: 10 - ---- -# Copyright 2021 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: v1 -kind: Secret -metadata: - name: inmemorychannel-webhook-certs - namespace: knative-eventing - labels: - eventing.knative.dev/release: "v1.8.1" - app.kubernetes.io/version: "1.8.1" - app.kubernetes.io/name: knative-eventing -# The data is populated at install time. - ---- diff --git a/cmd/operator/kodata/knative-eventing/1.8.1/5-eventing-post-install.yaml b/cmd/operator/kodata/knative-eventing/1.8.1/5-eventing-post-install.yaml deleted file mode 100644 index e226f57ecf..0000000000 --- a/cmd/operator/kodata/knative-eventing/1.8.1/5-eventing-post-install.yaml +++ /dev/null @@ -1,231 +0,0 @@ -# Copyright 2020 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRole -metadata: - name: knative-eventing-post-install-job-role - labels: - app.kubernetes.io/version: "1.8.1" - app.kubernetes.io/name: knative-eventing - eventing.knative.dev/release: "v1.8.1" -rules: - # Storage version upgrader needs to be able to patch CRDs. - - apiGroups: - - "apiextensions.k8s.io" - resources: - - "customresourcedefinitions" - - "customresourcedefinitions/status" - verbs: - - "get" - - "list" - - "update" - - "patch" - - "watch" - # Our own resources we care about. - - apiGroups: - - "sources.knative.dev" - resources: - - "apiserversources" - - "apiserversources/finalizers" - - "apiserversources/status" - - "containersources" - - "containersources/finalizers" - - "containersources/status" - - "pingsources" - - "pingsources/finalizers" - - "pingsources/status" - - "sinkbindings" - - "sinkbindings/finalizers" - - "sinkbindings/status" - verbs: - - "get" - - "list" - - "create" - - "update" - - "patch" - - "watch" - - apiGroups: - - "eventing.knative.dev" - resources: - - "brokers" - - "brokers/finalizers" - - "brokers/status" - - "eventtypes" - - "eventtypes/finalizers" - - "eventtypes/status" - - "triggers" - - "triggers/finalizers" - - "triggers/status" - verbs: - - "get" - - "list" - - "create" - - "update" - - "patch" - - "watch" - - apiGroups: - - "messaging.knative.dev" - resources: - - "channels" - - "channels/finalizers" - - "channels/status" - - "inmemorychannels" - - "inmemorychannels/finalizers" - - "inmemorychannels/status" - - "subscriptions" - - "subscriptions/finalizers" - - "subscriptions/status" - verbs: - - "get" - - "list" - - "create" - - "update" - - "patch" - - "watch" - - apiGroups: - - "flows.knative.dev" - resources: - - "parallels" - - "parallels/finalizers" - - "parallels/status" - - "sequences" - - "sequences/finalizers" - - "sequences/status" - verbs: - - "get" - - "list" - - "create" - - "update" - - "patch" - - "watch" - - apiGroups: - - "" - resources: - - "namespaces" - verbs: - - "get" - - "list" - ---- -# Copyright 2020 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: v1 -kind: ServiceAccount -metadata: - name: knative-eventing-post-install-job - namespace: knative-eventing - labels: - eventing.knative.dev/release: "v1.8.1" - app.kubernetes.io/version: "1.8.1" - app.kubernetes.io/name: knative-eventing ---- -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRoleBinding -metadata: - name: knative-eventing-post-install-job-role-binding - labels: - eventing.knative.dev/release: "v1.8.1" - app.kubernetes.io/version: "1.8.1" - app.kubernetes.io/name: knative-eventing -subjects: - - kind: ServiceAccount - name: knative-eventing-post-install-job - namespace: knative-eventing -roleRef: - kind: ClusterRole - name: knative-eventing-post-install-job-role - apiGroup: rbac.authorization.k8s.io - ---- -# Copyright 2020 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: batch/v1 -kind: Job -metadata: - generateName: storage-version-migration-eventing- - namespace: knative-eventing - labels: - app: "storage-version-migration-eventing" - app.kubernetes.io/name: knative-eventing - app.kubernetes.io/component: storage-version-migration-job - app.kubernetes.io/version: "1.8.1" - eventing.knative.dev/release: "v1.8.1" -spec: - ttlSecondsAfterFinished: 600 - backoffLimit: 10 - template: - metadata: - labels: - app: "storage-version-migration-eventing" - app.kubernetes.io/name: knative-eventing - app.kubernetes.io/component: storage-version-migration-job - app.kubernetes.io/version: "1.8.1" - eventing.knative.dev/release: "v1.8.1" - annotations: - sidecar.istio.io/inject: "false" - spec: - serviceAccountName: knative-eventing-post-install-job - restartPolicy: OnFailure - containers: - - name: migrate - image: gcr.io/knative-releases/knative.dev/pkg/apiextensions/storageversion/cmd/migrate@sha256:bb95337552b07e1a52d6205a95342317b1b081b6b57ef7764c0d59c466978b6f - args: - - "apiserversources.sources.knative.dev" - - "brokers.eventing.knative.dev" - - "channels.messaging.knative.dev" - - "containersources.sources.knative.dev" - - "eventtypes.eventing.knative.dev" - - "inmemorychannels.messaging.knative.dev" - - "parallels.flows.knative.dev" - - "pingsources.sources.knative.dev" - - "sequences.flows.knative.dev" - - "sinkbindings.sources.knative.dev" - - "subscriptions.messaging.knative.dev" - - "triggers.eventing.knative.dev" - securityContext: - allowPrivilegeEscalation: false - readOnlyRootFilesystem: true - runAsNonRoot: true - capabilities: - drop: - - ALL - seccompProfile: - type: RuntimeDefault - ---- diff --git a/cmd/operator/kodata/knative-eventing/1.8.2/1-eventing-crds.yaml b/cmd/operator/kodata/knative-eventing/1.8.2/1-eventing-crds.yaml deleted file mode 100644 index 83cf40c083..0000000000 --- a/cmd/operator/kodata/knative-eventing/1.8.2/1-eventing-crds.yaml +++ /dev/null @@ -1,2296 +0,0 @@ -# Copyright 2020 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - creationTimestamp: null - labels: - eventing.knative.dev/release: "v1.8.2" - eventing.knative.dev/source: "true" - duck.knative.dev/source: "true" - knative.dev/crd-install: "true" - app.kubernetes.io/version: "1.8.2" - app.kubernetes.io/name: knative-eventing - annotations: - # TODO add schemas and descriptions - registry.knative.dev/eventTypes: | - [ - { "type": "dev.knative.apiserver.resource.add" }, - { "type": "dev.knative.apiserver.resource.delete" }, - { "type": "dev.knative.apiserver.resource.update" }, - { "type": "dev.knative.apiserver.ref.add" }, - { "type": "dev.knative.apiserver.ref.delete" }, - { "type": "dev.knative.apiserver.ref.update" } - ] - name: apiserversources.sources.knative.dev -spec: - group: sources.knative.dev - versions: - - name: v1 - served: true - storage: true - subresources: - status: {} - schema: - openAPIV3Schema: - description: 'ApiServerSource is an event source that brings Kubernetes API server events into Knative.' - type: object - properties: - spec: - type: object - required: - - resources - properties: - ceOverrides: - description: CloudEventOverrides defines overrides to control the output format and modifications of the event sent to the sink. - type: object - properties: - extensions: - description: Extensions specify what attribute are added or overridden on the outbound event. Each `Extensions` key-value pair are set on the event as an attribute extension independently. - type: object - x-kubernetes-preserve-unknown-fields: true - mode: - description: EventMode controls the format of the event. `Reference` sends a dataref event type for the resource under watch. `Resource` send the full resource lifecycle event. Defaults to `Reference` - type: string - owner: - description: ResourceOwner is an additional filter to only track resources that are owned by a specific resource type. If ResourceOwner matches Resources[n] then Resources[n] is allowed to pass the ResourceOwner filter. - type: object - properties: - apiVersion: - description: APIVersion - the API version of the resource to watch. - type: string - kind: - description: 'Kind of the resource to watch. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - resources: - description: Resource are the resources this source will track and send related lifecycle events from the Kubernetes ApiServer, with an optional label selector to help filter. - type: array - items: - type: object - properties: - apiVersion: - description: APIVersion - the API version of the resource to watch. - type: string - kind: - description: 'Kind of the resource to watch. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - selector: - description: 'LabelSelector filters this source to objects to those resources pass the label selector. More info: http://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#label-selectors' - type: object - properties: - matchExpressions: - description: matchExpressions is a list of label selector requirements. The requirements are ANDed. - type: array - items: - type: object - properties: - key: - description: key is the label key that the selector applies to. - type: string - operator: - description: operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. - type: string - values: - description: values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. - type: array - items: - type: string - matchLabels: - description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. - type: object - x-kubernetes-preserve-unknown-fields: true - serviceAccountName: - description: ServiceAccountName is the name of the ServiceAccount to use to run this source. Defaults to default if not set. - type: string - sink: - description: Sink is a reference to an object that will resolve to a uri to use as the sink. - type: object - properties: - ref: - description: Ref points to an Addressable. - type: object - properties: - apiVersion: - description: API version of the referent. - type: string - kind: - description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - namespace: - description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ This is optional field, it gets defaulted to the object holding it if left out.' - type: string - uri: - description: URI can be an absolute URL(non-empty scheme and non-empty host) pointing to the target or a relative URI. Relative URIs will be resolved using the base URI retrieved from Ref. - type: string - status: - type: object - properties: - annotations: - description: Annotations is additional Status fields for the Resource to save some additional State as well as convey more information to the user. This is roughly akin to Annotations on any k8s resource, just the reconciler conveying richer information outwards. - type: object - x-kubernetes-preserve-unknown-fields: true - ceAttributes: - description: CloudEventAttributes are the specific attributes that the Source uses as part of its CloudEvents. - type: array - items: - type: object - properties: - source: - description: Source is the CloudEvents source attribute. - type: string - type: - description: Type refers to the CloudEvent type attribute. - type: string - conditions: - description: Conditions the latest available observations of a resource's current state. - type: array - items: - type: object - required: - - type - - status - properties: - lastTransitionTime: - description: LastTransitionTime is the last time the condition transitioned from one status to another. We use VolatileTime in place of metav1.Time to exclude this from creating equality.Semantic differences (all other things held constant). - type: string - message: - description: A human readable message indicating details about the transition. - type: string - reason: - description: The reason for the condition's last transition. - type: string - severity: - description: Severity with which to treat failures of this type of condition. When this is not specified, it defaults to Error. - type: string - status: - description: Status of the condition, one of True, False, Unknown. - type: string - type: - description: Type of condition. - type: string - observedGeneration: - description: ObservedGeneration is the 'Generation' of the Service that was last processed by the controller. - type: integer - format: int64 - sinkUri: - description: SinkURI is the current active sink URI that has been configured for the Source. - type: string - additionalPrinterColumns: - - name: Sink - type: string - jsonPath: ".status.sinkUri" - - name: Age - type: date - jsonPath: .metadata.creationTimestamp - - name: Ready - type: string - jsonPath: ".status.conditions[?(@.type==\"Ready\")].status" - - name: Reason - type: string - jsonPath: ".status.conditions[?(@.type==\"Ready\")].reason" - names: - categories: - - all - - knative - - sources - kind: ApiServerSource - plural: apiserversources - singular: apiserversource - scope: Namespaced - ---- -# Copyright 2020 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - name: brokers.eventing.knative.dev - labels: - eventing.knative.dev/release: "v1.8.2" - knative.dev/crd-install: "true" - duck.knative.dev/addressable: "true" - app.kubernetes.io/version: "1.8.2" - app.kubernetes.io/name: knative-eventing -spec: - group: eventing.knative.dev - versions: - - name: v1 - served: true - storage: true - subresources: - status: {} - schema: - openAPIV3Schema: - description: 'Broker collects a pool of events that are consumable using Triggers. Brokers provide a well-known endpoint for event delivery that senders can use with minimal knowledge of the event routing strategy. Subscribers use Triggers to request delivery of events from a Broker''s pool to a specific URL or Addressable endpoint.' - type: object - properties: - spec: - description: Spec defines the desired state of the Broker. - type: object - properties: - config: - description: Config is a KReference to the configuration that specifies configuration options for this Broker. For example, this could be a pointer to a ConfigMap. - type: object - properties: - apiVersion: - description: API version of the referent. - type: string - kind: - description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - namespace: - description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ This is optional field, it gets defaulted to the object holding it if left out.' - type: string - delivery: - description: Delivery contains the delivery spec for each trigger to this Broker. Each trigger delivery spec, if any, overrides this global delivery spec. - type: object - properties: - backoffDelay: - description: 'BackoffDelay is the delay before retrying. More information on Duration format: - https://www.iso.org/iso-8601-date-and-time-format.html - https://en.wikipedia.org/wiki/ISO_8601 For linear policy, backoff delay is backoffDelay*. For exponential policy, backoff delay is backoffDelay*2^.' - type: string - backoffPolicy: - description: BackoffPolicy is the retry backoff policy (linear, exponential). - type: string - deadLetterSink: - description: DeadLetterSink is the sink receiving event that could not be sent to a destination. - type: object - properties: - ref: - description: Ref points to an Addressable. - type: object - properties: - apiVersion: - description: API version of the referent. - type: string - kind: - description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - namespace: - description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ This is optional field, it gets defaulted to the object holding it if left out.' - type: string - uri: - description: URI can be an absolute URL(non-empty scheme and non-empty host) pointing to the target or a relative URI. Relative URIs will be resolved using the base URI retrieved from Ref. - type: string - retry: - description: Retry is the minimum number of retries the sender should attempt when sending an event before moving it to the dead letter sink. - type: integer - format: int32 - x-kubernetes-preserve-unknown-fields: true # This is necessary to enable the experimental feature delivery-timeout - status: - description: Status represents the current state of the Broker. This data may be out of date. - type: object - properties: - address: - description: Broker is Addressable. It exposes the endpoint as an URI to get events delivered into the Broker mesh. - type: object - properties: - url: - type: string - annotations: - description: Annotations is additional Status fields for the Resource to save some additional State as well as convey more information to the user. This is roughly akin to Annotations on any k8s resource, just the reconciler conveying richer information outwards. - type: object - x-kubernetes-preserve-unknown-fields: true - conditions: - description: Conditions the latest available observations of a resource's current state. - type: array - items: - type: object - required: - - type - - status - properties: - lastTransitionTime: - description: 'LastTransitionTime is the last time the condition transitioned from one status to another. We use VolatileTime in place of metav1.Time to exclude this from creating equality.Semantic differences (all other things held constant).' - type: string - message: - description: 'A human readable message indicating details about the transition.' - type: string - reason: - description: 'The reason for the condition''s last transition.' - type: string - severity: - description: 'Severity with which to treat failures of this type of condition. When this is not specified, it defaults to Error.' - type: string - status: - description: 'Status of the condition, one of True, False, Unknown.' - type: string - type: - description: 'Type of condition.' - type: string - deadLetterSinkUri: - description: DeadLetterSinkURI is the resolved URI of the dead letter sink that will be used as a fallback when not specified by Triggers. - type: string - observedGeneration: - description: ObservedGeneration is the 'Generation' of the Service that was last processed by the controller. - type: integer - format: int64 - additionalPrinterColumns: - - name: URL - type: string - jsonPath: .status.address.url - - name: Age - type: date - jsonPath: .metadata.creationTimestamp - - name: Ready - type: string - jsonPath: ".status.conditions[?(@.type==\"Ready\")].status" - - name: Reason - type: string - jsonPath: ".status.conditions[?(@.type==\"Ready\")].reason" - names: - kind: Broker - plural: brokers - singular: broker - categories: - - all - - knative - - eventing - scope: Namespaced - ---- -# Copyright 2020 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - name: channels.messaging.knative.dev - labels: - eventing.knative.dev/release: "v1.8.2" - knative.dev/crd-install: "true" - messaging.knative.dev/subscribable: "true" - duck.knative.dev/addressable: "true" - app.kubernetes.io/version: "1.8.2" - app.kubernetes.io/name: knative-eventing -spec: - group: messaging.knative.dev - versions: - - name: v1 - served: true - storage: true - subresources: - status: {} - additionalPrinterColumns: - - name: URL - type: string - jsonPath: .status.address.url - - name: Age - type: date - jsonPath: .metadata.creationTimestamp - - name: Ready - type: string - jsonPath: ".status.conditions[?(@.type==\"Ready\")].status" - - name: Reason - type: string - jsonPath: ".status.conditions[?(@.type==\"Ready\")].reason" - schema: - openAPIV3Schema: - description: 'Channel represents a generic Channel. It is normally used when we want a Channel, but do not need a specific Channel implementation.' - type: object - properties: - spec: - description: Spec defines the desired state of the Channel. - type: object - properties: - channelTemplate: - description: ChannelTemplate specifies which Channel CRD to use to create the CRD Channel backing this Channel. This is immutable after creation. Normally this is set by the Channel defaulter, not directly by the user. - type: object - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - spec: - description: Spec defines the Spec to use for each channel created. Passed in verbatim to the Channel CRD as Spec section. - type: object - x-kubernetes-preserve-unknown-fields: true - delivery: - description: DeliverySpec contains the default delivery spec for each subscription to this Channelable. Each subscription delivery spec, if any, overrides this global delivery spec. - type: object - properties: - backoffDelay: - description: 'BackoffDelay is the delay before retrying. More information on Duration format: - https://www.iso.org/iso-8601-date-and-time-format.html - https://en.wikipedia.org/wiki/ISO_8601 For linear policy, backoff delay is backoffDelay*. For exponential policy, backoff delay is backoffDelay*2^.' - type: string - backoffPolicy: - description: BackoffPolicy is the retry backoff policy (linear, exponential). - type: string - deadLetterSink: - description: DeadLetterSink is the sink receiving event that could not be sent to a destination. - type: object - properties: - ref: - description: Ref points to an Addressable. - type: object - properties: - apiVersion: - description: API version of the referent. - type: string - kind: - description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - namespace: - description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ This is optional field, it gets defaulted to the object holding it if left out.' - type: string - uri: - description: URI can be an absolute URL(non-empty scheme and non-empty host) pointing to the target or a relative URI. Relative URIs will be resolved using the base URI retrieved from Ref. - type: string - retry: - description: Retry is the minimum number of retries the sender should attempt when sending an event before moving it to the dead letter sink. - type: integer - format: int32 - x-kubernetes-preserve-unknown-fields: true # This is necessary to enable the experimental feature delivery-timeout - subscribers: - description: This is the list of subscriptions for this subscribable. - type: array - items: - type: object - properties: - delivery: - description: DeliverySpec contains options controlling the event delivery - type: object - properties: - backoffDelay: - description: 'BackoffDelay is the delay before retrying. More information on Duration format: - https://www.iso.org/iso-8601-date-and-time-format.html - https://en.wikipedia.org/wiki/ISO_8601 For linear policy, backoff delay is backoffDelay*. For exponential policy, backoff delay is backoffDelay*2^.' - type: string - backoffPolicy: - description: BackoffPolicy is the retry backoff policy (linear, exponential). - type: string - deadLetterSink: - description: DeadLetterSink is the sink receiving event that could not be sent to a destination. - type: object - properties: - ref: - description: Ref points to an Addressable. - type: object - properties: - apiVersion: - description: API version of the referent. - type: string - kind: - description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - namespace: - description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ This is optional field, it gets defaulted to the object holding it if left out.' - type: string - uri: - description: URI can be an absolute URL(non-empty scheme and non-empty host) pointing to the target or a relative URI. Relative URIs will be resolved using the base URI retrieved from Ref. - type: string - retry: - description: Retry is the minimum number of retries the sender should attempt when sending an event before moving it to the dead letter sink. - type: integer - format: int32 - x-kubernetes-preserve-unknown-fields: true # This is necessary to enable the experimental feature - generation: - description: Generation of the origin of the subscriber with uid:UID. - type: integer - format: int64 - replyUri: - description: ReplyURI is the endpoint for the reply - type: string - subscriberUri: - description: SubscriberURI is the endpoint for the subscriber - type: string - uid: - description: UID is used to understand the origin of the subscriber. - type: string - status: - description: Status represents the current state of the Channel. This data may be out of date. - type: object - properties: - address: - type: object - properties: - url: - type: string - annotations: - description: Annotations is additional Status fields for the Resource to save some additional State as well as convey more information to the user. This is roughly akin to Annotations on any k8s resource, just the reconciler conveying richer information outwards. - type: object - x-kubernetes-preserve-unknown-fields: true - channel: - description: Channel is an KReference to the Channel CRD backing this Channel. - type: object - properties: - apiVersion: - description: API version of the referent. - type: string - kind: - description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - namespace: - description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ This is optional field, it gets defaulted to the object holding it if left out.' - type: string - conditions: - description: Conditions the latest available observations of a resource's current state. - type: array - items: - type: object - required: - - type - - status - properties: - lastTransitionTime: - description: LastTransitionTime is the last time the condition transitioned from one status to another. We use VolatileTime in place of metav1.Time to exclude this from creating equality.Semantic differences (all other things held constant). - type: string - message: - description: A human readable message indicating details about the transition. - type: string - reason: - description: The reason for the condition's last transition. - type: string - severity: - description: Severity with which to treat failures of this type of condition. When this is not specified, it defaults to Error. - type: string - status: - description: Status of the condition, one of True, False, Unknown. - type: string - type: - description: Type of condition. - type: string - deadLetterChannel: - description: DeadLetterChannel is a KReference and is set by the channel when it supports native error handling via a channel Failed messages are delivered here. - type: object - properties: - apiVersion: - description: API version of the referent. - type: string - kind: - description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - namespace: - description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ This is optional field, it gets defaulted to the object holding it if left out.' - type: string - deadLetterSinkUri: - description: DeadLetterSinkURI is the resolved URI of the dead letter sink that will be used as a fallback when not specified by Triggers. - type: string - observedGeneration: - description: ObservedGeneration is the 'Generation' of the Service that was last processed by the controller. - type: integer - format: int64 - subscribers: - description: This is the list of subscription's statuses for this channel. - type: array - items: - type: object - properties: - message: - description: A human readable message indicating details of Ready status. - type: string - observedGeneration: - description: Generation of the origin of the subscriber with uid:UID. - type: integer - format: int64 - ready: - description: Status of the subscriber. - type: string - uid: - description: UID is used to understand the origin of the subscriber. - type: string - names: - kind: Channel - plural: channels - singular: channel - categories: - - all - - knative - - messaging - - channel - shortNames: - - ch - scope: Namespaced - ---- -# Copyright 2020 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - labels: - eventing.knative.dev/release: "v1.8.2" - eventing.knative.dev/source: "true" - duck.knative.dev/source: "true" - knative.dev/crd-install: "true" - app.kubernetes.io/version: "1.8.2" - app.kubernetes.io/name: knative-eventing - name: containersources.sources.knative.dev -spec: - group: sources.knative.dev - versions: - - name: v1 - served: true - storage: true - subresources: - status: {} - schema: - openAPIV3Schema: - description: 'ContainerSource is an event source that starts a container image which generates events under certain situations and sends messages to a sink URI' - type: object - properties: - spec: - type: object - properties: - ceOverrides: - description: CloudEventOverrides defines overrides to control the output format and modifications of the event sent to the sink. - type: object - properties: - extensions: - description: Extensions specify what attribute are added or overridden on the outbound event. Each `Extensions` key-value pair are set on the event as an attribute extension independently. - type: object - x-kubernetes-preserve-unknown-fields: true - sink: - description: Sink is a reference to an object that will resolve to a uri to use as the sink. - type: object - properties: - ref: - description: Ref points to an Addressable. - type: object - properties: - apiVersion: - description: API version of the referent. - type: string - kind: - description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - namespace: - description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ This is optional field, it gets defaulted to the object holding it if left out.' - type: string - uri: - description: URI can be an absolute URL(non-empty scheme and non-empty host) pointing to the target or a relative URI. Relative URIs will be resolved using the base URI retrieved from Ref. - type: string - # WARNING: the schema tool can not parse PodTemplateSpec, stub here and redirect to Deployment documentation. - template: - type: object - x-kubernetes-preserve-unknown-fields: true - description: 'A template in the shape of `Deployment.spec.template` to be used for this ContainerSource. More info: https://kubernetes.io/docs/concepts/workloads/controllers/deployment/' - status: - type: object - properties: - annotations: - description: Annotations is additional Status fields for the Resource to save some additional State as well as convey more information to the user. This is roughly akin to Annotations on any k8s resource, just the reconciler conveying richer information outwards. - type: object - x-kubernetes-preserve-unknown-fields: true - ceAttributes: - description: CloudEventAttributes are the specific attributes that the Source uses as part of its CloudEvents. - type: array - items: - type: object - properties: - source: - description: Source is the CloudEvents source attribute. - type: string - type: - description: Type refers to the CloudEvent type attribute. - type: string - conditions: - description: Conditions the latest available observations of a resource's current state. - type: array - items: - type: object - required: - - type - - status - properties: - lastTransitionTime: - description: LastTransitionTime is the last time the condition transitioned from one status to another. We use VolatileTime in place of metav1.Time to exclude this from creating equality.Semantic differences (all other things held constant). - type: string - message: - description: A human readable message indicating details about the transition. - type: string - reason: - description: The reason for the condition's last transition. - type: string - severity: - description: Severity with which to treat failures of this type of condition. When this is not specified, it defaults to Error. - type: string - status: - description: Status of the condition, one of True, False, Unknown. - type: string - type: - description: Type of condition. - type: string - observedGeneration: - description: ObservedGeneration is the 'Generation' of the Service that was last processed by the controller. - type: integer - format: int64 - sinkUri: - description: SinkURI is the current active sink URI that has been configured for the Source. - type: string - additionalPrinterColumns: - - name: Sink - type: string - jsonPath: ".status.sinkUri" - - name: Age - type: date - jsonPath: .metadata.creationTimestamp - - name: Ready - type: string - jsonPath: ".status.conditions[?(@.type==\"Ready\")].status" - - name: Reason - type: string - jsonPath: ".status.conditions[?(@.type=='Ready')].reason" - names: - categories: - - all - - knative - - sources - kind: ContainerSource - plural: containersources - singular: containersource - scope: Namespaced - ---- -# Copyright 2020 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - name: eventtypes.eventing.knative.dev - labels: - eventing.knative.dev/release: "v1.8.2" - knative.dev/crd-install: "true" - app.kubernetes.io/version: "1.8.2" - app.kubernetes.io/name: knative-eventing -spec: - group: eventing.knative.dev - versions: - - name: v1beta1 - served: true - storage: true - subresources: - status: {} - schema: - openAPIV3Schema: - type: object - description: 'EventType represents a type of event that can be consumed from a Broker.' - properties: - spec: - description: 'Spec defines the desired state of the EventType.' - type: object - properties: - broker: - type: string - description: - description: 'Description is an optional field used to describe the EventType, in any meaningful way.' - type: string - schema: - description: 'Schema is a URI, it represents the CloudEvents schemaurl extension attribute. It may be a JSON schema, a protobuf schema, etc. It is optional.' - type: string - schemaData: - description: 'SchemaData allows the CloudEvents schema to be stored directly in the EventType. Content is dependent on the encoding. Optional attribute. The contents are not validated or manipulated by the system.' - type: string - source: - description: 'Source is a URI, it represents the CloudEvents source.' - type: string - type: - description: 'Type represents the CloudEvents type. It is authoritative.' - type: string - status: - description: 'Status represents the current state of the EventType. This data may be out of date.' - type: object - properties: - annotations: - description: 'Annotations is additional Status fields for the Resource to save some additional State as well as convey more information to the user. This is roughly akin to Annotations on any k8s resource, just the reconciler conveying richer information outwards.' - type: object - x-kubernetes-preserve-unknown-fields: true - conditions: - description: 'Conditions the latest available observations of a resource''s current state.' - type: array - items: - type: object - required: - - type - - status - properties: - lastTransitionTime: - description: 'LastTransitionTime is the last time the condition transitioned from one status to another. We use VolatileTime in place of metav1.Time to exclude this from creating equality.Semantic differences (all other things held constant).' - type: string - message: - description: 'A human readable message indicating details about the transition.' - type: string - reason: - description: 'The reason for the condition''s last transition.' - type: string - severity: - description: 'Severity with which to treat failures of this type of condition. When this is not specified, it defaults to Error.' - type: string - status: - description: 'Status of the condition, one of True, False, Unknown.' - type: string - type: - description: 'Type of condition.' - type: string - observedGeneration: - description: 'ObservedGeneration is the ''Generation'' of the Service that was last processed by the controller.' - type: integer - format: int64 - additionalPrinterColumns: - - name: Type - type: string - jsonPath: ".spec.type" - - name: Source - type: string - jsonPath: ".spec.source" - - name: Schema - type: string - jsonPath: ".spec.schema" - - name: Broker - type: string - jsonPath: ".spec.broker" - - name: Description - type: string - jsonPath: ".spec.description" - # TODO remove Status https://github.com/knative/eventing/issues/2750 - - name: Ready - type: string - jsonPath: ".status.conditions[?(@.type==\"Ready\")].status" - - name: Reason - type: string - jsonPath: ".status.conditions[?(@.type==\"Ready\")].reason" - names: - kind: EventType - plural: eventtypes - singular: eventtype - categories: - - all - - knative - - eventing - scope: Namespaced - ---- -# Copyright 2020 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - name: parallels.flows.knative.dev - labels: - eventing.knative.dev/release: "v1.8.2" - knative.dev/crd-install: "true" - duck.knative.dev/addressable: "true" - app.kubernetes.io/version: "1.8.2" - app.kubernetes.io/name: knative-eventing -spec: - group: flows.knative.dev - versions: - - name: v1 - served: true - storage: true - subresources: - status: {} - schema: - openAPIV3Schema: - description: 'Parallel defines conditional branches that will be wired in series through Channels and Subscriptions.' - type: object - properties: - spec: - description: Spec defines the desired state of the Parallel. - type: object - properties: - branches: - description: Branches is the list of Filter/Subscribers pairs. - type: array - items: - type: object - x-kubernetes-preserve-unknown-fields: true - properties: - delivery: - description: Delivery is the delivery specification for events to the subscriber This includes things like retries, DLQ, etc. - type: object - properties: - backoffDelay: - description: 'BackoffDelay is the delay before retrying. More information on Duration format: - https://www.iso.org/iso-8601-date-and-time-format.html - https://en.wikipedia.org/wiki/ISO_8601 For linear policy, backoff delay is backoffDelay*. For exponential policy, backoff delay is backoffDelay*2^.' - type: string - backoffPolicy: - description: BackoffPolicy is the retry backoff policy (linear, exponential). - type: string - deadLetterSink: - description: DeadLetterSink is the sink receiving event that could not be sent to a destination. - type: object - properties: &addressableProperties - ref: - description: Ref points to an Addressable. - type: object - properties: - apiVersion: - description: API version of the referent. - type: string - kind: - description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - namespace: - description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ This is optional field, it gets defaulted to the object holding it if left out.' - type: string - uri: - description: URI can be an absolute URL(non-empty scheme and non-empty host) pointing to the target or a relative URI. Relative URIs will be resolved using the base URI retrieved from Ref. - type: string - retry: - description: Retry is the minimum number of retries the sender should attempt when sending an event before moving it to the dead letter sink. - type: integer - format: int32 - x-kubernetes-preserve-unknown-fields: true # This is necessary to enable the experimental feature delivery-timeout - filter: - description: Filter is the expression guarding the branch - type: object - properties: - !!merge <<: *addressableProperties - reply: - description: Reply is a Reference to where the result of Subscriber of this case gets sent to. If not specified, sent the result to the Parallel Reply - type: object - properties: - !!merge <<: *addressableProperties - subscriber: - description: Subscriber receiving the event when the filter passes - type: object - properties: - !!merge <<: *addressableProperties - channelTemplate: - description: ChannelTemplate specifies which Channel CRD to use. If left unspecified, it is set to the default Channel CRD for the namespace (or cluster, in case there are no defaults for the namespace). - type: object - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - spec: - description: Spec defines the Spec to use for each channel created. Passed in verbatim to the Channel CRD as Spec section. - type: object - x-kubernetes-preserve-unknown-fields: true - reply: - description: Reply is a Reference to where the result of a case Subscriber gets sent to when the case does not have a Reply - type: object - properties: - !!merge <<: *addressableProperties - status: - description: Status represents the current state of the Parallel. This data may be out of date. - type: object - properties: - address: - type: object - properties: - url: - type: string - annotations: - description: Annotations is additional Status fields for the Resource to save some additional State as well as convey more information to the user. This is roughly akin to Annotations on any k8s resource, just the reconciler conveying richer information outwards. - type: object - x-kubernetes-preserve-unknown-fields: true - branchStatuses: - description: BranchStatuses is an array of corresponding to branch statuses. Matches the Spec.Branches array in the order. - type: array - items: - type: object - properties: - filterChannelStatus: - description: FilterChannelStatus corresponds to the filter channel status. - type: object - properties: &channelProperties - channel: - description: Channel is the reference to the underlying channel. - type: object - properties: &referentProperties - apiVersion: - description: API version of the referent. - type: string - fieldPath: - description: 'If referring to a piece of an object instead of an entire object, this string should contain a valid JSON/Go field access statement, such as desiredState.manifest.containers[2]. For example, if the object reference is to a container within a pod, this would take on a value like: "spec.containers{name}" (where "name" refers to the name of the container that triggered the event) or if no container name is specified "spec.containers[2]" (container with index 2 in this pod). This syntax is chosen only to have some well-defined way of referencing a part of an object.' - type: string - kind: - description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - namespace: - description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' - type: string - resourceVersion: - description: 'Specific resourceVersion to which this reference is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency' - type: string - uid: - description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids' - type: string - ready: - description: ReadyCondition indicates whether the Channel is ready or not. - type: object - x-kubernetes-preserve-unknown-fields: true - properties: &readyConditionProperties - message: - description: A human readable message indicating details about the transition. - type: string - reason: - description: The reason for the condition's last transition. - type: string - severity: - description: Severity with which to treat failures of this type of condition. When this is not specified, it defaults to Error. - type: string - status: - description: Status of the condition, one of True, False, Unknown. - type: string - type: - description: Type of condition. - type: string - filterSubscriptionStatus: - description: FilterSubscriptionStatus corresponds to the filter subscription status. - type: object - properties: - ready: - description: ReadyCondition indicates whether the Subscription is ready or not. - type: object - properties: - !!merge <<: *readyConditionProperties - subscription: - description: Subscription is the reference to the underlying Subscription. - type: object - properties: - !!merge <<: *referentProperties - subscriberSubscriptionStatus: - description: SubscriptionStatus corresponds to the subscriber subscription status. - type: object - properties: - ready: - description: ReadyCondition indicates whether the Subscription is ready or not. - type: object - properties: - !!merge <<: *readyConditionProperties - subscription: - description: Subscription is the reference to the underlying Subscription. - type: object - properties: - !!merge <<: *referentProperties - conditions: - description: Conditions the latest available observations of a resource's current state. - type: array - items: - type: object - properties: - !!merge <<: *readyConditionProperties - ingressChannelStatus: - description: IngressChannelStatus corresponds to the ingress channel status. - type: object - properties: - !!merge <<: *channelProperties - observedGeneration: - description: ObservedGeneration is the 'Generation' of the Service that was last processed by the controller. - type: integer - format: int64 - additionalPrinterColumns: - - name: URL - type: string - jsonPath: .status.address.url - - name: Age - type: date - jsonPath: .metadata.creationTimestamp - - name: Ready - type: string - jsonPath: ".status.conditions[?(@.type==\"Ready\")].status" - - name: Reason - type: string - jsonPath: ".status.conditions[?(@.type==\"Ready\")].reason" - names: - kind: Parallel - plural: parallels - singular: parallel - categories: - - all - - knative - - flows - scope: Namespaced - ---- -# Copyright 2020 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - labels: - eventing.knative.dev/release: "v1.8.2" - eventing.knative.dev/source: "true" - duck.knative.dev/source: "true" - knative.dev/crd-install: "true" - app.kubernetes.io/version: "1.8.2" - app.kubernetes.io/name: knative-eventing - annotations: - # TODO add schemas and descriptions - registry.knative.dev/eventTypes: | - [ - { "type": "dev.knative.sources.ping" } - ] - name: pingsources.sources.knative.dev -spec: - group: sources.knative.dev - versions: - - &version - name: v1beta2 - served: true - storage: false - subresources: - status: {} - schema: - openAPIV3Schema: - type: object - description: 'PingSource describes an event source with a fixed payload produced on a specified cron schedule.' - properties: - spec: - type: object - description: 'PingSourceSpec defines the desired state of the PingSource (from the client).' - properties: - ceOverrides: - description: 'CloudEventOverrides defines overrides to control the output format and modifications of the event sent to the sink.' - type: object - properties: - extensions: - description: 'Extensions specify what attribute are added or overridden on the outbound event. Each `Extensions` key-value pair are set on the event as an attribute extension independently.' - type: object - additionalProperties: - type: string - x-kubernetes-preserve-unknown-fields: true - contentType: - description: 'ContentType is the media type of `data` or `dataBase64`. Default is empty.' - type: string - data: - description: 'Data is data used as the body of the event posted to the sink. Default is empty. Mutually exclusive with `dataBase64`.' - type: string - dataBase64: - description: "DataBase64 is the base64-encoded string of the actual event's body posted to the sink. Default is empty. Mutually exclusive with `data`." - type: string - schedule: - description: 'Schedule is the cron schedule. Defaults to `* * * * *`.' - type: string - sink: - description: 'Sink is a reference to an object that will resolve to a uri to use as the sink.' - type: object - properties: - ref: - description: 'Ref points to an Addressable.' - type: object - properties: - apiVersion: - description: 'API version of the referent.' - type: string - kind: - description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - namespace: - description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ This is optional field, it gets defaulted to the object holding it if left out.' - type: string - uri: - description: 'URI can be an absolute URL(non-empty scheme and non-empty host) pointing to the target or a relative URI. Relative URIs will be resolved using the base URI retrieved from Ref.' - type: string - timezone: - description: 'Timezone modifies the actual time relative to the specified timezone. Defaults to the system time zone. More general information about time zones: https://www.iana.org/time-zones List of valid timezone values: https://en.wikipedia.org/wiki/List_of_tz_database_time_zones' - type: string - status: - type: object - description: 'PingSourceStatus defines the observed state of PingSource (from the controller).' - properties: - annotations: - description: 'Annotations is additional Status fields for the Resource to save some additional State as well as convey more information to the user. This is roughly akin to Annotations on any k8s resource, just the reconciler conveying richer information outwards.' - type: object - x-kubernetes-preserve-unknown-fields: true - ceAttributes: - description: 'CloudEventAttributes are the specific attributes that the Source uses as part of its CloudEvents.' - type: array - items: - type: object - properties: - source: - description: 'Source is the CloudEvents source attribute.' - type: string - type: - description: 'Type refers to the CloudEvent type attribute.' - type: string - conditions: - description: 'Conditions the latest available observations of a resource''s current state.' - type: array - items: - type: object - required: - - type - - status - properties: - lastTransitionTime: - description: 'LastTransitionTime is the last time the condition transitioned from one status to another. We use VolatileTime in place of metav1.Time to exclude this from creating equality.Semantic differences (all other things held constant).' - type: string - message: - description: 'A human readable message indicating details about the transition.' - type: string - reason: - description: 'The reason for the condition''s last transition.' - type: string - severity: - description: 'Severity with which to treat failures of this type of condition. When this is not specified, it defaults to Error.' - type: string - status: - description: 'Status of the condition, one of True, False, Unknown.' - type: string - type: - description: 'Type of condition.' - type: string - observedGeneration: - description: 'ObservedGeneration is the "Generation" of the Service that was last processed by the controller.' - type: integer - format: int64 - sinkUri: - description: 'SinkURI is the current active sink URI that has been configured for the Source.' - type: string - additionalPrinterColumns: - - name: Sink - type: string - jsonPath: .status.sinkUri - - name: Schedule - type: string - jsonPath: .spec.schedule - - name: Age - type: date - jsonPath: .metadata.creationTimestamp - - name: Ready - type: string - jsonPath: ".status.conditions[?(@.type=='Ready')].status" - - name: Reason - type: string - jsonPath: ".status.conditions[?(@.type=='Ready')].reason" - - !!merge <<: *version - name: v1 - served: true - storage: true - # v1 schema is identical to the v1beta2 schema - names: - categories: - - all - - knative - - sources - kind: PingSource - plural: pingsources - singular: pingsource - scope: Namespaced - conversion: - strategy: Webhook - webhook: - conversionReviewVersions: ["v1", "v1beta1"] - clientConfig: - service: - name: eventing-webhook - namespace: knative-eventing - ---- -# Copyright 2020 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - name: sequences.flows.knative.dev - labels: - eventing.knative.dev/release: "v1.8.2" - knative.dev/crd-install: "true" - duck.knative.dev/addressable: "true" - app.kubernetes.io/version: "1.8.2" - app.kubernetes.io/name: knative-eventing -spec: - group: flows.knative.dev - versions: - - name: v1 - served: true - storage: true - subresources: - status: {} - schema: - openAPIV3Schema: - description: 'Sequence defines a sequence of Subscribers that will be wired in series through Channels and Subscriptions.' - type: object - properties: - spec: - description: Spec defines the desired state of the Sequence. - type: object - properties: - channelTemplate: - description: ChannelTemplate specifies which Channel CRD to use. If left unspecified, it is set to the default Channel CRD for the namespace (or cluster, in case there are no defaults for the namespace). - type: object - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - spec: - description: Spec defines the Spec to use for each channel created. Passed in verbatim to the Channel CRD as Spec section. - type: object - x-kubernetes-preserve-unknown-fields: true - reply: - description: Reply is a Reference to where the result of the last Subscriber gets sent to. - type: object - properties: - ref: - description: Ref points to an Addressable. - type: object - properties: - apiVersion: - description: API version of the referent. - type: string - kind: - description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - namespace: - description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ This is optional field, it gets defaulted to the object holding it if left out.' - type: string - uri: - description: URI can be an absolute URL(non-empty scheme and non-empty host) pointing to the target or a relative URI. Relative URIs will be resolved using the base URI retrieved from Ref. - type: string - steps: - description: Steps is the list of Destinations (processors / functions) that will be called in the order provided. Each step has its own delivery options - type: array - items: - type: object - properties: - delivery: - description: Delivery is the delivery specification for events to the subscriber This includes things like retries, DLQ, etc. - type: object - properties: - backoffDelay: - description: 'BackoffDelay is the delay before retrying. More information on Duration format: - https://www.iso.org/iso-8601-date-and-time-format.html - https://en.wikipedia.org/wiki/ISO_8601 For linear policy, backoff delay is backoffDelay*. For exponential policy, backoff delay is backoffDelay*2^.' - type: string - backoffPolicy: - description: BackoffPolicy is the retry backoff policy (linear, exponential). - type: string - deadLetterSink: - description: DeadLetterSink is the sink receiving event that could not be sent to a destination. - type: object - properties: - ref: - description: Ref points to an Addressable. - type: object - properties: - apiVersion: - description: API version of the referent. - type: string - kind: - description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - namespace: - description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ This is optional field, it gets defaulted to the object holding it if left out.' - type: string - uri: - description: URI can be an absolute URL(non-empty scheme and non-empty host) pointing to the target or a relative URI. Relative URIs will be resolved using the base URI retrieved from Ref. - type: string - retry: - description: Retry is the minimum number of retries the sender should attempt when sending an event before moving it to the dead letter sink. - type: integer - format: int32 - x-kubernetes-preserve-unknown-fields: true # This is necessary to enable the experimental feature delivery-timeout - ref: - description: Ref points to an Addressable. - type: object - properties: - apiVersion: - description: API version of the referent. - type: string - kind: - description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - namespace: - description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ This is optional field, it gets defaulted to the object holding it if left out.' - type: string - uri: - description: URI can be an absolute URL(non-empty scheme and non-empty host) pointing to the target or a relative URI. Relative URIs will be resolved using the base URI retrieved from Ref. - type: string - status: - description: Status represents the current state of the Sequence. This data may be out of date. - type: object - properties: - address: - type: object - properties: - url: - type: string - annotations: - description: Annotations is additional Status fields for the Resource to save some additional State as well as convey more information to the user. This is roughly akin to Annotations on any k8s resource, just the reconciler conveying richer information outwards. - type: object - x-kubernetes-preserve-unknown-fields: true - channelStatuses: - description: ChannelStatuses is an array of corresponding Channel statuses. Matches the Spec.Steps array in the order. - type: array - items: - type: object - properties: - channel: - description: Channel is the reference to the underlying channel. - type: object - properties: - apiVersion: - description: API version of the referent. - type: string - fieldPath: - description: 'If referring to a piece of an object instead of an entire object, this string should contain a valid JSON/Go field access statement, such as desiredState.manifest.containers[2]. For example, if the object reference is to a container within a pod, this would take on a value like: "spec.containers{name}" (where "name" refers to the name of the container that triggered the event) or if no container name is specified "spec.containers[2]" (container with index 2 in this pod). This syntax is chosen only to have some well-defined way of referencing a part of an object.' - type: string - kind: - description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - namespace: - description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' - type: string - resourceVersion: - description: 'Specific resourceVersion to which this reference is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency' - type: string - uid: - description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids' - type: string - ready: - description: ReadyCondition indicates whether the Channel is ready or not. - type: object - required: - - type - - status - properties: - lastTransitionTime: - description: LastTransitionTime is the last time the condition transitioned from one status to another. We use VolatileTime in place of metav1.Time to exclude this from creating equality.Semantic differences (all other things held constant). - type: string - message: - description: A human readable message indicating details about the transition. - type: string - reason: - description: The reason for the condition's last transition. - type: string - severity: - description: Severity with which to treat failures of this type of condition. When this is not specified, it defaults to Error. - type: string - status: - description: Status of the condition, one of True, False, Unknown. - type: string - type: - description: Type of condition. - type: string - conditions: - description: Conditions the latest available observations of a resource's current state. - type: array - items: - type: object - required: - - type - - status - properties: - lastTransitionTime: - description: LastTransitionTime is the last time the condition transitioned from one status to another. We use VolatileTime in place of metav1.Time to exclude this from creating equality.Semantic differences (all other things held constant). - type: string - message: - description: A human readable message indicating details about the transition. - type: string - reason: - description: The reason for the condition's last transition. - type: string - severity: - description: Severity with which to treat failures of this type of condition. When this is not specified, it defaults to Error. - type: string - status: - description: Status of the condition, one of True, False, Unknown. - type: string - type: - description: Type of condition. - type: string - observedGeneration: - description: ObservedGeneration is the 'Generation' of the Service that was last processed by the controller. - type: integer - format: int64 - subscriptionStatuses: - description: SubscriptionStatuses is an array of corresponding Subscription statuses. Matches the Spec.Steps array in the order. - type: array - items: - type: object - properties: - ready: - description: ReadyCondition indicates whether the Subscription is ready or not. - type: object - required: - - type - - status - properties: - lastTransitionTime: - description: LastTransitionTime is the last time the condition transitioned from one status to another. We use VolatileTime in place of metav1.Time to exclude this from creating equality.Semantic differences (all other things held constant). - type: string - message: - description: A human readable message indicating details about the transition. - type: string - reason: - description: The reason for the condition's last transition. - type: string - severity: - description: Severity with which to treat failures of this type of condition. When this is not specified, it defaults to Error. - type: string - status: - description: Status of the condition, one of True, False, Unknown. - type: string - type: - description: Type of condition. - type: string - subscription: - description: Subscription is the reference to the underlying Subscription. - type: object - properties: - apiVersion: - description: API version of the referent. - type: string - fieldPath: - description: 'If referring to a piece of an object instead of an entire object, this string should contain a valid JSON/Go field access statement, such as desiredState.manifest.containers[2]. For example, if the object reference is to a container within a pod, this would take on a value like: "spec.containers{name}" (where "name" refers to the name of the container that triggered the event) or if no container name is specified "spec.containers[2]" (container with index 2 in this pod). This syntax is chosen only to have some well-defined way of referencing a part of an object.' - type: string - kind: - description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - namespace: - description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' - type: string - resourceVersion: - description: 'Specific resourceVersion to which this reference is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency' - type: string - uid: - description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids' - type: string - additionalPrinterColumns: - - name: URL - type: string - jsonPath: .status.address.url - - name: Age - type: date - jsonPath: .metadata.creationTimestamp - - name: Ready - type: string - jsonPath: ".status.conditions[?(@.type==\"Ready\")].status" - - name: Reason - type: string - jsonPath: ".status.conditions[?(@.type==\"Ready\")].reason" - names: - kind: Sequence - plural: sequences - singular: sequence - categories: - - all - - knative - - flows - scope: Namespaced - ---- -# Copyright 2020 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - labels: - eventing.knative.dev/release: "v1.8.2" - eventing.knative.dev/source: "true" - duck.knative.dev/source: "true" - duck.knative.dev/binding: "true" - knative.dev/crd-install: "true" - app.kubernetes.io/version: "1.8.2" - app.kubernetes.io/name: knative-eventing - name: sinkbindings.sources.knative.dev -spec: - group: sources.knative.dev - versions: - - name: v1 - served: true - storage: true - subresources: - status: {} - schema: - openAPIV3Schema: - description: 'SinkBinding describes a Binding that is also a Source. The `sink` (from the Source duck) is resolved to a URL and then projected into the `subject` by augmenting the runtime contract of the referenced containers to have a `K_SINK` environment variable holding the endpoint to which to send cloud events.' - type: object - properties: - spec: - type: object - properties: - ceOverrides: - description: CloudEventOverrides defines overrides to control the output format and modifications of the event sent to the sink. - type: object - properties: - extensions: - description: Extensions specify what attribute are added or overridden on the outbound event. Each `Extensions` key-value pair are set on the event as an attribute extension independently. - type: object - x-kubernetes-preserve-unknown-fields: true - sink: - description: Sink is a reference to an object that will resolve to a uri to use as the sink. - type: object - properties: - ref: - description: Ref points to an Addressable. - type: object - properties: - apiVersion: - description: API version of the referent. - type: string - kind: - description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - namespace: - description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ This is optional field, it gets defaulted to the object holding it if left out.' - type: string - uri: - description: URI can be an absolute URL(non-empty scheme and non-empty host) pointing to the target or a relative URI. Relative URIs will be resolved using the base URI retrieved from Ref. - type: string - subject: - description: Subject references the resource(s) whose "runtime contract" should be augmented by Binding implementations. - type: object - properties: - apiVersion: - description: API version of the referent. - type: string - kind: - description: Kind of the referent. - type: string - name: - description: Name of the referent. Mutually exclusive with Selector. - type: string - namespace: - description: Namespace of the referent. - type: string - selector: - description: Selector of the referents. Mutually exclusive with Name. - type: object - properties: - matchExpressions: - description: matchExpressions is a list of label selector requirements. The requirements are ANDed. - type: array - items: - type: object - properties: - key: - description: key is the label key that the selector applies to. - type: string - operator: - description: operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. - type: string - values: - description: values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. - type: array - items: - type: string - matchLabels: - description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. - type: object - x-kubernetes-preserve-unknown-fields: true - status: - type: object - properties: - annotations: - description: Annotations is additional Status fields for the Resource to save some additional State as well as convey more information to the user. This is roughly akin to Annotations on any k8s resource, just the reconciler conveying richer information outwards. - type: object - x-kubernetes-preserve-unknown-fields: true - ceAttributes: - description: CloudEventAttributes are the specific attributes that the Source uses as part of its CloudEvents. - type: array - items: - type: object - properties: - source: - description: Source is the CloudEvents source attribute. - type: string - type: - description: Type refers to the CloudEvent type attribute. - type: string - conditions: - description: Conditions the latest available observations of a resource's current state. - type: array - items: - type: object - required: - - type - - status - properties: - lastTransitionTime: - description: LastTransitionTime is the last time the condition transitioned from one status to another. We use VolatileTime in place of metav1.Time to exclude this from creating equality.Semantic differences (all other things held constant). - type: string - message: - description: A human readable message indicating details about the transition. - type: string - reason: - description: The reason for the condition's last transition. - type: string - severity: - description: Severity with which to treat failures of this type of condition. When this is not specified, it defaults to Error. - type: string - status: - description: Status of the condition, one of True, False, Unknown. - type: string - type: - description: Type of condition. - type: string - observedGeneration: - description: ObservedGeneration is the 'Generation' of the Service that was last processed by the controller. - type: integer - format: int64 - sinkUri: - description: SinkURI is the current active sink URI that has been configured for the Source. - type: string - additionalPrinterColumns: - - name: Sink - type: string - jsonPath: ".status.sinkUri" - - name: Age - type: date - jsonPath: .metadata.creationTimestamp - - name: Ready - type: string - jsonPath: ".status.conditions[?(@.type=='Ready')].status" - - name: Reason - type: string - jsonPath: ".status.conditions[?(@.type=='Ready')].reason" - names: - categories: - - all - - knative - - sources - - bindings - kind: SinkBinding - plural: sinkbindings - singular: sinkbinding - scope: Namespaced - ---- -# Copyright 2020 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - name: subscriptions.messaging.knative.dev - labels: - eventing.knative.dev/release: "v1.8.2" - knative.dev/crd-install: "true" - app.kubernetes.io/version: "1.8.2" - app.kubernetes.io/name: knative-eventing -spec: - group: messaging.knative.dev - versions: - - name: v1 - served: true - storage: true - subresources: - status: {} - schema: - openAPIV3Schema: - description: 'Subscription routes events received on a Channel to a DNS name and corresponds to the subscriptions.channels.knative.dev CRD.' - type: object - properties: - spec: - type: object - properties: - channel: - description: 'Reference to a channel that will be used to create the subscription. You can specify only the following fields of the KReference: kind, apiVersion and name. The resource pointed by this KReference must meet the contract to the ChannelableSpec duck type. If the resource does not meet this contract it will be reflected in the Subscription''s status. This field is immutable. We have no good answer on what happens to the events that are currently in the channel being consumed from and what the semantics there should be. For now, you can always delete the Subscription and recreate it to point to a different channel, giving the user more control over what semantics should be used (drain the channel first, possibly have events dropped, etc.)' - type: object - properties: - apiVersion: - description: API version of the referent. - type: string - kind: - description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - x-kubernetes-preserve-unknown-fields: true # This is necessary to enable the experimental feature - delivery: - description: Delivery configuration - type: object - properties: - backoffDelay: - description: 'BackoffDelay is the delay before retrying. More information on Duration format: - https://www.iso.org/iso-8601-date-and-time-format.html - https://en.wikipedia.org/wiki/ISO_8601 For linear policy, backoff delay is backoffDelay*. For exponential policy, backoff delay is backoffDelay*2^.' - type: string - backoffPolicy: - description: BackoffPolicy is the retry backoff policy (linear, exponential). - type: string - deadLetterSink: - description: DeadLetterSink is the sink receiving event that could not be sent to a destination. - type: object - properties: - ref: - description: Ref points to an Addressable. - type: object - properties: - apiVersion: - description: API version of the referent. - type: string - kind: - description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - namespace: - description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ This is optional field, it gets defaulted to the object holding it if left out.' - type: string - uri: - description: URI can be an absolute URL(non-empty scheme and non-empty host) pointing to the target or a relative URI. Relative URIs will be resolved using the base URI retrieved from Ref. - type: string - retry: - description: Retry is the minimum number of retries the sender should attempt when sending an event before moving it to the dead letter sink. - type: integer - format: int32 - x-kubernetes-preserve-unknown-fields: true # This is necessary to enable the experimental feature delivery-timeout - reply: - description: Reply specifies (optionally) how to handle events returned from the Subscriber target. - type: object - properties: - ref: - description: Ref points to an Addressable. - type: object - properties: - apiVersion: - description: API version of the referent. - type: string - kind: - description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - namespace: - description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ This is optional field, it gets defaulted to the object holding it if left out.' - type: string - uri: - description: URI can be an absolute URL(non-empty scheme and non-empty host) pointing to the target or a relative URI. Relative URIs will be resolved using the base URI retrieved from Ref. - type: string - subscriber: - description: Subscriber is reference to (optional) function for processing events. Events from the Channel will be delivered here and replies are sent to a Destination as specified by the Reply. - type: object - properties: - ref: - description: Ref points to an Addressable. - type: object - properties: - apiVersion: - description: API version of the referent. - type: string - kind: - description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - namespace: - description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ This is optional field, it gets defaulted to the object holding it if left out.' - type: string - x-kubernetes-preserve-unknown-fields: true # This is necessary to enable the experimental feature - uri: - description: URI can be an absolute URL(non-empty scheme and non-empty host) pointing to the target or a relative URI. Relative URIs will be resolved using the base URI retrieved from Ref. - type: string - status: - type: object - properties: - annotations: - description: Annotations is additional Status fields for the Resource to save some additional State as well as convey more information to the user. This is roughly akin to Annotations on any k8s resource, just the reconciler conveying richer information outwards. - type: object - x-kubernetes-preserve-unknown-fields: true - conditions: - description: Conditions the latest available observations of a resource's current state. - type: array - items: - type: object - required: - - type - - status - properties: - lastTransitionTime: - description: LastTransitionTime is the last time the condition transitioned from one status to another. We use VolatileTime in place of metav1.Time to exclude this from creating equality.Semantic differences (all other things held constant). - type: string - message: - description: A human readable message indicating details about the transition. - type: string - reason: - description: The reason for the condition's last transition. - type: string - severity: - description: Severity with which to treat failures of this type of condition. When this is not specified, it defaults to Error. - type: string - status: - description: Status of the condition, one of True, False, Unknown. - type: string - type: - description: Type of condition. - type: string - observedGeneration: - description: ObservedGeneration is the 'Generation' of the Service that was last processed by the controller. - type: integer - format: int64 - physicalSubscription: - description: PhysicalSubscription is the fully resolved values that this Subscription represents. - type: object - properties: - deadLetterSinkUri: - description: ReplyURI is the fully resolved URI for the spec.delivery.deadLetterSink. - type: string - replyUri: - description: ReplyURI is the fully resolved URI for the spec.reply. - type: string - subscriberUri: - description: SubscriberURI is the fully resolved URI for spec.subscriber. - type: string - additionalPrinterColumns: - - name: Age - type: date - jsonPath: .metadata.creationTimestamp - - name: Ready - type: string - jsonPath: ".status.conditions[?(@.type==\"Ready\")].status" - - name: Reason - type: string - jsonPath: ".status.conditions[?(@.type==\"Ready\")].reason" - names: - kind: Subscription - plural: subscriptions - singular: subscription - categories: - - all - - knative - - messaging - shortNames: - - sub - scope: Namespaced - ---- -# Copyright 2020 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - name: triggers.eventing.knative.dev - labels: - eventing.knative.dev/release: "v1.8.2" - knative.dev/crd-install: "true" - app.kubernetes.io/version: "1.8.2" - app.kubernetes.io/name: knative-eventing -spec: - group: eventing.knative.dev - versions: - - name: v1 - served: true - storage: true - subresources: - status: {} - additionalPrinterColumns: - - name: Broker - type: string - jsonPath: .spec.broker - - name: Subscriber_URI - type: string - jsonPath: .status.subscriberUri - - name: Age - type: date - jsonPath: .metadata.creationTimestamp - - name: Ready - type: string - jsonPath: ".status.conditions[?(@.type==\"Ready\")].status" - - name: Reason - type: string - jsonPath: ".status.conditions[?(@.type==\"Ready\")].reason" - schema: - openAPIV3Schema: - description: 'Trigger represents a request to have events delivered to a subscriber from a Broker''s event pool.' - type: object - properties: - spec: - description: Spec defines the desired state of the Trigger. - type: object - x-kubernetes-preserve-unknown-fields: true - properties: - broker: - description: Broker is the broker that this trigger receives events from. - type: string - delivery: - description: Delivery contains the delivery spec for this specific trigger. - type: object - x-kubernetes-preserve-unknown-fields: true # This is necessary to enable the experimental feature delivery-timeout - properties: - backoffDelay: - description: 'BackoffDelay is the delay before retrying. More information on Duration format: - https://www.iso.org/iso-8601-date-and-time-format.html - https://en.wikipedia.org/wiki/ISO_8601 For linear policy, backoff delay is backoffDelay*. For exponential policy, backoff delay is backoffDelay*2^.' - type: string - backoffPolicy: - description: BackoffPolicy is the retry backoff policy (linear, exponential). - type: string - deadLetterSink: - description: DeadLetterSink is the sink receiving event that could not be sent to a destination. - type: object - properties: - ref: - description: Ref points to an Addressable. - type: object - properties: - apiVersion: - description: API version of the referent. - type: string - kind: - description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - namespace: - description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ This is optional field, it gets defaulted to the object holding it if left out.' - type: string - uri: - description: URI can be an absolute URL(non-empty scheme and non-empty host) pointing to the target or a relative URI. Relative URIs will be resolved using the base URI retrieved from Ref. - type: string - retry: - description: Retry is the minimum number of retries the sender should attempt when sending an event before moving it to the dead letter sink. - type: integer - format: int32 - filter: - description: 'Filter is the filter to apply against all events from the Broker. Only events that pass this filter will be sent to the Subscriber. If not specified, will default to allowing all events. ' - type: object - properties: - attributes: - description: 'Attributes filters events by exact match on event context attributes. Each key in the map is compared with the equivalent key in the event context. An event passes the filter if all values are equal to the specified values. Nested context attributes are not supported as keys. Only string values are supported. ' - type: object - x-kubernetes-preserve-unknown-fields: true - subscriber: - description: Subscriber is the addressable that receives events from the Broker that pass the Filter. It is required. - type: object - properties: - ref: - description: Ref points to an Addressable. - type: object - properties: - apiVersion: - description: API version of the referent. - type: string - kind: - description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - namespace: - description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ This is optional field, it gets defaulted to the object holding it if left out.' - type: string - uri: - description: URI can be an absolute URL(non-empty scheme and non-empty host) pointing to the target or a relative URI. Relative URIs will be resolved using the base URI retrieved from Ref. - type: string - status: - description: Status represents the current state of the Trigger. This data may be out of date. - type: object - properties: - annotations: - description: Annotations is additional Status fields for the Resource to save some additional State as well as convey more information to the user. This is roughly akin to Annotations on any k8s resource, just the reconciler conveying richer information outwards. - type: object - x-kubernetes-preserve-unknown-fields: true - conditions: - description: Conditions the latest available observations of a resource's current state. - type: array - items: - type: object - required: - - type - - status - properties: - lastTransitionTime: - description: 'LastTransitionTime is the last time the condition transitioned from one status to another. We use VolatileTime in place of metav1.Time to exclude this from creating equality.Semantic differences (all other things held constant).' - type: string - message: - description: 'A human readable message indicating details about the transition.' - type: string - reason: - description: 'The reason for the condition''s last transition.' - type: string - severity: - description: 'Severity with which to treat failures of this type of condition. When this is not specified, it defaults to Error.' - type: string - status: - description: 'Status of the condition, one of True, False, Unknown.' - type: string - type: - description: 'Type of condition.' - type: string - deadLetterSinkUri: - description: DeadLetterSinkURI is the resolved URI of the dead letter sink for this Trigger, in case there is none this will fallback to it's Broker status DeadLetterSinkURI. - type: string - observedGeneration: - description: ObservedGeneration is the 'Generation' of the Service that was last processed by the controller. - type: integer - format: int64 - subscriberUri: - description: SubscriberURI is the resolved URI of the receiver for this Trigger. - type: string - names: - kind: Trigger - plural: triggers - singular: trigger - categories: - - all - - knative - - eventing - scope: Namespaced - ---- diff --git a/cmd/operator/kodata/knative-eventing/1.8.2/3-in-memory-channel.yaml b/cmd/operator/kodata/knative-eventing/1.8.2/3-in-memory-channel.yaml deleted file mode 100644 index 7cb6dbfbc4..0000000000 --- a/cmd/operator/kodata/knative-eventing/1.8.2/3-in-memory-channel.yaml +++ /dev/null @@ -1,1215 +0,0 @@ -# Copyright 2021 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: v1 -kind: ServiceAccount -metadata: - name: imc-controller - namespace: knative-eventing - labels: - eventing.knative.dev/release: "v1.8.2" - app.kubernetes.io/version: "1.8.2" - app.kubernetes.io/name: knative-eventing ---- -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRoleBinding -metadata: - name: imc-controller - labels: - eventing.knative.dev/release: "v1.8.2" - app.kubernetes.io/version: "1.8.2" - app.kubernetes.io/name: knative-eventing -subjects: - - kind: ServiceAccount - name: imc-controller - namespace: knative-eventing -roleRef: - kind: ClusterRole - name: imc-controller - apiGroup: rbac.authorization.k8s.io ---- -apiVersion: rbac.authorization.k8s.io/v1 -kind: RoleBinding -metadata: - namespace: knative-eventing - name: imc-controller - labels: - eventing.knative.dev/release: "v1.8.2" - app.kubernetes.io/version: "1.8.2" - app.kubernetes.io/name: knative-eventing -subjects: - - kind: ServiceAccount - name: imc-controller - namespace: knative-eventing -roleRef: - kind: Role - name: knative-inmemorychannel-webhook - apiGroup: rbac.authorization.k8s.io ---- -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRoleBinding -metadata: - name: imc-controller-resolver - labels: - eventing.knative.dev/release: "v1.8.2" - app.kubernetes.io/version: "1.8.2" - app.kubernetes.io/name: knative-eventing -subjects: - - kind: ServiceAccount - name: imc-controller - namespace: knative-eventing -roleRef: - kind: ClusterRole - name: addressable-resolver - apiGroup: rbac.authorization.k8s.io - ---- -# Copyright 2021 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: v1 -kind: ServiceAccount -metadata: - name: imc-dispatcher - namespace: knative-eventing - labels: - eventing.knative.dev/release: "v1.8.2" - app.kubernetes.io/version: "1.8.2" - app.kubernetes.io/name: knative-eventing ---- -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRoleBinding -metadata: - name: imc-dispatcher - labels: - eventing.knative.dev/release: "v1.8.2" - app.kubernetes.io/version: "1.8.2" - app.kubernetes.io/name: knative-eventing -subjects: - - kind: ServiceAccount - name: imc-dispatcher - namespace: knative-eventing -roleRef: - kind: ClusterRole - name: imc-dispatcher - apiGroup: rbac.authorization.k8s.io - ---- -# Copyright 2020 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: v1 -kind: ConfigMap -metadata: - name: config-imc-event-dispatcher - namespace: knative-eventing - labels: - eventing.knative.dev/release: "v1.8.2" - app.kubernetes.io/component: imc-controller - app.kubernetes.io/version: "1.8.2" - app.kubernetes.io/name: knative-eventing -data: - MaxIdleConnections: "1000" - MaxIdleConnectionsPerHost: "100" - ---- -# Copyright 2019 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: v1 -kind: ConfigMap -metadata: - name: config-observability - namespace: knative-eventing - labels: - eventing.knative.dev/release: "v1.8.2" - knative.dev/config-propagation: original - knative.dev/config-category: eventing - app.kubernetes.io/version: "1.8.2" - app.kubernetes.io/name: knative-eventing - annotations: - knative.dev/example-checksum: "f46cf09d" -data: - _example: | - ################################ - # # - # EXAMPLE CONFIGURATION # - # # - ################################ - - # This block is not actually functional configuration, - # but serves to illustrate the available configuration - # options and document them in a way that is accessible - # to users that `kubectl edit` this config map. - # - # These sample configuration options may be copied out of - # this example block and unindented to be in the data block - # to actually change the configuration. - - # metrics.backend-destination field specifies the system metrics destination. - # It supports either prometheus (the default) or stackdriver. - # Note: Using stackdriver will incur additional charges - metrics.backend-destination: prometheus - - # metrics.request-metrics-backend-destination specifies the request metrics - # destination. If non-empty, it enables queue proxy to send request metrics. - # Currently supported values: prometheus, stackdriver. - metrics.request-metrics-backend-destination: prometheus - - # metrics.stackdriver-project-id field specifies the stackdriver project ID. This - # field is optional. When running on GCE, application default credentials will be - # used if this field is not provided. - metrics.stackdriver-project-id: "" - - # metrics.allow-stackdriver-custom-metrics indicates whether it is allowed to send metrics to - # Stackdriver using "global" resource type and custom metric type if the - # metrics are not supported by "knative_broker", "knative_trigger", and "knative_source" resource types. - # Setting this flag to "true" could cause extra Stackdriver charge. - # If metrics.backend-destination is not Stackdriver, this is ignored. - metrics.allow-stackdriver-custom-metrics: "false" - - # profiling.enable indicates whether it is allowed to retrieve runtime profiling data from - # the pods via an HTTP server in the format expected by the pprof visualization tool. When - # enabled, the Knative Eventing pods expose the profiling data on an alternate HTTP port 8008. - # The HTTP context root for profiling is then /debug/pprof/. - profiling.enable: "false" - - # sink-event-error-reporting.enable whether the adapter reports a kube event to the CRD indicating - # a failure to send a cloud event to the sink. - sink-event-error-reporting.enable: "false" - ---- -# Copyright 2019 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: v1 -kind: ConfigMap -metadata: - name: config-tracing - namespace: knative-eventing - labels: - eventing.knative.dev/release: "v1.8.2" - knative.dev/config-propagation: original - knative.dev/config-category: eventing - app.kubernetes.io/version: "1.8.2" - app.kubernetes.io/name: knative-eventing - annotations: - knative.dev/example-checksum: "0492ceb0" -data: - _example: | - ################################ - # # - # EXAMPLE CONFIGURATION # - # # - ################################ - # This block is not actually functional configuration, - # but serves to illustrate the available configuration - # options and document them in a way that is accessible - # to users that `kubectl edit` this config map. - # - # These sample configuration options may be copied out of - # this example block and unindented to be in the data block - # to actually change the configuration. - # - # This may be "zipkin" or "none". the default is "none" - backend: "none" - - # URL to zipkin collector where traces are sent. - # This must be specified when backend is "zipkin" - zipkin-endpoint: "http://zipkin.istio-system.svc.cluster.local:9411/api/v2/spans" - - # Enable zipkin debug mode. This allows all spans to be sent to the server - # bypassing sampling. - debug: "false" - - # Percentage (0-1) of requests to trace - sample-rate: "0.1" - ---- -# Copyright 2019 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: apps/v1 -kind: Deployment -metadata: - name: imc-controller - namespace: knative-eventing - labels: - eventing.knative.dev/release: "v1.8.2" - knative.dev/high-availability: "true" - app.kubernetes.io/component: imc-controller - app.kubernetes.io/version: "1.8.2" - app.kubernetes.io/name: knative-eventing -spec: - selector: - matchLabels: &labels - messaging.knative.dev/channel: in-memory-channel - messaging.knative.dev/role: controller - template: - metadata: - labels: - !!merge <<: *labels - app.kubernetes.io/component: imc-controller - app.kubernetes.io/version: "1.8.2" - app.kubernetes.io/name: knative-eventing - spec: - affinity: - podAntiAffinity: - preferredDuringSchedulingIgnoredDuringExecution: - - podAffinityTerm: - labelSelector: - matchLabels: *labels - topologyKey: kubernetes.io/hostname - weight: 100 - serviceAccountName: imc-controller - enableServiceLinks: false - containers: - - name: controller - image: gcr.io/knative-releases/knative.dev/eventing/cmd/in_memory/channel_controller@sha256:d83ca2204cef95a9126efb51da5b6901bca51313bf80a667557db63644ff6c3e - env: - - name: WEBHOOK_NAME - value: inmemorychannel-webhook - - name: WEBHOOK_PORT - value: "8443" - - name: CONFIG_LOGGING_NAME - value: config-logging - - name: CONFIG_OBSERVABILITY_NAME - value: config-observability - - name: METRICS_DOMAIN - value: knative.dev/inmemorychannel-controller - - name: SYSTEM_NAMESPACE - valueFrom: - fieldRef: - fieldPath: metadata.namespace - - name: DISPATCHER_IMAGE - value: gcr.io/knative-releases/knative.dev/eventing/cmd/in_memory/channel_dispatcher@sha256:5da404ec96db85c1cc18677020edefcb0a520db58043364c7cb57df6e8a14c6e - - name: POD_NAME - valueFrom: - fieldRef: - fieldPath: metadata.name - securityContext: - allowPrivilegeEscalation: false - readOnlyRootFilesystem: true - runAsNonRoot: true - capabilities: - drop: - - ALL - seccompProfile: - type: RuntimeDefault - ports: - - name: metrics - containerPort: 9090 - - name: profiling - containerPort: 8008 - - name: https-webhook - containerPort: 8443 - readinessProbe: &probe - periodSeconds: 1 - httpGet: - scheme: HTTPS - port: 8443 - httpHeaders: - - name: k-kubelet-probe - value: "webhook" - livenessProbe: - !!merge <<: *probe - initialDelaySeconds: 120 - # Our webhook should gracefully terminate by lame ducking first, set this to a sufficiently - # high value that we respect whatever value it has configured for the lame duck grace period. - terminationGracePeriodSeconds: 300 ---- -apiVersion: v1 -kind: Service -metadata: - labels: - app.kubernetes.io/component: imc-controller - app.kubernetes.io/version: "1.8.2" - app.kubernetes.io/name: knative-eventing - eventing.knative.dev/release: "v1.8.2" - name: inmemorychannel-webhook - namespace: knative-eventing -spec: - ports: - - name: https-webhook - port: 443 - targetPort: 8443 - - name: http-metrics - port: 9090 - targetPort: 9090 - - name: http-profiling - port: 8008 - targetPort: 8008 - selector: - messaging.knative.dev/channel: in-memory-channel - messaging.knative.dev/role: controller - ---- -# Copyright 2019 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -apiVersion: v1 -kind: Service -metadata: - name: imc-dispatcher - namespace: knative-eventing - labels: - eventing.knative.dev/release: "v1.8.2" - messaging.knative.dev/channel: in-memory-channel - messaging.knative.dev/role: dispatcher - app.kubernetes.io/component: imc-dispatcher - app.kubernetes.io/version: "1.8.2" - app.kubernetes.io/name: knative-eventing -spec: - selector: - messaging.knative.dev/channel: in-memory-channel - messaging.knative.dev/role: dispatcher - ports: - - name: http-dispatcher - port: 80 - protocol: TCP - targetPort: 8080 - - name: http-metrics - port: 9090 - targetPort: 9090 - ---- -# Copyright 2019 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: apps/v1 -kind: Deployment -metadata: - name: imc-dispatcher - namespace: knative-eventing - labels: - eventing.knative.dev/release: "v1.8.2" - knative.dev/high-availability: "true" - app.kubernetes.io/component: imc-dispatcher - app.kubernetes.io/version: "1.8.2" - app.kubernetes.io/name: knative-eventing -spec: - selector: - matchLabels: &labels - messaging.knative.dev/channel: in-memory-channel - messaging.knative.dev/role: dispatcher - template: - metadata: - labels: - !!merge <<: *labels - app.kubernetes.io/component: imc-dispatcher - app.kubernetes.io/version: "1.8.2" - app.kubernetes.io/name: knative-eventing - spec: - affinity: - podAntiAffinity: - preferredDuringSchedulingIgnoredDuringExecution: - - podAffinityTerm: - labelSelector: - matchLabels: *labels - topologyKey: kubernetes.io/hostname - weight: 100 - serviceAccountName: imc-dispatcher - enableServiceLinks: false - containers: - - name: dispatcher - image: gcr.io/knative-releases/knative.dev/eventing/cmd/in_memory/channel_dispatcher@sha256:5da404ec96db85c1cc18677020edefcb0a520db58043364c7cb57df6e8a14c6e - readinessProbe: &probe - failureThreshold: 3 - httpGet: - path: /healthz - port: 8080 - scheme: HTTP - periodSeconds: 2 - successThreshold: 1 - timeoutSeconds: 1 - livenessProbe: - !!merge <<: *probe - initialDelaySeconds: 5 - env: - - name: CONFIG_LOGGING_NAME - value: config-logging - - name: CONFIG_OBSERVABILITY_NAME - value: config-observability - - name: METRICS_DOMAIN - value: knative.dev/inmemorychannel-dispatcher - - name: SYSTEM_NAMESPACE - valueFrom: - fieldRef: - fieldPath: metadata.namespace - - name: POD_NAME - valueFrom: - fieldRef: - fieldPath: metadata.name - - name: CONTAINER_NAME - value: dispatcher - - name: MAX_IDLE_CONNS - value: "1000" - - name: MAX_IDLE_CONNS_PER_HOST - value: "1000" - ports: - - containerPort: 8080 - name: http - protocol: TCP - - containerPort: 9090 - name: metrics - securityContext: - allowPrivilegeEscalation: false - readOnlyRootFilesystem: true - runAsNonRoot: true - capabilities: - drop: - - ALL - seccompProfile: - type: RuntimeDefault - ---- -# Copyright 2019 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - name: inmemorychannels.messaging.knative.dev - labels: - eventing.knative.dev/release: "v1.8.2" - knative.dev/crd-install: "true" - messaging.knative.dev/subscribable: "true" - duck.knative.dev/addressable: "true" - app.kubernetes.io/version: "1.8.2" - app.kubernetes.io/name: knative-eventing -spec: - group: messaging.knative.dev - versions: - - name: v1 - served: true - storage: true - subresources: - status: {} - schema: - openAPIV3Schema: - description: 'InMemoryChannel is a resource representing an in memory channel' - type: object - properties: - spec: - description: Spec defines the desired state of the Channel. - type: object - properties: - delivery: - description: DeliverySpec contains the default delivery spec for each subscription to this Channelable. Each subscription delivery spec, if any, overrides this global delivery spec. - type: object - properties: - backoffDelay: - description: 'BackoffDelay is the delay before retrying. More information on Duration format: - https://www.iso.org/iso-8601-date-and-time-format.html - https://en.wikipedia.org/wiki/ISO_8601 For linear policy, backoff delay is backoffDelay*. For exponential policy, backoff delay is backoffDelay*2^.' - type: string - backoffPolicy: - description: BackoffPolicy is the retry backoff policy (linear, exponential). - type: string - deadLetterSink: - description: DeadLetterSink is the sink receiving event that could not be sent to a destination. - type: object - properties: - ref: - description: Ref points to an Addressable. - type: object - properties: - apiVersion: - description: API version of the referent. - type: string - kind: - description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - namespace: - description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ This is optional field, it gets defaulted to the object holding it if left out.' - type: string - uri: - description: URI can be an absolute URL(non-empty scheme and non-empty host) pointing to the target or a relative URI. Relative URIs will be resolved using the base URI retrieved from Ref. - type: string - retry: - description: Retry is the minimum number of retries the sender should attempt when sending an event before moving it to the dead letter sink. - type: integer - format: int32 - x-kubernetes-preserve-unknown-fields: true # This is necessary to enable the experimental feature delivery-timeout - subscribers: - description: This is the list of subscriptions for this subscribable. - type: array - items: - type: object - properties: - delivery: - description: DeliverySpec contains options controlling the event delivery - type: object - properties: - backoffDelay: - description: 'BackoffDelay is the delay before retrying. More information on Duration format: - https://www.iso.org/iso-8601-date-and-time-format.html - https://en.wikipedia.org/wiki/ISO_8601 For linear policy, backoff delay is backoffDelay*. For exponential policy, backoff delay is backoffDelay*2^.' - type: string - backoffPolicy: - description: BackoffPolicy is the retry backoff policy (linear, exponential). - type: string - deadLetterSink: - description: DeadLetterSink is the sink receiving event that could not be sent to a destination. - type: object - properties: - ref: - description: Ref points to an Addressable. - type: object - properties: - apiVersion: - description: API version of the referent. - type: string - kind: - description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - namespace: - description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ This is optional field, it gets defaulted to the object holding it if left out.' - type: string - uri: - description: URI can be an absolute URL(non-empty scheme and non-empty host) pointing to the target or a relative URI. Relative URIs will be resolved using the base URI retrieved from Ref. - type: string - retry: - description: Retry is the minimum number of retries the sender should attempt when sending an event before moving it to the dead letter sink. - type: integer - format: int32 - x-kubernetes-preserve-unknown-fields: true # This is necessary to enable the experimental feature - generation: - description: Generation of the origin of the subscriber with uid:UID. - type: integer - format: int64 - replyUri: - description: ReplyURI is the endpoint for the reply - type: string - subscriberUri: - description: SubscriberURI is the endpoint for the subscriber - type: string - uid: - description: UID is used to understand the origin of the subscriber. - type: string - status: - description: Status represents the current state of the Channel. This data may be out of date. - type: object - properties: - address: - type: object - properties: - url: - type: string - annotations: - description: Annotations is additional Status fields for the Resource to save some additional State as well as convey more information to the user. This is roughly akin to Annotations on any k8s resource, just the reconciler conveying richer information outwards. - type: object - x-kubernetes-preserve-unknown-fields: true - conditions: - description: Conditions the latest available observations of a resource's current state. - type: array - items: - type: object - required: - - type - - status - properties: - lastTransitionTime: - description: LastTransitionTime is the last time the condition transitioned from one status to another. We use VolatileTime in place of metav1.Time to exclude this from creating equality.Semantic differences (all other things held constant). - type: string - message: - description: A human readable message indicating details about the transition. - type: string - reason: - description: The reason for the condition's last transition. - type: string - severity: - description: Severity with which to treat failures of this type of condition. When this is not specified, it defaults to Error. - type: string - status: - description: Status of the condition, one of True, False, Unknown. - type: string - type: - description: Type of condition. - type: string - deadLetterChannel: - description: DeadLetterChannel is a KReference and is set by the channel when it supports native error handling via a channel Failed messages are delivered here. - type: object - properties: - apiVersion: - description: API version of the referent. - type: string - kind: - description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - namespace: - description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ This is optional field, it gets defaulted to the object holding it if left out.' - type: string - deadLetterSinkUri: - description: DeadLetterSinkURI is the resolved URI of the dead letter ref if one is specified in the Spec.Delivery. - type: string - observedGeneration: - description: ObservedGeneration is the 'Generation' of the Service that was last processed by the controller. - type: integer - format: int64 - subscribers: - description: This is the list of subscription's statuses for this channel. - type: array - items: - type: object - properties: - message: - description: A human readable message indicating details of Ready status. - type: string - observedGeneration: - description: Generation of the origin of the subscriber with uid:UID. - type: integer - format: int64 - ready: - description: Status of the subscriber. - type: string - uid: - description: UID is used to understand the origin of the subscriber. - type: string - additionalPrinterColumns: - - name: URL - type: string - jsonPath: .status.address.url - - name: Age - type: date - jsonPath: .metadata.creationTimestamp - - name: Ready - type: string - jsonPath: ".status.conditions[?(@.type==\"Ready\")].status" - - name: Reason - type: string - jsonPath: ".status.conditions[?(@.type==\"Ready\")].reason" - names: - kind: InMemoryChannel - plural: inmemorychannels - singular: inmemorychannel - categories: - - all - - knative - - messaging - - channel - shortNames: - - imc - scope: Namespaced - ---- -# Copyright 2019 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRole -metadata: - name: imc-addressable-resolver - labels: - eventing.knative.dev/release: "v1.8.2" - duck.knative.dev/addressable: "true" - app.kubernetes.io/version: "1.8.2" - app.kubernetes.io/name: knative-eventing -# Do not use this role directly. These rules will be added to the "addressable-resolver" role. -rules: - - apiGroups: - - messaging.knative.dev - resources: - - inmemorychannels - - inmemorychannels/status - verbs: - - get - - list - - watch - ---- -# Copyright 2019 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRole -metadata: - name: imc-channelable-manipulator - labels: - eventing.knative.dev/release: "v1.8.2" - duck.knative.dev/channelable: "true" - app.kubernetes.io/version: "1.8.2" - app.kubernetes.io/name: knative-eventing -# Do not use this role directly. These rules will be added to the "channelable-manipulator" role. -rules: - - apiGroups: - - messaging.knative.dev - resources: - - inmemorychannels - - inmemorychannels/status - verbs: - - create - - get - - list - - watch - - update - - patch - - delete - ---- -# Copyright 2019 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRole -metadata: - name: imc-controller - labels: - eventing.knative.dev/release: "v1.8.2" - app.kubernetes.io/version: "1.8.2" - app.kubernetes.io/name: knative-eventing -rules: - - apiGroups: - - messaging.knative.dev - resources: - - inmemorychannels - - inmemorychannels/status - verbs: - - get - - list - - watch - - update - - apiGroups: - - messaging.knative.dev - resources: - - inmemorychannels/finalizers - verbs: - - update - - apiGroups: - - messaging.knative.dev - resources: - - inmemorychannels/finalizers - - inmemorychannels/status - - inmemorychannels - verbs: - - patch - - apiGroups: - - "" - resources: - - services - - serviceaccounts - verbs: &everything - - get - - list - - watch - - create - - update - - patch - - apiGroups: - - "" - resources: - - endpoints - verbs: - - get - - list - - watch - - apiGroups: - - "rbac.authorization.k8s.io" - resources: - - rolebindings - verbs: *everything - - apiGroups: - - apps - resources: - - deployments - verbs: *everything - - apiGroups: - - apps - resources: - - deployments/status - verbs: - - get - - list - - watch - - apiGroups: - - "" - resources: - - configmaps - verbs: - - get - - list - - watch - - apiGroups: - - "" - resources: - - events - verbs: - - create - - patch - - apiGroups: - - coordination.k8s.io - resources: - - leases - verbs: *everything - # For actually registering our webhook. - - apiGroups: - - "admissionregistration.k8s.io" - resources: - - "mutatingwebhookconfigurations" - - "validatingwebhookconfigurations" - verbs: &everything - - "get" - - "list" - - "create" - - "update" - - "delete" - - "patch" - - "watch" - # For manipulating certs into secrets. - - apiGroups: - - "" - resources: - - "namespaces" - verbs: - - "get" - - "create" - - "update" - - "list" - - "watch" - - "patch" - # finalizers are needed for the owner reference of the webhook - - apiGroups: - - "" - resources: - - "namespaces/finalizers" - verbs: - - "update" - ---- -# Copyright 2019 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRole -metadata: - name: imc-dispatcher - labels: - eventing.knative.dev/release: "v1.8.2" - app.kubernetes.io/version: "1.8.2" - app.kubernetes.io/name: knative-eventing -rules: - - apiGroups: - - messaging.knative.dev - resources: - - inmemorychannels - - inmemorychannels/status - verbs: - - get - - list - - watch - - apiGroups: - - "" # Core API group. - resources: - - configmaps - verbs: - - get - - list - - watch - - apiGroups: - - "" - resources: - - events - verbs: - - create - - patch - # Updates the finalizer so we can remove our handlers when channel is deleted - # Patches the status.subscribers to reflect when the subscription dataplane has been - # configured. - - apiGroups: - - messaging.knative.dev - resources: - - inmemorychannels/finalizers - - inmemorychannels/status - - inmemorychannels - verbs: - - patch - - apiGroups: - - coordination.k8s.io - resources: - - leases - verbs: - - get - - list - - watch - - create - - update - - patch - ---- -# Copyright 2020 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: rbac.authorization.k8s.io/v1 -kind: Role -metadata: - namespace: knative-eventing - name: knative-inmemorychannel-webhook - labels: - eventing.knative.dev/release: "v1.8.2" - app.kubernetes.io/version: "1.8.2" - app.kubernetes.io/name: knative-eventing -rules: - # For manipulating certs into secrets. - - apiGroups: - - "" - resources: - - "secrets" - verbs: - - "get" - - "create" - - "update" - - "list" - - "watch" - - "patch" - ---- -# Copyright 2021 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: admissionregistration.k8s.io/v1 -kind: MutatingWebhookConfiguration -metadata: - name: inmemorychannel.eventing.knative.dev - labels: - eventing.knative.dev/release: "v1.8.2" - app.kubernetes.io/version: "1.8.2" - app.kubernetes.io/name: knative-eventing -webhooks: - - admissionReviewVersions: ["v1"] - clientConfig: - service: - name: inmemorychannel-webhook - namespace: knative-eventing - sideEffects: None - failurePolicy: Fail - name: inmemorychannel.eventing.knative.dev - timeoutSeconds: 10 - ---- -# Copyright 2021 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: admissionregistration.k8s.io/v1 -kind: ValidatingWebhookConfiguration -metadata: - name: validation.inmemorychannel.eventing.knative.dev - labels: - eventing.knative.dev/release: "v1.8.2" - app.kubernetes.io/version: "1.8.2" - app.kubernetes.io/name: knative-eventing -webhooks: - - admissionReviewVersions: ["v1"] - clientConfig: - service: - name: inmemorychannel-webhook - namespace: knative-eventing - sideEffects: None - failurePolicy: Fail - name: validation.inmemorychannel.eventing.knative.dev - timeoutSeconds: 10 - ---- -# Copyright 2021 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: v1 -kind: Secret -metadata: - name: inmemorychannel-webhook-certs - namespace: knative-eventing - labels: - eventing.knative.dev/release: "v1.8.2" - app.kubernetes.io/version: "1.8.2" - app.kubernetes.io/name: knative-eventing -# The data is populated at install time. - ---- diff --git a/cmd/operator/kodata/knative-eventing/1.8.2/4-mt-channel-broker.yaml b/cmd/operator/kodata/knative-eventing/1.8.2/4-mt-channel-broker.yaml deleted file mode 100644 index 0c3797588c..0000000000 --- a/cmd/operator/kodata/knative-eventing/1.8.2/4-mt-channel-broker.yaml +++ /dev/null @@ -1,675 +0,0 @@ -# Copyright 2020 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRole -metadata: - name: knative-eventing-mt-channel-broker-controller - labels: - eventing.knative.dev/release: "v1.8.2" - app.kubernetes.io/version: "1.8.2" - app.kubernetes.io/name: knative-eventing -rules: - # Configs resources and status we care about. - - apiGroups: - - "" - resources: - - "namespaces/finalizers" - verbs: - - "update" - - apiGroups: - - coordination.k8s.io - resources: - - leases - verbs: - - "get" - - "list" - - "create" - - "update" - - "delete" - - "patch" - - "watch" - ---- -# Copyright 2020 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRole -metadata: - name: knative-eventing-mt-broker-filter - labels: - eventing.knative.dev/release: "v1.8.2" - app.kubernetes.io/version: "1.8.2" - app.kubernetes.io/name: knative-eventing -rules: - - apiGroups: - - eventing.knative.dev - resources: - - triggers - - triggers/status - verbs: - - get - - list - - watch - - apiGroups: - - "" - resources: - - "configmaps" - verbs: - - get - - list - - watch - ---- -# Copyright 2020 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -apiVersion: v1 -kind: ServiceAccount -metadata: - name: mt-broker-filter - namespace: knative-eventing - labels: - eventing.knative.dev/release: "v1.8.2" - app.kubernetes.io/version: "1.8.2" - app.kubernetes.io/name: knative-eventing - ---- -# Copyright 2020 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRole -metadata: - name: knative-eventing-mt-broker-ingress - labels: - eventing.knative.dev/release: "v1.8.2" - app.kubernetes.io/version: "1.8.2" - app.kubernetes.io/name: knative-eventing -rules: - - apiGroups: - - eventing.knative.dev - resources: - - brokers - verbs: - - get - - list - - watch - - apiGroups: - - "" - resources: - - "configmaps" - verbs: - - get - - list - - watch - ---- -# Copyright 2020 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -apiVersion: v1 -kind: ServiceAccount -metadata: - name: mt-broker-ingress - namespace: knative-eventing - labels: - eventing.knative.dev/release: "v1.8.2" - app.kubernetes.io/version: "1.8.2" - app.kubernetes.io/name: knative-eventing - ---- -# Copyright 2020 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRoleBinding -metadata: - name: eventing-mt-channel-broker-controller - labels: - eventing.knative.dev/release: "v1.8.2" - app.kubernetes.io/version: "1.8.2" - app.kubernetes.io/name: knative-eventing -subjects: - - kind: ServiceAccount - name: eventing-controller - namespace: knative-eventing -roleRef: - kind: ClusterRole - name: knative-eventing-mt-channel-broker-controller - apiGroup: rbac.authorization.k8s.io - ---- -# Copyright 2020 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRoleBinding -metadata: - name: knative-eventing-mt-broker-filter - labels: - eventing.knative.dev/release: "v1.8.2" - app.kubernetes.io/version: "1.8.2" - app.kubernetes.io/name: knative-eventing -subjects: - - kind: ServiceAccount - name: mt-broker-filter - namespace: knative-eventing -roleRef: - kind: ClusterRole - name: knative-eventing-mt-broker-filter - apiGroup: rbac.authorization.k8s.io - ---- -# Copyright 2020 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRoleBinding -metadata: - name: knative-eventing-mt-broker-ingress - labels: - eventing.knative.dev/release: "v1.8.2" - app.kubernetes.io/version: "1.8.2" - app.kubernetes.io/name: knative-eventing -subjects: - - kind: ServiceAccount - name: mt-broker-ingress - namespace: knative-eventing -roleRef: - kind: ClusterRole - name: knative-eventing-mt-broker-ingress - apiGroup: rbac.authorization.k8s.io - ---- -# Copyright 2020 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: apps/v1 -kind: Deployment -metadata: - name: mt-broker-filter - namespace: knative-eventing - labels: - eventing.knative.dev/release: "v1.8.2" - app.kubernetes.io/component: broker-filter - app.kubernetes.io/version: "1.8.2" - app.kubernetes.io/name: knative-eventing -spec: - selector: - matchLabels: - eventing.knative.dev/brokerRole: filter - template: - metadata: - labels: - eventing.knative.dev/brokerRole: filter - eventing.knative.dev/release: "v1.8.2" - app.kubernetes.io/component: broker-filter - app.kubernetes.io/version: "1.8.2" - app.kubernetes.io/name: knative-eventing - spec: - serviceAccountName: mt-broker-filter - enableServiceLinks: false - containers: - - name: filter - terminationMessagePolicy: FallbackToLogsOnError - image: gcr.io/knative-releases/knative.dev/eventing/cmd/broker/filter@sha256:f5a4d7ae2458d816b44533a9cf9564fa5c5e4f0277fae0e686f0fa602ae266f9 - readinessProbe: &probe - failureThreshold: 3 - httpGet: - path: /healthz - port: 8080 - scheme: HTTP - periodSeconds: 2 - successThreshold: 1 - timeoutSeconds: 1 - livenessProbe: - !!merge <<: *probe - initialDelaySeconds: 5 - resources: - requests: - cpu: 100m - memory: 100Mi - ports: - - containerPort: 8080 - name: http - protocol: TCP - - containerPort: 9092 - name: metrics - protocol: TCP - terminationMessagePath: /dev/termination-log - env: - - name: SYSTEM_NAMESPACE - valueFrom: - fieldRef: - fieldPath: metadata.namespace - - name: NAMESPACE - valueFrom: - fieldRef: - apiVersion: v1 - fieldPath: metadata.namespace - - name: POD_NAME - valueFrom: - fieldRef: - apiVersion: v1 - fieldPath: metadata.name - - name: CONTAINER_NAME - value: filter - - name: CONFIG_LOGGING_NAME - value: config-logging - - name: CONFIG_OBSERVABILITY_NAME - value: config-observability - - name: METRICS_DOMAIN - value: knative.dev/internal/eventing - - name: FILTER_PORT - value: "8080" - securityContext: - allowPrivilegeEscalation: false - readOnlyRootFilesystem: true - runAsNonRoot: true - capabilities: - drop: - - ALL - seccompProfile: - type: RuntimeDefault ---- -apiVersion: v1 -kind: Service -metadata: - labels: - eventing.knative.dev/brokerRole: filter - eventing.knative.dev/release: "v1.8.2" - app.kubernetes.io/component: broker-filter - app.kubernetes.io/version: "1.8.2" - app.kubernetes.io/name: knative-eventing - name: broker-filter - namespace: knative-eventing -spec: - ports: - - name: http - port: 80 - protocol: TCP - targetPort: 8080 - - name: http-metrics - port: 9092 - protocol: TCP - targetPort: 9092 - selector: - eventing.knative.dev/brokerRole: filter - ---- -# Copyright 2020 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: apps/v1 -kind: Deployment -metadata: - name: mt-broker-ingress - namespace: knative-eventing - labels: - eventing.knative.dev/release: "v1.8.2" - app.kubernetes.io/component: broker-ingress - app.kubernetes.io/version: "1.8.2" - app.kubernetes.io/name: knative-eventing -spec: - selector: - matchLabels: - eventing.knative.dev/brokerRole: ingress - template: - metadata: - labels: - eventing.knative.dev/brokerRole: ingress - eventing.knative.dev/release: "v1.8.2" - app.kubernetes.io/component: broker-ingress - app.kubernetes.io/version: "1.8.2" - app.kubernetes.io/name: knative-eventing - spec: - serviceAccountName: mt-broker-ingress - enableServiceLinks: false - containers: - - name: ingress - terminationMessagePolicy: FallbackToLogsOnError - image: gcr.io/knative-releases/knative.dev/eventing/cmd/broker/ingress@sha256:51e58681927bee495aed87db55ec1b8a9541d98f48f3503aa651eb027dfd6723 - readinessProbe: &probe - failureThreshold: 3 - httpGet: - path: /healthz - port: 8080 - scheme: HTTP - periodSeconds: 2 - successThreshold: 1 - timeoutSeconds: 1 - livenessProbe: - !!merge <<: *probe - initialDelaySeconds: 5 - resources: - requests: - cpu: 100m - memory: 100Mi - ports: - - containerPort: 8080 - name: http - protocol: TCP - - containerPort: 9092 - name: metrics - protocol: TCP - terminationMessagePath: /dev/termination-log - env: - - name: SYSTEM_NAMESPACE - valueFrom: - fieldRef: - fieldPath: metadata.namespace - - name: NAMESPACE - valueFrom: - fieldRef: - apiVersion: v1 - fieldPath: metadata.namespace - - name: POD_NAME - valueFrom: - fieldRef: - apiVersion: v1 - fieldPath: metadata.name - - name: CONTAINER_NAME - value: ingress - - name: CONFIG_LOGGING_NAME - value: config-logging - - name: CONFIG_OBSERVABILITY_NAME - value: config-observability - - name: METRICS_DOMAIN - value: knative.dev/internal/eventing - - name: INGRESS_PORT - value: "8080" - securityContext: - allowPrivilegeEscalation: false - readOnlyRootFilesystem: true - runAsNonRoot: true - capabilities: - drop: - - ALL - seccompProfile: - type: RuntimeDefault ---- -apiVersion: v1 -kind: Service -metadata: - labels: - eventing.knative.dev/brokerRole: ingress - eventing.knative.dev/release: "v1.8.2" - app.kubernetes.io/component: broker-ingress - app.kubernetes.io/version: "1.8.2" - app.kubernetes.io/name: knative-eventing - name: broker-ingress - namespace: knative-eventing -spec: - ports: - - name: http - port: 80 - protocol: TCP - targetPort: 8080 - - name: http-metrics - port: 9092 - protocol: TCP - targetPort: 9092 - selector: - eventing.knative.dev/brokerRole: ingress - ---- -# Copyright 2020 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: apps/v1 -kind: Deployment -metadata: - name: mt-broker-controller - namespace: knative-eventing - labels: - eventing.knative.dev/release: "v1.8.2" - app.kubernetes.io/component: mt-broker-controller - app.kubernetes.io/version: "1.8.2" - app.kubernetes.io/name: knative-eventing -spec: - selector: - matchLabels: - app: mt-broker-controller - template: - metadata: - labels: - app: mt-broker-controller - eventing.knative.dev/release: "v1.8.2" - app.kubernetes.io/component: broker-controller - app.kubernetes.io/version: "1.8.2" - app.kubernetes.io/name: knative-eventing - spec: - # To avoid node becoming SPOF, spread our replicas to different nodes. - affinity: - podAntiAffinity: - preferredDuringSchedulingIgnoredDuringExecution: - - podAffinityTerm: - labelSelector: - matchLabels: - app: mt-broker-controller - topologyKey: kubernetes.io/hostname - weight: 100 - serviceAccountName: eventing-controller - enableServiceLinks: false - containers: - - name: mt-broker-controller - terminationMessagePolicy: FallbackToLogsOnError - image: gcr.io/knative-releases/knative.dev/eventing/cmd/mtchannel_broker@sha256:f9dc012649a00d4e1bd7fe1d6a4730e501963b377077e1811afb864672f9b3f3 - resources: - requests: - cpu: 100m - memory: 100Mi - env: - - name: SYSTEM_NAMESPACE - valueFrom: - fieldRef: - fieldPath: metadata.namespace - - name: CONFIG_LOGGING_NAME - value: config-logging - - name: CONFIG_OBSERVABILITY_NAME - value: config-observability - - name: METRICS_DOMAIN - value: knative.dev/eventing - - name: POD_NAME - valueFrom: - fieldRef: - fieldPath: metadata.name - securityContext: - allowPrivilegeEscalation: false - readOnlyRootFilesystem: true - runAsNonRoot: true - capabilities: - drop: - - ALL - seccompProfile: - type: RuntimeDefault - ports: - - name: metrics - containerPort: 9090 - - name: profiling - containerPort: 8008 - ---- -# Copyright 2020 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: autoscaling/v2 -kind: HorizontalPodAutoscaler -metadata: - name: broker-ingress-hpa - namespace: knative-eventing - labels: - eventing.knative.dev/release: "v1.8.2" - app.kubernetes.io/component: broker-ingress - app.kubernetes.io/version: "1.8.2" - app.kubernetes.io/name: knative-eventing -spec: - scaleTargetRef: - apiVersion: apps/v1 - kind: Deployment - name: mt-broker-ingress - minReplicas: 1 - maxReplicas: 10 - metrics: - - type: Resource - resource: - name: cpu - target: - type: Utilization - averageUtilization: 70 ---- -apiVersion: autoscaling/v2 -kind: HorizontalPodAutoscaler -metadata: - name: broker-filter-hpa - namespace: knative-eventing - labels: - eventing.knative.dev/release: "v1.8.2" - app.kubernetes.io/component: broker-filter - app.kubernetes.io/version: "1.8.2" - app.kubernetes.io/name: knative-eventing -spec: - scaleTargetRef: - apiVersion: apps/v1 - kind: Deployment - name: mt-broker-filter - minReplicas: 1 - maxReplicas: 10 - metrics: - - type: Resource - resource: - name: cpu - target: - type: Utilization - averageUtilization: 70 - ---- diff --git a/cmd/operator/kodata/knative-eventing/1.8.2/5-eventing-post-install.yaml b/cmd/operator/kodata/knative-eventing/1.8.2/5-eventing-post-install.yaml deleted file mode 100644 index b184fb7cf8..0000000000 --- a/cmd/operator/kodata/knative-eventing/1.8.2/5-eventing-post-install.yaml +++ /dev/null @@ -1,231 +0,0 @@ -# Copyright 2020 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRole -metadata: - name: knative-eventing-post-install-job-role - labels: - app.kubernetes.io/version: "1.8.2" - app.kubernetes.io/name: knative-eventing - eventing.knative.dev/release: "v1.8.2" -rules: - # Storage version upgrader needs to be able to patch CRDs. - - apiGroups: - - "apiextensions.k8s.io" - resources: - - "customresourcedefinitions" - - "customresourcedefinitions/status" - verbs: - - "get" - - "list" - - "update" - - "patch" - - "watch" - # Our own resources we care about. - - apiGroups: - - "sources.knative.dev" - resources: - - "apiserversources" - - "apiserversources/finalizers" - - "apiserversources/status" - - "containersources" - - "containersources/finalizers" - - "containersources/status" - - "pingsources" - - "pingsources/finalizers" - - "pingsources/status" - - "sinkbindings" - - "sinkbindings/finalizers" - - "sinkbindings/status" - verbs: - - "get" - - "list" - - "create" - - "update" - - "patch" - - "watch" - - apiGroups: - - "eventing.knative.dev" - resources: - - "brokers" - - "brokers/finalizers" - - "brokers/status" - - "eventtypes" - - "eventtypes/finalizers" - - "eventtypes/status" - - "triggers" - - "triggers/finalizers" - - "triggers/status" - verbs: - - "get" - - "list" - - "create" - - "update" - - "patch" - - "watch" - - apiGroups: - - "messaging.knative.dev" - resources: - - "channels" - - "channels/finalizers" - - "channels/status" - - "inmemorychannels" - - "inmemorychannels/finalizers" - - "inmemorychannels/status" - - "subscriptions" - - "subscriptions/finalizers" - - "subscriptions/status" - verbs: - - "get" - - "list" - - "create" - - "update" - - "patch" - - "watch" - - apiGroups: - - "flows.knative.dev" - resources: - - "parallels" - - "parallels/finalizers" - - "parallels/status" - - "sequences" - - "sequences/finalizers" - - "sequences/status" - verbs: - - "get" - - "list" - - "create" - - "update" - - "patch" - - "watch" - - apiGroups: - - "" - resources: - - "namespaces" - verbs: - - "get" - - "list" - ---- -# Copyright 2020 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: v1 -kind: ServiceAccount -metadata: - name: knative-eventing-post-install-job - namespace: knative-eventing - labels: - eventing.knative.dev/release: "v1.8.2" - app.kubernetes.io/version: "1.8.2" - app.kubernetes.io/name: knative-eventing ---- -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRoleBinding -metadata: - name: knative-eventing-post-install-job-role-binding - labels: - eventing.knative.dev/release: "v1.8.2" - app.kubernetes.io/version: "1.8.2" - app.kubernetes.io/name: knative-eventing -subjects: - - kind: ServiceAccount - name: knative-eventing-post-install-job - namespace: knative-eventing -roleRef: - kind: ClusterRole - name: knative-eventing-post-install-job-role - apiGroup: rbac.authorization.k8s.io - ---- -# Copyright 2020 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: batch/v1 -kind: Job -metadata: - generateName: storage-version-migration-eventing- - namespace: knative-eventing - labels: - app: "storage-version-migration-eventing" - app.kubernetes.io/name: knative-eventing - app.kubernetes.io/component: storage-version-migration-job - app.kubernetes.io/version: "1.8.2" - eventing.knative.dev/release: "v1.8.2" -spec: - ttlSecondsAfterFinished: 600 - backoffLimit: 10 - template: - metadata: - labels: - app: "storage-version-migration-eventing" - app.kubernetes.io/name: knative-eventing - app.kubernetes.io/component: storage-version-migration-job - app.kubernetes.io/version: "1.8.2" - eventing.knative.dev/release: "v1.8.2" - annotations: - sidecar.istio.io/inject: "false" - spec: - serviceAccountName: knative-eventing-post-install-job - restartPolicy: OnFailure - containers: - - name: migrate - image: gcr.io/knative-releases/knative.dev/pkg/apiextensions/storageversion/cmd/migrate@sha256:bb95337552b07e1a52d6205a95342317b1b081b6b57ef7764c0d59c466978b6f - args: - - "apiserversources.sources.knative.dev" - - "brokers.eventing.knative.dev" - - "channels.messaging.knative.dev" - - "containersources.sources.knative.dev" - - "eventtypes.eventing.knative.dev" - - "inmemorychannels.messaging.knative.dev" - - "parallels.flows.knative.dev" - - "pingsources.sources.knative.dev" - - "sequences.flows.knative.dev" - - "sinkbindings.sources.knative.dev" - - "subscriptions.messaging.knative.dev" - - "triggers.eventing.knative.dev" - securityContext: - allowPrivilegeEscalation: false - readOnlyRootFilesystem: true - runAsNonRoot: true - capabilities: - drop: - - ALL - seccompProfile: - type: RuntimeDefault - ---- diff --git a/cmd/operator/kodata/knative-eventing/1.8.3/1-eventing-crds.yaml b/cmd/operator/kodata/knative-eventing/1.8.3/1-eventing-crds.yaml deleted file mode 100644 index c658505549..0000000000 --- a/cmd/operator/kodata/knative-eventing/1.8.3/1-eventing-crds.yaml +++ /dev/null @@ -1,2296 +0,0 @@ -# Copyright 2020 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - creationTimestamp: null - labels: - eventing.knative.dev/release: "v1.8.3" - eventing.knative.dev/source: "true" - duck.knative.dev/source: "true" - knative.dev/crd-install: "true" - app.kubernetes.io/version: "1.8.3" - app.kubernetes.io/name: knative-eventing - annotations: - # TODO add schemas and descriptions - registry.knative.dev/eventTypes: | - [ - { "type": "dev.knative.apiserver.resource.add" }, - { "type": "dev.knative.apiserver.resource.delete" }, - { "type": "dev.knative.apiserver.resource.update" }, - { "type": "dev.knative.apiserver.ref.add" }, - { "type": "dev.knative.apiserver.ref.delete" }, - { "type": "dev.knative.apiserver.ref.update" } - ] - name: apiserversources.sources.knative.dev -spec: - group: sources.knative.dev - versions: - - name: v1 - served: true - storage: true - subresources: - status: {} - schema: - openAPIV3Schema: - description: 'ApiServerSource is an event source that brings Kubernetes API server events into Knative.' - type: object - properties: - spec: - type: object - required: - - resources - properties: - ceOverrides: - description: CloudEventOverrides defines overrides to control the output format and modifications of the event sent to the sink. - type: object - properties: - extensions: - description: Extensions specify what attribute are added or overridden on the outbound event. Each `Extensions` key-value pair are set on the event as an attribute extension independently. - type: object - x-kubernetes-preserve-unknown-fields: true - mode: - description: EventMode controls the format of the event. `Reference` sends a dataref event type for the resource under watch. `Resource` send the full resource lifecycle event. Defaults to `Reference` - type: string - owner: - description: ResourceOwner is an additional filter to only track resources that are owned by a specific resource type. If ResourceOwner matches Resources[n] then Resources[n] is allowed to pass the ResourceOwner filter. - type: object - properties: - apiVersion: - description: APIVersion - the API version of the resource to watch. - type: string - kind: - description: 'Kind of the resource to watch. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - resources: - description: Resource are the resources this source will track and send related lifecycle events from the Kubernetes ApiServer, with an optional label selector to help filter. - type: array - items: - type: object - properties: - apiVersion: - description: APIVersion - the API version of the resource to watch. - type: string - kind: - description: 'Kind of the resource to watch. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - selector: - description: 'LabelSelector filters this source to objects to those resources pass the label selector. More info: http://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#label-selectors' - type: object - properties: - matchExpressions: - description: matchExpressions is a list of label selector requirements. The requirements are ANDed. - type: array - items: - type: object - properties: - key: - description: key is the label key that the selector applies to. - type: string - operator: - description: operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. - type: string - values: - description: values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. - type: array - items: - type: string - matchLabels: - description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. - type: object - x-kubernetes-preserve-unknown-fields: true - serviceAccountName: - description: ServiceAccountName is the name of the ServiceAccount to use to run this source. Defaults to default if not set. - type: string - sink: - description: Sink is a reference to an object that will resolve to a uri to use as the sink. - type: object - properties: - ref: - description: Ref points to an Addressable. - type: object - properties: - apiVersion: - description: API version of the referent. - type: string - kind: - description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - namespace: - description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ This is optional field, it gets defaulted to the object holding it if left out.' - type: string - uri: - description: URI can be an absolute URL(non-empty scheme and non-empty host) pointing to the target or a relative URI. Relative URIs will be resolved using the base URI retrieved from Ref. - type: string - status: - type: object - properties: - annotations: - description: Annotations is additional Status fields for the Resource to save some additional State as well as convey more information to the user. This is roughly akin to Annotations on any k8s resource, just the reconciler conveying richer information outwards. - type: object - x-kubernetes-preserve-unknown-fields: true - ceAttributes: - description: CloudEventAttributes are the specific attributes that the Source uses as part of its CloudEvents. - type: array - items: - type: object - properties: - source: - description: Source is the CloudEvents source attribute. - type: string - type: - description: Type refers to the CloudEvent type attribute. - type: string - conditions: - description: Conditions the latest available observations of a resource's current state. - type: array - items: - type: object - required: - - type - - status - properties: - lastTransitionTime: - description: LastTransitionTime is the last time the condition transitioned from one status to another. We use VolatileTime in place of metav1.Time to exclude this from creating equality.Semantic differences (all other things held constant). - type: string - message: - description: A human readable message indicating details about the transition. - type: string - reason: - description: The reason for the condition's last transition. - type: string - severity: - description: Severity with which to treat failures of this type of condition. When this is not specified, it defaults to Error. - type: string - status: - description: Status of the condition, one of True, False, Unknown. - type: string - type: - description: Type of condition. - type: string - observedGeneration: - description: ObservedGeneration is the 'Generation' of the Service that was last processed by the controller. - type: integer - format: int64 - sinkUri: - description: SinkURI is the current active sink URI that has been configured for the Source. - type: string - additionalPrinterColumns: - - name: Sink - type: string - jsonPath: ".status.sinkUri" - - name: Age - type: date - jsonPath: .metadata.creationTimestamp - - name: Ready - type: string - jsonPath: ".status.conditions[?(@.type==\"Ready\")].status" - - name: Reason - type: string - jsonPath: ".status.conditions[?(@.type==\"Ready\")].reason" - names: - categories: - - all - - knative - - sources - kind: ApiServerSource - plural: apiserversources - singular: apiserversource - scope: Namespaced - ---- -# Copyright 2020 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - name: brokers.eventing.knative.dev - labels: - eventing.knative.dev/release: "v1.8.3" - knative.dev/crd-install: "true" - duck.knative.dev/addressable: "true" - app.kubernetes.io/version: "1.8.3" - app.kubernetes.io/name: knative-eventing -spec: - group: eventing.knative.dev - versions: - - name: v1 - served: true - storage: true - subresources: - status: {} - schema: - openAPIV3Schema: - description: 'Broker collects a pool of events that are consumable using Triggers. Brokers provide a well-known endpoint for event delivery that senders can use with minimal knowledge of the event routing strategy. Subscribers use Triggers to request delivery of events from a Broker''s pool to a specific URL or Addressable endpoint.' - type: object - properties: - spec: - description: Spec defines the desired state of the Broker. - type: object - properties: - config: - description: Config is a KReference to the configuration that specifies configuration options for this Broker. For example, this could be a pointer to a ConfigMap. - type: object - properties: - apiVersion: - description: API version of the referent. - type: string - kind: - description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - namespace: - description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ This is optional field, it gets defaulted to the object holding it if left out.' - type: string - delivery: - description: Delivery contains the delivery spec for each trigger to this Broker. Each trigger delivery spec, if any, overrides this global delivery spec. - type: object - properties: - backoffDelay: - description: 'BackoffDelay is the delay before retrying. More information on Duration format: - https://www.iso.org/iso-8601-date-and-time-format.html - https://en.wikipedia.org/wiki/ISO_8601 For linear policy, backoff delay is backoffDelay*. For exponential policy, backoff delay is backoffDelay*2^.' - type: string - backoffPolicy: - description: BackoffPolicy is the retry backoff policy (linear, exponential). - type: string - deadLetterSink: - description: DeadLetterSink is the sink receiving event that could not be sent to a destination. - type: object - properties: - ref: - description: Ref points to an Addressable. - type: object - properties: - apiVersion: - description: API version of the referent. - type: string - kind: - description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - namespace: - description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ This is optional field, it gets defaulted to the object holding it if left out.' - type: string - uri: - description: URI can be an absolute URL(non-empty scheme and non-empty host) pointing to the target or a relative URI. Relative URIs will be resolved using the base URI retrieved from Ref. - type: string - retry: - description: Retry is the minimum number of retries the sender should attempt when sending an event before moving it to the dead letter sink. - type: integer - format: int32 - x-kubernetes-preserve-unknown-fields: true # This is necessary to enable the experimental feature delivery-timeout - status: - description: Status represents the current state of the Broker. This data may be out of date. - type: object - properties: - address: - description: Broker is Addressable. It exposes the endpoint as an URI to get events delivered into the Broker mesh. - type: object - properties: - url: - type: string - annotations: - description: Annotations is additional Status fields for the Resource to save some additional State as well as convey more information to the user. This is roughly akin to Annotations on any k8s resource, just the reconciler conveying richer information outwards. - type: object - x-kubernetes-preserve-unknown-fields: true - conditions: - description: Conditions the latest available observations of a resource's current state. - type: array - items: - type: object - required: - - type - - status - properties: - lastTransitionTime: - description: 'LastTransitionTime is the last time the condition transitioned from one status to another. We use VolatileTime in place of metav1.Time to exclude this from creating equality.Semantic differences (all other things held constant).' - type: string - message: - description: 'A human readable message indicating details about the transition.' - type: string - reason: - description: 'The reason for the condition''s last transition.' - type: string - severity: - description: 'Severity with which to treat failures of this type of condition. When this is not specified, it defaults to Error.' - type: string - status: - description: 'Status of the condition, one of True, False, Unknown.' - type: string - type: - description: 'Type of condition.' - type: string - deadLetterSinkUri: - description: DeadLetterSinkURI is the resolved URI of the dead letter sink that will be used as a fallback when not specified by Triggers. - type: string - observedGeneration: - description: ObservedGeneration is the 'Generation' of the Service that was last processed by the controller. - type: integer - format: int64 - additionalPrinterColumns: - - name: URL - type: string - jsonPath: .status.address.url - - name: Age - type: date - jsonPath: .metadata.creationTimestamp - - name: Ready - type: string - jsonPath: ".status.conditions[?(@.type==\"Ready\")].status" - - name: Reason - type: string - jsonPath: ".status.conditions[?(@.type==\"Ready\")].reason" - names: - kind: Broker - plural: brokers - singular: broker - categories: - - all - - knative - - eventing - scope: Namespaced - ---- -# Copyright 2020 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - name: channels.messaging.knative.dev - labels: - eventing.knative.dev/release: "v1.8.3" - knative.dev/crd-install: "true" - messaging.knative.dev/subscribable: "true" - duck.knative.dev/addressable: "true" - app.kubernetes.io/version: "1.8.3" - app.kubernetes.io/name: knative-eventing -spec: - group: messaging.knative.dev - versions: - - name: v1 - served: true - storage: true - subresources: - status: {} - additionalPrinterColumns: - - name: URL - type: string - jsonPath: .status.address.url - - name: Age - type: date - jsonPath: .metadata.creationTimestamp - - name: Ready - type: string - jsonPath: ".status.conditions[?(@.type==\"Ready\")].status" - - name: Reason - type: string - jsonPath: ".status.conditions[?(@.type==\"Ready\")].reason" - schema: - openAPIV3Schema: - description: 'Channel represents a generic Channel. It is normally used when we want a Channel, but do not need a specific Channel implementation.' - type: object - properties: - spec: - description: Spec defines the desired state of the Channel. - type: object - properties: - channelTemplate: - description: ChannelTemplate specifies which Channel CRD to use to create the CRD Channel backing this Channel. This is immutable after creation. Normally this is set by the Channel defaulter, not directly by the user. - type: object - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - spec: - description: Spec defines the Spec to use for each channel created. Passed in verbatim to the Channel CRD as Spec section. - type: object - x-kubernetes-preserve-unknown-fields: true - delivery: - description: DeliverySpec contains the default delivery spec for each subscription to this Channelable. Each subscription delivery spec, if any, overrides this global delivery spec. - type: object - properties: - backoffDelay: - description: 'BackoffDelay is the delay before retrying. More information on Duration format: - https://www.iso.org/iso-8601-date-and-time-format.html - https://en.wikipedia.org/wiki/ISO_8601 For linear policy, backoff delay is backoffDelay*. For exponential policy, backoff delay is backoffDelay*2^.' - type: string - backoffPolicy: - description: BackoffPolicy is the retry backoff policy (linear, exponential). - type: string - deadLetterSink: - description: DeadLetterSink is the sink receiving event that could not be sent to a destination. - type: object - properties: - ref: - description: Ref points to an Addressable. - type: object - properties: - apiVersion: - description: API version of the referent. - type: string - kind: - description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - namespace: - description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ This is optional field, it gets defaulted to the object holding it if left out.' - type: string - uri: - description: URI can be an absolute URL(non-empty scheme and non-empty host) pointing to the target or a relative URI. Relative URIs will be resolved using the base URI retrieved from Ref. - type: string - retry: - description: Retry is the minimum number of retries the sender should attempt when sending an event before moving it to the dead letter sink. - type: integer - format: int32 - x-kubernetes-preserve-unknown-fields: true # This is necessary to enable the experimental feature delivery-timeout - subscribers: - description: This is the list of subscriptions for this subscribable. - type: array - items: - type: object - properties: - delivery: - description: DeliverySpec contains options controlling the event delivery - type: object - properties: - backoffDelay: - description: 'BackoffDelay is the delay before retrying. More information on Duration format: - https://www.iso.org/iso-8601-date-and-time-format.html - https://en.wikipedia.org/wiki/ISO_8601 For linear policy, backoff delay is backoffDelay*. For exponential policy, backoff delay is backoffDelay*2^.' - type: string - backoffPolicy: - description: BackoffPolicy is the retry backoff policy (linear, exponential). - type: string - deadLetterSink: - description: DeadLetterSink is the sink receiving event that could not be sent to a destination. - type: object - properties: - ref: - description: Ref points to an Addressable. - type: object - properties: - apiVersion: - description: API version of the referent. - type: string - kind: - description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - namespace: - description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ This is optional field, it gets defaulted to the object holding it if left out.' - type: string - uri: - description: URI can be an absolute URL(non-empty scheme and non-empty host) pointing to the target or a relative URI. Relative URIs will be resolved using the base URI retrieved from Ref. - type: string - retry: - description: Retry is the minimum number of retries the sender should attempt when sending an event before moving it to the dead letter sink. - type: integer - format: int32 - x-kubernetes-preserve-unknown-fields: true # This is necessary to enable the experimental feature - generation: - description: Generation of the origin of the subscriber with uid:UID. - type: integer - format: int64 - replyUri: - description: ReplyURI is the endpoint for the reply - type: string - subscriberUri: - description: SubscriberURI is the endpoint for the subscriber - type: string - uid: - description: UID is used to understand the origin of the subscriber. - type: string - status: - description: Status represents the current state of the Channel. This data may be out of date. - type: object - properties: - address: - type: object - properties: - url: - type: string - annotations: - description: Annotations is additional Status fields for the Resource to save some additional State as well as convey more information to the user. This is roughly akin to Annotations on any k8s resource, just the reconciler conveying richer information outwards. - type: object - x-kubernetes-preserve-unknown-fields: true - channel: - description: Channel is an KReference to the Channel CRD backing this Channel. - type: object - properties: - apiVersion: - description: API version of the referent. - type: string - kind: - description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - namespace: - description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ This is optional field, it gets defaulted to the object holding it if left out.' - type: string - conditions: - description: Conditions the latest available observations of a resource's current state. - type: array - items: - type: object - required: - - type - - status - properties: - lastTransitionTime: - description: LastTransitionTime is the last time the condition transitioned from one status to another. We use VolatileTime in place of metav1.Time to exclude this from creating equality.Semantic differences (all other things held constant). - type: string - message: - description: A human readable message indicating details about the transition. - type: string - reason: - description: The reason for the condition's last transition. - type: string - severity: - description: Severity with which to treat failures of this type of condition. When this is not specified, it defaults to Error. - type: string - status: - description: Status of the condition, one of True, False, Unknown. - type: string - type: - description: Type of condition. - type: string - deadLetterChannel: - description: DeadLetterChannel is a KReference and is set by the channel when it supports native error handling via a channel Failed messages are delivered here. - type: object - properties: - apiVersion: - description: API version of the referent. - type: string - kind: - description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - namespace: - description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ This is optional field, it gets defaulted to the object holding it if left out.' - type: string - deadLetterSinkUri: - description: DeadLetterSinkURI is the resolved URI of the dead letter sink that will be used as a fallback when not specified by Triggers. - type: string - observedGeneration: - description: ObservedGeneration is the 'Generation' of the Service that was last processed by the controller. - type: integer - format: int64 - subscribers: - description: This is the list of subscription's statuses for this channel. - type: array - items: - type: object - properties: - message: - description: A human readable message indicating details of Ready status. - type: string - observedGeneration: - description: Generation of the origin of the subscriber with uid:UID. - type: integer - format: int64 - ready: - description: Status of the subscriber. - type: string - uid: - description: UID is used to understand the origin of the subscriber. - type: string - names: - kind: Channel - plural: channels - singular: channel - categories: - - all - - knative - - messaging - - channel - shortNames: - - ch - scope: Namespaced - ---- -# Copyright 2020 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - labels: - eventing.knative.dev/release: "v1.8.3" - eventing.knative.dev/source: "true" - duck.knative.dev/source: "true" - knative.dev/crd-install: "true" - app.kubernetes.io/version: "1.8.3" - app.kubernetes.io/name: knative-eventing - name: containersources.sources.knative.dev -spec: - group: sources.knative.dev - versions: - - name: v1 - served: true - storage: true - subresources: - status: {} - schema: - openAPIV3Schema: - description: 'ContainerSource is an event source that starts a container image which generates events under certain situations and sends messages to a sink URI' - type: object - properties: - spec: - type: object - properties: - ceOverrides: - description: CloudEventOverrides defines overrides to control the output format and modifications of the event sent to the sink. - type: object - properties: - extensions: - description: Extensions specify what attribute are added or overridden on the outbound event. Each `Extensions` key-value pair are set on the event as an attribute extension independently. - type: object - x-kubernetes-preserve-unknown-fields: true - sink: - description: Sink is a reference to an object that will resolve to a uri to use as the sink. - type: object - properties: - ref: - description: Ref points to an Addressable. - type: object - properties: - apiVersion: - description: API version of the referent. - type: string - kind: - description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - namespace: - description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ This is optional field, it gets defaulted to the object holding it if left out.' - type: string - uri: - description: URI can be an absolute URL(non-empty scheme and non-empty host) pointing to the target or a relative URI. Relative URIs will be resolved using the base URI retrieved from Ref. - type: string - # WARNING: the schema tool can not parse PodTemplateSpec, stub here and redirect to Deployment documentation. - template: - type: object - x-kubernetes-preserve-unknown-fields: true - description: 'A template in the shape of `Deployment.spec.template` to be used for this ContainerSource. More info: https://kubernetes.io/docs/concepts/workloads/controllers/deployment/' - status: - type: object - properties: - annotations: - description: Annotations is additional Status fields for the Resource to save some additional State as well as convey more information to the user. This is roughly akin to Annotations on any k8s resource, just the reconciler conveying richer information outwards. - type: object - x-kubernetes-preserve-unknown-fields: true - ceAttributes: - description: CloudEventAttributes are the specific attributes that the Source uses as part of its CloudEvents. - type: array - items: - type: object - properties: - source: - description: Source is the CloudEvents source attribute. - type: string - type: - description: Type refers to the CloudEvent type attribute. - type: string - conditions: - description: Conditions the latest available observations of a resource's current state. - type: array - items: - type: object - required: - - type - - status - properties: - lastTransitionTime: - description: LastTransitionTime is the last time the condition transitioned from one status to another. We use VolatileTime in place of metav1.Time to exclude this from creating equality.Semantic differences (all other things held constant). - type: string - message: - description: A human readable message indicating details about the transition. - type: string - reason: - description: The reason for the condition's last transition. - type: string - severity: - description: Severity with which to treat failures of this type of condition. When this is not specified, it defaults to Error. - type: string - status: - description: Status of the condition, one of True, False, Unknown. - type: string - type: - description: Type of condition. - type: string - observedGeneration: - description: ObservedGeneration is the 'Generation' of the Service that was last processed by the controller. - type: integer - format: int64 - sinkUri: - description: SinkURI is the current active sink URI that has been configured for the Source. - type: string - additionalPrinterColumns: - - name: Sink - type: string - jsonPath: ".status.sinkUri" - - name: Age - type: date - jsonPath: .metadata.creationTimestamp - - name: Ready - type: string - jsonPath: ".status.conditions[?(@.type==\"Ready\")].status" - - name: Reason - type: string - jsonPath: ".status.conditions[?(@.type=='Ready')].reason" - names: - categories: - - all - - knative - - sources - kind: ContainerSource - plural: containersources - singular: containersource - scope: Namespaced - ---- -# Copyright 2020 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - name: eventtypes.eventing.knative.dev - labels: - eventing.knative.dev/release: "v1.8.3" - knative.dev/crd-install: "true" - app.kubernetes.io/version: "1.8.3" - app.kubernetes.io/name: knative-eventing -spec: - group: eventing.knative.dev - versions: - - name: v1beta1 - served: true - storage: true - subresources: - status: {} - schema: - openAPIV3Schema: - type: object - description: 'EventType represents a type of event that can be consumed from a Broker.' - properties: - spec: - description: 'Spec defines the desired state of the EventType.' - type: object - properties: - broker: - type: string - description: - description: 'Description is an optional field used to describe the EventType, in any meaningful way.' - type: string - schema: - description: 'Schema is a URI, it represents the CloudEvents schemaurl extension attribute. It may be a JSON schema, a protobuf schema, etc. It is optional.' - type: string - schemaData: - description: 'SchemaData allows the CloudEvents schema to be stored directly in the EventType. Content is dependent on the encoding. Optional attribute. The contents are not validated or manipulated by the system.' - type: string - source: - description: 'Source is a URI, it represents the CloudEvents source.' - type: string - type: - description: 'Type represents the CloudEvents type. It is authoritative.' - type: string - status: - description: 'Status represents the current state of the EventType. This data may be out of date.' - type: object - properties: - annotations: - description: 'Annotations is additional Status fields for the Resource to save some additional State as well as convey more information to the user. This is roughly akin to Annotations on any k8s resource, just the reconciler conveying richer information outwards.' - type: object - x-kubernetes-preserve-unknown-fields: true - conditions: - description: 'Conditions the latest available observations of a resource''s current state.' - type: array - items: - type: object - required: - - type - - status - properties: - lastTransitionTime: - description: 'LastTransitionTime is the last time the condition transitioned from one status to another. We use VolatileTime in place of metav1.Time to exclude this from creating equality.Semantic differences (all other things held constant).' - type: string - message: - description: 'A human readable message indicating details about the transition.' - type: string - reason: - description: 'The reason for the condition''s last transition.' - type: string - severity: - description: 'Severity with which to treat failures of this type of condition. When this is not specified, it defaults to Error.' - type: string - status: - description: 'Status of the condition, one of True, False, Unknown.' - type: string - type: - description: 'Type of condition.' - type: string - observedGeneration: - description: 'ObservedGeneration is the ''Generation'' of the Service that was last processed by the controller.' - type: integer - format: int64 - additionalPrinterColumns: - - name: Type - type: string - jsonPath: ".spec.type" - - name: Source - type: string - jsonPath: ".spec.source" - - name: Schema - type: string - jsonPath: ".spec.schema" - - name: Broker - type: string - jsonPath: ".spec.broker" - - name: Description - type: string - jsonPath: ".spec.description" - # TODO remove Status https://github.com/knative/eventing/issues/2750 - - name: Ready - type: string - jsonPath: ".status.conditions[?(@.type==\"Ready\")].status" - - name: Reason - type: string - jsonPath: ".status.conditions[?(@.type==\"Ready\")].reason" - names: - kind: EventType - plural: eventtypes - singular: eventtype - categories: - - all - - knative - - eventing - scope: Namespaced - ---- -# Copyright 2020 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - name: parallels.flows.knative.dev - labels: - eventing.knative.dev/release: "v1.8.3" - knative.dev/crd-install: "true" - duck.knative.dev/addressable: "true" - app.kubernetes.io/version: "1.8.3" - app.kubernetes.io/name: knative-eventing -spec: - group: flows.knative.dev - versions: - - name: v1 - served: true - storage: true - subresources: - status: {} - schema: - openAPIV3Schema: - description: 'Parallel defines conditional branches that will be wired in series through Channels and Subscriptions.' - type: object - properties: - spec: - description: Spec defines the desired state of the Parallel. - type: object - properties: - branches: - description: Branches is the list of Filter/Subscribers pairs. - type: array - items: - type: object - x-kubernetes-preserve-unknown-fields: true - properties: - delivery: - description: Delivery is the delivery specification for events to the subscriber This includes things like retries, DLQ, etc. - type: object - properties: - backoffDelay: - description: 'BackoffDelay is the delay before retrying. More information on Duration format: - https://www.iso.org/iso-8601-date-and-time-format.html - https://en.wikipedia.org/wiki/ISO_8601 For linear policy, backoff delay is backoffDelay*. For exponential policy, backoff delay is backoffDelay*2^.' - type: string - backoffPolicy: - description: BackoffPolicy is the retry backoff policy (linear, exponential). - type: string - deadLetterSink: - description: DeadLetterSink is the sink receiving event that could not be sent to a destination. - type: object - properties: &addressableProperties - ref: - description: Ref points to an Addressable. - type: object - properties: - apiVersion: - description: API version of the referent. - type: string - kind: - description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - namespace: - description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ This is optional field, it gets defaulted to the object holding it if left out.' - type: string - uri: - description: URI can be an absolute URL(non-empty scheme and non-empty host) pointing to the target or a relative URI. Relative URIs will be resolved using the base URI retrieved from Ref. - type: string - retry: - description: Retry is the minimum number of retries the sender should attempt when sending an event before moving it to the dead letter sink. - type: integer - format: int32 - x-kubernetes-preserve-unknown-fields: true # This is necessary to enable the experimental feature delivery-timeout - filter: - description: Filter is the expression guarding the branch - type: object - properties: - !!merge <<: *addressableProperties - reply: - description: Reply is a Reference to where the result of Subscriber of this case gets sent to. If not specified, sent the result to the Parallel Reply - type: object - properties: - !!merge <<: *addressableProperties - subscriber: - description: Subscriber receiving the event when the filter passes - type: object - properties: - !!merge <<: *addressableProperties - channelTemplate: - description: ChannelTemplate specifies which Channel CRD to use. If left unspecified, it is set to the default Channel CRD for the namespace (or cluster, in case there are no defaults for the namespace). - type: object - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - spec: - description: Spec defines the Spec to use for each channel created. Passed in verbatim to the Channel CRD as Spec section. - type: object - x-kubernetes-preserve-unknown-fields: true - reply: - description: Reply is a Reference to where the result of a case Subscriber gets sent to when the case does not have a Reply - type: object - properties: - !!merge <<: *addressableProperties - status: - description: Status represents the current state of the Parallel. This data may be out of date. - type: object - properties: - address: - type: object - properties: - url: - type: string - annotations: - description: Annotations is additional Status fields for the Resource to save some additional State as well as convey more information to the user. This is roughly akin to Annotations on any k8s resource, just the reconciler conveying richer information outwards. - type: object - x-kubernetes-preserve-unknown-fields: true - branchStatuses: - description: BranchStatuses is an array of corresponding to branch statuses. Matches the Spec.Branches array in the order. - type: array - items: - type: object - properties: - filterChannelStatus: - description: FilterChannelStatus corresponds to the filter channel status. - type: object - properties: &channelProperties - channel: - description: Channel is the reference to the underlying channel. - type: object - properties: &referentProperties - apiVersion: - description: API version of the referent. - type: string - fieldPath: - description: 'If referring to a piece of an object instead of an entire object, this string should contain a valid JSON/Go field access statement, such as desiredState.manifest.containers[2]. For example, if the object reference is to a container within a pod, this would take on a value like: "spec.containers{name}" (where "name" refers to the name of the container that triggered the event) or if no container name is specified "spec.containers[2]" (container with index 2 in this pod). This syntax is chosen only to have some well-defined way of referencing a part of an object.' - type: string - kind: - description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - namespace: - description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' - type: string - resourceVersion: - description: 'Specific resourceVersion to which this reference is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency' - type: string - uid: - description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids' - type: string - ready: - description: ReadyCondition indicates whether the Channel is ready or not. - type: object - x-kubernetes-preserve-unknown-fields: true - properties: &readyConditionProperties - message: - description: A human readable message indicating details about the transition. - type: string - reason: - description: The reason for the condition's last transition. - type: string - severity: - description: Severity with which to treat failures of this type of condition. When this is not specified, it defaults to Error. - type: string - status: - description: Status of the condition, one of True, False, Unknown. - type: string - type: - description: Type of condition. - type: string - filterSubscriptionStatus: - description: FilterSubscriptionStatus corresponds to the filter subscription status. - type: object - properties: - ready: - description: ReadyCondition indicates whether the Subscription is ready or not. - type: object - properties: - !!merge <<: *readyConditionProperties - subscription: - description: Subscription is the reference to the underlying Subscription. - type: object - properties: - !!merge <<: *referentProperties - subscriberSubscriptionStatus: - description: SubscriptionStatus corresponds to the subscriber subscription status. - type: object - properties: - ready: - description: ReadyCondition indicates whether the Subscription is ready or not. - type: object - properties: - !!merge <<: *readyConditionProperties - subscription: - description: Subscription is the reference to the underlying Subscription. - type: object - properties: - !!merge <<: *referentProperties - conditions: - description: Conditions the latest available observations of a resource's current state. - type: array - items: - type: object - properties: - !!merge <<: *readyConditionProperties - ingressChannelStatus: - description: IngressChannelStatus corresponds to the ingress channel status. - type: object - properties: - !!merge <<: *channelProperties - observedGeneration: - description: ObservedGeneration is the 'Generation' of the Service that was last processed by the controller. - type: integer - format: int64 - additionalPrinterColumns: - - name: URL - type: string - jsonPath: .status.address.url - - name: Age - type: date - jsonPath: .metadata.creationTimestamp - - name: Ready - type: string - jsonPath: ".status.conditions[?(@.type==\"Ready\")].status" - - name: Reason - type: string - jsonPath: ".status.conditions[?(@.type==\"Ready\")].reason" - names: - kind: Parallel - plural: parallels - singular: parallel - categories: - - all - - knative - - flows - scope: Namespaced - ---- -# Copyright 2020 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - labels: - eventing.knative.dev/release: "v1.8.3" - eventing.knative.dev/source: "true" - duck.knative.dev/source: "true" - knative.dev/crd-install: "true" - app.kubernetes.io/version: "1.8.3" - app.kubernetes.io/name: knative-eventing - annotations: - # TODO add schemas and descriptions - registry.knative.dev/eventTypes: | - [ - { "type": "dev.knative.sources.ping" } - ] - name: pingsources.sources.knative.dev -spec: - group: sources.knative.dev - versions: - - &version - name: v1beta2 - served: true - storage: false - subresources: - status: {} - schema: - openAPIV3Schema: - type: object - description: 'PingSource describes an event source with a fixed payload produced on a specified cron schedule.' - properties: - spec: - type: object - description: 'PingSourceSpec defines the desired state of the PingSource (from the client).' - properties: - ceOverrides: - description: 'CloudEventOverrides defines overrides to control the output format and modifications of the event sent to the sink.' - type: object - properties: - extensions: - description: 'Extensions specify what attribute are added or overridden on the outbound event. Each `Extensions` key-value pair are set on the event as an attribute extension independently.' - type: object - additionalProperties: - type: string - x-kubernetes-preserve-unknown-fields: true - contentType: - description: 'ContentType is the media type of `data` or `dataBase64`. Default is empty.' - type: string - data: - description: 'Data is data used as the body of the event posted to the sink. Default is empty. Mutually exclusive with `dataBase64`.' - type: string - dataBase64: - description: "DataBase64 is the base64-encoded string of the actual event's body posted to the sink. Default is empty. Mutually exclusive with `data`." - type: string - schedule: - description: 'Schedule is the cron schedule. Defaults to `* * * * *`.' - type: string - sink: - description: 'Sink is a reference to an object that will resolve to a uri to use as the sink.' - type: object - properties: - ref: - description: 'Ref points to an Addressable.' - type: object - properties: - apiVersion: - description: 'API version of the referent.' - type: string - kind: - description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - namespace: - description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ This is optional field, it gets defaulted to the object holding it if left out.' - type: string - uri: - description: 'URI can be an absolute URL(non-empty scheme and non-empty host) pointing to the target or a relative URI. Relative URIs will be resolved using the base URI retrieved from Ref.' - type: string - timezone: - description: 'Timezone modifies the actual time relative to the specified timezone. Defaults to the system time zone. More general information about time zones: https://www.iana.org/time-zones List of valid timezone values: https://en.wikipedia.org/wiki/List_of_tz_database_time_zones' - type: string - status: - type: object - description: 'PingSourceStatus defines the observed state of PingSource (from the controller).' - properties: - annotations: - description: 'Annotations is additional Status fields for the Resource to save some additional State as well as convey more information to the user. This is roughly akin to Annotations on any k8s resource, just the reconciler conveying richer information outwards.' - type: object - x-kubernetes-preserve-unknown-fields: true - ceAttributes: - description: 'CloudEventAttributes are the specific attributes that the Source uses as part of its CloudEvents.' - type: array - items: - type: object - properties: - source: - description: 'Source is the CloudEvents source attribute.' - type: string - type: - description: 'Type refers to the CloudEvent type attribute.' - type: string - conditions: - description: 'Conditions the latest available observations of a resource''s current state.' - type: array - items: - type: object - required: - - type - - status - properties: - lastTransitionTime: - description: 'LastTransitionTime is the last time the condition transitioned from one status to another. We use VolatileTime in place of metav1.Time to exclude this from creating equality.Semantic differences (all other things held constant).' - type: string - message: - description: 'A human readable message indicating details about the transition.' - type: string - reason: - description: 'The reason for the condition''s last transition.' - type: string - severity: - description: 'Severity with which to treat failures of this type of condition. When this is not specified, it defaults to Error.' - type: string - status: - description: 'Status of the condition, one of True, False, Unknown.' - type: string - type: - description: 'Type of condition.' - type: string - observedGeneration: - description: 'ObservedGeneration is the "Generation" of the Service that was last processed by the controller.' - type: integer - format: int64 - sinkUri: - description: 'SinkURI is the current active sink URI that has been configured for the Source.' - type: string - additionalPrinterColumns: - - name: Sink - type: string - jsonPath: .status.sinkUri - - name: Schedule - type: string - jsonPath: .spec.schedule - - name: Age - type: date - jsonPath: .metadata.creationTimestamp - - name: Ready - type: string - jsonPath: ".status.conditions[?(@.type=='Ready')].status" - - name: Reason - type: string - jsonPath: ".status.conditions[?(@.type=='Ready')].reason" - - !!merge <<: *version - name: v1 - served: true - storage: true - # v1 schema is identical to the v1beta2 schema - names: - categories: - - all - - knative - - sources - kind: PingSource - plural: pingsources - singular: pingsource - scope: Namespaced - conversion: - strategy: Webhook - webhook: - conversionReviewVersions: ["v1", "v1beta1"] - clientConfig: - service: - name: eventing-webhook - namespace: knative-eventing - ---- -# Copyright 2020 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - name: sequences.flows.knative.dev - labels: - eventing.knative.dev/release: "v1.8.3" - knative.dev/crd-install: "true" - duck.knative.dev/addressable: "true" - app.kubernetes.io/version: "1.8.3" - app.kubernetes.io/name: knative-eventing -spec: - group: flows.knative.dev - versions: - - name: v1 - served: true - storage: true - subresources: - status: {} - schema: - openAPIV3Schema: - description: 'Sequence defines a sequence of Subscribers that will be wired in series through Channels and Subscriptions.' - type: object - properties: - spec: - description: Spec defines the desired state of the Sequence. - type: object - properties: - channelTemplate: - description: ChannelTemplate specifies which Channel CRD to use. If left unspecified, it is set to the default Channel CRD for the namespace (or cluster, in case there are no defaults for the namespace). - type: object - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - spec: - description: Spec defines the Spec to use for each channel created. Passed in verbatim to the Channel CRD as Spec section. - type: object - x-kubernetes-preserve-unknown-fields: true - reply: - description: Reply is a Reference to where the result of the last Subscriber gets sent to. - type: object - properties: - ref: - description: Ref points to an Addressable. - type: object - properties: - apiVersion: - description: API version of the referent. - type: string - kind: - description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - namespace: - description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ This is optional field, it gets defaulted to the object holding it if left out.' - type: string - uri: - description: URI can be an absolute URL(non-empty scheme and non-empty host) pointing to the target or a relative URI. Relative URIs will be resolved using the base URI retrieved from Ref. - type: string - steps: - description: Steps is the list of Destinations (processors / functions) that will be called in the order provided. Each step has its own delivery options - type: array - items: - type: object - properties: - delivery: - description: Delivery is the delivery specification for events to the subscriber This includes things like retries, DLQ, etc. - type: object - properties: - backoffDelay: - description: 'BackoffDelay is the delay before retrying. More information on Duration format: - https://www.iso.org/iso-8601-date-and-time-format.html - https://en.wikipedia.org/wiki/ISO_8601 For linear policy, backoff delay is backoffDelay*. For exponential policy, backoff delay is backoffDelay*2^.' - type: string - backoffPolicy: - description: BackoffPolicy is the retry backoff policy (linear, exponential). - type: string - deadLetterSink: - description: DeadLetterSink is the sink receiving event that could not be sent to a destination. - type: object - properties: - ref: - description: Ref points to an Addressable. - type: object - properties: - apiVersion: - description: API version of the referent. - type: string - kind: - description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - namespace: - description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ This is optional field, it gets defaulted to the object holding it if left out.' - type: string - uri: - description: URI can be an absolute URL(non-empty scheme and non-empty host) pointing to the target or a relative URI. Relative URIs will be resolved using the base URI retrieved from Ref. - type: string - retry: - description: Retry is the minimum number of retries the sender should attempt when sending an event before moving it to the dead letter sink. - type: integer - format: int32 - x-kubernetes-preserve-unknown-fields: true # This is necessary to enable the experimental feature delivery-timeout - ref: - description: Ref points to an Addressable. - type: object - properties: - apiVersion: - description: API version of the referent. - type: string - kind: - description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - namespace: - description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ This is optional field, it gets defaulted to the object holding it if left out.' - type: string - uri: - description: URI can be an absolute URL(non-empty scheme and non-empty host) pointing to the target or a relative URI. Relative URIs will be resolved using the base URI retrieved from Ref. - type: string - status: - description: Status represents the current state of the Sequence. This data may be out of date. - type: object - properties: - address: - type: object - properties: - url: - type: string - annotations: - description: Annotations is additional Status fields for the Resource to save some additional State as well as convey more information to the user. This is roughly akin to Annotations on any k8s resource, just the reconciler conveying richer information outwards. - type: object - x-kubernetes-preserve-unknown-fields: true - channelStatuses: - description: ChannelStatuses is an array of corresponding Channel statuses. Matches the Spec.Steps array in the order. - type: array - items: - type: object - properties: - channel: - description: Channel is the reference to the underlying channel. - type: object - properties: - apiVersion: - description: API version of the referent. - type: string - fieldPath: - description: 'If referring to a piece of an object instead of an entire object, this string should contain a valid JSON/Go field access statement, such as desiredState.manifest.containers[2]. For example, if the object reference is to a container within a pod, this would take on a value like: "spec.containers{name}" (where "name" refers to the name of the container that triggered the event) or if no container name is specified "spec.containers[2]" (container with index 2 in this pod). This syntax is chosen only to have some well-defined way of referencing a part of an object.' - type: string - kind: - description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - namespace: - description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' - type: string - resourceVersion: - description: 'Specific resourceVersion to which this reference is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency' - type: string - uid: - description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids' - type: string - ready: - description: ReadyCondition indicates whether the Channel is ready or not. - type: object - required: - - type - - status - properties: - lastTransitionTime: - description: LastTransitionTime is the last time the condition transitioned from one status to another. We use VolatileTime in place of metav1.Time to exclude this from creating equality.Semantic differences (all other things held constant). - type: string - message: - description: A human readable message indicating details about the transition. - type: string - reason: - description: The reason for the condition's last transition. - type: string - severity: - description: Severity with which to treat failures of this type of condition. When this is not specified, it defaults to Error. - type: string - status: - description: Status of the condition, one of True, False, Unknown. - type: string - type: - description: Type of condition. - type: string - conditions: - description: Conditions the latest available observations of a resource's current state. - type: array - items: - type: object - required: - - type - - status - properties: - lastTransitionTime: - description: LastTransitionTime is the last time the condition transitioned from one status to another. We use VolatileTime in place of metav1.Time to exclude this from creating equality.Semantic differences (all other things held constant). - type: string - message: - description: A human readable message indicating details about the transition. - type: string - reason: - description: The reason for the condition's last transition. - type: string - severity: - description: Severity with which to treat failures of this type of condition. When this is not specified, it defaults to Error. - type: string - status: - description: Status of the condition, one of True, False, Unknown. - type: string - type: - description: Type of condition. - type: string - observedGeneration: - description: ObservedGeneration is the 'Generation' of the Service that was last processed by the controller. - type: integer - format: int64 - subscriptionStatuses: - description: SubscriptionStatuses is an array of corresponding Subscription statuses. Matches the Spec.Steps array in the order. - type: array - items: - type: object - properties: - ready: - description: ReadyCondition indicates whether the Subscription is ready or not. - type: object - required: - - type - - status - properties: - lastTransitionTime: - description: LastTransitionTime is the last time the condition transitioned from one status to another. We use VolatileTime in place of metav1.Time to exclude this from creating equality.Semantic differences (all other things held constant). - type: string - message: - description: A human readable message indicating details about the transition. - type: string - reason: - description: The reason for the condition's last transition. - type: string - severity: - description: Severity with which to treat failures of this type of condition. When this is not specified, it defaults to Error. - type: string - status: - description: Status of the condition, one of True, False, Unknown. - type: string - type: - description: Type of condition. - type: string - subscription: - description: Subscription is the reference to the underlying Subscription. - type: object - properties: - apiVersion: - description: API version of the referent. - type: string - fieldPath: - description: 'If referring to a piece of an object instead of an entire object, this string should contain a valid JSON/Go field access statement, such as desiredState.manifest.containers[2]. For example, if the object reference is to a container within a pod, this would take on a value like: "spec.containers{name}" (where "name" refers to the name of the container that triggered the event) or if no container name is specified "spec.containers[2]" (container with index 2 in this pod). This syntax is chosen only to have some well-defined way of referencing a part of an object.' - type: string - kind: - description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - namespace: - description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' - type: string - resourceVersion: - description: 'Specific resourceVersion to which this reference is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency' - type: string - uid: - description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids' - type: string - additionalPrinterColumns: - - name: URL - type: string - jsonPath: .status.address.url - - name: Age - type: date - jsonPath: .metadata.creationTimestamp - - name: Ready - type: string - jsonPath: ".status.conditions[?(@.type==\"Ready\")].status" - - name: Reason - type: string - jsonPath: ".status.conditions[?(@.type==\"Ready\")].reason" - names: - kind: Sequence - plural: sequences - singular: sequence - categories: - - all - - knative - - flows - scope: Namespaced - ---- -# Copyright 2020 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - labels: - eventing.knative.dev/release: "v1.8.3" - eventing.knative.dev/source: "true" - duck.knative.dev/source: "true" - duck.knative.dev/binding: "true" - knative.dev/crd-install: "true" - app.kubernetes.io/version: "1.8.3" - app.kubernetes.io/name: knative-eventing - name: sinkbindings.sources.knative.dev -spec: - group: sources.knative.dev - versions: - - name: v1 - served: true - storage: true - subresources: - status: {} - schema: - openAPIV3Schema: - description: 'SinkBinding describes a Binding that is also a Source. The `sink` (from the Source duck) is resolved to a URL and then projected into the `subject` by augmenting the runtime contract of the referenced containers to have a `K_SINK` environment variable holding the endpoint to which to send cloud events.' - type: object - properties: - spec: - type: object - properties: - ceOverrides: - description: CloudEventOverrides defines overrides to control the output format and modifications of the event sent to the sink. - type: object - properties: - extensions: - description: Extensions specify what attribute are added or overridden on the outbound event. Each `Extensions` key-value pair are set on the event as an attribute extension independently. - type: object - x-kubernetes-preserve-unknown-fields: true - sink: - description: Sink is a reference to an object that will resolve to a uri to use as the sink. - type: object - properties: - ref: - description: Ref points to an Addressable. - type: object - properties: - apiVersion: - description: API version of the referent. - type: string - kind: - description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - namespace: - description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ This is optional field, it gets defaulted to the object holding it if left out.' - type: string - uri: - description: URI can be an absolute URL(non-empty scheme and non-empty host) pointing to the target or a relative URI. Relative URIs will be resolved using the base URI retrieved from Ref. - type: string - subject: - description: Subject references the resource(s) whose "runtime contract" should be augmented by Binding implementations. - type: object - properties: - apiVersion: - description: API version of the referent. - type: string - kind: - description: Kind of the referent. - type: string - name: - description: Name of the referent. Mutually exclusive with Selector. - type: string - namespace: - description: Namespace of the referent. - type: string - selector: - description: Selector of the referents. Mutually exclusive with Name. - type: object - properties: - matchExpressions: - description: matchExpressions is a list of label selector requirements. The requirements are ANDed. - type: array - items: - type: object - properties: - key: - description: key is the label key that the selector applies to. - type: string - operator: - description: operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. - type: string - values: - description: values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. - type: array - items: - type: string - matchLabels: - description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. - type: object - x-kubernetes-preserve-unknown-fields: true - status: - type: object - properties: - annotations: - description: Annotations is additional Status fields for the Resource to save some additional State as well as convey more information to the user. This is roughly akin to Annotations on any k8s resource, just the reconciler conveying richer information outwards. - type: object - x-kubernetes-preserve-unknown-fields: true - ceAttributes: - description: CloudEventAttributes are the specific attributes that the Source uses as part of its CloudEvents. - type: array - items: - type: object - properties: - source: - description: Source is the CloudEvents source attribute. - type: string - type: - description: Type refers to the CloudEvent type attribute. - type: string - conditions: - description: Conditions the latest available observations of a resource's current state. - type: array - items: - type: object - required: - - type - - status - properties: - lastTransitionTime: - description: LastTransitionTime is the last time the condition transitioned from one status to another. We use VolatileTime in place of metav1.Time to exclude this from creating equality.Semantic differences (all other things held constant). - type: string - message: - description: A human readable message indicating details about the transition. - type: string - reason: - description: The reason for the condition's last transition. - type: string - severity: - description: Severity with which to treat failures of this type of condition. When this is not specified, it defaults to Error. - type: string - status: - description: Status of the condition, one of True, False, Unknown. - type: string - type: - description: Type of condition. - type: string - observedGeneration: - description: ObservedGeneration is the 'Generation' of the Service that was last processed by the controller. - type: integer - format: int64 - sinkUri: - description: SinkURI is the current active sink URI that has been configured for the Source. - type: string - additionalPrinterColumns: - - name: Sink - type: string - jsonPath: ".status.sinkUri" - - name: Age - type: date - jsonPath: .metadata.creationTimestamp - - name: Ready - type: string - jsonPath: ".status.conditions[?(@.type=='Ready')].status" - - name: Reason - type: string - jsonPath: ".status.conditions[?(@.type=='Ready')].reason" - names: - categories: - - all - - knative - - sources - - bindings - kind: SinkBinding - plural: sinkbindings - singular: sinkbinding - scope: Namespaced - ---- -# Copyright 2020 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - name: subscriptions.messaging.knative.dev - labels: - eventing.knative.dev/release: "v1.8.3" - knative.dev/crd-install: "true" - app.kubernetes.io/version: "1.8.3" - app.kubernetes.io/name: knative-eventing -spec: - group: messaging.knative.dev - versions: - - name: v1 - served: true - storage: true - subresources: - status: {} - schema: - openAPIV3Schema: - description: 'Subscription routes events received on a Channel to a DNS name and corresponds to the subscriptions.channels.knative.dev CRD.' - type: object - properties: - spec: - type: object - properties: - channel: - description: 'Reference to a channel that will be used to create the subscription. You can specify only the following fields of the KReference: kind, apiVersion and name. The resource pointed by this KReference must meet the contract to the ChannelableSpec duck type. If the resource does not meet this contract it will be reflected in the Subscription''s status. This field is immutable. We have no good answer on what happens to the events that are currently in the channel being consumed from and what the semantics there should be. For now, you can always delete the Subscription and recreate it to point to a different channel, giving the user more control over what semantics should be used (drain the channel first, possibly have events dropped, etc.)' - type: object - properties: - apiVersion: - description: API version of the referent. - type: string - kind: - description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - x-kubernetes-preserve-unknown-fields: true # This is necessary to enable the experimental feature - delivery: - description: Delivery configuration - type: object - properties: - backoffDelay: - description: 'BackoffDelay is the delay before retrying. More information on Duration format: - https://www.iso.org/iso-8601-date-and-time-format.html - https://en.wikipedia.org/wiki/ISO_8601 For linear policy, backoff delay is backoffDelay*. For exponential policy, backoff delay is backoffDelay*2^.' - type: string - backoffPolicy: - description: BackoffPolicy is the retry backoff policy (linear, exponential). - type: string - deadLetterSink: - description: DeadLetterSink is the sink receiving event that could not be sent to a destination. - type: object - properties: - ref: - description: Ref points to an Addressable. - type: object - properties: - apiVersion: - description: API version of the referent. - type: string - kind: - description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - namespace: - description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ This is optional field, it gets defaulted to the object holding it if left out.' - type: string - uri: - description: URI can be an absolute URL(non-empty scheme and non-empty host) pointing to the target or a relative URI. Relative URIs will be resolved using the base URI retrieved from Ref. - type: string - retry: - description: Retry is the minimum number of retries the sender should attempt when sending an event before moving it to the dead letter sink. - type: integer - format: int32 - x-kubernetes-preserve-unknown-fields: true # This is necessary to enable the experimental feature delivery-timeout - reply: - description: Reply specifies (optionally) how to handle events returned from the Subscriber target. - type: object - properties: - ref: - description: Ref points to an Addressable. - type: object - properties: - apiVersion: - description: API version of the referent. - type: string - kind: - description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - namespace: - description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ This is optional field, it gets defaulted to the object holding it if left out.' - type: string - uri: - description: URI can be an absolute URL(non-empty scheme and non-empty host) pointing to the target or a relative URI. Relative URIs will be resolved using the base URI retrieved from Ref. - type: string - subscriber: - description: Subscriber is reference to (optional) function for processing events. Events from the Channel will be delivered here and replies are sent to a Destination as specified by the Reply. - type: object - properties: - ref: - description: Ref points to an Addressable. - type: object - properties: - apiVersion: - description: API version of the referent. - type: string - kind: - description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - namespace: - description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ This is optional field, it gets defaulted to the object holding it if left out.' - type: string - x-kubernetes-preserve-unknown-fields: true # This is necessary to enable the experimental feature - uri: - description: URI can be an absolute URL(non-empty scheme and non-empty host) pointing to the target or a relative URI. Relative URIs will be resolved using the base URI retrieved from Ref. - type: string - status: - type: object - properties: - annotations: - description: Annotations is additional Status fields for the Resource to save some additional State as well as convey more information to the user. This is roughly akin to Annotations on any k8s resource, just the reconciler conveying richer information outwards. - type: object - x-kubernetes-preserve-unknown-fields: true - conditions: - description: Conditions the latest available observations of a resource's current state. - type: array - items: - type: object - required: - - type - - status - properties: - lastTransitionTime: - description: LastTransitionTime is the last time the condition transitioned from one status to another. We use VolatileTime in place of metav1.Time to exclude this from creating equality.Semantic differences (all other things held constant). - type: string - message: - description: A human readable message indicating details about the transition. - type: string - reason: - description: The reason for the condition's last transition. - type: string - severity: - description: Severity with which to treat failures of this type of condition. When this is not specified, it defaults to Error. - type: string - status: - description: Status of the condition, one of True, False, Unknown. - type: string - type: - description: Type of condition. - type: string - observedGeneration: - description: ObservedGeneration is the 'Generation' of the Service that was last processed by the controller. - type: integer - format: int64 - physicalSubscription: - description: PhysicalSubscription is the fully resolved values that this Subscription represents. - type: object - properties: - deadLetterSinkUri: - description: ReplyURI is the fully resolved URI for the spec.delivery.deadLetterSink. - type: string - replyUri: - description: ReplyURI is the fully resolved URI for the spec.reply. - type: string - subscriberUri: - description: SubscriberURI is the fully resolved URI for spec.subscriber. - type: string - additionalPrinterColumns: - - name: Age - type: date - jsonPath: .metadata.creationTimestamp - - name: Ready - type: string - jsonPath: ".status.conditions[?(@.type==\"Ready\")].status" - - name: Reason - type: string - jsonPath: ".status.conditions[?(@.type==\"Ready\")].reason" - names: - kind: Subscription - plural: subscriptions - singular: subscription - categories: - - all - - knative - - messaging - shortNames: - - sub - scope: Namespaced - ---- -# Copyright 2020 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - name: triggers.eventing.knative.dev - labels: - eventing.knative.dev/release: "v1.8.3" - knative.dev/crd-install: "true" - app.kubernetes.io/version: "1.8.3" - app.kubernetes.io/name: knative-eventing -spec: - group: eventing.knative.dev - versions: - - name: v1 - served: true - storage: true - subresources: - status: {} - additionalPrinterColumns: - - name: Broker - type: string - jsonPath: .spec.broker - - name: Subscriber_URI - type: string - jsonPath: .status.subscriberUri - - name: Age - type: date - jsonPath: .metadata.creationTimestamp - - name: Ready - type: string - jsonPath: ".status.conditions[?(@.type==\"Ready\")].status" - - name: Reason - type: string - jsonPath: ".status.conditions[?(@.type==\"Ready\")].reason" - schema: - openAPIV3Schema: - description: 'Trigger represents a request to have events delivered to a subscriber from a Broker''s event pool.' - type: object - properties: - spec: - description: Spec defines the desired state of the Trigger. - type: object - x-kubernetes-preserve-unknown-fields: true - properties: - broker: - description: Broker is the broker that this trigger receives events from. - type: string - delivery: - description: Delivery contains the delivery spec for this specific trigger. - type: object - x-kubernetes-preserve-unknown-fields: true # This is necessary to enable the experimental feature delivery-timeout - properties: - backoffDelay: - description: 'BackoffDelay is the delay before retrying. More information on Duration format: - https://www.iso.org/iso-8601-date-and-time-format.html - https://en.wikipedia.org/wiki/ISO_8601 For linear policy, backoff delay is backoffDelay*. For exponential policy, backoff delay is backoffDelay*2^.' - type: string - backoffPolicy: - description: BackoffPolicy is the retry backoff policy (linear, exponential). - type: string - deadLetterSink: - description: DeadLetterSink is the sink receiving event that could not be sent to a destination. - type: object - properties: - ref: - description: Ref points to an Addressable. - type: object - properties: - apiVersion: - description: API version of the referent. - type: string - kind: - description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - namespace: - description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ This is optional field, it gets defaulted to the object holding it if left out.' - type: string - uri: - description: URI can be an absolute URL(non-empty scheme and non-empty host) pointing to the target or a relative URI. Relative URIs will be resolved using the base URI retrieved from Ref. - type: string - retry: - description: Retry is the minimum number of retries the sender should attempt when sending an event before moving it to the dead letter sink. - type: integer - format: int32 - filter: - description: 'Filter is the filter to apply against all events from the Broker. Only events that pass this filter will be sent to the Subscriber. If not specified, will default to allowing all events. ' - type: object - properties: - attributes: - description: 'Attributes filters events by exact match on event context attributes. Each key in the map is compared with the equivalent key in the event context. An event passes the filter if all values are equal to the specified values. Nested context attributes are not supported as keys. Only string values are supported. ' - type: object - x-kubernetes-preserve-unknown-fields: true - subscriber: - description: Subscriber is the addressable that receives events from the Broker that pass the Filter. It is required. - type: object - properties: - ref: - description: Ref points to an Addressable. - type: object - properties: - apiVersion: - description: API version of the referent. - type: string - kind: - description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - namespace: - description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ This is optional field, it gets defaulted to the object holding it if left out.' - type: string - uri: - description: URI can be an absolute URL(non-empty scheme and non-empty host) pointing to the target or a relative URI. Relative URIs will be resolved using the base URI retrieved from Ref. - type: string - status: - description: Status represents the current state of the Trigger. This data may be out of date. - type: object - properties: - annotations: - description: Annotations is additional Status fields for the Resource to save some additional State as well as convey more information to the user. This is roughly akin to Annotations on any k8s resource, just the reconciler conveying richer information outwards. - type: object - x-kubernetes-preserve-unknown-fields: true - conditions: - description: Conditions the latest available observations of a resource's current state. - type: array - items: - type: object - required: - - type - - status - properties: - lastTransitionTime: - description: 'LastTransitionTime is the last time the condition transitioned from one status to another. We use VolatileTime in place of metav1.Time to exclude this from creating equality.Semantic differences (all other things held constant).' - type: string - message: - description: 'A human readable message indicating details about the transition.' - type: string - reason: - description: 'The reason for the condition''s last transition.' - type: string - severity: - description: 'Severity with which to treat failures of this type of condition. When this is not specified, it defaults to Error.' - type: string - status: - description: 'Status of the condition, one of True, False, Unknown.' - type: string - type: - description: 'Type of condition.' - type: string - deadLetterSinkUri: - description: DeadLetterSinkURI is the resolved URI of the dead letter sink for this Trigger, in case there is none this will fallback to it's Broker status DeadLetterSinkURI. - type: string - observedGeneration: - description: ObservedGeneration is the 'Generation' of the Service that was last processed by the controller. - type: integer - format: int64 - subscriberUri: - description: SubscriberURI is the resolved URI of the receiver for this Trigger. - type: string - names: - kind: Trigger - plural: triggers - singular: trigger - categories: - - all - - knative - - eventing - scope: Namespaced - ---- diff --git a/cmd/operator/kodata/knative-eventing/1.8.3/2-eventing-core.yaml b/cmd/operator/kodata/knative-eventing/1.8.3/2-eventing-core.yaml deleted file mode 100644 index 3a56d072b0..0000000000 --- a/cmd/operator/kodata/knative-eventing/1.8.3/2-eventing-core.yaml +++ /dev/null @@ -1,4640 +0,0 @@ -# Copyright 2018 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -apiVersion: v1 -kind: Namespace -metadata: - name: knative-eventing - labels: - eventing.knative.dev/release: "v1.8.3" - app.kubernetes.io/version: "1.8.3" - app.kubernetes.io/name: knative-eventing - ---- -# Copyright 2018 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: v1 -kind: ServiceAccount -metadata: - name: eventing-controller - namespace: knative-eventing - labels: - eventing.knative.dev/release: "v1.8.3" - app.kubernetes.io/version: "1.8.3" - app.kubernetes.io/name: knative-eventing ---- -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRoleBinding -metadata: - name: eventing-controller - labels: - eventing.knative.dev/release: "v1.8.3" - app.kubernetes.io/version: "1.8.3" - app.kubernetes.io/name: knative-eventing -subjects: - - kind: ServiceAccount - name: eventing-controller - namespace: knative-eventing -roleRef: - kind: ClusterRole - name: knative-eventing-controller - apiGroup: rbac.authorization.k8s.io ---- -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRoleBinding -metadata: - name: eventing-controller-resolver - labels: - eventing.knative.dev/release: "v1.8.3" - app.kubernetes.io/version: "1.8.3" - app.kubernetes.io/name: knative-eventing -subjects: - - kind: ServiceAccount - name: eventing-controller - namespace: knative-eventing -roleRef: - kind: ClusterRole - name: addressable-resolver - apiGroup: rbac.authorization.k8s.io ---- -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRoleBinding -metadata: - name: eventing-controller-source-observer - labels: - eventing.knative.dev/release: "v1.8.3" - app.kubernetes.io/version: "1.8.3" - app.kubernetes.io/name: knative-eventing -subjects: - - kind: ServiceAccount - name: eventing-controller - namespace: knative-eventing -roleRef: - kind: ClusterRole - name: source-observer - apiGroup: rbac.authorization.k8s.io ---- -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRoleBinding -metadata: - name: eventing-controller-sources-controller - labels: - eventing.knative.dev/release: "v1.8.3" - app.kubernetes.io/version: "1.8.3" - app.kubernetes.io/name: knative-eventing -subjects: - - kind: ServiceAccount - name: eventing-controller - namespace: knative-eventing -roleRef: - kind: ClusterRole - name: knative-eventing-sources-controller - apiGroup: rbac.authorization.k8s.io ---- -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRoleBinding -metadata: - name: eventing-controller-manipulator - labels: - eventing.knative.dev/release: "v1.8.3" - app.kubernetes.io/version: "1.8.3" - app.kubernetes.io/name: knative-eventing -subjects: - - kind: ServiceAccount - name: eventing-controller - namespace: knative-eventing -roleRef: - kind: ClusterRole - name: channelable-manipulator - apiGroup: rbac.authorization.k8s.io - ---- -# Copyright 2020 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: v1 -kind: ServiceAccount -metadata: - name: pingsource-mt-adapter - namespace: knative-eventing - labels: - eventing.knative.dev/release: "v1.8.3" - app.kubernetes.io/version: "1.8.3" - app.kubernetes.io/name: knative-eventing ---- -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRoleBinding -metadata: - name: knative-eventing-pingsource-mt-adapter - labels: - eventing.knative.dev/release: "v1.8.3" - app.kubernetes.io/version: "1.8.3" - app.kubernetes.io/name: knative-eventing -subjects: - - kind: ServiceAccount - name: pingsource-mt-adapter - namespace: knative-eventing -roleRef: - kind: ClusterRole - name: knative-eventing-pingsource-mt-adapter - apiGroup: rbac.authorization.k8s.io - ---- -# Copyright 2018 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: v1 -kind: ServiceAccount -metadata: - name: eventing-webhook - namespace: knative-eventing - labels: - eventing.knative.dev/release: "v1.8.3" - app.kubernetes.io/version: "1.8.3" - app.kubernetes.io/name: knative-eventing ---- -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRoleBinding -metadata: - name: eventing-webhook - labels: - eventing.knative.dev/release: "v1.8.3" - app.kubernetes.io/version: "1.8.3" - app.kubernetes.io/name: knative-eventing -subjects: - - kind: ServiceAccount - name: eventing-webhook - namespace: knative-eventing -roleRef: - kind: ClusterRole - name: knative-eventing-webhook - apiGroup: rbac.authorization.k8s.io ---- -apiVersion: rbac.authorization.k8s.io/v1 -kind: RoleBinding -metadata: - namespace: knative-eventing - name: eventing-webhook - labels: - eventing.knative.dev/release: "v1.8.3" - app.kubernetes.io/version: "1.8.3" - app.kubernetes.io/name: knative-eventing -subjects: - - kind: ServiceAccount - name: eventing-webhook - namespace: knative-eventing -roleRef: - kind: Role - name: knative-eventing-webhook - apiGroup: rbac.authorization.k8s.io ---- -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRoleBinding -metadata: - name: eventing-webhook-resolver - labels: - eventing.knative.dev/release: "v1.8.3" - app.kubernetes.io/version: "1.8.3" - app.kubernetes.io/name: knative-eventing -subjects: - - kind: ServiceAccount - name: eventing-webhook - namespace: knative-eventing -roleRef: - kind: ClusterRole - name: addressable-resolver - apiGroup: rbac.authorization.k8s.io ---- -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRoleBinding -metadata: - name: eventing-webhook-podspecable-binding - labels: - eventing.knative.dev/release: "v1.8.3" - app.kubernetes.io/version: "1.8.3" - app.kubernetes.io/name: knative-eventing -subjects: - - kind: ServiceAccount - name: eventing-webhook - namespace: knative-eventing -roleRef: - kind: ClusterRole - name: podspecable-binding - apiGroup: rbac.authorization.k8s.io - ---- -# Copyright 2020 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: v1 -kind: ConfigMap -metadata: - name: config-br-default-channel - namespace: knative-eventing - labels: - eventing.knative.dev/release: "v1.8.3" - app.kubernetes.io/version: "1.8.3" - app.kubernetes.io/name: knative-eventing -data: - channel-template-spec: | - apiVersion: messaging.knative.dev/v1 - kind: InMemoryChannel - ---- -# Copyright 2021 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: v1 -kind: ConfigMap -metadata: - name: config-br-defaults - namespace: knative-eventing - labels: - eventing.knative.dev/release: "v1.8.3" - app.kubernetes.io/version: "1.8.3" - app.kubernetes.io/name: knative-eventing -data: - # Configures the default for any Broker that does not specify a spec.config or Broker class. - default-br-config: | - clusterDefault: - brokerClass: MTChannelBasedBroker - apiVersion: v1 - kind: ConfigMap - name: config-br-default-channel - namespace: knative-eventing - delivery: - retry: 10 - backoffPolicy: exponential - backoffDelay: PT0.2S - ---- -# Copyright 2018 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: v1 -kind: ConfigMap -metadata: - name: default-ch-webhook - namespace: knative-eventing - labels: - eventing.knative.dev/release: "v1.8.3" - app.kubernetes.io/version: "1.8.3" - app.kubernetes.io/name: knative-eventing -data: - # Configuration for defaulting channels that do not specify CRD implementations. - default-ch-config: | - clusterDefault: - apiVersion: messaging.knative.dev/v1 - kind: InMemoryChannel - namespaceDefaults: - some-namespace: - apiVersion: messaging.knative.dev/v1 - kind: InMemoryChannel - ---- -# Copyright 2020 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: v1 -kind: ConfigMap -metadata: - name: config-ping-defaults - namespace: knative-eventing - labels: - eventing.knative.dev/release: "v1.8.3" - annotations: - knative.dev/example-checksum: "9185c153" - app.kubernetes.io/version: "1.8.3" - app.kubernetes.io/name: knative-eventing -data: - _example: | - ################################ - # # - # EXAMPLE CONFIGURATION # - # # - ################################ - - # This block is not actually functional configuration, - # but serves to illustrate the available configuration - # options and document them in a way that is accessible - # to users that `kubectl edit` this config map. - # - # These sample configuration options may be copied out of - # this example block and unindented to be in the data block - # to actually change the configuration. - - # Max number of bytes allowed to be sent for message excluding any - # base64 decoding. Default is no limit set for data - data-max-size: -1 - ---- -# Copyright 2021 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: v1 -kind: ConfigMap -metadata: - name: config-features - namespace: knative-eventing - labels: - eventing.knative.dev/release: "v1.8.3" - knative.dev/config-propagation: original - knative.dev/config-category: eventing - app.kubernetes.io/version: "1.8.3" - app.kubernetes.io/name: knative-eventing -data: - # ALPHA feature: The kreference-group allows you to use the Group field in KReferences. - # For more details: https://github.com/knative/eventing/issues/5086 - kreference-group: "disabled" - # ALPHA feature: The delivery-retryafter allows you to use the RetryAfter field in DeliverySpec. - # For more details: https://github.com/knative/eventing/issues/5811 - delivery-retryafter: "disabled" - # BETA feature: The delivery-timeout allows you to use the Timeout field in DeliverySpec. - # For more details: https://github.com/knative/eventing/issues/5148 - delivery-timeout: "enabled" - # ALPHA feature: The kreference-mapping allows you to map kreference onto templated URI - # For more details: https://github.com/knative/eventing/issues/5593 - kreference-mapping: "disabled" - # BETA feature: The subscriber-strict flag force subscriptions to define a subscriber - # For more details: https://github.com/knative/eventing/issues/5756 - strict-subscriber: "enabled" - # ALPHA feature: The new-trigger-filters flag allows you to use the new `filters` field - # in Trigger objects with its rich filtering capabilities. - # For more details: https://github.com/knative/eventing/issues/5204 - new-trigger-filters: "disabled" - ---- -# Copyright 2021 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: v1 -kind: ConfigMap -metadata: - name: config-kreference-mapping - namespace: knative-eventing - labels: - eventing.knative.dev/release: "v1.8.3" - knative.dev/config-propagation: original - knative.dev/config-category: eventing - annotations: - knative.dev/example-checksum: "7375dbe1" -data: - _example: | - ################################ - # # - # EXAMPLE CONFIGURATION # - # # - ################################ - - # This block is not actually functional configuration, - # but serves to illustrate the available configuration - # options and document them in a way that is accessible - # to users that `kubectl edit` this config map. - - # this is an example of mapping from pod to addressable-pod service - # the data key must be of the form "kind.version.group" - # the data value must be a valid URL. Valid template data are: - # - Name: reference name - # - Namespace: reference namespace - # - SystemNamespace: knative namespace - # - UID: reference UID - # - # Pod.v1: https://addressable-pod.{{ .SystemNamespace }}.svc.cluster.local/{{ .Name }} - ---- -# Copyright 2018 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: v1 -kind: ConfigMap -metadata: - name: config-leader-election - namespace: knative-eventing - labels: - eventing.knative.dev/release: "v1.8.3" - app.kubernetes.io/version: "1.8.3" - app.kubernetes.io/name: knative-eventing - annotations: - knative.dev/example-checksum: "f7948630" -data: - _example: | - ################################ - # # - # EXAMPLE CONFIGURATION # - # # - ################################ - - # This block is not actually functional configuration, - # but serves to illustrate the available configuration - # options and document them in a way that is accessible - # to users that `kubectl edit` this config map. - # - # These sample configuration options may be copied out of - # this example block and unindented to be in the data block - # to actually change the configuration. - - # lease-duration is how long non-leaders will wait to try to acquire the - # lock; 15 seconds is the value used by core kubernetes controllers. - lease-duration: "15s" - - # renew-deadline is how long a leader will try to renew the lease before - # giving up; 10 seconds is the value used by core kubernetes controllers. - renew-deadline: "10s" - - # retry-period is how long the leader election client waits between tries of - # actions; 2 seconds is the value used by core kubernetes controllers. - retry-period: "2s" - - # buckets is the number of buckets used to partition key space of each - # Reconciler. If this number is M and the replica number of the controller - # is N, the N replicas will compete for the M buckets. The owner of a - # bucket will take care of the reconciling for the keys partitioned into - # that bucket. - buckets: "1" - ---- -# Copyright 2018 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: v1 -kind: ConfigMap -metadata: - name: config-logging - namespace: knative-eventing - labels: - eventing.knative.dev/release: "v1.8.3" - knative.dev/config-propagation: original - knative.dev/config-category: eventing - app.kubernetes.io/version: "1.8.3" - app.kubernetes.io/name: knative-eventing -data: - # Common configuration for all Knative codebase - zap-logger-config: | - { - "level": "info", - "development": false, - "outputPaths": ["stdout"], - "errorOutputPaths": ["stderr"], - "encoding": "json", - "encoderConfig": { - "timeKey": "ts", - "levelKey": "level", - "nameKey": "logger", - "callerKey": "caller", - "messageKey": "msg", - "stacktraceKey": "stacktrace", - "lineEnding": "", - "levelEncoder": "", - "timeEncoder": "iso8601", - "durationEncoder": "", - "callerEncoder": "" - } - } - # Log level overrides - # For all components changes are be picked up immediately. - loglevel.controller: "info" - loglevel.webhook: "info" - ---- -# Copyright 2019 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: v1 -kind: ConfigMap -metadata: - name: config-observability - namespace: knative-eventing - labels: - eventing.knative.dev/release: "v1.8.3" - knative.dev/config-propagation: original - knative.dev/config-category: eventing - app.kubernetes.io/version: "1.8.3" - app.kubernetes.io/name: knative-eventing - annotations: - knative.dev/example-checksum: "f46cf09d" -data: - _example: | - ################################ - # # - # EXAMPLE CONFIGURATION # - # # - ################################ - - # This block is not actually functional configuration, - # but serves to illustrate the available configuration - # options and document them in a way that is accessible - # to users that `kubectl edit` this config map. - # - # These sample configuration options may be copied out of - # this example block and unindented to be in the data block - # to actually change the configuration. - - # metrics.backend-destination field specifies the system metrics destination. - # It supports either prometheus (the default) or stackdriver. - # Note: Using stackdriver will incur additional charges - metrics.backend-destination: prometheus - - # metrics.request-metrics-backend-destination specifies the request metrics - # destination. If non-empty, it enables queue proxy to send request metrics. - # Currently supported values: prometheus, stackdriver. - metrics.request-metrics-backend-destination: prometheus - - # metrics.stackdriver-project-id field specifies the stackdriver project ID. This - # field is optional. When running on GCE, application default credentials will be - # used if this field is not provided. - metrics.stackdriver-project-id: "" - - # metrics.allow-stackdriver-custom-metrics indicates whether it is allowed to send metrics to - # Stackdriver using "global" resource type and custom metric type if the - # metrics are not supported by "knative_broker", "knative_trigger", and "knative_source" resource types. - # Setting this flag to "true" could cause extra Stackdriver charge. - # If metrics.backend-destination is not Stackdriver, this is ignored. - metrics.allow-stackdriver-custom-metrics: "false" - - # profiling.enable indicates whether it is allowed to retrieve runtime profiling data from - # the pods via an HTTP server in the format expected by the pprof visualization tool. When - # enabled, the Knative Eventing pods expose the profiling data on an alternate HTTP port 8008. - # The HTTP context root for profiling is then /debug/pprof/. - profiling.enable: "false" - - # sink-event-error-reporting.enable whether the adapter reports a kube event to the CRD indicating - # a failure to send a cloud event to the sink. - sink-event-error-reporting.enable: "false" - ---- -# Copyright 2022 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: v1 -kind: ConfigMap -metadata: - name: config-sugar - namespace: knative-eventing - labels: - eventing.knative.dev/release: "v1.8.3" - app.kubernetes.io/version: "1.8.3" - app.kubernetes.io/name: knative-eventing - annotations: - knative.dev/example-checksum: "62dfac6f" -data: - _example: | - ################################ - # # - # EXAMPLE CONFIGURATION # - # # - ################################ - # This block is not actually functional configuration, - # but serves to illustrate the available configuration - # options and document them in a way that is accessible - # to users that `kubectl edit` this config map. - # - # These sample configuration options may be copied out of - # this example block and unindented to be in the data block - # to actually change the configuration. - - # namespace-selector specifies a LabelSelector which - # determines which namespaces the Sugar Controller should operate upon - # Use an empty value to disable the feature (this is the default): - namespace-selector: "" - - # Use an empty object as a string to enable for all namespaces - namespace-selector: "{}" - - # trigger-selector specifies a LabelSelector which - # determines which triggers the Sugar Controller should operate upon - # Use an empty value to disable the feature (this is the default): - trigger-selector: "" - - # Use an empty object as string to enable for all triggers - trigger-selector: "{}" - ---- -# Copyright 2019 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: v1 -kind: ConfigMap -metadata: - name: config-tracing - namespace: knative-eventing - labels: - eventing.knative.dev/release: "v1.8.3" - knative.dev/config-propagation: original - knative.dev/config-category: eventing - app.kubernetes.io/version: "1.8.3" - app.kubernetes.io/name: knative-eventing - annotations: - knative.dev/example-checksum: "0492ceb0" -data: - _example: | - ################################ - # # - # EXAMPLE CONFIGURATION # - # # - ################################ - # This block is not actually functional configuration, - # but serves to illustrate the available configuration - # options and document them in a way that is accessible - # to users that `kubectl edit` this config map. - # - # These sample configuration options may be copied out of - # this example block and unindented to be in the data block - # to actually change the configuration. - # - # This may be "zipkin" or "none". the default is "none" - backend: "none" - - # URL to zipkin collector where traces are sent. - # This must be specified when backend is "zipkin" - zipkin-endpoint: "http://zipkin.istio-system.svc.cluster.local:9411/api/v2/spans" - - # Enable zipkin debug mode. This allows all spans to be sent to the server - # bypassing sampling. - debug: "false" - - # Percentage (0-1) of requests to trace - sample-rate: "0.1" - ---- -# Copyright 2018 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: apps/v1 -kind: Deployment -metadata: - name: eventing-controller - namespace: knative-eventing - labels: - eventing.knative.dev/release: "v1.8.3" - knative.dev/high-availability: "true" - app.kubernetes.io/component: eventing-controller - app.kubernetes.io/version: "1.8.3" - app.kubernetes.io/name: knative-eventing -spec: - selector: - matchLabels: - app: eventing-controller - template: - metadata: - labels: - app: eventing-controller - eventing.knative.dev/release: "v1.8.3" - app.kubernetes.io/component: eventing-controller - app.kubernetes.io/version: "1.8.3" - app.kubernetes.io/name: knative-eventing - spec: - # To avoid node becoming SPOF, spread our replicas to different nodes. - affinity: - podAntiAffinity: - preferredDuringSchedulingIgnoredDuringExecution: - - podAffinityTerm: - labelSelector: - matchLabels: - app: eventing-controller - topologyKey: kubernetes.io/hostname - weight: 100 - serviceAccountName: eventing-controller - enableServiceLinks: false - containers: - - name: eventing-controller - terminationMessagePolicy: FallbackToLogsOnError - image: gcr.io/knative-releases/knative.dev/eventing/cmd/controller@sha256:355466748777f8d198486ee8e49802f1abafc61de2a8d3a38bdb905cbdff7923 - resources: - requests: - cpu: 100m - memory: 100Mi - env: - - name: SYSTEM_NAMESPACE - valueFrom: - fieldRef: - fieldPath: metadata.namespace - - name: CONFIG_LOGGING_NAME - value: config-logging - - name: CONFIG_OBSERVABILITY_NAME - value: config-observability - - name: METRICS_DOMAIN - value: knative.dev/eventing - # APIServerSource - - name: APISERVER_RA_IMAGE - value: gcr.io/knative-releases/knative.dev/eventing/cmd/apiserver_receive_adapter@sha256:c1064ea5c0df5fa4b53a5aa44e7e2fcef4f515997e74c120698123b013d59bbd - - name: POD_NAME - valueFrom: - fieldRef: - fieldPath: metadata.name - ## Adapter settings - # - name: K_LOGGING_CONFIG - # value: '' - # - name: K_LEADER_ELECTION_CONFIG - # value: '' - # - name: K_NO_SHUTDOWN_AFTER - # value: '' - ## Time in seconds the adapter will wait for the sink to respond. Default is no timeout - # - name: K_SINK_TIMEOUT - # value: '' - securityContext: - allowPrivilegeEscalation: false - readOnlyRootFilesystem: true - runAsNonRoot: true - capabilities: - drop: - - ALL - seccompProfile: - type: RuntimeDefault - livenessProbe: - httpGet: - path: /health - port: probes - scheme: HTTP - initialDelaySeconds: 20 - periodSeconds: 10 - timeoutSeconds: 5 - readinessProbe: - httpGet: - path: /readiness - port: probes - scheme: HTTP - initialDelaySeconds: 20 - periodSeconds: 10 - timeoutSeconds: 5 - ports: - - name: metrics - containerPort: 9090 - - name: profiling - containerPort: 8008 - - name: probes - containerPort: 8080 - ---- -# Copyright 2018 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: apps/v1 -kind: Deployment -metadata: - name: pingsource-mt-adapter - namespace: knative-eventing - labels: - eventing.knative.dev/release: "v1.8.3" - app.kubernetes.io/component: pingsource-mt-adapter - app.kubernetes.io/version: "1.8.3" - app.kubernetes.io/name: knative-eventing -spec: - # when set to 0 (and only 0) will be set to 1 when the first PingSource is created. - replicas: 0 - selector: - matchLabels: &labels - eventing.knative.dev/source: ping-source-controller - sources.knative.dev/role: adapter - template: - metadata: - labels: - !!merge <<: *labels - eventing.knative.dev/release: "v1.8.3" - app.kubernetes.io/component: pingsource-mt-adapter - app.kubernetes.io/version: "1.8.3" - app.kubernetes.io/name: knative-eventing - spec: - affinity: - podAntiAffinity: - preferredDuringSchedulingIgnoredDuringExecution: - - podAffinityTerm: - labelSelector: - matchLabels: *labels - topologyKey: kubernetes.io/hostname - weight: 100 - enableServiceLinks: false - containers: - - name: dispatcher - image: gcr.io/knative-releases/knative.dev/eventing/cmd/mtping@sha256:c616008cf825fde38999513aa9eda7c44e4285f84f85d1454eef5bfbb3cd1c40 - env: - - name: SYSTEM_NAMESPACE - value: '' - valueFrom: - fieldRef: - apiVersion: v1 - fieldPath: metadata.namespace - - name: NAMESPACE - value: '' - valueFrom: - fieldRef: - apiVersion: v1 - fieldPath: metadata.namespace - # DO NOT MODIFY: The values below are being filled by the ping source controller - # See 500-controller.yaml - - name: K_METRICS_CONFIG - value: '' - - name: K_LOGGING_CONFIG - value: '' - - name: K_LEADER_ELECTION_CONFIG - value: '' - - name: K_NO_SHUTDOWN_AFTER - value: '' - - name: K_SINK_TIMEOUT - value: '-1' - - name: POD_NAME - valueFrom: - fieldRef: - fieldPath: metadata.name - ports: - - containerPort: 9090 - name: metrics - protocol: TCP - resources: - requests: - cpu: 125m - memory: 64Mi - limits: - cpu: 1000m - memory: 2048Mi - securityContext: - allowPrivilegeEscalation: false - readOnlyRootFilesystem: true - runAsNonRoot: true - capabilities: - drop: - - ALL - seccompProfile: - type: RuntimeDefault - serviceAccountName: pingsource-mt-adapter - ---- -# Copyright 2021 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: autoscaling/v2 -kind: HorizontalPodAutoscaler -metadata: - name: eventing-webhook - namespace: knative-eventing - labels: - eventing.knative.dev/release: "v1.8.3" - app.kubernetes.io/component: eventing-webhook - app.kubernetes.io/version: "1.8.3" - app.kubernetes.io/name: knative-eventing -spec: - scaleTargetRef: - apiVersion: apps/v1 - kind: Deployment - name: eventing-webhook - minReplicas: 1 - maxReplicas: 5 - metrics: - - type: Resource - resource: - name: cpu - target: - type: Utilization - averageUtilization: 100 ---- -# Webhook PDB. -apiVersion: policy/v1 -kind: PodDisruptionBudget -metadata: - name: eventing-webhook - namespace: knative-eventing - labels: - eventing.knative.dev/release: "v1.8.3" - app.kubernetes.io/component: eventing-webhook - app.kubernetes.io/version: "1.8.3" - app.kubernetes.io/name: knative-eventing -spec: - minAvailable: 80% - selector: - matchLabels: - app: eventing-webhook - ---- -# Copyright 2018 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: apps/v1 -kind: Deployment -metadata: - name: eventing-webhook - namespace: knative-eventing - labels: - eventing.knative.dev/release: "v1.8.3" - app.kubernetes.io/component: eventing-webhook - app.kubernetes.io/version: "1.8.3" - app.kubernetes.io/name: knative-eventing -spec: - selector: - matchLabels: &labels - app: eventing-webhook - role: eventing-webhook - template: - metadata: - labels: - !!merge <<: *labels - eventing.knative.dev/release: "v1.8.3" - app.kubernetes.io/component: eventing-webhook - app.kubernetes.io/version: "1.8.3" - app.kubernetes.io/name: knative-eventing - spec: - # To avoid node becoming SPOF, spread our replicas to different nodes. - affinity: - podAntiAffinity: - preferredDuringSchedulingIgnoredDuringExecution: - - podAffinityTerm: - labelSelector: - matchLabels: - app: eventing-webhook - topologyKey: kubernetes.io/hostname - weight: 100 - serviceAccountName: eventing-webhook - enableServiceLinks: false - containers: - - name: eventing-webhook - terminationMessagePolicy: FallbackToLogsOnError - # This is the Go import path for the binary that is containerized - # and substituted here. - image: gcr.io/knative-releases/knative.dev/eventing/cmd/webhook@sha256:0f8753e4070b4fa02f56f9a80ce3ad7ea80f817ccc8b8c6e6a3a0dafdf869b57 - resources: - requests: - # taken from serving. - cpu: 100m - memory: 50Mi - limits: - # taken from serving. - cpu: 200m - memory: 200Mi - env: - - name: SYSTEM_NAMESPACE - valueFrom: - fieldRef: - fieldPath: metadata.namespace - - name: CONFIG_LOGGING_NAME - value: config-logging - - name: METRICS_DOMAIN - value: knative.dev/eventing - - name: WEBHOOK_NAME - value: eventing-webhook - - name: WEBHOOK_PORT - value: "8443" - # SINK_BINDING_SELECTION_MODE specifies the NamespaceSelector and ObjectSelector - # for the sinkbinding webhook. - # If `inclusion` is selected, namespaces/objects labelled as `bindings.knative.dev/include:true` - # will be considered by the sinkbinding webhook; - # If `exclusion` is selected, namespaces/objects labelled as `bindings.knative.dev/exclude:true` - # will NOT be considered by the sinkbinding webhook. - # The default is `exclusion`. - - name: SINK_BINDING_SELECTION_MODE - value: "exclusion" - - name: POD_NAME - valueFrom: - fieldRef: - fieldPath: metadata.name - securityContext: - allowPrivilegeEscalation: false - readOnlyRootFilesystem: true - runAsNonRoot: true - capabilities: - drop: - - ALL - seccompProfile: - type: RuntimeDefault - ports: - - name: https-webhook - containerPort: 8443 - - name: metrics - containerPort: 9090 - - name: profiling - containerPort: 8008 - readinessProbe: &probe - periodSeconds: 1 - httpGet: - scheme: HTTPS - port: 8443 - httpHeaders: - - name: k-kubelet-probe - value: "webhook" - livenessProbe: - !!merge <<: *probe - initialDelaySeconds: 120 - # Our webhook should gracefully terminate by lame ducking first, set this to a sufficiently - # high value that we respect whatever value it has configured for the lame duck grace period. - terminationGracePeriodSeconds: 300 ---- -apiVersion: v1 -kind: Service -metadata: - labels: - eventing.knative.dev/release: "v1.8.3" - role: eventing-webhook - app.kubernetes.io/component: eventing-webhook - app.kubernetes.io/version: "1.8.3" - app.kubernetes.io/name: knative-eventing - name: eventing-webhook - namespace: knative-eventing -spec: - ports: - - name: https-webhook - port: 443 - targetPort: 8443 - selector: - role: eventing-webhook - ---- -# Copyright 2020 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - creationTimestamp: null - labels: - eventing.knative.dev/release: "v1.8.3" - eventing.knative.dev/source: "true" - duck.knative.dev/source: "true" - knative.dev/crd-install: "true" - app.kubernetes.io/version: "1.8.3" - app.kubernetes.io/name: knative-eventing - annotations: - # TODO add schemas and descriptions - registry.knative.dev/eventTypes: | - [ - { "type": "dev.knative.apiserver.resource.add" }, - { "type": "dev.knative.apiserver.resource.delete" }, - { "type": "dev.knative.apiserver.resource.update" }, - { "type": "dev.knative.apiserver.ref.add" }, - { "type": "dev.knative.apiserver.ref.delete" }, - { "type": "dev.knative.apiserver.ref.update" } - ] - name: apiserversources.sources.knative.dev -spec: - group: sources.knative.dev - versions: - - name: v1 - served: true - storage: true - subresources: - status: {} - schema: - openAPIV3Schema: - description: 'ApiServerSource is an event source that brings Kubernetes API server events into Knative.' - type: object - properties: - spec: - type: object - required: - - resources - properties: - ceOverrides: - description: CloudEventOverrides defines overrides to control the output format and modifications of the event sent to the sink. - type: object - properties: - extensions: - description: Extensions specify what attribute are added or overridden on the outbound event. Each `Extensions` key-value pair are set on the event as an attribute extension independently. - type: object - x-kubernetes-preserve-unknown-fields: true - mode: - description: EventMode controls the format of the event. `Reference` sends a dataref event type for the resource under watch. `Resource` send the full resource lifecycle event. Defaults to `Reference` - type: string - owner: - description: ResourceOwner is an additional filter to only track resources that are owned by a specific resource type. If ResourceOwner matches Resources[n] then Resources[n] is allowed to pass the ResourceOwner filter. - type: object - properties: - apiVersion: - description: APIVersion - the API version of the resource to watch. - type: string - kind: - description: 'Kind of the resource to watch. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - resources: - description: Resource are the resources this source will track and send related lifecycle events from the Kubernetes ApiServer, with an optional label selector to help filter. - type: array - items: - type: object - properties: - apiVersion: - description: APIVersion - the API version of the resource to watch. - type: string - kind: - description: 'Kind of the resource to watch. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - selector: - description: 'LabelSelector filters this source to objects to those resources pass the label selector. More info: http://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#label-selectors' - type: object - properties: - matchExpressions: - description: matchExpressions is a list of label selector requirements. The requirements are ANDed. - type: array - items: - type: object - properties: - key: - description: key is the label key that the selector applies to. - type: string - operator: - description: operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. - type: string - values: - description: values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. - type: array - items: - type: string - matchLabels: - description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. - type: object - x-kubernetes-preserve-unknown-fields: true - serviceAccountName: - description: ServiceAccountName is the name of the ServiceAccount to use to run this source. Defaults to default if not set. - type: string - sink: - description: Sink is a reference to an object that will resolve to a uri to use as the sink. - type: object - properties: - ref: - description: Ref points to an Addressable. - type: object - properties: - apiVersion: - description: API version of the referent. - type: string - kind: - description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - namespace: - description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ This is optional field, it gets defaulted to the object holding it if left out.' - type: string - uri: - description: URI can be an absolute URL(non-empty scheme and non-empty host) pointing to the target or a relative URI. Relative URIs will be resolved using the base URI retrieved from Ref. - type: string - status: - type: object - properties: - annotations: - description: Annotations is additional Status fields for the Resource to save some additional State as well as convey more information to the user. This is roughly akin to Annotations on any k8s resource, just the reconciler conveying richer information outwards. - type: object - x-kubernetes-preserve-unknown-fields: true - ceAttributes: - description: CloudEventAttributes are the specific attributes that the Source uses as part of its CloudEvents. - type: array - items: - type: object - properties: - source: - description: Source is the CloudEvents source attribute. - type: string - type: - description: Type refers to the CloudEvent type attribute. - type: string - conditions: - description: Conditions the latest available observations of a resource's current state. - type: array - items: - type: object - required: - - type - - status - properties: - lastTransitionTime: - description: LastTransitionTime is the last time the condition transitioned from one status to another. We use VolatileTime in place of metav1.Time to exclude this from creating equality.Semantic differences (all other things held constant). - type: string - message: - description: A human readable message indicating details about the transition. - type: string - reason: - description: The reason for the condition's last transition. - type: string - severity: - description: Severity with which to treat failures of this type of condition. When this is not specified, it defaults to Error. - type: string - status: - description: Status of the condition, one of True, False, Unknown. - type: string - type: - description: Type of condition. - type: string - observedGeneration: - description: ObservedGeneration is the 'Generation' of the Service that was last processed by the controller. - type: integer - format: int64 - sinkUri: - description: SinkURI is the current active sink URI that has been configured for the Source. - type: string - additionalPrinterColumns: - - name: Sink - type: string - jsonPath: ".status.sinkUri" - - name: Age - type: date - jsonPath: .metadata.creationTimestamp - - name: Ready - type: string - jsonPath: ".status.conditions[?(@.type==\"Ready\")].status" - - name: Reason - type: string - jsonPath: ".status.conditions[?(@.type==\"Ready\")].reason" - names: - categories: - - all - - knative - - sources - kind: ApiServerSource - plural: apiserversources - singular: apiserversource - scope: Namespaced - ---- -# Copyright 2020 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - name: brokers.eventing.knative.dev - labels: - eventing.knative.dev/release: "v1.8.3" - knative.dev/crd-install: "true" - duck.knative.dev/addressable: "true" - app.kubernetes.io/version: "1.8.3" - app.kubernetes.io/name: knative-eventing -spec: - group: eventing.knative.dev - versions: - - name: v1 - served: true - storage: true - subresources: - status: {} - schema: - openAPIV3Schema: - description: 'Broker collects a pool of events that are consumable using Triggers. Brokers provide a well-known endpoint for event delivery that senders can use with minimal knowledge of the event routing strategy. Subscribers use Triggers to request delivery of events from a Broker''s pool to a specific URL or Addressable endpoint.' - type: object - properties: - spec: - description: Spec defines the desired state of the Broker. - type: object - properties: - config: - description: Config is a KReference to the configuration that specifies configuration options for this Broker. For example, this could be a pointer to a ConfigMap. - type: object - properties: - apiVersion: - description: API version of the referent. - type: string - kind: - description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - namespace: - description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ This is optional field, it gets defaulted to the object holding it if left out.' - type: string - delivery: - description: Delivery contains the delivery spec for each trigger to this Broker. Each trigger delivery spec, if any, overrides this global delivery spec. - type: object - properties: - backoffDelay: - description: 'BackoffDelay is the delay before retrying. More information on Duration format: - https://www.iso.org/iso-8601-date-and-time-format.html - https://en.wikipedia.org/wiki/ISO_8601 For linear policy, backoff delay is backoffDelay*. For exponential policy, backoff delay is backoffDelay*2^.' - type: string - backoffPolicy: - description: BackoffPolicy is the retry backoff policy (linear, exponential). - type: string - deadLetterSink: - description: DeadLetterSink is the sink receiving event that could not be sent to a destination. - type: object - properties: - ref: - description: Ref points to an Addressable. - type: object - properties: - apiVersion: - description: API version of the referent. - type: string - kind: - description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - namespace: - description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ This is optional field, it gets defaulted to the object holding it if left out.' - type: string - uri: - description: URI can be an absolute URL(non-empty scheme and non-empty host) pointing to the target or a relative URI. Relative URIs will be resolved using the base URI retrieved from Ref. - type: string - retry: - description: Retry is the minimum number of retries the sender should attempt when sending an event before moving it to the dead letter sink. - type: integer - format: int32 - x-kubernetes-preserve-unknown-fields: true # This is necessary to enable the experimental feature delivery-timeout - status: - description: Status represents the current state of the Broker. This data may be out of date. - type: object - properties: - address: - description: Broker is Addressable. It exposes the endpoint as an URI to get events delivered into the Broker mesh. - type: object - properties: - url: - type: string - annotations: - description: Annotations is additional Status fields for the Resource to save some additional State as well as convey more information to the user. This is roughly akin to Annotations on any k8s resource, just the reconciler conveying richer information outwards. - type: object - x-kubernetes-preserve-unknown-fields: true - conditions: - description: Conditions the latest available observations of a resource's current state. - type: array - items: - type: object - required: - - type - - status - properties: - lastTransitionTime: - description: 'LastTransitionTime is the last time the condition transitioned from one status to another. We use VolatileTime in place of metav1.Time to exclude this from creating equality.Semantic differences (all other things held constant).' - type: string - message: - description: 'A human readable message indicating details about the transition.' - type: string - reason: - description: 'The reason for the condition''s last transition.' - type: string - severity: - description: 'Severity with which to treat failures of this type of condition. When this is not specified, it defaults to Error.' - type: string - status: - description: 'Status of the condition, one of True, False, Unknown.' - type: string - type: - description: 'Type of condition.' - type: string - deadLetterSinkUri: - description: DeadLetterSinkURI is the resolved URI of the dead letter sink that will be used as a fallback when not specified by Triggers. - type: string - observedGeneration: - description: ObservedGeneration is the 'Generation' of the Service that was last processed by the controller. - type: integer - format: int64 - additionalPrinterColumns: - - name: URL - type: string - jsonPath: .status.address.url - - name: Age - type: date - jsonPath: .metadata.creationTimestamp - - name: Ready - type: string - jsonPath: ".status.conditions[?(@.type==\"Ready\")].status" - - name: Reason - type: string - jsonPath: ".status.conditions[?(@.type==\"Ready\")].reason" - names: - kind: Broker - plural: brokers - singular: broker - categories: - - all - - knative - - eventing - scope: Namespaced - ---- -# Copyright 2020 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - name: channels.messaging.knative.dev - labels: - eventing.knative.dev/release: "v1.8.3" - knative.dev/crd-install: "true" - messaging.knative.dev/subscribable: "true" - duck.knative.dev/addressable: "true" - app.kubernetes.io/version: "1.8.3" - app.kubernetes.io/name: knative-eventing -spec: - group: messaging.knative.dev - versions: - - name: v1 - served: true - storage: true - subresources: - status: {} - additionalPrinterColumns: - - name: URL - type: string - jsonPath: .status.address.url - - name: Age - type: date - jsonPath: .metadata.creationTimestamp - - name: Ready - type: string - jsonPath: ".status.conditions[?(@.type==\"Ready\")].status" - - name: Reason - type: string - jsonPath: ".status.conditions[?(@.type==\"Ready\")].reason" - schema: - openAPIV3Schema: - description: 'Channel represents a generic Channel. It is normally used when we want a Channel, but do not need a specific Channel implementation.' - type: object - properties: - spec: - description: Spec defines the desired state of the Channel. - type: object - properties: - channelTemplate: - description: ChannelTemplate specifies which Channel CRD to use to create the CRD Channel backing this Channel. This is immutable after creation. Normally this is set by the Channel defaulter, not directly by the user. - type: object - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - spec: - description: Spec defines the Spec to use for each channel created. Passed in verbatim to the Channel CRD as Spec section. - type: object - x-kubernetes-preserve-unknown-fields: true - delivery: - description: DeliverySpec contains the default delivery spec for each subscription to this Channelable. Each subscription delivery spec, if any, overrides this global delivery spec. - type: object - properties: - backoffDelay: - description: 'BackoffDelay is the delay before retrying. More information on Duration format: - https://www.iso.org/iso-8601-date-and-time-format.html - https://en.wikipedia.org/wiki/ISO_8601 For linear policy, backoff delay is backoffDelay*. For exponential policy, backoff delay is backoffDelay*2^.' - type: string - backoffPolicy: - description: BackoffPolicy is the retry backoff policy (linear, exponential). - type: string - deadLetterSink: - description: DeadLetterSink is the sink receiving event that could not be sent to a destination. - type: object - properties: - ref: - description: Ref points to an Addressable. - type: object - properties: - apiVersion: - description: API version of the referent. - type: string - kind: - description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - namespace: - description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ This is optional field, it gets defaulted to the object holding it if left out.' - type: string - uri: - description: URI can be an absolute URL(non-empty scheme and non-empty host) pointing to the target or a relative URI. Relative URIs will be resolved using the base URI retrieved from Ref. - type: string - retry: - description: Retry is the minimum number of retries the sender should attempt when sending an event before moving it to the dead letter sink. - type: integer - format: int32 - x-kubernetes-preserve-unknown-fields: true # This is necessary to enable the experimental feature delivery-timeout - subscribers: - description: This is the list of subscriptions for this subscribable. - type: array - items: - type: object - properties: - delivery: - description: DeliverySpec contains options controlling the event delivery - type: object - properties: - backoffDelay: - description: 'BackoffDelay is the delay before retrying. More information on Duration format: - https://www.iso.org/iso-8601-date-and-time-format.html - https://en.wikipedia.org/wiki/ISO_8601 For linear policy, backoff delay is backoffDelay*. For exponential policy, backoff delay is backoffDelay*2^.' - type: string - backoffPolicy: - description: BackoffPolicy is the retry backoff policy (linear, exponential). - type: string - deadLetterSink: - description: DeadLetterSink is the sink receiving event that could not be sent to a destination. - type: object - properties: - ref: - description: Ref points to an Addressable. - type: object - properties: - apiVersion: - description: API version of the referent. - type: string - kind: - description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - namespace: - description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ This is optional field, it gets defaulted to the object holding it if left out.' - type: string - uri: - description: URI can be an absolute URL(non-empty scheme and non-empty host) pointing to the target or a relative URI. Relative URIs will be resolved using the base URI retrieved from Ref. - type: string - retry: - description: Retry is the minimum number of retries the sender should attempt when sending an event before moving it to the dead letter sink. - type: integer - format: int32 - x-kubernetes-preserve-unknown-fields: true # This is necessary to enable the experimental feature - generation: - description: Generation of the origin of the subscriber with uid:UID. - type: integer - format: int64 - replyUri: - description: ReplyURI is the endpoint for the reply - type: string - subscriberUri: - description: SubscriberURI is the endpoint for the subscriber - type: string - uid: - description: UID is used to understand the origin of the subscriber. - type: string - status: - description: Status represents the current state of the Channel. This data may be out of date. - type: object - properties: - address: - type: object - properties: - url: - type: string - annotations: - description: Annotations is additional Status fields for the Resource to save some additional State as well as convey more information to the user. This is roughly akin to Annotations on any k8s resource, just the reconciler conveying richer information outwards. - type: object - x-kubernetes-preserve-unknown-fields: true - channel: - description: Channel is an KReference to the Channel CRD backing this Channel. - type: object - properties: - apiVersion: - description: API version of the referent. - type: string - kind: - description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - namespace: - description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ This is optional field, it gets defaulted to the object holding it if left out.' - type: string - conditions: - description: Conditions the latest available observations of a resource's current state. - type: array - items: - type: object - required: - - type - - status - properties: - lastTransitionTime: - description: LastTransitionTime is the last time the condition transitioned from one status to another. We use VolatileTime in place of metav1.Time to exclude this from creating equality.Semantic differences (all other things held constant). - type: string - message: - description: A human readable message indicating details about the transition. - type: string - reason: - description: The reason for the condition's last transition. - type: string - severity: - description: Severity with which to treat failures of this type of condition. When this is not specified, it defaults to Error. - type: string - status: - description: Status of the condition, one of True, False, Unknown. - type: string - type: - description: Type of condition. - type: string - deadLetterChannel: - description: DeadLetterChannel is a KReference and is set by the channel when it supports native error handling via a channel Failed messages are delivered here. - type: object - properties: - apiVersion: - description: API version of the referent. - type: string - kind: - description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - namespace: - description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ This is optional field, it gets defaulted to the object holding it if left out.' - type: string - deadLetterSinkUri: - description: DeadLetterSinkURI is the resolved URI of the dead letter sink that will be used as a fallback when not specified by Triggers. - type: string - observedGeneration: - description: ObservedGeneration is the 'Generation' of the Service that was last processed by the controller. - type: integer - format: int64 - subscribers: - description: This is the list of subscription's statuses for this channel. - type: array - items: - type: object - properties: - message: - description: A human readable message indicating details of Ready status. - type: string - observedGeneration: - description: Generation of the origin of the subscriber with uid:UID. - type: integer - format: int64 - ready: - description: Status of the subscriber. - type: string - uid: - description: UID is used to understand the origin of the subscriber. - type: string - names: - kind: Channel - plural: channels - singular: channel - categories: - - all - - knative - - messaging - - channel - shortNames: - - ch - scope: Namespaced - ---- -# Copyright 2020 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - labels: - eventing.knative.dev/release: "v1.8.3" - eventing.knative.dev/source: "true" - duck.knative.dev/source: "true" - knative.dev/crd-install: "true" - app.kubernetes.io/version: "1.8.3" - app.kubernetes.io/name: knative-eventing - name: containersources.sources.knative.dev -spec: - group: sources.knative.dev - versions: - - name: v1 - served: true - storage: true - subresources: - status: {} - schema: - openAPIV3Schema: - description: 'ContainerSource is an event source that starts a container image which generates events under certain situations and sends messages to a sink URI' - type: object - properties: - spec: - type: object - properties: - ceOverrides: - description: CloudEventOverrides defines overrides to control the output format and modifications of the event sent to the sink. - type: object - properties: - extensions: - description: Extensions specify what attribute are added or overridden on the outbound event. Each `Extensions` key-value pair are set on the event as an attribute extension independently. - type: object - x-kubernetes-preserve-unknown-fields: true - sink: - description: Sink is a reference to an object that will resolve to a uri to use as the sink. - type: object - properties: - ref: - description: Ref points to an Addressable. - type: object - properties: - apiVersion: - description: API version of the referent. - type: string - kind: - description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - namespace: - description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ This is optional field, it gets defaulted to the object holding it if left out.' - type: string - uri: - description: URI can be an absolute URL(non-empty scheme and non-empty host) pointing to the target or a relative URI. Relative URIs will be resolved using the base URI retrieved from Ref. - type: string - # WARNING: the schema tool can not parse PodTemplateSpec, stub here and redirect to Deployment documentation. - template: - type: object - x-kubernetes-preserve-unknown-fields: true - description: 'A template in the shape of `Deployment.spec.template` to be used for this ContainerSource. More info: https://kubernetes.io/docs/concepts/workloads/controllers/deployment/' - status: - type: object - properties: - annotations: - description: Annotations is additional Status fields for the Resource to save some additional State as well as convey more information to the user. This is roughly akin to Annotations on any k8s resource, just the reconciler conveying richer information outwards. - type: object - x-kubernetes-preserve-unknown-fields: true - ceAttributes: - description: CloudEventAttributes are the specific attributes that the Source uses as part of its CloudEvents. - type: array - items: - type: object - properties: - source: - description: Source is the CloudEvents source attribute. - type: string - type: - description: Type refers to the CloudEvent type attribute. - type: string - conditions: - description: Conditions the latest available observations of a resource's current state. - type: array - items: - type: object - required: - - type - - status - properties: - lastTransitionTime: - description: LastTransitionTime is the last time the condition transitioned from one status to another. We use VolatileTime in place of metav1.Time to exclude this from creating equality.Semantic differences (all other things held constant). - type: string - message: - description: A human readable message indicating details about the transition. - type: string - reason: - description: The reason for the condition's last transition. - type: string - severity: - description: Severity with which to treat failures of this type of condition. When this is not specified, it defaults to Error. - type: string - status: - description: Status of the condition, one of True, False, Unknown. - type: string - type: - description: Type of condition. - type: string - observedGeneration: - description: ObservedGeneration is the 'Generation' of the Service that was last processed by the controller. - type: integer - format: int64 - sinkUri: - description: SinkURI is the current active sink URI that has been configured for the Source. - type: string - additionalPrinterColumns: - - name: Sink - type: string - jsonPath: ".status.sinkUri" - - name: Age - type: date - jsonPath: .metadata.creationTimestamp - - name: Ready - type: string - jsonPath: ".status.conditions[?(@.type==\"Ready\")].status" - - name: Reason - type: string - jsonPath: ".status.conditions[?(@.type=='Ready')].reason" - names: - categories: - - all - - knative - - sources - kind: ContainerSource - plural: containersources - singular: containersource - scope: Namespaced - ---- -# Copyright 2020 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - name: eventtypes.eventing.knative.dev - labels: - eventing.knative.dev/release: "v1.8.3" - knative.dev/crd-install: "true" - app.kubernetes.io/version: "1.8.3" - app.kubernetes.io/name: knative-eventing -spec: - group: eventing.knative.dev - versions: - - name: v1beta1 - served: true - storage: true - subresources: - status: {} - schema: - openAPIV3Schema: - type: object - description: 'EventType represents a type of event that can be consumed from a Broker.' - properties: - spec: - description: 'Spec defines the desired state of the EventType.' - type: object - properties: - broker: - type: string - description: - description: 'Description is an optional field used to describe the EventType, in any meaningful way.' - type: string - schema: - description: 'Schema is a URI, it represents the CloudEvents schemaurl extension attribute. It may be a JSON schema, a protobuf schema, etc. It is optional.' - type: string - schemaData: - description: 'SchemaData allows the CloudEvents schema to be stored directly in the EventType. Content is dependent on the encoding. Optional attribute. The contents are not validated or manipulated by the system.' - type: string - source: - description: 'Source is a URI, it represents the CloudEvents source.' - type: string - type: - description: 'Type represents the CloudEvents type. It is authoritative.' - type: string - status: - description: 'Status represents the current state of the EventType. This data may be out of date.' - type: object - properties: - annotations: - description: 'Annotations is additional Status fields for the Resource to save some additional State as well as convey more information to the user. This is roughly akin to Annotations on any k8s resource, just the reconciler conveying richer information outwards.' - type: object - x-kubernetes-preserve-unknown-fields: true - conditions: - description: 'Conditions the latest available observations of a resource''s current state.' - type: array - items: - type: object - required: - - type - - status - properties: - lastTransitionTime: - description: 'LastTransitionTime is the last time the condition transitioned from one status to another. We use VolatileTime in place of metav1.Time to exclude this from creating equality.Semantic differences (all other things held constant).' - type: string - message: - description: 'A human readable message indicating details about the transition.' - type: string - reason: - description: 'The reason for the condition''s last transition.' - type: string - severity: - description: 'Severity with which to treat failures of this type of condition. When this is not specified, it defaults to Error.' - type: string - status: - description: 'Status of the condition, one of True, False, Unknown.' - type: string - type: - description: 'Type of condition.' - type: string - observedGeneration: - description: 'ObservedGeneration is the ''Generation'' of the Service that was last processed by the controller.' - type: integer - format: int64 - additionalPrinterColumns: - - name: Type - type: string - jsonPath: ".spec.type" - - name: Source - type: string - jsonPath: ".spec.source" - - name: Schema - type: string - jsonPath: ".spec.schema" - - name: Broker - type: string - jsonPath: ".spec.broker" - - name: Description - type: string - jsonPath: ".spec.description" - # TODO remove Status https://github.com/knative/eventing/issues/2750 - - name: Ready - type: string - jsonPath: ".status.conditions[?(@.type==\"Ready\")].status" - - name: Reason - type: string - jsonPath: ".status.conditions[?(@.type==\"Ready\")].reason" - names: - kind: EventType - plural: eventtypes - singular: eventtype - categories: - - all - - knative - - eventing - scope: Namespaced - ---- -# Copyright 2020 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - name: parallels.flows.knative.dev - labels: - eventing.knative.dev/release: "v1.8.3" - knative.dev/crd-install: "true" - duck.knative.dev/addressable: "true" - app.kubernetes.io/version: "1.8.3" - app.kubernetes.io/name: knative-eventing -spec: - group: flows.knative.dev - versions: - - name: v1 - served: true - storage: true - subresources: - status: {} - schema: - openAPIV3Schema: - description: 'Parallel defines conditional branches that will be wired in series through Channels and Subscriptions.' - type: object - properties: - spec: - description: Spec defines the desired state of the Parallel. - type: object - properties: - branches: - description: Branches is the list of Filter/Subscribers pairs. - type: array - items: - type: object - x-kubernetes-preserve-unknown-fields: true - properties: - delivery: - description: Delivery is the delivery specification for events to the subscriber This includes things like retries, DLQ, etc. - type: object - properties: - backoffDelay: - description: 'BackoffDelay is the delay before retrying. More information on Duration format: - https://www.iso.org/iso-8601-date-and-time-format.html - https://en.wikipedia.org/wiki/ISO_8601 For linear policy, backoff delay is backoffDelay*. For exponential policy, backoff delay is backoffDelay*2^.' - type: string - backoffPolicy: - description: BackoffPolicy is the retry backoff policy (linear, exponential). - type: string - deadLetterSink: - description: DeadLetterSink is the sink receiving event that could not be sent to a destination. - type: object - properties: &addressableProperties - ref: - description: Ref points to an Addressable. - type: object - properties: - apiVersion: - description: API version of the referent. - type: string - kind: - description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - namespace: - description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ This is optional field, it gets defaulted to the object holding it if left out.' - type: string - uri: - description: URI can be an absolute URL(non-empty scheme and non-empty host) pointing to the target or a relative URI. Relative URIs will be resolved using the base URI retrieved from Ref. - type: string - retry: - description: Retry is the minimum number of retries the sender should attempt when sending an event before moving it to the dead letter sink. - type: integer - format: int32 - x-kubernetes-preserve-unknown-fields: true # This is necessary to enable the experimental feature delivery-timeout - filter: - description: Filter is the expression guarding the branch - type: object - properties: - !!merge <<: *addressableProperties - reply: - description: Reply is a Reference to where the result of Subscriber of this case gets sent to. If not specified, sent the result to the Parallel Reply - type: object - properties: - !!merge <<: *addressableProperties - subscriber: - description: Subscriber receiving the event when the filter passes - type: object - properties: - !!merge <<: *addressableProperties - channelTemplate: - description: ChannelTemplate specifies which Channel CRD to use. If left unspecified, it is set to the default Channel CRD for the namespace (or cluster, in case there are no defaults for the namespace). - type: object - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - spec: - description: Spec defines the Spec to use for each channel created. Passed in verbatim to the Channel CRD as Spec section. - type: object - x-kubernetes-preserve-unknown-fields: true - reply: - description: Reply is a Reference to where the result of a case Subscriber gets sent to when the case does not have a Reply - type: object - properties: - !!merge <<: *addressableProperties - status: - description: Status represents the current state of the Parallel. This data may be out of date. - type: object - properties: - address: - type: object - properties: - url: - type: string - annotations: - description: Annotations is additional Status fields for the Resource to save some additional State as well as convey more information to the user. This is roughly akin to Annotations on any k8s resource, just the reconciler conveying richer information outwards. - type: object - x-kubernetes-preserve-unknown-fields: true - branchStatuses: - description: BranchStatuses is an array of corresponding to branch statuses. Matches the Spec.Branches array in the order. - type: array - items: - type: object - properties: - filterChannelStatus: - description: FilterChannelStatus corresponds to the filter channel status. - type: object - properties: &channelProperties - channel: - description: Channel is the reference to the underlying channel. - type: object - properties: &referentProperties - apiVersion: - description: API version of the referent. - type: string - fieldPath: - description: 'If referring to a piece of an object instead of an entire object, this string should contain a valid JSON/Go field access statement, such as desiredState.manifest.containers[2]. For example, if the object reference is to a container within a pod, this would take on a value like: "spec.containers{name}" (where "name" refers to the name of the container that triggered the event) or if no container name is specified "spec.containers[2]" (container with index 2 in this pod). This syntax is chosen only to have some well-defined way of referencing a part of an object.' - type: string - kind: - description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - namespace: - description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' - type: string - resourceVersion: - description: 'Specific resourceVersion to which this reference is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency' - type: string - uid: - description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids' - type: string - ready: - description: ReadyCondition indicates whether the Channel is ready or not. - type: object - x-kubernetes-preserve-unknown-fields: true - properties: &readyConditionProperties - message: - description: A human readable message indicating details about the transition. - type: string - reason: - description: The reason for the condition's last transition. - type: string - severity: - description: Severity with which to treat failures of this type of condition. When this is not specified, it defaults to Error. - type: string - status: - description: Status of the condition, one of True, False, Unknown. - type: string - type: - description: Type of condition. - type: string - filterSubscriptionStatus: - description: FilterSubscriptionStatus corresponds to the filter subscription status. - type: object - properties: - ready: - description: ReadyCondition indicates whether the Subscription is ready or not. - type: object - properties: - !!merge <<: *readyConditionProperties - subscription: - description: Subscription is the reference to the underlying Subscription. - type: object - properties: - !!merge <<: *referentProperties - subscriberSubscriptionStatus: - description: SubscriptionStatus corresponds to the subscriber subscription status. - type: object - properties: - ready: - description: ReadyCondition indicates whether the Subscription is ready or not. - type: object - properties: - !!merge <<: *readyConditionProperties - subscription: - description: Subscription is the reference to the underlying Subscription. - type: object - properties: - !!merge <<: *referentProperties - conditions: - description: Conditions the latest available observations of a resource's current state. - type: array - items: - type: object - properties: - !!merge <<: *readyConditionProperties - ingressChannelStatus: - description: IngressChannelStatus corresponds to the ingress channel status. - type: object - properties: - !!merge <<: *channelProperties - observedGeneration: - description: ObservedGeneration is the 'Generation' of the Service that was last processed by the controller. - type: integer - format: int64 - additionalPrinterColumns: - - name: URL - type: string - jsonPath: .status.address.url - - name: Age - type: date - jsonPath: .metadata.creationTimestamp - - name: Ready - type: string - jsonPath: ".status.conditions[?(@.type==\"Ready\")].status" - - name: Reason - type: string - jsonPath: ".status.conditions[?(@.type==\"Ready\")].reason" - names: - kind: Parallel - plural: parallels - singular: parallel - categories: - - all - - knative - - flows - scope: Namespaced - ---- -# Copyright 2020 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - labels: - eventing.knative.dev/release: "v1.8.3" - eventing.knative.dev/source: "true" - duck.knative.dev/source: "true" - knative.dev/crd-install: "true" - app.kubernetes.io/version: "1.8.3" - app.kubernetes.io/name: knative-eventing - annotations: - # TODO add schemas and descriptions - registry.knative.dev/eventTypes: | - [ - { "type": "dev.knative.sources.ping" } - ] - name: pingsources.sources.knative.dev -spec: - group: sources.knative.dev - versions: - - &version - name: v1beta2 - served: true - storage: false - subresources: - status: {} - schema: - openAPIV3Schema: - type: object - description: 'PingSource describes an event source with a fixed payload produced on a specified cron schedule.' - properties: - spec: - type: object - description: 'PingSourceSpec defines the desired state of the PingSource (from the client).' - properties: - ceOverrides: - description: 'CloudEventOverrides defines overrides to control the output format and modifications of the event sent to the sink.' - type: object - properties: - extensions: - description: 'Extensions specify what attribute are added or overridden on the outbound event. Each `Extensions` key-value pair are set on the event as an attribute extension independently.' - type: object - additionalProperties: - type: string - x-kubernetes-preserve-unknown-fields: true - contentType: - description: 'ContentType is the media type of `data` or `dataBase64`. Default is empty.' - type: string - data: - description: 'Data is data used as the body of the event posted to the sink. Default is empty. Mutually exclusive with `dataBase64`.' - type: string - dataBase64: - description: "DataBase64 is the base64-encoded string of the actual event's body posted to the sink. Default is empty. Mutually exclusive with `data`." - type: string - schedule: - description: 'Schedule is the cron schedule. Defaults to `* * * * *`.' - type: string - sink: - description: 'Sink is a reference to an object that will resolve to a uri to use as the sink.' - type: object - properties: - ref: - description: 'Ref points to an Addressable.' - type: object - properties: - apiVersion: - description: 'API version of the referent.' - type: string - kind: - description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - namespace: - description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ This is optional field, it gets defaulted to the object holding it if left out.' - type: string - uri: - description: 'URI can be an absolute URL(non-empty scheme and non-empty host) pointing to the target or a relative URI. Relative URIs will be resolved using the base URI retrieved from Ref.' - type: string - timezone: - description: 'Timezone modifies the actual time relative to the specified timezone. Defaults to the system time zone. More general information about time zones: https://www.iana.org/time-zones List of valid timezone values: https://en.wikipedia.org/wiki/List_of_tz_database_time_zones' - type: string - status: - type: object - description: 'PingSourceStatus defines the observed state of PingSource (from the controller).' - properties: - annotations: - description: 'Annotations is additional Status fields for the Resource to save some additional State as well as convey more information to the user. This is roughly akin to Annotations on any k8s resource, just the reconciler conveying richer information outwards.' - type: object - x-kubernetes-preserve-unknown-fields: true - ceAttributes: - description: 'CloudEventAttributes are the specific attributes that the Source uses as part of its CloudEvents.' - type: array - items: - type: object - properties: - source: - description: 'Source is the CloudEvents source attribute.' - type: string - type: - description: 'Type refers to the CloudEvent type attribute.' - type: string - conditions: - description: 'Conditions the latest available observations of a resource''s current state.' - type: array - items: - type: object - required: - - type - - status - properties: - lastTransitionTime: - description: 'LastTransitionTime is the last time the condition transitioned from one status to another. We use VolatileTime in place of metav1.Time to exclude this from creating equality.Semantic differences (all other things held constant).' - type: string - message: - description: 'A human readable message indicating details about the transition.' - type: string - reason: - description: 'The reason for the condition''s last transition.' - type: string - severity: - description: 'Severity with which to treat failures of this type of condition. When this is not specified, it defaults to Error.' - type: string - status: - description: 'Status of the condition, one of True, False, Unknown.' - type: string - type: - description: 'Type of condition.' - type: string - observedGeneration: - description: 'ObservedGeneration is the "Generation" of the Service that was last processed by the controller.' - type: integer - format: int64 - sinkUri: - description: 'SinkURI is the current active sink URI that has been configured for the Source.' - type: string - additionalPrinterColumns: - - name: Sink - type: string - jsonPath: .status.sinkUri - - name: Schedule - type: string - jsonPath: .spec.schedule - - name: Age - type: date - jsonPath: .metadata.creationTimestamp - - name: Ready - type: string - jsonPath: ".status.conditions[?(@.type=='Ready')].status" - - name: Reason - type: string - jsonPath: ".status.conditions[?(@.type=='Ready')].reason" - - !!merge <<: *version - name: v1 - served: true - storage: true - # v1 schema is identical to the v1beta2 schema - names: - categories: - - all - - knative - - sources - kind: PingSource - plural: pingsources - singular: pingsource - scope: Namespaced - conversion: - strategy: Webhook - webhook: - conversionReviewVersions: ["v1", "v1beta1"] - clientConfig: - service: - name: eventing-webhook - namespace: knative-eventing - ---- -# Copyright 2020 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - name: sequences.flows.knative.dev - labels: - eventing.knative.dev/release: "v1.8.3" - knative.dev/crd-install: "true" - duck.knative.dev/addressable: "true" - app.kubernetes.io/version: "1.8.3" - app.kubernetes.io/name: knative-eventing -spec: - group: flows.knative.dev - versions: - - name: v1 - served: true - storage: true - subresources: - status: {} - schema: - openAPIV3Schema: - description: 'Sequence defines a sequence of Subscribers that will be wired in series through Channels and Subscriptions.' - type: object - properties: - spec: - description: Spec defines the desired state of the Sequence. - type: object - properties: - channelTemplate: - description: ChannelTemplate specifies which Channel CRD to use. If left unspecified, it is set to the default Channel CRD for the namespace (or cluster, in case there are no defaults for the namespace). - type: object - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - spec: - description: Spec defines the Spec to use for each channel created. Passed in verbatim to the Channel CRD as Spec section. - type: object - x-kubernetes-preserve-unknown-fields: true - reply: - description: Reply is a Reference to where the result of the last Subscriber gets sent to. - type: object - properties: - ref: - description: Ref points to an Addressable. - type: object - properties: - apiVersion: - description: API version of the referent. - type: string - kind: - description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - namespace: - description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ This is optional field, it gets defaulted to the object holding it if left out.' - type: string - uri: - description: URI can be an absolute URL(non-empty scheme and non-empty host) pointing to the target or a relative URI. Relative URIs will be resolved using the base URI retrieved from Ref. - type: string - steps: - description: Steps is the list of Destinations (processors / functions) that will be called in the order provided. Each step has its own delivery options - type: array - items: - type: object - properties: - delivery: - description: Delivery is the delivery specification for events to the subscriber This includes things like retries, DLQ, etc. - type: object - properties: - backoffDelay: - description: 'BackoffDelay is the delay before retrying. More information on Duration format: - https://www.iso.org/iso-8601-date-and-time-format.html - https://en.wikipedia.org/wiki/ISO_8601 For linear policy, backoff delay is backoffDelay*. For exponential policy, backoff delay is backoffDelay*2^.' - type: string - backoffPolicy: - description: BackoffPolicy is the retry backoff policy (linear, exponential). - type: string - deadLetterSink: - description: DeadLetterSink is the sink receiving event that could not be sent to a destination. - type: object - properties: - ref: - description: Ref points to an Addressable. - type: object - properties: - apiVersion: - description: API version of the referent. - type: string - kind: - description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - namespace: - description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ This is optional field, it gets defaulted to the object holding it if left out.' - type: string - uri: - description: URI can be an absolute URL(non-empty scheme and non-empty host) pointing to the target or a relative URI. Relative URIs will be resolved using the base URI retrieved from Ref. - type: string - retry: - description: Retry is the minimum number of retries the sender should attempt when sending an event before moving it to the dead letter sink. - type: integer - format: int32 - x-kubernetes-preserve-unknown-fields: true # This is necessary to enable the experimental feature delivery-timeout - ref: - description: Ref points to an Addressable. - type: object - properties: - apiVersion: - description: API version of the referent. - type: string - kind: - description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - namespace: - description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ This is optional field, it gets defaulted to the object holding it if left out.' - type: string - uri: - description: URI can be an absolute URL(non-empty scheme and non-empty host) pointing to the target or a relative URI. Relative URIs will be resolved using the base URI retrieved from Ref. - type: string - status: - description: Status represents the current state of the Sequence. This data may be out of date. - type: object - properties: - address: - type: object - properties: - url: - type: string - annotations: - description: Annotations is additional Status fields for the Resource to save some additional State as well as convey more information to the user. This is roughly akin to Annotations on any k8s resource, just the reconciler conveying richer information outwards. - type: object - x-kubernetes-preserve-unknown-fields: true - channelStatuses: - description: ChannelStatuses is an array of corresponding Channel statuses. Matches the Spec.Steps array in the order. - type: array - items: - type: object - properties: - channel: - description: Channel is the reference to the underlying channel. - type: object - properties: - apiVersion: - description: API version of the referent. - type: string - fieldPath: - description: 'If referring to a piece of an object instead of an entire object, this string should contain a valid JSON/Go field access statement, such as desiredState.manifest.containers[2]. For example, if the object reference is to a container within a pod, this would take on a value like: "spec.containers{name}" (where "name" refers to the name of the container that triggered the event) or if no container name is specified "spec.containers[2]" (container with index 2 in this pod). This syntax is chosen only to have some well-defined way of referencing a part of an object.' - type: string - kind: - description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - namespace: - description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' - type: string - resourceVersion: - description: 'Specific resourceVersion to which this reference is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency' - type: string - uid: - description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids' - type: string - ready: - description: ReadyCondition indicates whether the Channel is ready or not. - type: object - required: - - type - - status - properties: - lastTransitionTime: - description: LastTransitionTime is the last time the condition transitioned from one status to another. We use VolatileTime in place of metav1.Time to exclude this from creating equality.Semantic differences (all other things held constant). - type: string - message: - description: A human readable message indicating details about the transition. - type: string - reason: - description: The reason for the condition's last transition. - type: string - severity: - description: Severity with which to treat failures of this type of condition. When this is not specified, it defaults to Error. - type: string - status: - description: Status of the condition, one of True, False, Unknown. - type: string - type: - description: Type of condition. - type: string - conditions: - description: Conditions the latest available observations of a resource's current state. - type: array - items: - type: object - required: - - type - - status - properties: - lastTransitionTime: - description: LastTransitionTime is the last time the condition transitioned from one status to another. We use VolatileTime in place of metav1.Time to exclude this from creating equality.Semantic differences (all other things held constant). - type: string - message: - description: A human readable message indicating details about the transition. - type: string - reason: - description: The reason for the condition's last transition. - type: string - severity: - description: Severity with which to treat failures of this type of condition. When this is not specified, it defaults to Error. - type: string - status: - description: Status of the condition, one of True, False, Unknown. - type: string - type: - description: Type of condition. - type: string - observedGeneration: - description: ObservedGeneration is the 'Generation' of the Service that was last processed by the controller. - type: integer - format: int64 - subscriptionStatuses: - description: SubscriptionStatuses is an array of corresponding Subscription statuses. Matches the Spec.Steps array in the order. - type: array - items: - type: object - properties: - ready: - description: ReadyCondition indicates whether the Subscription is ready or not. - type: object - required: - - type - - status - properties: - lastTransitionTime: - description: LastTransitionTime is the last time the condition transitioned from one status to another. We use VolatileTime in place of metav1.Time to exclude this from creating equality.Semantic differences (all other things held constant). - type: string - message: - description: A human readable message indicating details about the transition. - type: string - reason: - description: The reason for the condition's last transition. - type: string - severity: - description: Severity with which to treat failures of this type of condition. When this is not specified, it defaults to Error. - type: string - status: - description: Status of the condition, one of True, False, Unknown. - type: string - type: - description: Type of condition. - type: string - subscription: - description: Subscription is the reference to the underlying Subscription. - type: object - properties: - apiVersion: - description: API version of the referent. - type: string - fieldPath: - description: 'If referring to a piece of an object instead of an entire object, this string should contain a valid JSON/Go field access statement, such as desiredState.manifest.containers[2]. For example, if the object reference is to a container within a pod, this would take on a value like: "spec.containers{name}" (where "name" refers to the name of the container that triggered the event) or if no container name is specified "spec.containers[2]" (container with index 2 in this pod). This syntax is chosen only to have some well-defined way of referencing a part of an object.' - type: string - kind: - description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - namespace: - description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' - type: string - resourceVersion: - description: 'Specific resourceVersion to which this reference is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency' - type: string - uid: - description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids' - type: string - additionalPrinterColumns: - - name: URL - type: string - jsonPath: .status.address.url - - name: Age - type: date - jsonPath: .metadata.creationTimestamp - - name: Ready - type: string - jsonPath: ".status.conditions[?(@.type==\"Ready\")].status" - - name: Reason - type: string - jsonPath: ".status.conditions[?(@.type==\"Ready\")].reason" - names: - kind: Sequence - plural: sequences - singular: sequence - categories: - - all - - knative - - flows - scope: Namespaced - ---- -# Copyright 2020 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - labels: - eventing.knative.dev/release: "v1.8.3" - eventing.knative.dev/source: "true" - duck.knative.dev/source: "true" - duck.knative.dev/binding: "true" - knative.dev/crd-install: "true" - app.kubernetes.io/version: "1.8.3" - app.kubernetes.io/name: knative-eventing - name: sinkbindings.sources.knative.dev -spec: - group: sources.knative.dev - versions: - - name: v1 - served: true - storage: true - subresources: - status: {} - schema: - openAPIV3Schema: - description: 'SinkBinding describes a Binding that is also a Source. The `sink` (from the Source duck) is resolved to a URL and then projected into the `subject` by augmenting the runtime contract of the referenced containers to have a `K_SINK` environment variable holding the endpoint to which to send cloud events.' - type: object - properties: - spec: - type: object - properties: - ceOverrides: - description: CloudEventOverrides defines overrides to control the output format and modifications of the event sent to the sink. - type: object - properties: - extensions: - description: Extensions specify what attribute are added or overridden on the outbound event. Each `Extensions` key-value pair are set on the event as an attribute extension independently. - type: object - x-kubernetes-preserve-unknown-fields: true - sink: - description: Sink is a reference to an object that will resolve to a uri to use as the sink. - type: object - properties: - ref: - description: Ref points to an Addressable. - type: object - properties: - apiVersion: - description: API version of the referent. - type: string - kind: - description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - namespace: - description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ This is optional field, it gets defaulted to the object holding it if left out.' - type: string - uri: - description: URI can be an absolute URL(non-empty scheme and non-empty host) pointing to the target or a relative URI. Relative URIs will be resolved using the base URI retrieved from Ref. - type: string - subject: - description: Subject references the resource(s) whose "runtime contract" should be augmented by Binding implementations. - type: object - properties: - apiVersion: - description: API version of the referent. - type: string - kind: - description: Kind of the referent. - type: string - name: - description: Name of the referent. Mutually exclusive with Selector. - type: string - namespace: - description: Namespace of the referent. - type: string - selector: - description: Selector of the referents. Mutually exclusive with Name. - type: object - properties: - matchExpressions: - description: matchExpressions is a list of label selector requirements. The requirements are ANDed. - type: array - items: - type: object - properties: - key: - description: key is the label key that the selector applies to. - type: string - operator: - description: operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. - type: string - values: - description: values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. - type: array - items: - type: string - matchLabels: - description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. - type: object - x-kubernetes-preserve-unknown-fields: true - status: - type: object - properties: - annotations: - description: Annotations is additional Status fields for the Resource to save some additional State as well as convey more information to the user. This is roughly akin to Annotations on any k8s resource, just the reconciler conveying richer information outwards. - type: object - x-kubernetes-preserve-unknown-fields: true - ceAttributes: - description: CloudEventAttributes are the specific attributes that the Source uses as part of its CloudEvents. - type: array - items: - type: object - properties: - source: - description: Source is the CloudEvents source attribute. - type: string - type: - description: Type refers to the CloudEvent type attribute. - type: string - conditions: - description: Conditions the latest available observations of a resource's current state. - type: array - items: - type: object - required: - - type - - status - properties: - lastTransitionTime: - description: LastTransitionTime is the last time the condition transitioned from one status to another. We use VolatileTime in place of metav1.Time to exclude this from creating equality.Semantic differences (all other things held constant). - type: string - message: - description: A human readable message indicating details about the transition. - type: string - reason: - description: The reason for the condition's last transition. - type: string - severity: - description: Severity with which to treat failures of this type of condition. When this is not specified, it defaults to Error. - type: string - status: - description: Status of the condition, one of True, False, Unknown. - type: string - type: - description: Type of condition. - type: string - observedGeneration: - description: ObservedGeneration is the 'Generation' of the Service that was last processed by the controller. - type: integer - format: int64 - sinkUri: - description: SinkURI is the current active sink URI that has been configured for the Source. - type: string - additionalPrinterColumns: - - name: Sink - type: string - jsonPath: ".status.sinkUri" - - name: Age - type: date - jsonPath: .metadata.creationTimestamp - - name: Ready - type: string - jsonPath: ".status.conditions[?(@.type=='Ready')].status" - - name: Reason - type: string - jsonPath: ".status.conditions[?(@.type=='Ready')].reason" - names: - categories: - - all - - knative - - sources - - bindings - kind: SinkBinding - plural: sinkbindings - singular: sinkbinding - scope: Namespaced - ---- -# Copyright 2020 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - name: subscriptions.messaging.knative.dev - labels: - eventing.knative.dev/release: "v1.8.3" - knative.dev/crd-install: "true" - app.kubernetes.io/version: "1.8.3" - app.kubernetes.io/name: knative-eventing -spec: - group: messaging.knative.dev - versions: - - name: v1 - served: true - storage: true - subresources: - status: {} - schema: - openAPIV3Schema: - description: 'Subscription routes events received on a Channel to a DNS name and corresponds to the subscriptions.channels.knative.dev CRD.' - type: object - properties: - spec: - type: object - properties: - channel: - description: 'Reference to a channel that will be used to create the subscription. You can specify only the following fields of the KReference: kind, apiVersion and name. The resource pointed by this KReference must meet the contract to the ChannelableSpec duck type. If the resource does not meet this contract it will be reflected in the Subscription''s status. This field is immutable. We have no good answer on what happens to the events that are currently in the channel being consumed from and what the semantics there should be. For now, you can always delete the Subscription and recreate it to point to a different channel, giving the user more control over what semantics should be used (drain the channel first, possibly have events dropped, etc.)' - type: object - properties: - apiVersion: - description: API version of the referent. - type: string - kind: - description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - x-kubernetes-preserve-unknown-fields: true # This is necessary to enable the experimental feature - delivery: - description: Delivery configuration - type: object - properties: - backoffDelay: - description: 'BackoffDelay is the delay before retrying. More information on Duration format: - https://www.iso.org/iso-8601-date-and-time-format.html - https://en.wikipedia.org/wiki/ISO_8601 For linear policy, backoff delay is backoffDelay*. For exponential policy, backoff delay is backoffDelay*2^.' - type: string - backoffPolicy: - description: BackoffPolicy is the retry backoff policy (linear, exponential). - type: string - deadLetterSink: - description: DeadLetterSink is the sink receiving event that could not be sent to a destination. - type: object - properties: - ref: - description: Ref points to an Addressable. - type: object - properties: - apiVersion: - description: API version of the referent. - type: string - kind: - description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - namespace: - description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ This is optional field, it gets defaulted to the object holding it if left out.' - type: string - uri: - description: URI can be an absolute URL(non-empty scheme and non-empty host) pointing to the target or a relative URI. Relative URIs will be resolved using the base URI retrieved from Ref. - type: string - retry: - description: Retry is the minimum number of retries the sender should attempt when sending an event before moving it to the dead letter sink. - type: integer - format: int32 - x-kubernetes-preserve-unknown-fields: true # This is necessary to enable the experimental feature delivery-timeout - reply: - description: Reply specifies (optionally) how to handle events returned from the Subscriber target. - type: object - properties: - ref: - description: Ref points to an Addressable. - type: object - properties: - apiVersion: - description: API version of the referent. - type: string - kind: - description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - namespace: - description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ This is optional field, it gets defaulted to the object holding it if left out.' - type: string - uri: - description: URI can be an absolute URL(non-empty scheme and non-empty host) pointing to the target or a relative URI. Relative URIs will be resolved using the base URI retrieved from Ref. - type: string - subscriber: - description: Subscriber is reference to (optional) function for processing events. Events from the Channel will be delivered here and replies are sent to a Destination as specified by the Reply. - type: object - properties: - ref: - description: Ref points to an Addressable. - type: object - properties: - apiVersion: - description: API version of the referent. - type: string - kind: - description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - namespace: - description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ This is optional field, it gets defaulted to the object holding it if left out.' - type: string - x-kubernetes-preserve-unknown-fields: true # This is necessary to enable the experimental feature - uri: - description: URI can be an absolute URL(non-empty scheme and non-empty host) pointing to the target or a relative URI. Relative URIs will be resolved using the base URI retrieved from Ref. - type: string - status: - type: object - properties: - annotations: - description: Annotations is additional Status fields for the Resource to save some additional State as well as convey more information to the user. This is roughly akin to Annotations on any k8s resource, just the reconciler conveying richer information outwards. - type: object - x-kubernetes-preserve-unknown-fields: true - conditions: - description: Conditions the latest available observations of a resource's current state. - type: array - items: - type: object - required: - - type - - status - properties: - lastTransitionTime: - description: LastTransitionTime is the last time the condition transitioned from one status to another. We use VolatileTime in place of metav1.Time to exclude this from creating equality.Semantic differences (all other things held constant). - type: string - message: - description: A human readable message indicating details about the transition. - type: string - reason: - description: The reason for the condition's last transition. - type: string - severity: - description: Severity with which to treat failures of this type of condition. When this is not specified, it defaults to Error. - type: string - status: - description: Status of the condition, one of True, False, Unknown. - type: string - type: - description: Type of condition. - type: string - observedGeneration: - description: ObservedGeneration is the 'Generation' of the Service that was last processed by the controller. - type: integer - format: int64 - physicalSubscription: - description: PhysicalSubscription is the fully resolved values that this Subscription represents. - type: object - properties: - deadLetterSinkUri: - description: ReplyURI is the fully resolved URI for the spec.delivery.deadLetterSink. - type: string - replyUri: - description: ReplyURI is the fully resolved URI for the spec.reply. - type: string - subscriberUri: - description: SubscriberURI is the fully resolved URI for spec.subscriber. - type: string - additionalPrinterColumns: - - name: Age - type: date - jsonPath: .metadata.creationTimestamp - - name: Ready - type: string - jsonPath: ".status.conditions[?(@.type==\"Ready\")].status" - - name: Reason - type: string - jsonPath: ".status.conditions[?(@.type==\"Ready\")].reason" - names: - kind: Subscription - plural: subscriptions - singular: subscription - categories: - - all - - knative - - messaging - shortNames: - - sub - scope: Namespaced - ---- -# Copyright 2020 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - name: triggers.eventing.knative.dev - labels: - eventing.knative.dev/release: "v1.8.3" - knative.dev/crd-install: "true" - app.kubernetes.io/version: "1.8.3" - app.kubernetes.io/name: knative-eventing -spec: - group: eventing.knative.dev - versions: - - name: v1 - served: true - storage: true - subresources: - status: {} - additionalPrinterColumns: - - name: Broker - type: string - jsonPath: .spec.broker - - name: Subscriber_URI - type: string - jsonPath: .status.subscriberUri - - name: Age - type: date - jsonPath: .metadata.creationTimestamp - - name: Ready - type: string - jsonPath: ".status.conditions[?(@.type==\"Ready\")].status" - - name: Reason - type: string - jsonPath: ".status.conditions[?(@.type==\"Ready\")].reason" - schema: - openAPIV3Schema: - description: 'Trigger represents a request to have events delivered to a subscriber from a Broker''s event pool.' - type: object - properties: - spec: - description: Spec defines the desired state of the Trigger. - type: object - x-kubernetes-preserve-unknown-fields: true - properties: - broker: - description: Broker is the broker that this trigger receives events from. - type: string - delivery: - description: Delivery contains the delivery spec for this specific trigger. - type: object - x-kubernetes-preserve-unknown-fields: true # This is necessary to enable the experimental feature delivery-timeout - properties: - backoffDelay: - description: 'BackoffDelay is the delay before retrying. More information on Duration format: - https://www.iso.org/iso-8601-date-and-time-format.html - https://en.wikipedia.org/wiki/ISO_8601 For linear policy, backoff delay is backoffDelay*. For exponential policy, backoff delay is backoffDelay*2^.' - type: string - backoffPolicy: - description: BackoffPolicy is the retry backoff policy (linear, exponential). - type: string - deadLetterSink: - description: DeadLetterSink is the sink receiving event that could not be sent to a destination. - type: object - properties: - ref: - description: Ref points to an Addressable. - type: object - properties: - apiVersion: - description: API version of the referent. - type: string - kind: - description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - namespace: - description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ This is optional field, it gets defaulted to the object holding it if left out.' - type: string - uri: - description: URI can be an absolute URL(non-empty scheme and non-empty host) pointing to the target or a relative URI. Relative URIs will be resolved using the base URI retrieved from Ref. - type: string - retry: - description: Retry is the minimum number of retries the sender should attempt when sending an event before moving it to the dead letter sink. - type: integer - format: int32 - filter: - description: 'Filter is the filter to apply against all events from the Broker. Only events that pass this filter will be sent to the Subscriber. If not specified, will default to allowing all events. ' - type: object - properties: - attributes: - description: 'Attributes filters events by exact match on event context attributes. Each key in the map is compared with the equivalent key in the event context. An event passes the filter if all values are equal to the specified values. Nested context attributes are not supported as keys. Only string values are supported. ' - type: object - x-kubernetes-preserve-unknown-fields: true - subscriber: - description: Subscriber is the addressable that receives events from the Broker that pass the Filter. It is required. - type: object - properties: - ref: - description: Ref points to an Addressable. - type: object - properties: - apiVersion: - description: API version of the referent. - type: string - kind: - description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - namespace: - description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ This is optional field, it gets defaulted to the object holding it if left out.' - type: string - uri: - description: URI can be an absolute URL(non-empty scheme and non-empty host) pointing to the target or a relative URI. Relative URIs will be resolved using the base URI retrieved from Ref. - type: string - status: - description: Status represents the current state of the Trigger. This data may be out of date. - type: object - properties: - annotations: - description: Annotations is additional Status fields for the Resource to save some additional State as well as convey more information to the user. This is roughly akin to Annotations on any k8s resource, just the reconciler conveying richer information outwards. - type: object - x-kubernetes-preserve-unknown-fields: true - conditions: - description: Conditions the latest available observations of a resource's current state. - type: array - items: - type: object - required: - - type - - status - properties: - lastTransitionTime: - description: 'LastTransitionTime is the last time the condition transitioned from one status to another. We use VolatileTime in place of metav1.Time to exclude this from creating equality.Semantic differences (all other things held constant).' - type: string - message: - description: 'A human readable message indicating details about the transition.' - type: string - reason: - description: 'The reason for the condition''s last transition.' - type: string - severity: - description: 'Severity with which to treat failures of this type of condition. When this is not specified, it defaults to Error.' - type: string - status: - description: 'Status of the condition, one of True, False, Unknown.' - type: string - type: - description: 'Type of condition.' - type: string - deadLetterSinkUri: - description: DeadLetterSinkURI is the resolved URI of the dead letter sink for this Trigger, in case there is none this will fallback to it's Broker status DeadLetterSinkURI. - type: string - observedGeneration: - description: ObservedGeneration is the 'Generation' of the Service that was last processed by the controller. - type: integer - format: int64 - subscriberUri: - description: SubscriberURI is the resolved URI of the receiver for this Trigger. - type: string - names: - kind: Trigger - plural: triggers - singular: trigger - categories: - - all - - knative - - eventing - scope: Namespaced - ---- -# Copyright 2019 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -# Use this aggregated ClusterRole when you need readonly access to "Addressables" -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRole -metadata: - name: addressable-resolver - labels: - eventing.knative.dev/release: "v1.8.3" - app.kubernetes.io/version: "1.8.3" - app.kubernetes.io/name: knative-eventing -aggregationRule: - clusterRoleSelectors: - - matchLabels: - duck.knative.dev/addressable: "true" -rules: [] # Rules are automatically filled in by the controller manager. ---- -kind: ClusterRole -apiVersion: rbac.authorization.k8s.io/v1 -metadata: - name: service-addressable-resolver - labels: - eventing.knative.dev/release: "v1.8.3" - duck.knative.dev/addressable: "true" - app.kubernetes.io/version: "1.8.3" - app.kubernetes.io/name: knative-eventing -# Do not use this role directly. These rules will be added to the "addressable-resolver" role. -rules: - - apiGroups: - - "" - resources: - - services - verbs: - - get - - list - - watch ---- -kind: ClusterRole -apiVersion: rbac.authorization.k8s.io/v1 -metadata: - name: serving-addressable-resolver - labels: - eventing.knative.dev/release: "v1.8.3" - duck.knative.dev/addressable: "true" - app.kubernetes.io/version: "1.8.3" - app.kubernetes.io/name: knative-eventing -# Do not use this role directly. These rules will be added to the "addressable-resolver" role. -rules: - - apiGroups: - - serving.knative.dev - resources: - - routes - - routes/status - - services - - services/status - verbs: - - get - - list - - watch ---- -kind: ClusterRole -apiVersion: rbac.authorization.k8s.io/v1 -metadata: - name: channel-addressable-resolver - labels: - eventing.knative.dev/release: "v1.8.3" - duck.knative.dev/addressable: "true" - app.kubernetes.io/version: "1.8.3" - app.kubernetes.io/name: knative-eventing -# Do not use this role directly. These rules will be added to the "addressable-resolver" role. -rules: - - apiGroups: - - messaging.knative.dev - resources: - - channels - - channels/status - verbs: - - get - - list - - watch - - apiGroups: - - messaging.knative.dev - resources: - - channels/finalizers - verbs: - - update ---- -kind: ClusterRole -apiVersion: rbac.authorization.k8s.io/v1 -metadata: - name: broker-addressable-resolver - labels: - eventing.knative.dev/release: "v1.8.3" - duck.knative.dev/addressable: "true" - app.kubernetes.io/version: "1.8.3" - app.kubernetes.io/name: knative-eventing -# Do not use this role directly. These rules will be added to the "addressable-resolver" role. -rules: - - apiGroups: - - eventing.knative.dev - resources: - - brokers - - brokers/status - verbs: - - get - - list - - watch ---- -kind: ClusterRole -apiVersion: rbac.authorization.k8s.io/v1 -metadata: - name: flows-addressable-resolver - labels: - eventing.knative.dev/release: "v1.8.3" - duck.knative.dev/addressable: "true" - app.kubernetes.io/version: "1.8.3" - app.kubernetes.io/name: knative-eventing -# Do not use this role directly. These rules will be added to the "addressable-resolver" role. -rules: - - apiGroups: - - flows.knative.dev - resources: - - sequences - - sequences/status - - parallels - - parallels/status - verbs: - - get - - list - - watch - ---- -# Copyright 2019 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRole -metadata: - name: eventing-broker-filter - labels: - eventing.knative.dev/release: "v1.8.3" - app.kubernetes.io/version: "1.8.3" - app.kubernetes.io/name: knative-eventing -rules: - - apiGroups: - - "" - resources: - - "configmaps" - verbs: - - "get" - - "list" - - "watch" - - apiGroups: - - "eventing.knative.dev" - resources: - - "triggers" - - "triggers/status" - verbs: - - "get" - - "list" - - "watch" ---- -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRole -metadata: - name: eventing-broker-ingress - labels: - eventing.knative.dev/release: "v1.8.3" - app.kubernetes.io/version: "1.8.3" - app.kubernetes.io/name: knative-eventing -rules: - - apiGroups: - - "" - resources: - - "configmaps" - verbs: - - "get" - - "list" - - "watch" ---- -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRole -metadata: - name: eventing-config-reader - labels: - eventing.knative.dev/release: "v1.8.3" - app.kubernetes.io/version: "1.8.3" - app.kubernetes.io/name: knative-eventing -rules: - - apiGroups: - - "" - resources: - - "configmaps" - verbs: - - "get" - - "list" - - "watch" - ---- -# Copyright 2019 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -# Use this aggregated ClusterRole when you need read and update permissions on "Channelables". -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRole -metadata: - name: channelable-manipulator - labels: - eventing.knative.dev/release: "v1.8.3" - app.kubernetes.io/version: "1.8.3" - app.kubernetes.io/name: knative-eventing -aggregationRule: - clusterRoleSelectors: - - matchLabels: - duck.knative.dev/channelable: "true" -rules: [] # Rules are automatically filled in by the controller manager. ---- -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRole -metadata: - name: meta-channelable-manipulator - labels: - eventing.knative.dev/release: "v1.8.3" - duck.knative.dev/channelable: "true" - app.kubernetes.io/version: "1.8.3" - app.kubernetes.io/name: knative-eventing -# Do not use this role directly. These rules will be added to the "channelable-manipulator" role. -rules: - - apiGroups: - - messaging.knative.dev - resources: - - channels - - channels/status - verbs: - - create - - get - - list - - watch - - update - - patch - - delete - ---- -# Copyright 2019 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -kind: ClusterRole -apiVersion: rbac.authorization.k8s.io/v1 -metadata: - name: knative-eventing-namespaced-admin - labels: - eventing.knative.dev/release: "v1.8.3" - rbac.authorization.k8s.io/aggregate-to-admin: "true" - app.kubernetes.io/version: "1.8.3" - app.kubernetes.io/name: knative-eventing -rules: - - apiGroups: ["eventing.knative.dev"] - resources: ["*"] - verbs: ["*"] ---- -kind: ClusterRole -apiVersion: rbac.authorization.k8s.io/v1 -metadata: - name: knative-messaging-namespaced-admin - labels: - eventing.knative.dev/release: "v1.8.3" - rbac.authorization.k8s.io/aggregate-to-admin: "true" - app.kubernetes.io/version: "1.8.3" - app.kubernetes.io/name: knative-eventing -rules: - - apiGroups: ["messaging.knative.dev"] - resources: ["*"] - verbs: ["*"] ---- -kind: ClusterRole -apiVersion: rbac.authorization.k8s.io/v1 -metadata: - name: knative-flows-namespaced-admin - labels: - eventing.knative.dev/release: "v1.8.3" - rbac.authorization.k8s.io/aggregate-to-admin: "true" - app.kubernetes.io/version: "1.8.3" - app.kubernetes.io/name: knative-eventing -rules: - - apiGroups: ["flows.knative.dev"] - resources: ["*"] - verbs: ["*"] ---- -kind: ClusterRole -apiVersion: rbac.authorization.k8s.io/v1 -metadata: - name: knative-sources-namespaced-admin - labels: - eventing.knative.dev/release: "v1.8.3" - rbac.authorization.k8s.io/aggregate-to-admin: "true" - app.kubernetes.io/version: "1.8.3" - app.kubernetes.io/name: knative-eventing -rules: - - apiGroups: ["sources.knative.dev"] - resources: ["*"] - verbs: ["*"] ---- -kind: ClusterRole -apiVersion: rbac.authorization.k8s.io/v1 -metadata: - name: knative-bindings-namespaced-admin - labels: - eventing.knative.dev/release: "v1.8.3" - rbac.authorization.k8s.io/aggregate-to-admin: "true" - app.kubernetes.io/version: "1.8.3" - app.kubernetes.io/name: knative-eventing -rules: - - apiGroups: ["bindings.knative.dev"] - resources: ["*"] - verbs: ["*"] ---- -kind: ClusterRole -apiVersion: rbac.authorization.k8s.io/v1 -metadata: - name: knative-eventing-namespaced-edit - labels: - rbac.authorization.k8s.io/aggregate-to-edit: "true" - eventing.knative.dev/release: "v1.8.3" - app.kubernetes.io/version: "1.8.3" - app.kubernetes.io/name: knative-eventing -rules: - - apiGroups: ["eventing.knative.dev", "messaging.knative.dev", "sources.knative.dev", "flows.knative.dev", "bindings.knative.dev"] - resources: ["*"] - verbs: ["create", "update", "patch", "delete"] ---- -kind: ClusterRole -apiVersion: rbac.authorization.k8s.io/v1 -metadata: - name: knative-eventing-namespaced-view - labels: - rbac.authorization.k8s.io/aggregate-to-view: "true" - eventing.knative.dev/release: "v1.8.3" - app.kubernetes.io/version: "1.8.3" - app.kubernetes.io/name: knative-eventing -rules: - - apiGroups: ["eventing.knative.dev", "messaging.knative.dev", "sources.knative.dev", "flows.knative.dev", "bindings.knative.dev"] - resources: ["*"] - verbs: ["get", "list", "watch"] - ---- -# Copyright 2019 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRole -metadata: - name: knative-eventing-controller - labels: - eventing.knative.dev/release: "v1.8.3" - app.kubernetes.io/version: "1.8.3" - app.kubernetes.io/name: knative-eventing -rules: - - apiGroups: - - "" - resources: - - "namespaces" - - "secrets" - - "configmaps" - - "services" - - "endpoints" - - "events" - - "serviceaccounts" - - "pods" - verbs: &everything - - "get" - - "list" - - "create" - - "update" - - "delete" - - "patch" - - "watch" - # Brokers and the namespace annotation controllers manipulate Deployments. - - apiGroups: - - "apps" - resources: - - "deployments" - verbs: *everything - # PingSource controller manipulates Deployment owner reference - - apiGroups: - - "apps" - resources: - - "deployments/finalizers" - verbs: - - "update" - # The namespace annotation controller needs to manipulate RoleBindings. - - apiGroups: - - "rbac.authorization.k8s.io" - resources: - - "rolebindings" - verbs: *everything - # Our own resources and statuses we care about. - - apiGroups: - - "eventing.knative.dev" - resources: - - "brokers" - - "brokers/status" - - "triggers" - - "triggers/status" - - "eventtypes" - - "eventtypes/status" - verbs: *everything - # Eventing resources and finalizers we care about. - - apiGroups: - - "eventing.knative.dev" - resources: - - "brokers/finalizers" - - "triggers/finalizers" - verbs: - - "update" - # Our own resources and statuses we care about. - - apiGroups: - - "messaging.knative.dev" - resources: - - "sequences" - - "sequences/status" - - "channels" - - "channels/status" - - "parallels" - - "parallels/status" - - "subscriptions" - - "subscriptions/status" - verbs: *everything - # Flow resources and statuses we care about. - - apiGroups: - - "flows.knative.dev" - resources: - - "sequences" - - "sequences/status" - - "parallels" - - "parallels/status" - verbs: *everything - # Messaging resources and finalizers we care about. - - apiGroups: - - "messaging.knative.dev" - resources: - - "sequences/finalizers" - - "parallels/finalizers" - - "channels/finalizers" - verbs: - - "update" - # Flows resources and finalizers we care about. - - apiGroups: - - "flows.knative.dev" - resources: - - "sequences/finalizers" - - "parallels/finalizers" - verbs: - - "update" - # The subscription controller needs to retrieve and watch CustomResourceDefinitions. - - apiGroups: - - "apiextensions.k8s.io" - resources: - - "customresourcedefinitions" - verbs: - - "get" - - "list" - - "watch" - # For leader election - - apiGroups: - - "coordination.k8s.io" - resources: - - "leases" - verbs: *everything - ---- -# Copyright 2020 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRole -metadata: - name: knative-eventing-pingsource-mt-adapter - labels: - eventing.knative.dev/release: "v1.8.3" - app.kubernetes.io/version: "1.8.3" - app.kubernetes.io/name: knative-eventing -rules: - - apiGroups: - - "" - resources: - - "configmaps" - verbs: - - "get" - - "list" - - "watch" - - apiGroups: - - sources.knative.dev - resources: - - pingsources - - pingsources/status - verbs: - - get - - list - - watch - - patch - - apiGroups: - - sources.knative.dev - resources: - - pingsources/finalizers - verbs: - - "patch" - - apiGroups: - - "" - resources: - - events - verbs: - - "create" - - "patch" - - apiGroups: - - coordination.k8s.io - resources: - - leases - verbs: - - get - - list - - watch - - create - - update - - patch - ---- -# Copyright 2019 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -# Use this aggregated ClusterRole when you need readonly access to "PodSpecables" -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRole -metadata: - name: podspecable-binding - labels: - eventing.knative.dev/release: "v1.8.3" - app.kubernetes.io/version: "1.8.3" - app.kubernetes.io/name: knative-eventing -aggregationRule: - clusterRoleSelectors: - - matchLabels: - duck.knative.dev/podspecable: "true" -rules: [] # Rules are automatically filled in by the controller manager. ---- -kind: ClusterRole -apiVersion: rbac.authorization.k8s.io/v1 -metadata: - name: builtin-podspecable-binding - labels: - eventing.knative.dev/release: "v1.8.3" - duck.knative.dev/podspecable: "true" - app.kubernetes.io/version: "1.8.3" - app.kubernetes.io/name: knative-eventing -# Do not use this role directly. These rules will be added to the "podspecable-binding role. -rules: - # To patch the subjects of our bindings - - apiGroups: - - "apps" - resources: - - "deployments" - - "daemonsets" - - "statefulsets" - - "replicasets" - verbs: - - "list" - - "watch" - - "patch" - - apiGroups: - - "batch" - resources: - - "jobs" - verbs: - - "list" - - "watch" - - "patch" - ---- -# Copyright 2019 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -# Use this aggregated ClusterRole when you need to read "Sources". -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRole -metadata: - name: source-observer - labels: - eventing.knative.dev/release: "v1.8.3" - app.kubernetes.io/version: "1.8.3" - app.kubernetes.io/name: knative-eventing -aggregationRule: - clusterRoleSelectors: - - matchLabels: - duck.knative.dev/source: "true" -rules: [] # Rules are automatically filled in by the controller manager. ---- -kind: ClusterRole -apiVersion: rbac.authorization.k8s.io/v1 -metadata: - name: eventing-sources-source-observer - labels: - eventing.knative.dev/release: "v1.8.3" - duck.knative.dev/source: "true" - app.kubernetes.io/version: "1.8.3" - app.kubernetes.io/name: knative-eventing -# Do not use this role directly. These rules will be added to the "source-observer" role. -rules: - - apiGroups: - - sources.knative.dev - resources: - - apiserversources - - pingsources - - sinkbindings - - containersources - verbs: - - get - - list - - watch - ---- -# Copyright 2019 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRole -metadata: - name: knative-eventing-sources-controller - labels: - eventing.knative.dev/release: "v1.8.3" - app.kubernetes.io/version: "1.8.3" - app.kubernetes.io/name: knative-eventing -rules: - - apiGroups: - - "" - resources: - - "secrets" - - "configmaps" - - "services" - verbs: &everything - - "get" - - "list" - - "create" - - "update" - - "delete" - - "patch" - - "watch" - # Deployments admin - - apiGroups: - - "apps" - resources: - - "deployments" - verbs: *everything - # Source resources and statuses we care about. - - apiGroups: - - "sources.knative.dev" - resources: - - "sinkbindings" - - "sinkbindings/status" - - "sinkbindings/finalizers" - - "apiserversources" - - "apiserversources/status" - - "apiserversources/finalizers" - - "pingsources" - - "pingsources/status" - - "pingsources/finalizers" - - "containersources" - - "containersources/status" - - "containersources/finalizers" - verbs: *everything - # Knative Services admin - - apiGroups: - - serving.knative.dev - resources: - - services - verbs: *everything - # EventTypes admin - - apiGroups: - - eventing.knative.dev - resources: - - eventtypes - verbs: *everything - # Events admin - - apiGroups: - - "" - resources: - - events - verbs: *everything - # Authorization checker - - apiGroups: - - authorization.k8s.io - resources: - - subjectaccessreviews - verbs: - - create - ---- -# Copyright 2019 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRole -metadata: - name: knative-eventing-webhook - labels: - eventing.knative.dev/release: "v1.8.3" - app.kubernetes.io/version: "1.8.3" - app.kubernetes.io/name: knative-eventing -rules: - # For watching logging configuration and getting certs. - - apiGroups: - - "" - resources: - - "configmaps" - verbs: - - "get" - - "list" - - "watch" - # For manipulating certs into secrets. - - apiGroups: - - "" - resources: - - "namespaces" - verbs: - - "get" - - "create" - - "update" - - "list" - - "watch" - - "patch" - # finalizers are needed for the owner reference of the webhook - - apiGroups: - - "" - resources: - - "namespaces/finalizers" - verbs: - - "update" - # For getting our Deployment so we can decorate with ownerref. - - apiGroups: - - "apps" - resources: - - "deployments" - verbs: - - "get" - - apiGroups: - - "apps" - resources: - - "deployments/finalizers" - verbs: - - update - # For actually registering our webhook. - - apiGroups: - - "admissionregistration.k8s.io" - resources: - - "mutatingwebhookconfigurations" - - "validatingwebhookconfigurations" - verbs: &everything - - "get" - - "list" - - "create" - - "update" - - "delete" - - "patch" - - "watch" - # For running the SinkBinding reconciler. - - apiGroups: - - "sources.knative.dev" - resources: - - "sinkbindings" - - "sinkbindings/status" - - "sinkbindings/finalizers" - verbs: *everything - # For leader election - - apiGroups: - - "coordination.k8s.io" - resources: - - "leases" - verbs: *everything - # Necessary for conversion webhook. These are copied from the serving - # TODO: Do we really need all these permissions? - - apiGroups: ["apiextensions.k8s.io"] - resources: ["customresourcedefinitions"] - verbs: ["get", "list", "create", "update", "delete", "patch", "watch"] - ---- -# Copyright 2020 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: rbac.authorization.k8s.io/v1 -kind: Role -metadata: - namespace: knative-eventing - name: knative-eventing-webhook - labels: - eventing.knative.dev/release: "v1.8.3" - app.kubernetes.io/version: "1.8.3" - app.kubernetes.io/name: knative-eventing -rules: - # For manipulating certs into secrets. - - apiGroups: - - "" - resources: - - "secrets" - verbs: - - "get" - - "create" - - "update" - - "list" - - "watch" - - "patch" - ---- -# Copyright 2018 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: admissionregistration.k8s.io/v1 -kind: ValidatingWebhookConfiguration -metadata: - name: config.webhook.eventing.knative.dev - labels: - eventing.knative.dev/release: "v1.8.3" - app.kubernetes.io/version: "1.8.3" - app.kubernetes.io/name: knative-eventing -webhooks: - - admissionReviewVersions: ["v1", "v1beta1"] - clientConfig: - service: - name: eventing-webhook - namespace: knative-eventing - sideEffects: None - failurePolicy: Ignore - name: config.webhook.eventing.knative.dev - namespaceSelector: - matchExpressions: - - key: eventing.knative.dev/release - operator: Exists - timeoutSeconds: 10 - ---- -# Copyright 2018 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: admissionregistration.k8s.io/v1 -kind: MutatingWebhookConfiguration -metadata: - name: webhook.eventing.knative.dev - labels: - eventing.knative.dev/release: "v1.8.3" - app.kubernetes.io/version: "1.8.3" - app.kubernetes.io/name: knative-eventing -webhooks: - - admissionReviewVersions: ["v1", "v1beta1"] - clientConfig: - service: - name: eventing-webhook - namespace: knative-eventing - sideEffects: None - failurePolicy: Fail - name: webhook.eventing.knative.dev - timeoutSeconds: 10 - ---- -# Copyright 2018 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: admissionregistration.k8s.io/v1 -kind: ValidatingWebhookConfiguration -metadata: - name: validation.webhook.eventing.knative.dev - labels: - eventing.knative.dev/release: "v1.8.3" - app.kubernetes.io/version: "1.8.3" - app.kubernetes.io/name: knative-eventing -webhooks: - - admissionReviewVersions: ["v1", "v1beta1"] - clientConfig: - service: - name: eventing-webhook - namespace: knative-eventing - sideEffects: None - failurePolicy: Fail - name: validation.webhook.eventing.knative.dev - timeoutSeconds: 10 - ---- -# Copyright 2018 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: v1 -kind: Secret -metadata: - name: eventing-webhook-certs - namespace: knative-eventing - labels: - eventing.knative.dev/release: "v1.8.3" - app.kubernetes.io/version: "1.8.3" - app.kubernetes.io/name: knative-eventing -# The data is populated at install time. - ---- -# Copyright 2018 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: admissionregistration.k8s.io/v1 -kind: MutatingWebhookConfiguration -metadata: - name: sinkbindings.webhook.sources.knative.dev - labels: - eventing.knative.dev/release: "v1.8.3" - app.kubernetes.io/version: "1.8.3" - app.kubernetes.io/name: knative-eventing -webhooks: - - admissionReviewVersions: ["v1", "v1beta1"] - clientConfig: - service: - name: eventing-webhook - namespace: knative-eventing - failurePolicy: Fail - sideEffects: None - name: sinkbindings.webhook.sources.knative.dev - timeoutSeconds: 10 - ---- diff --git a/cmd/operator/kodata/knative-eventing/1.8.3/4-mt-channel-broker.yaml b/cmd/operator/kodata/knative-eventing/1.8.3/4-mt-channel-broker.yaml deleted file mode 100644 index 6536031133..0000000000 --- a/cmd/operator/kodata/knative-eventing/1.8.3/4-mt-channel-broker.yaml +++ /dev/null @@ -1,675 +0,0 @@ -# Copyright 2020 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRole -metadata: - name: knative-eventing-mt-channel-broker-controller - labels: - eventing.knative.dev/release: "v1.8.3" - app.kubernetes.io/version: "1.8.3" - app.kubernetes.io/name: knative-eventing -rules: - # Configs resources and status we care about. - - apiGroups: - - "" - resources: - - "namespaces/finalizers" - verbs: - - "update" - - apiGroups: - - coordination.k8s.io - resources: - - leases - verbs: - - "get" - - "list" - - "create" - - "update" - - "delete" - - "patch" - - "watch" - ---- -# Copyright 2020 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRole -metadata: - name: knative-eventing-mt-broker-filter - labels: - eventing.knative.dev/release: "v1.8.3" - app.kubernetes.io/version: "1.8.3" - app.kubernetes.io/name: knative-eventing -rules: - - apiGroups: - - eventing.knative.dev - resources: - - triggers - - triggers/status - verbs: - - get - - list - - watch - - apiGroups: - - "" - resources: - - "configmaps" - verbs: - - get - - list - - watch - ---- -# Copyright 2020 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -apiVersion: v1 -kind: ServiceAccount -metadata: - name: mt-broker-filter - namespace: knative-eventing - labels: - eventing.knative.dev/release: "v1.8.3" - app.kubernetes.io/version: "1.8.3" - app.kubernetes.io/name: knative-eventing - ---- -# Copyright 2020 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRole -metadata: - name: knative-eventing-mt-broker-ingress - labels: - eventing.knative.dev/release: "v1.8.3" - app.kubernetes.io/version: "1.8.3" - app.kubernetes.io/name: knative-eventing -rules: - - apiGroups: - - eventing.knative.dev - resources: - - brokers - verbs: - - get - - list - - watch - - apiGroups: - - "" - resources: - - "configmaps" - verbs: - - get - - list - - watch - ---- -# Copyright 2020 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -apiVersion: v1 -kind: ServiceAccount -metadata: - name: mt-broker-ingress - namespace: knative-eventing - labels: - eventing.knative.dev/release: "v1.8.3" - app.kubernetes.io/version: "1.8.3" - app.kubernetes.io/name: knative-eventing - ---- -# Copyright 2020 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRoleBinding -metadata: - name: eventing-mt-channel-broker-controller - labels: - eventing.knative.dev/release: "v1.8.3" - app.kubernetes.io/version: "1.8.3" - app.kubernetes.io/name: knative-eventing -subjects: - - kind: ServiceAccount - name: eventing-controller - namespace: knative-eventing -roleRef: - kind: ClusterRole - name: knative-eventing-mt-channel-broker-controller - apiGroup: rbac.authorization.k8s.io - ---- -# Copyright 2020 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRoleBinding -metadata: - name: knative-eventing-mt-broker-filter - labels: - eventing.knative.dev/release: "v1.8.3" - app.kubernetes.io/version: "1.8.3" - app.kubernetes.io/name: knative-eventing -subjects: - - kind: ServiceAccount - name: mt-broker-filter - namespace: knative-eventing -roleRef: - kind: ClusterRole - name: knative-eventing-mt-broker-filter - apiGroup: rbac.authorization.k8s.io - ---- -# Copyright 2020 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRoleBinding -metadata: - name: knative-eventing-mt-broker-ingress - labels: - eventing.knative.dev/release: "v1.8.3" - app.kubernetes.io/version: "1.8.3" - app.kubernetes.io/name: knative-eventing -subjects: - - kind: ServiceAccount - name: mt-broker-ingress - namespace: knative-eventing -roleRef: - kind: ClusterRole - name: knative-eventing-mt-broker-ingress - apiGroup: rbac.authorization.k8s.io - ---- -# Copyright 2020 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: apps/v1 -kind: Deployment -metadata: - name: mt-broker-filter - namespace: knative-eventing - labels: - eventing.knative.dev/release: "v1.8.3" - app.kubernetes.io/component: broker-filter - app.kubernetes.io/version: "1.8.3" - app.kubernetes.io/name: knative-eventing -spec: - selector: - matchLabels: - eventing.knative.dev/brokerRole: filter - template: - metadata: - labels: - eventing.knative.dev/brokerRole: filter - eventing.knative.dev/release: "v1.8.3" - app.kubernetes.io/component: broker-filter - app.kubernetes.io/version: "1.8.3" - app.kubernetes.io/name: knative-eventing - spec: - serviceAccountName: mt-broker-filter - enableServiceLinks: false - containers: - - name: filter - terminationMessagePolicy: FallbackToLogsOnError - image: gcr.io/knative-releases/knative.dev/eventing/cmd/broker/filter@sha256:552eadf10b036c3b132262e6c606d183e11fb60112f0ef28668d92a81d7ec866 - readinessProbe: &probe - failureThreshold: 3 - httpGet: - path: /healthz - port: 8080 - scheme: HTTP - periodSeconds: 2 - successThreshold: 1 - timeoutSeconds: 1 - livenessProbe: - !!merge <<: *probe - initialDelaySeconds: 5 - resources: - requests: - cpu: 100m - memory: 100Mi - ports: - - containerPort: 8080 - name: http - protocol: TCP - - containerPort: 9092 - name: metrics - protocol: TCP - terminationMessagePath: /dev/termination-log - env: - - name: SYSTEM_NAMESPACE - valueFrom: - fieldRef: - fieldPath: metadata.namespace - - name: NAMESPACE - valueFrom: - fieldRef: - apiVersion: v1 - fieldPath: metadata.namespace - - name: POD_NAME - valueFrom: - fieldRef: - apiVersion: v1 - fieldPath: metadata.name - - name: CONTAINER_NAME - value: filter - - name: CONFIG_LOGGING_NAME - value: config-logging - - name: CONFIG_OBSERVABILITY_NAME - value: config-observability - - name: METRICS_DOMAIN - value: knative.dev/internal/eventing - - name: FILTER_PORT - value: "8080" - securityContext: - allowPrivilegeEscalation: false - readOnlyRootFilesystem: true - runAsNonRoot: true - capabilities: - drop: - - ALL - seccompProfile: - type: RuntimeDefault ---- -apiVersion: v1 -kind: Service -metadata: - labels: - eventing.knative.dev/brokerRole: filter - eventing.knative.dev/release: "v1.8.3" - app.kubernetes.io/component: broker-filter - app.kubernetes.io/version: "1.8.3" - app.kubernetes.io/name: knative-eventing - name: broker-filter - namespace: knative-eventing -spec: - ports: - - name: http - port: 80 - protocol: TCP - targetPort: 8080 - - name: http-metrics - port: 9092 - protocol: TCP - targetPort: 9092 - selector: - eventing.knative.dev/brokerRole: filter - ---- -# Copyright 2020 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: apps/v1 -kind: Deployment -metadata: - name: mt-broker-ingress - namespace: knative-eventing - labels: - eventing.knative.dev/release: "v1.8.3" - app.kubernetes.io/component: broker-ingress - app.kubernetes.io/version: "1.8.3" - app.kubernetes.io/name: knative-eventing -spec: - selector: - matchLabels: - eventing.knative.dev/brokerRole: ingress - template: - metadata: - labels: - eventing.knative.dev/brokerRole: ingress - eventing.knative.dev/release: "v1.8.3" - app.kubernetes.io/component: broker-ingress - app.kubernetes.io/version: "1.8.3" - app.kubernetes.io/name: knative-eventing - spec: - serviceAccountName: mt-broker-ingress - enableServiceLinks: false - containers: - - name: ingress - terminationMessagePolicy: FallbackToLogsOnError - image: gcr.io/knative-releases/knative.dev/eventing/cmd/broker/ingress@sha256:82173f99511d67d65f1cee77d3b4aeeebb5cfa73a5fbe904458e50168bd6b644 - readinessProbe: &probe - failureThreshold: 3 - httpGet: - path: /healthz - port: 8080 - scheme: HTTP - periodSeconds: 2 - successThreshold: 1 - timeoutSeconds: 1 - livenessProbe: - !!merge <<: *probe - initialDelaySeconds: 5 - resources: - requests: - cpu: 100m - memory: 100Mi - ports: - - containerPort: 8080 - name: http - protocol: TCP - - containerPort: 9092 - name: metrics - protocol: TCP - terminationMessagePath: /dev/termination-log - env: - - name: SYSTEM_NAMESPACE - valueFrom: - fieldRef: - fieldPath: metadata.namespace - - name: NAMESPACE - valueFrom: - fieldRef: - apiVersion: v1 - fieldPath: metadata.namespace - - name: POD_NAME - valueFrom: - fieldRef: - apiVersion: v1 - fieldPath: metadata.name - - name: CONTAINER_NAME - value: ingress - - name: CONFIG_LOGGING_NAME - value: config-logging - - name: CONFIG_OBSERVABILITY_NAME - value: config-observability - - name: METRICS_DOMAIN - value: knative.dev/internal/eventing - - name: INGRESS_PORT - value: "8080" - securityContext: - allowPrivilegeEscalation: false - readOnlyRootFilesystem: true - runAsNonRoot: true - capabilities: - drop: - - ALL - seccompProfile: - type: RuntimeDefault ---- -apiVersion: v1 -kind: Service -metadata: - labels: - eventing.knative.dev/brokerRole: ingress - eventing.knative.dev/release: "v1.8.3" - app.kubernetes.io/component: broker-ingress - app.kubernetes.io/version: "1.8.3" - app.kubernetes.io/name: knative-eventing - name: broker-ingress - namespace: knative-eventing -spec: - ports: - - name: http - port: 80 - protocol: TCP - targetPort: 8080 - - name: http-metrics - port: 9092 - protocol: TCP - targetPort: 9092 - selector: - eventing.knative.dev/brokerRole: ingress - ---- -# Copyright 2020 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: apps/v1 -kind: Deployment -metadata: - name: mt-broker-controller - namespace: knative-eventing - labels: - eventing.knative.dev/release: "v1.8.3" - app.kubernetes.io/component: mt-broker-controller - app.kubernetes.io/version: "1.8.3" - app.kubernetes.io/name: knative-eventing -spec: - selector: - matchLabels: - app: mt-broker-controller - template: - metadata: - labels: - app: mt-broker-controller - eventing.knative.dev/release: "v1.8.3" - app.kubernetes.io/component: broker-controller - app.kubernetes.io/version: "1.8.3" - app.kubernetes.io/name: knative-eventing - spec: - # To avoid node becoming SPOF, spread our replicas to different nodes. - affinity: - podAntiAffinity: - preferredDuringSchedulingIgnoredDuringExecution: - - podAffinityTerm: - labelSelector: - matchLabels: - app: mt-broker-controller - topologyKey: kubernetes.io/hostname - weight: 100 - serviceAccountName: eventing-controller - enableServiceLinks: false - containers: - - name: mt-broker-controller - terminationMessagePolicy: FallbackToLogsOnError - image: gcr.io/knative-releases/knative.dev/eventing/cmd/mtchannel_broker@sha256:72d4e9771db7489c6ca59b58a433671c5283addc5f1c36682435aa2721645f72 - resources: - requests: - cpu: 100m - memory: 100Mi - env: - - name: SYSTEM_NAMESPACE - valueFrom: - fieldRef: - fieldPath: metadata.namespace - - name: CONFIG_LOGGING_NAME - value: config-logging - - name: CONFIG_OBSERVABILITY_NAME - value: config-observability - - name: METRICS_DOMAIN - value: knative.dev/eventing - - name: POD_NAME - valueFrom: - fieldRef: - fieldPath: metadata.name - securityContext: - allowPrivilegeEscalation: false - readOnlyRootFilesystem: true - runAsNonRoot: true - capabilities: - drop: - - ALL - seccompProfile: - type: RuntimeDefault - ports: - - name: metrics - containerPort: 9090 - - name: profiling - containerPort: 8008 - ---- -# Copyright 2020 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: autoscaling/v2 -kind: HorizontalPodAutoscaler -metadata: - name: broker-ingress-hpa - namespace: knative-eventing - labels: - eventing.knative.dev/release: "v1.8.3" - app.kubernetes.io/component: broker-ingress - app.kubernetes.io/version: "1.8.3" - app.kubernetes.io/name: knative-eventing -spec: - scaleTargetRef: - apiVersion: apps/v1 - kind: Deployment - name: mt-broker-ingress - minReplicas: 1 - maxReplicas: 10 - metrics: - - type: Resource - resource: - name: cpu - target: - type: Utilization - averageUtilization: 70 ---- -apiVersion: autoscaling/v2 -kind: HorizontalPodAutoscaler -metadata: - name: broker-filter-hpa - namespace: knative-eventing - labels: - eventing.knative.dev/release: "v1.8.3" - app.kubernetes.io/component: broker-filter - app.kubernetes.io/version: "1.8.3" - app.kubernetes.io/name: knative-eventing -spec: - scaleTargetRef: - apiVersion: apps/v1 - kind: Deployment - name: mt-broker-filter - minReplicas: 1 - maxReplicas: 10 - metrics: - - type: Resource - resource: - name: cpu - target: - type: Utilization - averageUtilization: 70 - ---- diff --git a/cmd/operator/kodata/knative-eventing/1.8.3/5-eventing-post-install.yaml b/cmd/operator/kodata/knative-eventing/1.8.3/5-eventing-post-install.yaml deleted file mode 100644 index a457d46c6a..0000000000 --- a/cmd/operator/kodata/knative-eventing/1.8.3/5-eventing-post-install.yaml +++ /dev/null @@ -1,231 +0,0 @@ -# Copyright 2020 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRole -metadata: - name: knative-eventing-post-install-job-role - labels: - app.kubernetes.io/version: "1.8.3" - app.kubernetes.io/name: knative-eventing - eventing.knative.dev/release: "v1.8.3" -rules: - # Storage version upgrader needs to be able to patch CRDs. - - apiGroups: - - "apiextensions.k8s.io" - resources: - - "customresourcedefinitions" - - "customresourcedefinitions/status" - verbs: - - "get" - - "list" - - "update" - - "patch" - - "watch" - # Our own resources we care about. - - apiGroups: - - "sources.knative.dev" - resources: - - "apiserversources" - - "apiserversources/finalizers" - - "apiserversources/status" - - "containersources" - - "containersources/finalizers" - - "containersources/status" - - "pingsources" - - "pingsources/finalizers" - - "pingsources/status" - - "sinkbindings" - - "sinkbindings/finalizers" - - "sinkbindings/status" - verbs: - - "get" - - "list" - - "create" - - "update" - - "patch" - - "watch" - - apiGroups: - - "eventing.knative.dev" - resources: - - "brokers" - - "brokers/finalizers" - - "brokers/status" - - "eventtypes" - - "eventtypes/finalizers" - - "eventtypes/status" - - "triggers" - - "triggers/finalizers" - - "triggers/status" - verbs: - - "get" - - "list" - - "create" - - "update" - - "patch" - - "watch" - - apiGroups: - - "messaging.knative.dev" - resources: - - "channels" - - "channels/finalizers" - - "channels/status" - - "inmemorychannels" - - "inmemorychannels/finalizers" - - "inmemorychannels/status" - - "subscriptions" - - "subscriptions/finalizers" - - "subscriptions/status" - verbs: - - "get" - - "list" - - "create" - - "update" - - "patch" - - "watch" - - apiGroups: - - "flows.knative.dev" - resources: - - "parallels" - - "parallels/finalizers" - - "parallels/status" - - "sequences" - - "sequences/finalizers" - - "sequences/status" - verbs: - - "get" - - "list" - - "create" - - "update" - - "patch" - - "watch" - - apiGroups: - - "" - resources: - - "namespaces" - verbs: - - "get" - - "list" - ---- -# Copyright 2020 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: v1 -kind: ServiceAccount -metadata: - name: knative-eventing-post-install-job - namespace: knative-eventing - labels: - eventing.knative.dev/release: "v1.8.3" - app.kubernetes.io/version: "1.8.3" - app.kubernetes.io/name: knative-eventing ---- -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRoleBinding -metadata: - name: knative-eventing-post-install-job-role-binding - labels: - eventing.knative.dev/release: "v1.8.3" - app.kubernetes.io/version: "1.8.3" - app.kubernetes.io/name: knative-eventing -subjects: - - kind: ServiceAccount - name: knative-eventing-post-install-job - namespace: knative-eventing -roleRef: - kind: ClusterRole - name: knative-eventing-post-install-job-role - apiGroup: rbac.authorization.k8s.io - ---- -# Copyright 2020 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: batch/v1 -kind: Job -metadata: - generateName: storage-version-migration-eventing- - namespace: knative-eventing - labels: - app: "storage-version-migration-eventing" - app.kubernetes.io/name: knative-eventing - app.kubernetes.io/component: storage-version-migration-job - app.kubernetes.io/version: "1.8.3" - eventing.knative.dev/release: "v1.8.3" -spec: - ttlSecondsAfterFinished: 600 - backoffLimit: 10 - template: - metadata: - labels: - app: "storage-version-migration-eventing" - app.kubernetes.io/name: knative-eventing - app.kubernetes.io/component: storage-version-migration-job - app.kubernetes.io/version: "1.8.3" - eventing.knative.dev/release: "v1.8.3" - annotations: - sidecar.istio.io/inject: "false" - spec: - serviceAccountName: knative-eventing-post-install-job - restartPolicy: OnFailure - containers: - - name: migrate - image: gcr.io/knative-releases/knative.dev/pkg/apiextensions/storageversion/cmd/migrate@sha256:58f9cb64e2c947fa3dd8e4cbdd8f1f4d6febdc1f752945954e0666b8112e665d - args: - - "apiserversources.sources.knative.dev" - - "brokers.eventing.knative.dev" - - "channels.messaging.knative.dev" - - "containersources.sources.knative.dev" - - "eventtypes.eventing.knative.dev" - - "inmemorychannels.messaging.knative.dev" - - "parallels.flows.knative.dev" - - "pingsources.sources.knative.dev" - - "sequences.flows.knative.dev" - - "sinkbindings.sources.knative.dev" - - "subscriptions.messaging.knative.dev" - - "triggers.eventing.knative.dev" - securityContext: - allowPrivilegeEscalation: false - readOnlyRootFilesystem: true - runAsNonRoot: true - capabilities: - drop: - - ALL - seccompProfile: - type: RuntimeDefault - ---- diff --git a/cmd/operator/kodata/knative-eventing/1.8.4/1-eventing-crds.yaml b/cmd/operator/kodata/knative-eventing/1.8.4/1-eventing-crds.yaml deleted file mode 100644 index 6dac68e25b..0000000000 --- a/cmd/operator/kodata/knative-eventing/1.8.4/1-eventing-crds.yaml +++ /dev/null @@ -1,2296 +0,0 @@ -# Copyright 2020 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - creationTimestamp: null - labels: - eventing.knative.dev/release: "v1.8.4" - eventing.knative.dev/source: "true" - duck.knative.dev/source: "true" - knative.dev/crd-install: "true" - app.kubernetes.io/version: "1.8.4" - app.kubernetes.io/name: knative-eventing - annotations: - # TODO add schemas and descriptions - registry.knative.dev/eventTypes: | - [ - { "type": "dev.knative.apiserver.resource.add" }, - { "type": "dev.knative.apiserver.resource.delete" }, - { "type": "dev.knative.apiserver.resource.update" }, - { "type": "dev.knative.apiserver.ref.add" }, - { "type": "dev.knative.apiserver.ref.delete" }, - { "type": "dev.knative.apiserver.ref.update" } - ] - name: apiserversources.sources.knative.dev -spec: - group: sources.knative.dev - versions: - - name: v1 - served: true - storage: true - subresources: - status: {} - schema: - openAPIV3Schema: - description: 'ApiServerSource is an event source that brings Kubernetes API server events into Knative.' - type: object - properties: - spec: - type: object - required: - - resources - properties: - ceOverrides: - description: CloudEventOverrides defines overrides to control the output format and modifications of the event sent to the sink. - type: object - properties: - extensions: - description: Extensions specify what attribute are added or overridden on the outbound event. Each `Extensions` key-value pair are set on the event as an attribute extension independently. - type: object - x-kubernetes-preserve-unknown-fields: true - mode: - description: EventMode controls the format of the event. `Reference` sends a dataref event type for the resource under watch. `Resource` send the full resource lifecycle event. Defaults to `Reference` - type: string - owner: - description: ResourceOwner is an additional filter to only track resources that are owned by a specific resource type. If ResourceOwner matches Resources[n] then Resources[n] is allowed to pass the ResourceOwner filter. - type: object - properties: - apiVersion: - description: APIVersion - the API version of the resource to watch. - type: string - kind: - description: 'Kind of the resource to watch. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - resources: - description: Resource are the resources this source will track and send related lifecycle events from the Kubernetes ApiServer, with an optional label selector to help filter. - type: array - items: - type: object - properties: - apiVersion: - description: APIVersion - the API version of the resource to watch. - type: string - kind: - description: 'Kind of the resource to watch. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - selector: - description: 'LabelSelector filters this source to objects to those resources pass the label selector. More info: http://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#label-selectors' - type: object - properties: - matchExpressions: - description: matchExpressions is a list of label selector requirements. The requirements are ANDed. - type: array - items: - type: object - properties: - key: - description: key is the label key that the selector applies to. - type: string - operator: - description: operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. - type: string - values: - description: values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. - type: array - items: - type: string - matchLabels: - description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. - type: object - x-kubernetes-preserve-unknown-fields: true - serviceAccountName: - description: ServiceAccountName is the name of the ServiceAccount to use to run this source. Defaults to default if not set. - type: string - sink: - description: Sink is a reference to an object that will resolve to a uri to use as the sink. - type: object - properties: - ref: - description: Ref points to an Addressable. - type: object - properties: - apiVersion: - description: API version of the referent. - type: string - kind: - description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - namespace: - description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ This is optional field, it gets defaulted to the object holding it if left out.' - type: string - uri: - description: URI can be an absolute URL(non-empty scheme and non-empty host) pointing to the target or a relative URI. Relative URIs will be resolved using the base URI retrieved from Ref. - type: string - status: - type: object - properties: - annotations: - description: Annotations is additional Status fields for the Resource to save some additional State as well as convey more information to the user. This is roughly akin to Annotations on any k8s resource, just the reconciler conveying richer information outwards. - type: object - x-kubernetes-preserve-unknown-fields: true - ceAttributes: - description: CloudEventAttributes are the specific attributes that the Source uses as part of its CloudEvents. - type: array - items: - type: object - properties: - source: - description: Source is the CloudEvents source attribute. - type: string - type: - description: Type refers to the CloudEvent type attribute. - type: string - conditions: - description: Conditions the latest available observations of a resource's current state. - type: array - items: - type: object - required: - - type - - status - properties: - lastTransitionTime: - description: LastTransitionTime is the last time the condition transitioned from one status to another. We use VolatileTime in place of metav1.Time to exclude this from creating equality.Semantic differences (all other things held constant). - type: string - message: - description: A human readable message indicating details about the transition. - type: string - reason: - description: The reason for the condition's last transition. - type: string - severity: - description: Severity with which to treat failures of this type of condition. When this is not specified, it defaults to Error. - type: string - status: - description: Status of the condition, one of True, False, Unknown. - type: string - type: - description: Type of condition. - type: string - observedGeneration: - description: ObservedGeneration is the 'Generation' of the Service that was last processed by the controller. - type: integer - format: int64 - sinkUri: - description: SinkURI is the current active sink URI that has been configured for the Source. - type: string - additionalPrinterColumns: - - name: Sink - type: string - jsonPath: ".status.sinkUri" - - name: Age - type: date - jsonPath: .metadata.creationTimestamp - - name: Ready - type: string - jsonPath: ".status.conditions[?(@.type==\"Ready\")].status" - - name: Reason - type: string - jsonPath: ".status.conditions[?(@.type==\"Ready\")].reason" - names: - categories: - - all - - knative - - sources - kind: ApiServerSource - plural: apiserversources - singular: apiserversource - scope: Namespaced - ---- -# Copyright 2020 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - name: brokers.eventing.knative.dev - labels: - eventing.knative.dev/release: "v1.8.4" - knative.dev/crd-install: "true" - duck.knative.dev/addressable: "true" - app.kubernetes.io/version: "1.8.4" - app.kubernetes.io/name: knative-eventing -spec: - group: eventing.knative.dev - versions: - - name: v1 - served: true - storage: true - subresources: - status: {} - schema: - openAPIV3Schema: - description: 'Broker collects a pool of events that are consumable using Triggers. Brokers provide a well-known endpoint for event delivery that senders can use with minimal knowledge of the event routing strategy. Subscribers use Triggers to request delivery of events from a Broker''s pool to a specific URL or Addressable endpoint.' - type: object - properties: - spec: - description: Spec defines the desired state of the Broker. - type: object - properties: - config: - description: Config is a KReference to the configuration that specifies configuration options for this Broker. For example, this could be a pointer to a ConfigMap. - type: object - properties: - apiVersion: - description: API version of the referent. - type: string - kind: - description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - namespace: - description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ This is optional field, it gets defaulted to the object holding it if left out.' - type: string - delivery: - description: Delivery contains the delivery spec for each trigger to this Broker. Each trigger delivery spec, if any, overrides this global delivery spec. - type: object - properties: - backoffDelay: - description: 'BackoffDelay is the delay before retrying. More information on Duration format: - https://www.iso.org/iso-8601-date-and-time-format.html - https://en.wikipedia.org/wiki/ISO_8601 For linear policy, backoff delay is backoffDelay*. For exponential policy, backoff delay is backoffDelay*2^.' - type: string - backoffPolicy: - description: BackoffPolicy is the retry backoff policy (linear, exponential). - type: string - deadLetterSink: - description: DeadLetterSink is the sink receiving event that could not be sent to a destination. - type: object - properties: - ref: - description: Ref points to an Addressable. - type: object - properties: - apiVersion: - description: API version of the referent. - type: string - kind: - description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - namespace: - description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ This is optional field, it gets defaulted to the object holding it if left out.' - type: string - uri: - description: URI can be an absolute URL(non-empty scheme and non-empty host) pointing to the target or a relative URI. Relative URIs will be resolved using the base URI retrieved from Ref. - type: string - retry: - description: Retry is the minimum number of retries the sender should attempt when sending an event before moving it to the dead letter sink. - type: integer - format: int32 - x-kubernetes-preserve-unknown-fields: true # This is necessary to enable the experimental feature delivery-timeout - status: - description: Status represents the current state of the Broker. This data may be out of date. - type: object - properties: - address: - description: Broker is Addressable. It exposes the endpoint as an URI to get events delivered into the Broker mesh. - type: object - properties: - url: - type: string - annotations: - description: Annotations is additional Status fields for the Resource to save some additional State as well as convey more information to the user. This is roughly akin to Annotations on any k8s resource, just the reconciler conveying richer information outwards. - type: object - x-kubernetes-preserve-unknown-fields: true - conditions: - description: Conditions the latest available observations of a resource's current state. - type: array - items: - type: object - required: - - type - - status - properties: - lastTransitionTime: - description: 'LastTransitionTime is the last time the condition transitioned from one status to another. We use VolatileTime in place of metav1.Time to exclude this from creating equality.Semantic differences (all other things held constant).' - type: string - message: - description: 'A human readable message indicating details about the transition.' - type: string - reason: - description: 'The reason for the condition''s last transition.' - type: string - severity: - description: 'Severity with which to treat failures of this type of condition. When this is not specified, it defaults to Error.' - type: string - status: - description: 'Status of the condition, one of True, False, Unknown.' - type: string - type: - description: 'Type of condition.' - type: string - deadLetterSinkUri: - description: DeadLetterSinkURI is the resolved URI of the dead letter sink that will be used as a fallback when not specified by Triggers. - type: string - observedGeneration: - description: ObservedGeneration is the 'Generation' of the Service that was last processed by the controller. - type: integer - format: int64 - additionalPrinterColumns: - - name: URL - type: string - jsonPath: .status.address.url - - name: Age - type: date - jsonPath: .metadata.creationTimestamp - - name: Ready - type: string - jsonPath: ".status.conditions[?(@.type==\"Ready\")].status" - - name: Reason - type: string - jsonPath: ".status.conditions[?(@.type==\"Ready\")].reason" - names: - kind: Broker - plural: brokers - singular: broker - categories: - - all - - knative - - eventing - scope: Namespaced - ---- -# Copyright 2020 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - name: channels.messaging.knative.dev - labels: - eventing.knative.dev/release: "v1.8.4" - knative.dev/crd-install: "true" - messaging.knative.dev/subscribable: "true" - duck.knative.dev/addressable: "true" - app.kubernetes.io/version: "1.8.4" - app.kubernetes.io/name: knative-eventing -spec: - group: messaging.knative.dev - versions: - - name: v1 - served: true - storage: true - subresources: - status: {} - additionalPrinterColumns: - - name: URL - type: string - jsonPath: .status.address.url - - name: Age - type: date - jsonPath: .metadata.creationTimestamp - - name: Ready - type: string - jsonPath: ".status.conditions[?(@.type==\"Ready\")].status" - - name: Reason - type: string - jsonPath: ".status.conditions[?(@.type==\"Ready\")].reason" - schema: - openAPIV3Schema: - description: 'Channel represents a generic Channel. It is normally used when we want a Channel, but do not need a specific Channel implementation.' - type: object - properties: - spec: - description: Spec defines the desired state of the Channel. - type: object - properties: - channelTemplate: - description: ChannelTemplate specifies which Channel CRD to use to create the CRD Channel backing this Channel. This is immutable after creation. Normally this is set by the Channel defaulter, not directly by the user. - type: object - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - spec: - description: Spec defines the Spec to use for each channel created. Passed in verbatim to the Channel CRD as Spec section. - type: object - x-kubernetes-preserve-unknown-fields: true - delivery: - description: DeliverySpec contains the default delivery spec for each subscription to this Channelable. Each subscription delivery spec, if any, overrides this global delivery spec. - type: object - properties: - backoffDelay: - description: 'BackoffDelay is the delay before retrying. More information on Duration format: - https://www.iso.org/iso-8601-date-and-time-format.html - https://en.wikipedia.org/wiki/ISO_8601 For linear policy, backoff delay is backoffDelay*. For exponential policy, backoff delay is backoffDelay*2^.' - type: string - backoffPolicy: - description: BackoffPolicy is the retry backoff policy (linear, exponential). - type: string - deadLetterSink: - description: DeadLetterSink is the sink receiving event that could not be sent to a destination. - type: object - properties: - ref: - description: Ref points to an Addressable. - type: object - properties: - apiVersion: - description: API version of the referent. - type: string - kind: - description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - namespace: - description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ This is optional field, it gets defaulted to the object holding it if left out.' - type: string - uri: - description: URI can be an absolute URL(non-empty scheme and non-empty host) pointing to the target or a relative URI. Relative URIs will be resolved using the base URI retrieved from Ref. - type: string - retry: - description: Retry is the minimum number of retries the sender should attempt when sending an event before moving it to the dead letter sink. - type: integer - format: int32 - x-kubernetes-preserve-unknown-fields: true # This is necessary to enable the experimental feature delivery-timeout - subscribers: - description: This is the list of subscriptions for this subscribable. - type: array - items: - type: object - properties: - delivery: - description: DeliverySpec contains options controlling the event delivery - type: object - properties: - backoffDelay: - description: 'BackoffDelay is the delay before retrying. More information on Duration format: - https://www.iso.org/iso-8601-date-and-time-format.html - https://en.wikipedia.org/wiki/ISO_8601 For linear policy, backoff delay is backoffDelay*. For exponential policy, backoff delay is backoffDelay*2^.' - type: string - backoffPolicy: - description: BackoffPolicy is the retry backoff policy (linear, exponential). - type: string - deadLetterSink: - description: DeadLetterSink is the sink receiving event that could not be sent to a destination. - type: object - properties: - ref: - description: Ref points to an Addressable. - type: object - properties: - apiVersion: - description: API version of the referent. - type: string - kind: - description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - namespace: - description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ This is optional field, it gets defaulted to the object holding it if left out.' - type: string - uri: - description: URI can be an absolute URL(non-empty scheme and non-empty host) pointing to the target or a relative URI. Relative URIs will be resolved using the base URI retrieved from Ref. - type: string - retry: - description: Retry is the minimum number of retries the sender should attempt when sending an event before moving it to the dead letter sink. - type: integer - format: int32 - x-kubernetes-preserve-unknown-fields: true # This is necessary to enable the experimental feature - generation: - description: Generation of the origin of the subscriber with uid:UID. - type: integer - format: int64 - replyUri: - description: ReplyURI is the endpoint for the reply - type: string - subscriberUri: - description: SubscriberURI is the endpoint for the subscriber - type: string - uid: - description: UID is used to understand the origin of the subscriber. - type: string - status: - description: Status represents the current state of the Channel. This data may be out of date. - type: object - properties: - address: - type: object - properties: - url: - type: string - annotations: - description: Annotations is additional Status fields for the Resource to save some additional State as well as convey more information to the user. This is roughly akin to Annotations on any k8s resource, just the reconciler conveying richer information outwards. - type: object - x-kubernetes-preserve-unknown-fields: true - channel: - description: Channel is an KReference to the Channel CRD backing this Channel. - type: object - properties: - apiVersion: - description: API version of the referent. - type: string - kind: - description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - namespace: - description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ This is optional field, it gets defaulted to the object holding it if left out.' - type: string - conditions: - description: Conditions the latest available observations of a resource's current state. - type: array - items: - type: object - required: - - type - - status - properties: - lastTransitionTime: - description: LastTransitionTime is the last time the condition transitioned from one status to another. We use VolatileTime in place of metav1.Time to exclude this from creating equality.Semantic differences (all other things held constant). - type: string - message: - description: A human readable message indicating details about the transition. - type: string - reason: - description: The reason for the condition's last transition. - type: string - severity: - description: Severity with which to treat failures of this type of condition. When this is not specified, it defaults to Error. - type: string - status: - description: Status of the condition, one of True, False, Unknown. - type: string - type: - description: Type of condition. - type: string - deadLetterChannel: - description: DeadLetterChannel is a KReference and is set by the channel when it supports native error handling via a channel Failed messages are delivered here. - type: object - properties: - apiVersion: - description: API version of the referent. - type: string - kind: - description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - namespace: - description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ This is optional field, it gets defaulted to the object holding it if left out.' - type: string - deadLetterSinkUri: - description: DeadLetterSinkURI is the resolved URI of the dead letter sink that will be used as a fallback when not specified by Triggers. - type: string - observedGeneration: - description: ObservedGeneration is the 'Generation' of the Service that was last processed by the controller. - type: integer - format: int64 - subscribers: - description: This is the list of subscription's statuses for this channel. - type: array - items: - type: object - properties: - message: - description: A human readable message indicating details of Ready status. - type: string - observedGeneration: - description: Generation of the origin of the subscriber with uid:UID. - type: integer - format: int64 - ready: - description: Status of the subscriber. - type: string - uid: - description: UID is used to understand the origin of the subscriber. - type: string - names: - kind: Channel - plural: channels - singular: channel - categories: - - all - - knative - - messaging - - channel - shortNames: - - ch - scope: Namespaced - ---- -# Copyright 2020 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - labels: - eventing.knative.dev/release: "v1.8.4" - eventing.knative.dev/source: "true" - duck.knative.dev/source: "true" - knative.dev/crd-install: "true" - app.kubernetes.io/version: "1.8.4" - app.kubernetes.io/name: knative-eventing - name: containersources.sources.knative.dev -spec: - group: sources.knative.dev - versions: - - name: v1 - served: true - storage: true - subresources: - status: {} - schema: - openAPIV3Schema: - description: 'ContainerSource is an event source that starts a container image which generates events under certain situations and sends messages to a sink URI' - type: object - properties: - spec: - type: object - properties: - ceOverrides: - description: CloudEventOverrides defines overrides to control the output format and modifications of the event sent to the sink. - type: object - properties: - extensions: - description: Extensions specify what attribute are added or overridden on the outbound event. Each `Extensions` key-value pair are set on the event as an attribute extension independently. - type: object - x-kubernetes-preserve-unknown-fields: true - sink: - description: Sink is a reference to an object that will resolve to a uri to use as the sink. - type: object - properties: - ref: - description: Ref points to an Addressable. - type: object - properties: - apiVersion: - description: API version of the referent. - type: string - kind: - description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - namespace: - description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ This is optional field, it gets defaulted to the object holding it if left out.' - type: string - uri: - description: URI can be an absolute URL(non-empty scheme and non-empty host) pointing to the target or a relative URI. Relative URIs will be resolved using the base URI retrieved from Ref. - type: string - # WARNING: the schema tool can not parse PodTemplateSpec, stub here and redirect to Deployment documentation. - template: - type: object - x-kubernetes-preserve-unknown-fields: true - description: 'A template in the shape of `Deployment.spec.template` to be used for this ContainerSource. More info: https://kubernetes.io/docs/concepts/workloads/controllers/deployment/' - status: - type: object - properties: - annotations: - description: Annotations is additional Status fields for the Resource to save some additional State as well as convey more information to the user. This is roughly akin to Annotations on any k8s resource, just the reconciler conveying richer information outwards. - type: object - x-kubernetes-preserve-unknown-fields: true - ceAttributes: - description: CloudEventAttributes are the specific attributes that the Source uses as part of its CloudEvents. - type: array - items: - type: object - properties: - source: - description: Source is the CloudEvents source attribute. - type: string - type: - description: Type refers to the CloudEvent type attribute. - type: string - conditions: - description: Conditions the latest available observations of a resource's current state. - type: array - items: - type: object - required: - - type - - status - properties: - lastTransitionTime: - description: LastTransitionTime is the last time the condition transitioned from one status to another. We use VolatileTime in place of metav1.Time to exclude this from creating equality.Semantic differences (all other things held constant). - type: string - message: - description: A human readable message indicating details about the transition. - type: string - reason: - description: The reason for the condition's last transition. - type: string - severity: - description: Severity with which to treat failures of this type of condition. When this is not specified, it defaults to Error. - type: string - status: - description: Status of the condition, one of True, False, Unknown. - type: string - type: - description: Type of condition. - type: string - observedGeneration: - description: ObservedGeneration is the 'Generation' of the Service that was last processed by the controller. - type: integer - format: int64 - sinkUri: - description: SinkURI is the current active sink URI that has been configured for the Source. - type: string - additionalPrinterColumns: - - name: Sink - type: string - jsonPath: ".status.sinkUri" - - name: Age - type: date - jsonPath: .metadata.creationTimestamp - - name: Ready - type: string - jsonPath: ".status.conditions[?(@.type==\"Ready\")].status" - - name: Reason - type: string - jsonPath: ".status.conditions[?(@.type=='Ready')].reason" - names: - categories: - - all - - knative - - sources - kind: ContainerSource - plural: containersources - singular: containersource - scope: Namespaced - ---- -# Copyright 2020 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - name: eventtypes.eventing.knative.dev - labels: - eventing.knative.dev/release: "v1.8.4" - knative.dev/crd-install: "true" - app.kubernetes.io/version: "1.8.4" - app.kubernetes.io/name: knative-eventing -spec: - group: eventing.knative.dev - versions: - - name: v1beta1 - served: true - storage: true - subresources: - status: {} - schema: - openAPIV3Schema: - type: object - description: 'EventType represents a type of event that can be consumed from a Broker.' - properties: - spec: - description: 'Spec defines the desired state of the EventType.' - type: object - properties: - broker: - type: string - description: - description: 'Description is an optional field used to describe the EventType, in any meaningful way.' - type: string - schema: - description: 'Schema is a URI, it represents the CloudEvents schemaurl extension attribute. It may be a JSON schema, a protobuf schema, etc. It is optional.' - type: string - schemaData: - description: 'SchemaData allows the CloudEvents schema to be stored directly in the EventType. Content is dependent on the encoding. Optional attribute. The contents are not validated or manipulated by the system.' - type: string - source: - description: 'Source is a URI, it represents the CloudEvents source.' - type: string - type: - description: 'Type represents the CloudEvents type. It is authoritative.' - type: string - status: - description: 'Status represents the current state of the EventType. This data may be out of date.' - type: object - properties: - annotations: - description: 'Annotations is additional Status fields for the Resource to save some additional State as well as convey more information to the user. This is roughly akin to Annotations on any k8s resource, just the reconciler conveying richer information outwards.' - type: object - x-kubernetes-preserve-unknown-fields: true - conditions: - description: 'Conditions the latest available observations of a resource''s current state.' - type: array - items: - type: object - required: - - type - - status - properties: - lastTransitionTime: - description: 'LastTransitionTime is the last time the condition transitioned from one status to another. We use VolatileTime in place of metav1.Time to exclude this from creating equality.Semantic differences (all other things held constant).' - type: string - message: - description: 'A human readable message indicating details about the transition.' - type: string - reason: - description: 'The reason for the condition''s last transition.' - type: string - severity: - description: 'Severity with which to treat failures of this type of condition. When this is not specified, it defaults to Error.' - type: string - status: - description: 'Status of the condition, one of True, False, Unknown.' - type: string - type: - description: 'Type of condition.' - type: string - observedGeneration: - description: 'ObservedGeneration is the ''Generation'' of the Service that was last processed by the controller.' - type: integer - format: int64 - additionalPrinterColumns: - - name: Type - type: string - jsonPath: ".spec.type" - - name: Source - type: string - jsonPath: ".spec.source" - - name: Schema - type: string - jsonPath: ".spec.schema" - - name: Broker - type: string - jsonPath: ".spec.broker" - - name: Description - type: string - jsonPath: ".spec.description" - # TODO remove Status https://github.com/knative/eventing/issues/2750 - - name: Ready - type: string - jsonPath: ".status.conditions[?(@.type==\"Ready\")].status" - - name: Reason - type: string - jsonPath: ".status.conditions[?(@.type==\"Ready\")].reason" - names: - kind: EventType - plural: eventtypes - singular: eventtype - categories: - - all - - knative - - eventing - scope: Namespaced - ---- -# Copyright 2020 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - name: parallels.flows.knative.dev - labels: - eventing.knative.dev/release: "v1.8.4" - knative.dev/crd-install: "true" - duck.knative.dev/addressable: "true" - app.kubernetes.io/version: "1.8.4" - app.kubernetes.io/name: knative-eventing -spec: - group: flows.knative.dev - versions: - - name: v1 - served: true - storage: true - subresources: - status: {} - schema: - openAPIV3Schema: - description: 'Parallel defines conditional branches that will be wired in series through Channels and Subscriptions.' - type: object - properties: - spec: - description: Spec defines the desired state of the Parallel. - type: object - properties: - branches: - description: Branches is the list of Filter/Subscribers pairs. - type: array - items: - type: object - x-kubernetes-preserve-unknown-fields: true - properties: - delivery: - description: Delivery is the delivery specification for events to the subscriber This includes things like retries, DLQ, etc. - type: object - properties: - backoffDelay: - description: 'BackoffDelay is the delay before retrying. More information on Duration format: - https://www.iso.org/iso-8601-date-and-time-format.html - https://en.wikipedia.org/wiki/ISO_8601 For linear policy, backoff delay is backoffDelay*. For exponential policy, backoff delay is backoffDelay*2^.' - type: string - backoffPolicy: - description: BackoffPolicy is the retry backoff policy (linear, exponential). - type: string - deadLetterSink: - description: DeadLetterSink is the sink receiving event that could not be sent to a destination. - type: object - properties: &addressableProperties - ref: - description: Ref points to an Addressable. - type: object - properties: - apiVersion: - description: API version of the referent. - type: string - kind: - description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - namespace: - description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ This is optional field, it gets defaulted to the object holding it if left out.' - type: string - uri: - description: URI can be an absolute URL(non-empty scheme and non-empty host) pointing to the target or a relative URI. Relative URIs will be resolved using the base URI retrieved from Ref. - type: string - retry: - description: Retry is the minimum number of retries the sender should attempt when sending an event before moving it to the dead letter sink. - type: integer - format: int32 - x-kubernetes-preserve-unknown-fields: true # This is necessary to enable the experimental feature delivery-timeout - filter: - description: Filter is the expression guarding the branch - type: object - properties: - !!merge <<: *addressableProperties - reply: - description: Reply is a Reference to where the result of Subscriber of this case gets sent to. If not specified, sent the result to the Parallel Reply - type: object - properties: - !!merge <<: *addressableProperties - subscriber: - description: Subscriber receiving the event when the filter passes - type: object - properties: - !!merge <<: *addressableProperties - channelTemplate: - description: ChannelTemplate specifies which Channel CRD to use. If left unspecified, it is set to the default Channel CRD for the namespace (or cluster, in case there are no defaults for the namespace). - type: object - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - spec: - description: Spec defines the Spec to use for each channel created. Passed in verbatim to the Channel CRD as Spec section. - type: object - x-kubernetes-preserve-unknown-fields: true - reply: - description: Reply is a Reference to where the result of a case Subscriber gets sent to when the case does not have a Reply - type: object - properties: - !!merge <<: *addressableProperties - status: - description: Status represents the current state of the Parallel. This data may be out of date. - type: object - properties: - address: - type: object - properties: - url: - type: string - annotations: - description: Annotations is additional Status fields for the Resource to save some additional State as well as convey more information to the user. This is roughly akin to Annotations on any k8s resource, just the reconciler conveying richer information outwards. - type: object - x-kubernetes-preserve-unknown-fields: true - branchStatuses: - description: BranchStatuses is an array of corresponding to branch statuses. Matches the Spec.Branches array in the order. - type: array - items: - type: object - properties: - filterChannelStatus: - description: FilterChannelStatus corresponds to the filter channel status. - type: object - properties: &channelProperties - channel: - description: Channel is the reference to the underlying channel. - type: object - properties: &referentProperties - apiVersion: - description: API version of the referent. - type: string - fieldPath: - description: 'If referring to a piece of an object instead of an entire object, this string should contain a valid JSON/Go field access statement, such as desiredState.manifest.containers[2]. For example, if the object reference is to a container within a pod, this would take on a value like: "spec.containers{name}" (where "name" refers to the name of the container that triggered the event) or if no container name is specified "spec.containers[2]" (container with index 2 in this pod). This syntax is chosen only to have some well-defined way of referencing a part of an object.' - type: string - kind: - description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - namespace: - description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' - type: string - resourceVersion: - description: 'Specific resourceVersion to which this reference is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency' - type: string - uid: - description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids' - type: string - ready: - description: ReadyCondition indicates whether the Channel is ready or not. - type: object - x-kubernetes-preserve-unknown-fields: true - properties: &readyConditionProperties - message: - description: A human readable message indicating details about the transition. - type: string - reason: - description: The reason for the condition's last transition. - type: string - severity: - description: Severity with which to treat failures of this type of condition. When this is not specified, it defaults to Error. - type: string - status: - description: Status of the condition, one of True, False, Unknown. - type: string - type: - description: Type of condition. - type: string - filterSubscriptionStatus: - description: FilterSubscriptionStatus corresponds to the filter subscription status. - type: object - properties: - ready: - description: ReadyCondition indicates whether the Subscription is ready or not. - type: object - properties: - !!merge <<: *readyConditionProperties - subscription: - description: Subscription is the reference to the underlying Subscription. - type: object - properties: - !!merge <<: *referentProperties - subscriberSubscriptionStatus: - description: SubscriptionStatus corresponds to the subscriber subscription status. - type: object - properties: - ready: - description: ReadyCondition indicates whether the Subscription is ready or not. - type: object - properties: - !!merge <<: *readyConditionProperties - subscription: - description: Subscription is the reference to the underlying Subscription. - type: object - properties: - !!merge <<: *referentProperties - conditions: - description: Conditions the latest available observations of a resource's current state. - type: array - items: - type: object - properties: - !!merge <<: *readyConditionProperties - ingressChannelStatus: - description: IngressChannelStatus corresponds to the ingress channel status. - type: object - properties: - !!merge <<: *channelProperties - observedGeneration: - description: ObservedGeneration is the 'Generation' of the Service that was last processed by the controller. - type: integer - format: int64 - additionalPrinterColumns: - - name: URL - type: string - jsonPath: .status.address.url - - name: Age - type: date - jsonPath: .metadata.creationTimestamp - - name: Ready - type: string - jsonPath: ".status.conditions[?(@.type==\"Ready\")].status" - - name: Reason - type: string - jsonPath: ".status.conditions[?(@.type==\"Ready\")].reason" - names: - kind: Parallel - plural: parallels - singular: parallel - categories: - - all - - knative - - flows - scope: Namespaced - ---- -# Copyright 2020 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - labels: - eventing.knative.dev/release: "v1.8.4" - eventing.knative.dev/source: "true" - duck.knative.dev/source: "true" - knative.dev/crd-install: "true" - app.kubernetes.io/version: "1.8.4" - app.kubernetes.io/name: knative-eventing - annotations: - # TODO add schemas and descriptions - registry.knative.dev/eventTypes: | - [ - { "type": "dev.knative.sources.ping" } - ] - name: pingsources.sources.knative.dev -spec: - group: sources.knative.dev - versions: - - &version - name: v1beta2 - served: true - storage: false - subresources: - status: {} - schema: - openAPIV3Schema: - type: object - description: 'PingSource describes an event source with a fixed payload produced on a specified cron schedule.' - properties: - spec: - type: object - description: 'PingSourceSpec defines the desired state of the PingSource (from the client).' - properties: - ceOverrides: - description: 'CloudEventOverrides defines overrides to control the output format and modifications of the event sent to the sink.' - type: object - properties: - extensions: - description: 'Extensions specify what attribute are added or overridden on the outbound event. Each `Extensions` key-value pair are set on the event as an attribute extension independently.' - type: object - additionalProperties: - type: string - x-kubernetes-preserve-unknown-fields: true - contentType: - description: 'ContentType is the media type of `data` or `dataBase64`. Default is empty.' - type: string - data: - description: 'Data is data used as the body of the event posted to the sink. Default is empty. Mutually exclusive with `dataBase64`.' - type: string - dataBase64: - description: "DataBase64 is the base64-encoded string of the actual event's body posted to the sink. Default is empty. Mutually exclusive with `data`." - type: string - schedule: - description: 'Schedule is the cron schedule. Defaults to `* * * * *`.' - type: string - sink: - description: 'Sink is a reference to an object that will resolve to a uri to use as the sink.' - type: object - properties: - ref: - description: 'Ref points to an Addressable.' - type: object - properties: - apiVersion: - description: 'API version of the referent.' - type: string - kind: - description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - namespace: - description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ This is optional field, it gets defaulted to the object holding it if left out.' - type: string - uri: - description: 'URI can be an absolute URL(non-empty scheme and non-empty host) pointing to the target or a relative URI. Relative URIs will be resolved using the base URI retrieved from Ref.' - type: string - timezone: - description: 'Timezone modifies the actual time relative to the specified timezone. Defaults to the system time zone. More general information about time zones: https://www.iana.org/time-zones List of valid timezone values: https://en.wikipedia.org/wiki/List_of_tz_database_time_zones' - type: string - status: - type: object - description: 'PingSourceStatus defines the observed state of PingSource (from the controller).' - properties: - annotations: - description: 'Annotations is additional Status fields for the Resource to save some additional State as well as convey more information to the user. This is roughly akin to Annotations on any k8s resource, just the reconciler conveying richer information outwards.' - type: object - x-kubernetes-preserve-unknown-fields: true - ceAttributes: - description: 'CloudEventAttributes are the specific attributes that the Source uses as part of its CloudEvents.' - type: array - items: - type: object - properties: - source: - description: 'Source is the CloudEvents source attribute.' - type: string - type: - description: 'Type refers to the CloudEvent type attribute.' - type: string - conditions: - description: 'Conditions the latest available observations of a resource''s current state.' - type: array - items: - type: object - required: - - type - - status - properties: - lastTransitionTime: - description: 'LastTransitionTime is the last time the condition transitioned from one status to another. We use VolatileTime in place of metav1.Time to exclude this from creating equality.Semantic differences (all other things held constant).' - type: string - message: - description: 'A human readable message indicating details about the transition.' - type: string - reason: - description: 'The reason for the condition''s last transition.' - type: string - severity: - description: 'Severity with which to treat failures of this type of condition. When this is not specified, it defaults to Error.' - type: string - status: - description: 'Status of the condition, one of True, False, Unknown.' - type: string - type: - description: 'Type of condition.' - type: string - observedGeneration: - description: 'ObservedGeneration is the "Generation" of the Service that was last processed by the controller.' - type: integer - format: int64 - sinkUri: - description: 'SinkURI is the current active sink URI that has been configured for the Source.' - type: string - additionalPrinterColumns: - - name: Sink - type: string - jsonPath: .status.sinkUri - - name: Schedule - type: string - jsonPath: .spec.schedule - - name: Age - type: date - jsonPath: .metadata.creationTimestamp - - name: Ready - type: string - jsonPath: ".status.conditions[?(@.type=='Ready')].status" - - name: Reason - type: string - jsonPath: ".status.conditions[?(@.type=='Ready')].reason" - - !!merge <<: *version - name: v1 - served: true - storage: true - # v1 schema is identical to the v1beta2 schema - names: - categories: - - all - - knative - - sources - kind: PingSource - plural: pingsources - singular: pingsource - scope: Namespaced - conversion: - strategy: Webhook - webhook: - conversionReviewVersions: ["v1", "v1beta1"] - clientConfig: - service: - name: eventing-webhook - namespace: knative-eventing - ---- -# Copyright 2020 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - name: sequences.flows.knative.dev - labels: - eventing.knative.dev/release: "v1.8.4" - knative.dev/crd-install: "true" - duck.knative.dev/addressable: "true" - app.kubernetes.io/version: "1.8.4" - app.kubernetes.io/name: knative-eventing -spec: - group: flows.knative.dev - versions: - - name: v1 - served: true - storage: true - subresources: - status: {} - schema: - openAPIV3Schema: - description: 'Sequence defines a sequence of Subscribers that will be wired in series through Channels and Subscriptions.' - type: object - properties: - spec: - description: Spec defines the desired state of the Sequence. - type: object - properties: - channelTemplate: - description: ChannelTemplate specifies which Channel CRD to use. If left unspecified, it is set to the default Channel CRD for the namespace (or cluster, in case there are no defaults for the namespace). - type: object - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - spec: - description: Spec defines the Spec to use for each channel created. Passed in verbatim to the Channel CRD as Spec section. - type: object - x-kubernetes-preserve-unknown-fields: true - reply: - description: Reply is a Reference to where the result of the last Subscriber gets sent to. - type: object - properties: - ref: - description: Ref points to an Addressable. - type: object - properties: - apiVersion: - description: API version of the referent. - type: string - kind: - description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - namespace: - description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ This is optional field, it gets defaulted to the object holding it if left out.' - type: string - uri: - description: URI can be an absolute URL(non-empty scheme and non-empty host) pointing to the target or a relative URI. Relative URIs will be resolved using the base URI retrieved from Ref. - type: string - steps: - description: Steps is the list of Destinations (processors / functions) that will be called in the order provided. Each step has its own delivery options - type: array - items: - type: object - properties: - delivery: - description: Delivery is the delivery specification for events to the subscriber This includes things like retries, DLQ, etc. - type: object - properties: - backoffDelay: - description: 'BackoffDelay is the delay before retrying. More information on Duration format: - https://www.iso.org/iso-8601-date-and-time-format.html - https://en.wikipedia.org/wiki/ISO_8601 For linear policy, backoff delay is backoffDelay*. For exponential policy, backoff delay is backoffDelay*2^.' - type: string - backoffPolicy: - description: BackoffPolicy is the retry backoff policy (linear, exponential). - type: string - deadLetterSink: - description: DeadLetterSink is the sink receiving event that could not be sent to a destination. - type: object - properties: - ref: - description: Ref points to an Addressable. - type: object - properties: - apiVersion: - description: API version of the referent. - type: string - kind: - description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - namespace: - description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ This is optional field, it gets defaulted to the object holding it if left out.' - type: string - uri: - description: URI can be an absolute URL(non-empty scheme and non-empty host) pointing to the target or a relative URI. Relative URIs will be resolved using the base URI retrieved from Ref. - type: string - retry: - description: Retry is the minimum number of retries the sender should attempt when sending an event before moving it to the dead letter sink. - type: integer - format: int32 - x-kubernetes-preserve-unknown-fields: true # This is necessary to enable the experimental feature delivery-timeout - ref: - description: Ref points to an Addressable. - type: object - properties: - apiVersion: - description: API version of the referent. - type: string - kind: - description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - namespace: - description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ This is optional field, it gets defaulted to the object holding it if left out.' - type: string - uri: - description: URI can be an absolute URL(non-empty scheme and non-empty host) pointing to the target or a relative URI. Relative URIs will be resolved using the base URI retrieved from Ref. - type: string - status: - description: Status represents the current state of the Sequence. This data may be out of date. - type: object - properties: - address: - type: object - properties: - url: - type: string - annotations: - description: Annotations is additional Status fields for the Resource to save some additional State as well as convey more information to the user. This is roughly akin to Annotations on any k8s resource, just the reconciler conveying richer information outwards. - type: object - x-kubernetes-preserve-unknown-fields: true - channelStatuses: - description: ChannelStatuses is an array of corresponding Channel statuses. Matches the Spec.Steps array in the order. - type: array - items: - type: object - properties: - channel: - description: Channel is the reference to the underlying channel. - type: object - properties: - apiVersion: - description: API version of the referent. - type: string - fieldPath: - description: 'If referring to a piece of an object instead of an entire object, this string should contain a valid JSON/Go field access statement, such as desiredState.manifest.containers[2]. For example, if the object reference is to a container within a pod, this would take on a value like: "spec.containers{name}" (where "name" refers to the name of the container that triggered the event) or if no container name is specified "spec.containers[2]" (container with index 2 in this pod). This syntax is chosen only to have some well-defined way of referencing a part of an object.' - type: string - kind: - description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - namespace: - description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' - type: string - resourceVersion: - description: 'Specific resourceVersion to which this reference is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency' - type: string - uid: - description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids' - type: string - ready: - description: ReadyCondition indicates whether the Channel is ready or not. - type: object - required: - - type - - status - properties: - lastTransitionTime: - description: LastTransitionTime is the last time the condition transitioned from one status to another. We use VolatileTime in place of metav1.Time to exclude this from creating equality.Semantic differences (all other things held constant). - type: string - message: - description: A human readable message indicating details about the transition. - type: string - reason: - description: The reason for the condition's last transition. - type: string - severity: - description: Severity with which to treat failures of this type of condition. When this is not specified, it defaults to Error. - type: string - status: - description: Status of the condition, one of True, False, Unknown. - type: string - type: - description: Type of condition. - type: string - conditions: - description: Conditions the latest available observations of a resource's current state. - type: array - items: - type: object - required: - - type - - status - properties: - lastTransitionTime: - description: LastTransitionTime is the last time the condition transitioned from one status to another. We use VolatileTime in place of metav1.Time to exclude this from creating equality.Semantic differences (all other things held constant). - type: string - message: - description: A human readable message indicating details about the transition. - type: string - reason: - description: The reason for the condition's last transition. - type: string - severity: - description: Severity with which to treat failures of this type of condition. When this is not specified, it defaults to Error. - type: string - status: - description: Status of the condition, one of True, False, Unknown. - type: string - type: - description: Type of condition. - type: string - observedGeneration: - description: ObservedGeneration is the 'Generation' of the Service that was last processed by the controller. - type: integer - format: int64 - subscriptionStatuses: - description: SubscriptionStatuses is an array of corresponding Subscription statuses. Matches the Spec.Steps array in the order. - type: array - items: - type: object - properties: - ready: - description: ReadyCondition indicates whether the Subscription is ready or not. - type: object - required: - - type - - status - properties: - lastTransitionTime: - description: LastTransitionTime is the last time the condition transitioned from one status to another. We use VolatileTime in place of metav1.Time to exclude this from creating equality.Semantic differences (all other things held constant). - type: string - message: - description: A human readable message indicating details about the transition. - type: string - reason: - description: The reason for the condition's last transition. - type: string - severity: - description: Severity with which to treat failures of this type of condition. When this is not specified, it defaults to Error. - type: string - status: - description: Status of the condition, one of True, False, Unknown. - type: string - type: - description: Type of condition. - type: string - subscription: - description: Subscription is the reference to the underlying Subscription. - type: object - properties: - apiVersion: - description: API version of the referent. - type: string - fieldPath: - description: 'If referring to a piece of an object instead of an entire object, this string should contain a valid JSON/Go field access statement, such as desiredState.manifest.containers[2]. For example, if the object reference is to a container within a pod, this would take on a value like: "spec.containers{name}" (where "name" refers to the name of the container that triggered the event) or if no container name is specified "spec.containers[2]" (container with index 2 in this pod). This syntax is chosen only to have some well-defined way of referencing a part of an object.' - type: string - kind: - description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - namespace: - description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' - type: string - resourceVersion: - description: 'Specific resourceVersion to which this reference is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency' - type: string - uid: - description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids' - type: string - additionalPrinterColumns: - - name: URL - type: string - jsonPath: .status.address.url - - name: Age - type: date - jsonPath: .metadata.creationTimestamp - - name: Ready - type: string - jsonPath: ".status.conditions[?(@.type==\"Ready\")].status" - - name: Reason - type: string - jsonPath: ".status.conditions[?(@.type==\"Ready\")].reason" - names: - kind: Sequence - plural: sequences - singular: sequence - categories: - - all - - knative - - flows - scope: Namespaced - ---- -# Copyright 2020 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - labels: - eventing.knative.dev/release: "v1.8.4" - eventing.knative.dev/source: "true" - duck.knative.dev/source: "true" - duck.knative.dev/binding: "true" - knative.dev/crd-install: "true" - app.kubernetes.io/version: "1.8.4" - app.kubernetes.io/name: knative-eventing - name: sinkbindings.sources.knative.dev -spec: - group: sources.knative.dev - versions: - - name: v1 - served: true - storage: true - subresources: - status: {} - schema: - openAPIV3Schema: - description: 'SinkBinding describes a Binding that is also a Source. The `sink` (from the Source duck) is resolved to a URL and then projected into the `subject` by augmenting the runtime contract of the referenced containers to have a `K_SINK` environment variable holding the endpoint to which to send cloud events.' - type: object - properties: - spec: - type: object - properties: - ceOverrides: - description: CloudEventOverrides defines overrides to control the output format and modifications of the event sent to the sink. - type: object - properties: - extensions: - description: Extensions specify what attribute are added or overridden on the outbound event. Each `Extensions` key-value pair are set on the event as an attribute extension independently. - type: object - x-kubernetes-preserve-unknown-fields: true - sink: - description: Sink is a reference to an object that will resolve to a uri to use as the sink. - type: object - properties: - ref: - description: Ref points to an Addressable. - type: object - properties: - apiVersion: - description: API version of the referent. - type: string - kind: - description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - namespace: - description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ This is optional field, it gets defaulted to the object holding it if left out.' - type: string - uri: - description: URI can be an absolute URL(non-empty scheme and non-empty host) pointing to the target or a relative URI. Relative URIs will be resolved using the base URI retrieved from Ref. - type: string - subject: - description: Subject references the resource(s) whose "runtime contract" should be augmented by Binding implementations. - type: object - properties: - apiVersion: - description: API version of the referent. - type: string - kind: - description: Kind of the referent. - type: string - name: - description: Name of the referent. Mutually exclusive with Selector. - type: string - namespace: - description: Namespace of the referent. - type: string - selector: - description: Selector of the referents. Mutually exclusive with Name. - type: object - properties: - matchExpressions: - description: matchExpressions is a list of label selector requirements. The requirements are ANDed. - type: array - items: - type: object - properties: - key: - description: key is the label key that the selector applies to. - type: string - operator: - description: operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. - type: string - values: - description: values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. - type: array - items: - type: string - matchLabels: - description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. - type: object - x-kubernetes-preserve-unknown-fields: true - status: - type: object - properties: - annotations: - description: Annotations is additional Status fields for the Resource to save some additional State as well as convey more information to the user. This is roughly akin to Annotations on any k8s resource, just the reconciler conveying richer information outwards. - type: object - x-kubernetes-preserve-unknown-fields: true - ceAttributes: - description: CloudEventAttributes are the specific attributes that the Source uses as part of its CloudEvents. - type: array - items: - type: object - properties: - source: - description: Source is the CloudEvents source attribute. - type: string - type: - description: Type refers to the CloudEvent type attribute. - type: string - conditions: - description: Conditions the latest available observations of a resource's current state. - type: array - items: - type: object - required: - - type - - status - properties: - lastTransitionTime: - description: LastTransitionTime is the last time the condition transitioned from one status to another. We use VolatileTime in place of metav1.Time to exclude this from creating equality.Semantic differences (all other things held constant). - type: string - message: - description: A human readable message indicating details about the transition. - type: string - reason: - description: The reason for the condition's last transition. - type: string - severity: - description: Severity with which to treat failures of this type of condition. When this is not specified, it defaults to Error. - type: string - status: - description: Status of the condition, one of True, False, Unknown. - type: string - type: - description: Type of condition. - type: string - observedGeneration: - description: ObservedGeneration is the 'Generation' of the Service that was last processed by the controller. - type: integer - format: int64 - sinkUri: - description: SinkURI is the current active sink URI that has been configured for the Source. - type: string - additionalPrinterColumns: - - name: Sink - type: string - jsonPath: ".status.sinkUri" - - name: Age - type: date - jsonPath: .metadata.creationTimestamp - - name: Ready - type: string - jsonPath: ".status.conditions[?(@.type=='Ready')].status" - - name: Reason - type: string - jsonPath: ".status.conditions[?(@.type=='Ready')].reason" - names: - categories: - - all - - knative - - sources - - bindings - kind: SinkBinding - plural: sinkbindings - singular: sinkbinding - scope: Namespaced - ---- -# Copyright 2020 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - name: subscriptions.messaging.knative.dev - labels: - eventing.knative.dev/release: "v1.8.4" - knative.dev/crd-install: "true" - app.kubernetes.io/version: "1.8.4" - app.kubernetes.io/name: knative-eventing -spec: - group: messaging.knative.dev - versions: - - name: v1 - served: true - storage: true - subresources: - status: {} - schema: - openAPIV3Schema: - description: 'Subscription routes events received on a Channel to a DNS name and corresponds to the subscriptions.channels.knative.dev CRD.' - type: object - properties: - spec: - type: object - properties: - channel: - description: 'Reference to a channel that will be used to create the subscription. You can specify only the following fields of the KReference: kind, apiVersion and name. The resource pointed by this KReference must meet the contract to the ChannelableSpec duck type. If the resource does not meet this contract it will be reflected in the Subscription''s status. This field is immutable. We have no good answer on what happens to the events that are currently in the channel being consumed from and what the semantics there should be. For now, you can always delete the Subscription and recreate it to point to a different channel, giving the user more control over what semantics should be used (drain the channel first, possibly have events dropped, etc.)' - type: object - properties: - apiVersion: - description: API version of the referent. - type: string - kind: - description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - x-kubernetes-preserve-unknown-fields: true # This is necessary to enable the experimental feature - delivery: - description: Delivery configuration - type: object - properties: - backoffDelay: - description: 'BackoffDelay is the delay before retrying. More information on Duration format: - https://www.iso.org/iso-8601-date-and-time-format.html - https://en.wikipedia.org/wiki/ISO_8601 For linear policy, backoff delay is backoffDelay*. For exponential policy, backoff delay is backoffDelay*2^.' - type: string - backoffPolicy: - description: BackoffPolicy is the retry backoff policy (linear, exponential). - type: string - deadLetterSink: - description: DeadLetterSink is the sink receiving event that could not be sent to a destination. - type: object - properties: - ref: - description: Ref points to an Addressable. - type: object - properties: - apiVersion: - description: API version of the referent. - type: string - kind: - description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - namespace: - description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ This is optional field, it gets defaulted to the object holding it if left out.' - type: string - uri: - description: URI can be an absolute URL(non-empty scheme and non-empty host) pointing to the target or a relative URI. Relative URIs will be resolved using the base URI retrieved from Ref. - type: string - retry: - description: Retry is the minimum number of retries the sender should attempt when sending an event before moving it to the dead letter sink. - type: integer - format: int32 - x-kubernetes-preserve-unknown-fields: true # This is necessary to enable the experimental feature delivery-timeout - reply: - description: Reply specifies (optionally) how to handle events returned from the Subscriber target. - type: object - properties: - ref: - description: Ref points to an Addressable. - type: object - properties: - apiVersion: - description: API version of the referent. - type: string - kind: - description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - namespace: - description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ This is optional field, it gets defaulted to the object holding it if left out.' - type: string - uri: - description: URI can be an absolute URL(non-empty scheme and non-empty host) pointing to the target or a relative URI. Relative URIs will be resolved using the base URI retrieved from Ref. - type: string - subscriber: - description: Subscriber is reference to (optional) function for processing events. Events from the Channel will be delivered here and replies are sent to a Destination as specified by the Reply. - type: object - properties: - ref: - description: Ref points to an Addressable. - type: object - properties: - apiVersion: - description: API version of the referent. - type: string - kind: - description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - namespace: - description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ This is optional field, it gets defaulted to the object holding it if left out.' - type: string - x-kubernetes-preserve-unknown-fields: true # This is necessary to enable the experimental feature - uri: - description: URI can be an absolute URL(non-empty scheme and non-empty host) pointing to the target or a relative URI. Relative URIs will be resolved using the base URI retrieved from Ref. - type: string - status: - type: object - properties: - annotations: - description: Annotations is additional Status fields for the Resource to save some additional State as well as convey more information to the user. This is roughly akin to Annotations on any k8s resource, just the reconciler conveying richer information outwards. - type: object - x-kubernetes-preserve-unknown-fields: true - conditions: - description: Conditions the latest available observations of a resource's current state. - type: array - items: - type: object - required: - - type - - status - properties: - lastTransitionTime: - description: LastTransitionTime is the last time the condition transitioned from one status to another. We use VolatileTime in place of metav1.Time to exclude this from creating equality.Semantic differences (all other things held constant). - type: string - message: - description: A human readable message indicating details about the transition. - type: string - reason: - description: The reason for the condition's last transition. - type: string - severity: - description: Severity with which to treat failures of this type of condition. When this is not specified, it defaults to Error. - type: string - status: - description: Status of the condition, one of True, False, Unknown. - type: string - type: - description: Type of condition. - type: string - observedGeneration: - description: ObservedGeneration is the 'Generation' of the Service that was last processed by the controller. - type: integer - format: int64 - physicalSubscription: - description: PhysicalSubscription is the fully resolved values that this Subscription represents. - type: object - properties: - deadLetterSinkUri: - description: ReplyURI is the fully resolved URI for the spec.delivery.deadLetterSink. - type: string - replyUri: - description: ReplyURI is the fully resolved URI for the spec.reply. - type: string - subscriberUri: - description: SubscriberURI is the fully resolved URI for spec.subscriber. - type: string - additionalPrinterColumns: - - name: Age - type: date - jsonPath: .metadata.creationTimestamp - - name: Ready - type: string - jsonPath: ".status.conditions[?(@.type==\"Ready\")].status" - - name: Reason - type: string - jsonPath: ".status.conditions[?(@.type==\"Ready\")].reason" - names: - kind: Subscription - plural: subscriptions - singular: subscription - categories: - - all - - knative - - messaging - shortNames: - - sub - scope: Namespaced - ---- -# Copyright 2020 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - name: triggers.eventing.knative.dev - labels: - eventing.knative.dev/release: "v1.8.4" - knative.dev/crd-install: "true" - app.kubernetes.io/version: "1.8.4" - app.kubernetes.io/name: knative-eventing -spec: - group: eventing.knative.dev - versions: - - name: v1 - served: true - storage: true - subresources: - status: {} - additionalPrinterColumns: - - name: Broker - type: string - jsonPath: .spec.broker - - name: Subscriber_URI - type: string - jsonPath: .status.subscriberUri - - name: Age - type: date - jsonPath: .metadata.creationTimestamp - - name: Ready - type: string - jsonPath: ".status.conditions[?(@.type==\"Ready\")].status" - - name: Reason - type: string - jsonPath: ".status.conditions[?(@.type==\"Ready\")].reason" - schema: - openAPIV3Schema: - description: 'Trigger represents a request to have events delivered to a subscriber from a Broker''s event pool.' - type: object - properties: - spec: - description: Spec defines the desired state of the Trigger. - type: object - x-kubernetes-preserve-unknown-fields: true - properties: - broker: - description: Broker is the broker that this trigger receives events from. - type: string - delivery: - description: Delivery contains the delivery spec for this specific trigger. - type: object - x-kubernetes-preserve-unknown-fields: true # This is necessary to enable the experimental feature delivery-timeout - properties: - backoffDelay: - description: 'BackoffDelay is the delay before retrying. More information on Duration format: - https://www.iso.org/iso-8601-date-and-time-format.html - https://en.wikipedia.org/wiki/ISO_8601 For linear policy, backoff delay is backoffDelay*. For exponential policy, backoff delay is backoffDelay*2^.' - type: string - backoffPolicy: - description: BackoffPolicy is the retry backoff policy (linear, exponential). - type: string - deadLetterSink: - description: DeadLetterSink is the sink receiving event that could not be sent to a destination. - type: object - properties: - ref: - description: Ref points to an Addressable. - type: object - properties: - apiVersion: - description: API version of the referent. - type: string - kind: - description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - namespace: - description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ This is optional field, it gets defaulted to the object holding it if left out.' - type: string - uri: - description: URI can be an absolute URL(non-empty scheme and non-empty host) pointing to the target or a relative URI. Relative URIs will be resolved using the base URI retrieved from Ref. - type: string - retry: - description: Retry is the minimum number of retries the sender should attempt when sending an event before moving it to the dead letter sink. - type: integer - format: int32 - filter: - description: 'Filter is the filter to apply against all events from the Broker. Only events that pass this filter will be sent to the Subscriber. If not specified, will default to allowing all events. ' - type: object - properties: - attributes: - description: 'Attributes filters events by exact match on event context attributes. Each key in the map is compared with the equivalent key in the event context. An event passes the filter if all values are equal to the specified values. Nested context attributes are not supported as keys. Only string values are supported. ' - type: object - x-kubernetes-preserve-unknown-fields: true - subscriber: - description: Subscriber is the addressable that receives events from the Broker that pass the Filter. It is required. - type: object - properties: - ref: - description: Ref points to an Addressable. - type: object - properties: - apiVersion: - description: API version of the referent. - type: string - kind: - description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - namespace: - description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ This is optional field, it gets defaulted to the object holding it if left out.' - type: string - uri: - description: URI can be an absolute URL(non-empty scheme and non-empty host) pointing to the target or a relative URI. Relative URIs will be resolved using the base URI retrieved from Ref. - type: string - status: - description: Status represents the current state of the Trigger. This data may be out of date. - type: object - properties: - annotations: - description: Annotations is additional Status fields for the Resource to save some additional State as well as convey more information to the user. This is roughly akin to Annotations on any k8s resource, just the reconciler conveying richer information outwards. - type: object - x-kubernetes-preserve-unknown-fields: true - conditions: - description: Conditions the latest available observations of a resource's current state. - type: array - items: - type: object - required: - - type - - status - properties: - lastTransitionTime: - description: 'LastTransitionTime is the last time the condition transitioned from one status to another. We use VolatileTime in place of metav1.Time to exclude this from creating equality.Semantic differences (all other things held constant).' - type: string - message: - description: 'A human readable message indicating details about the transition.' - type: string - reason: - description: 'The reason for the condition''s last transition.' - type: string - severity: - description: 'Severity with which to treat failures of this type of condition. When this is not specified, it defaults to Error.' - type: string - status: - description: 'Status of the condition, one of True, False, Unknown.' - type: string - type: - description: 'Type of condition.' - type: string - deadLetterSinkUri: - description: DeadLetterSinkURI is the resolved URI of the dead letter sink for this Trigger, in case there is none this will fallback to it's Broker status DeadLetterSinkURI. - type: string - observedGeneration: - description: ObservedGeneration is the 'Generation' of the Service that was last processed by the controller. - type: integer - format: int64 - subscriberUri: - description: SubscriberURI is the resolved URI of the receiver for this Trigger. - type: string - names: - kind: Trigger - plural: triggers - singular: trigger - categories: - - all - - knative - - eventing - scope: Namespaced - ---- diff --git a/cmd/operator/kodata/knative-eventing/1.8.4/2-eventing-core.yaml b/cmd/operator/kodata/knative-eventing/1.8.4/2-eventing-core.yaml deleted file mode 100644 index 4360d76503..0000000000 --- a/cmd/operator/kodata/knative-eventing/1.8.4/2-eventing-core.yaml +++ /dev/null @@ -1,4640 +0,0 @@ -# Copyright 2018 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -apiVersion: v1 -kind: Namespace -metadata: - name: knative-eventing - labels: - eventing.knative.dev/release: "v1.8.4" - app.kubernetes.io/version: "1.8.4" - app.kubernetes.io/name: knative-eventing - ---- -# Copyright 2018 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: v1 -kind: ServiceAccount -metadata: - name: eventing-controller - namespace: knative-eventing - labels: - eventing.knative.dev/release: "v1.8.4" - app.kubernetes.io/version: "1.8.4" - app.kubernetes.io/name: knative-eventing ---- -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRoleBinding -metadata: - name: eventing-controller - labels: - eventing.knative.dev/release: "v1.8.4" - app.kubernetes.io/version: "1.8.4" - app.kubernetes.io/name: knative-eventing -subjects: - - kind: ServiceAccount - name: eventing-controller - namespace: knative-eventing -roleRef: - kind: ClusterRole - name: knative-eventing-controller - apiGroup: rbac.authorization.k8s.io ---- -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRoleBinding -metadata: - name: eventing-controller-resolver - labels: - eventing.knative.dev/release: "v1.8.4" - app.kubernetes.io/version: "1.8.4" - app.kubernetes.io/name: knative-eventing -subjects: - - kind: ServiceAccount - name: eventing-controller - namespace: knative-eventing -roleRef: - kind: ClusterRole - name: addressable-resolver - apiGroup: rbac.authorization.k8s.io ---- -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRoleBinding -metadata: - name: eventing-controller-source-observer - labels: - eventing.knative.dev/release: "v1.8.4" - app.kubernetes.io/version: "1.8.4" - app.kubernetes.io/name: knative-eventing -subjects: - - kind: ServiceAccount - name: eventing-controller - namespace: knative-eventing -roleRef: - kind: ClusterRole - name: source-observer - apiGroup: rbac.authorization.k8s.io ---- -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRoleBinding -metadata: - name: eventing-controller-sources-controller - labels: - eventing.knative.dev/release: "v1.8.4" - app.kubernetes.io/version: "1.8.4" - app.kubernetes.io/name: knative-eventing -subjects: - - kind: ServiceAccount - name: eventing-controller - namespace: knative-eventing -roleRef: - kind: ClusterRole - name: knative-eventing-sources-controller - apiGroup: rbac.authorization.k8s.io ---- -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRoleBinding -metadata: - name: eventing-controller-manipulator - labels: - eventing.knative.dev/release: "v1.8.4" - app.kubernetes.io/version: "1.8.4" - app.kubernetes.io/name: knative-eventing -subjects: - - kind: ServiceAccount - name: eventing-controller - namespace: knative-eventing -roleRef: - kind: ClusterRole - name: channelable-manipulator - apiGroup: rbac.authorization.k8s.io - ---- -# Copyright 2020 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: v1 -kind: ServiceAccount -metadata: - name: pingsource-mt-adapter - namespace: knative-eventing - labels: - eventing.knative.dev/release: "v1.8.4" - app.kubernetes.io/version: "1.8.4" - app.kubernetes.io/name: knative-eventing ---- -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRoleBinding -metadata: - name: knative-eventing-pingsource-mt-adapter - labels: - eventing.knative.dev/release: "v1.8.4" - app.kubernetes.io/version: "1.8.4" - app.kubernetes.io/name: knative-eventing -subjects: - - kind: ServiceAccount - name: pingsource-mt-adapter - namespace: knative-eventing -roleRef: - kind: ClusterRole - name: knative-eventing-pingsource-mt-adapter - apiGroup: rbac.authorization.k8s.io - ---- -# Copyright 2018 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: v1 -kind: ServiceAccount -metadata: - name: eventing-webhook - namespace: knative-eventing - labels: - eventing.knative.dev/release: "v1.8.4" - app.kubernetes.io/version: "1.8.4" - app.kubernetes.io/name: knative-eventing ---- -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRoleBinding -metadata: - name: eventing-webhook - labels: - eventing.knative.dev/release: "v1.8.4" - app.kubernetes.io/version: "1.8.4" - app.kubernetes.io/name: knative-eventing -subjects: - - kind: ServiceAccount - name: eventing-webhook - namespace: knative-eventing -roleRef: - kind: ClusterRole - name: knative-eventing-webhook - apiGroup: rbac.authorization.k8s.io ---- -apiVersion: rbac.authorization.k8s.io/v1 -kind: RoleBinding -metadata: - namespace: knative-eventing - name: eventing-webhook - labels: - eventing.knative.dev/release: "v1.8.4" - app.kubernetes.io/version: "1.8.4" - app.kubernetes.io/name: knative-eventing -subjects: - - kind: ServiceAccount - name: eventing-webhook - namespace: knative-eventing -roleRef: - kind: Role - name: knative-eventing-webhook - apiGroup: rbac.authorization.k8s.io ---- -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRoleBinding -metadata: - name: eventing-webhook-resolver - labels: - eventing.knative.dev/release: "v1.8.4" - app.kubernetes.io/version: "1.8.4" - app.kubernetes.io/name: knative-eventing -subjects: - - kind: ServiceAccount - name: eventing-webhook - namespace: knative-eventing -roleRef: - kind: ClusterRole - name: addressable-resolver - apiGroup: rbac.authorization.k8s.io ---- -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRoleBinding -metadata: - name: eventing-webhook-podspecable-binding - labels: - eventing.knative.dev/release: "v1.8.4" - app.kubernetes.io/version: "1.8.4" - app.kubernetes.io/name: knative-eventing -subjects: - - kind: ServiceAccount - name: eventing-webhook - namespace: knative-eventing -roleRef: - kind: ClusterRole - name: podspecable-binding - apiGroup: rbac.authorization.k8s.io - ---- -# Copyright 2020 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: v1 -kind: ConfigMap -metadata: - name: config-br-default-channel - namespace: knative-eventing - labels: - eventing.knative.dev/release: "v1.8.4" - app.kubernetes.io/version: "1.8.4" - app.kubernetes.io/name: knative-eventing -data: - channel-template-spec: | - apiVersion: messaging.knative.dev/v1 - kind: InMemoryChannel - ---- -# Copyright 2021 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: v1 -kind: ConfigMap -metadata: - name: config-br-defaults - namespace: knative-eventing - labels: - eventing.knative.dev/release: "v1.8.4" - app.kubernetes.io/version: "1.8.4" - app.kubernetes.io/name: knative-eventing -data: - # Configures the default for any Broker that does not specify a spec.config or Broker class. - default-br-config: | - clusterDefault: - brokerClass: MTChannelBasedBroker - apiVersion: v1 - kind: ConfigMap - name: config-br-default-channel - namespace: knative-eventing - delivery: - retry: 10 - backoffPolicy: exponential - backoffDelay: PT0.2S - ---- -# Copyright 2018 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: v1 -kind: ConfigMap -metadata: - name: default-ch-webhook - namespace: knative-eventing - labels: - eventing.knative.dev/release: "v1.8.4" - app.kubernetes.io/version: "1.8.4" - app.kubernetes.io/name: knative-eventing -data: - # Configuration for defaulting channels that do not specify CRD implementations. - default-ch-config: | - clusterDefault: - apiVersion: messaging.knative.dev/v1 - kind: InMemoryChannel - namespaceDefaults: - some-namespace: - apiVersion: messaging.knative.dev/v1 - kind: InMemoryChannel - ---- -# Copyright 2020 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: v1 -kind: ConfigMap -metadata: - name: config-ping-defaults - namespace: knative-eventing - labels: - eventing.knative.dev/release: "v1.8.4" - annotations: - knative.dev/example-checksum: "9185c153" - app.kubernetes.io/version: "1.8.4" - app.kubernetes.io/name: knative-eventing -data: - _example: | - ################################ - # # - # EXAMPLE CONFIGURATION # - # # - ################################ - - # This block is not actually functional configuration, - # but serves to illustrate the available configuration - # options and document them in a way that is accessible - # to users that `kubectl edit` this config map. - # - # These sample configuration options may be copied out of - # this example block and unindented to be in the data block - # to actually change the configuration. - - # Max number of bytes allowed to be sent for message excluding any - # base64 decoding. Default is no limit set for data - data-max-size: -1 - ---- -# Copyright 2021 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: v1 -kind: ConfigMap -metadata: - name: config-features - namespace: knative-eventing - labels: - eventing.knative.dev/release: "v1.8.4" - knative.dev/config-propagation: original - knative.dev/config-category: eventing - app.kubernetes.io/version: "1.8.4" - app.kubernetes.io/name: knative-eventing -data: - # ALPHA feature: The kreference-group allows you to use the Group field in KReferences. - # For more details: https://github.com/knative/eventing/issues/5086 - kreference-group: "disabled" - # ALPHA feature: The delivery-retryafter allows you to use the RetryAfter field in DeliverySpec. - # For more details: https://github.com/knative/eventing/issues/5811 - delivery-retryafter: "disabled" - # BETA feature: The delivery-timeout allows you to use the Timeout field in DeliverySpec. - # For more details: https://github.com/knative/eventing/issues/5148 - delivery-timeout: "enabled" - # ALPHA feature: The kreference-mapping allows you to map kreference onto templated URI - # For more details: https://github.com/knative/eventing/issues/5593 - kreference-mapping: "disabled" - # BETA feature: The subscriber-strict flag force subscriptions to define a subscriber - # For more details: https://github.com/knative/eventing/issues/5756 - strict-subscriber: "enabled" - # ALPHA feature: The new-trigger-filters flag allows you to use the new `filters` field - # in Trigger objects with its rich filtering capabilities. - # For more details: https://github.com/knative/eventing/issues/5204 - new-trigger-filters: "disabled" - ---- -# Copyright 2021 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: v1 -kind: ConfigMap -metadata: - name: config-kreference-mapping - namespace: knative-eventing - labels: - eventing.knative.dev/release: "v1.8.4" - knative.dev/config-propagation: original - knative.dev/config-category: eventing - annotations: - knative.dev/example-checksum: "7375dbe1" -data: - _example: | - ################################ - # # - # EXAMPLE CONFIGURATION # - # # - ################################ - - # This block is not actually functional configuration, - # but serves to illustrate the available configuration - # options and document them in a way that is accessible - # to users that `kubectl edit` this config map. - - # this is an example of mapping from pod to addressable-pod service - # the data key must be of the form "kind.version.group" - # the data value must be a valid URL. Valid template data are: - # - Name: reference name - # - Namespace: reference namespace - # - SystemNamespace: knative namespace - # - UID: reference UID - # - # Pod.v1: https://addressable-pod.{{ .SystemNamespace }}.svc.cluster.local/{{ .Name }} - ---- -# Copyright 2018 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: v1 -kind: ConfigMap -metadata: - name: config-leader-election - namespace: knative-eventing - labels: - eventing.knative.dev/release: "v1.8.4" - app.kubernetes.io/version: "1.8.4" - app.kubernetes.io/name: knative-eventing - annotations: - knative.dev/example-checksum: "f7948630" -data: - _example: | - ################################ - # # - # EXAMPLE CONFIGURATION # - # # - ################################ - - # This block is not actually functional configuration, - # but serves to illustrate the available configuration - # options and document them in a way that is accessible - # to users that `kubectl edit` this config map. - # - # These sample configuration options may be copied out of - # this example block and unindented to be in the data block - # to actually change the configuration. - - # lease-duration is how long non-leaders will wait to try to acquire the - # lock; 15 seconds is the value used by core kubernetes controllers. - lease-duration: "15s" - - # renew-deadline is how long a leader will try to renew the lease before - # giving up; 10 seconds is the value used by core kubernetes controllers. - renew-deadline: "10s" - - # retry-period is how long the leader election client waits between tries of - # actions; 2 seconds is the value used by core kubernetes controllers. - retry-period: "2s" - - # buckets is the number of buckets used to partition key space of each - # Reconciler. If this number is M and the replica number of the controller - # is N, the N replicas will compete for the M buckets. The owner of a - # bucket will take care of the reconciling for the keys partitioned into - # that bucket. - buckets: "1" - ---- -# Copyright 2018 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: v1 -kind: ConfigMap -metadata: - name: config-logging - namespace: knative-eventing - labels: - eventing.knative.dev/release: "v1.8.4" - knative.dev/config-propagation: original - knative.dev/config-category: eventing - app.kubernetes.io/version: "1.8.4" - app.kubernetes.io/name: knative-eventing -data: - # Common configuration for all Knative codebase - zap-logger-config: | - { - "level": "info", - "development": false, - "outputPaths": ["stdout"], - "errorOutputPaths": ["stderr"], - "encoding": "json", - "encoderConfig": { - "timeKey": "ts", - "levelKey": "level", - "nameKey": "logger", - "callerKey": "caller", - "messageKey": "msg", - "stacktraceKey": "stacktrace", - "lineEnding": "", - "levelEncoder": "", - "timeEncoder": "iso8601", - "durationEncoder": "", - "callerEncoder": "" - } - } - # Log level overrides - # For all components changes are be picked up immediately. - loglevel.controller: "info" - loglevel.webhook: "info" - ---- -# Copyright 2019 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: v1 -kind: ConfigMap -metadata: - name: config-observability - namespace: knative-eventing - labels: - eventing.knative.dev/release: "v1.8.4" - knative.dev/config-propagation: original - knative.dev/config-category: eventing - app.kubernetes.io/version: "1.8.4" - app.kubernetes.io/name: knative-eventing - annotations: - knative.dev/example-checksum: "f46cf09d" -data: - _example: | - ################################ - # # - # EXAMPLE CONFIGURATION # - # # - ################################ - - # This block is not actually functional configuration, - # but serves to illustrate the available configuration - # options and document them in a way that is accessible - # to users that `kubectl edit` this config map. - # - # These sample configuration options may be copied out of - # this example block and unindented to be in the data block - # to actually change the configuration. - - # metrics.backend-destination field specifies the system metrics destination. - # It supports either prometheus (the default) or stackdriver. - # Note: Using stackdriver will incur additional charges - metrics.backend-destination: prometheus - - # metrics.request-metrics-backend-destination specifies the request metrics - # destination. If non-empty, it enables queue proxy to send request metrics. - # Currently supported values: prometheus, stackdriver. - metrics.request-metrics-backend-destination: prometheus - - # metrics.stackdriver-project-id field specifies the stackdriver project ID. This - # field is optional. When running on GCE, application default credentials will be - # used if this field is not provided. - metrics.stackdriver-project-id: "" - - # metrics.allow-stackdriver-custom-metrics indicates whether it is allowed to send metrics to - # Stackdriver using "global" resource type and custom metric type if the - # metrics are not supported by "knative_broker", "knative_trigger", and "knative_source" resource types. - # Setting this flag to "true" could cause extra Stackdriver charge. - # If metrics.backend-destination is not Stackdriver, this is ignored. - metrics.allow-stackdriver-custom-metrics: "false" - - # profiling.enable indicates whether it is allowed to retrieve runtime profiling data from - # the pods via an HTTP server in the format expected by the pprof visualization tool. When - # enabled, the Knative Eventing pods expose the profiling data on an alternate HTTP port 8008. - # The HTTP context root for profiling is then /debug/pprof/. - profiling.enable: "false" - - # sink-event-error-reporting.enable whether the adapter reports a kube event to the CRD indicating - # a failure to send a cloud event to the sink. - sink-event-error-reporting.enable: "false" - ---- -# Copyright 2022 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: v1 -kind: ConfigMap -metadata: - name: config-sugar - namespace: knative-eventing - labels: - eventing.knative.dev/release: "v1.8.4" - app.kubernetes.io/version: "1.8.4" - app.kubernetes.io/name: knative-eventing - annotations: - knative.dev/example-checksum: "62dfac6f" -data: - _example: | - ################################ - # # - # EXAMPLE CONFIGURATION # - # # - ################################ - # This block is not actually functional configuration, - # but serves to illustrate the available configuration - # options and document them in a way that is accessible - # to users that `kubectl edit` this config map. - # - # These sample configuration options may be copied out of - # this example block and unindented to be in the data block - # to actually change the configuration. - - # namespace-selector specifies a LabelSelector which - # determines which namespaces the Sugar Controller should operate upon - # Use an empty value to disable the feature (this is the default): - namespace-selector: "" - - # Use an empty object as a string to enable for all namespaces - namespace-selector: "{}" - - # trigger-selector specifies a LabelSelector which - # determines which triggers the Sugar Controller should operate upon - # Use an empty value to disable the feature (this is the default): - trigger-selector: "" - - # Use an empty object as string to enable for all triggers - trigger-selector: "{}" - ---- -# Copyright 2019 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: v1 -kind: ConfigMap -metadata: - name: config-tracing - namespace: knative-eventing - labels: - eventing.knative.dev/release: "v1.8.4" - knative.dev/config-propagation: original - knative.dev/config-category: eventing - app.kubernetes.io/version: "1.8.4" - app.kubernetes.io/name: knative-eventing - annotations: - knative.dev/example-checksum: "0492ceb0" -data: - _example: | - ################################ - # # - # EXAMPLE CONFIGURATION # - # # - ################################ - # This block is not actually functional configuration, - # but serves to illustrate the available configuration - # options and document them in a way that is accessible - # to users that `kubectl edit` this config map. - # - # These sample configuration options may be copied out of - # this example block and unindented to be in the data block - # to actually change the configuration. - # - # This may be "zipkin" or "none". the default is "none" - backend: "none" - - # URL to zipkin collector where traces are sent. - # This must be specified when backend is "zipkin" - zipkin-endpoint: "http://zipkin.istio-system.svc.cluster.local:9411/api/v2/spans" - - # Enable zipkin debug mode. This allows all spans to be sent to the server - # bypassing sampling. - debug: "false" - - # Percentage (0-1) of requests to trace - sample-rate: "0.1" - ---- -# Copyright 2018 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: apps/v1 -kind: Deployment -metadata: - name: eventing-controller - namespace: knative-eventing - labels: - eventing.knative.dev/release: "v1.8.4" - knative.dev/high-availability: "true" - app.kubernetes.io/component: eventing-controller - app.kubernetes.io/version: "1.8.4" - app.kubernetes.io/name: knative-eventing -spec: - selector: - matchLabels: - app: eventing-controller - template: - metadata: - labels: - app: eventing-controller - eventing.knative.dev/release: "v1.8.4" - app.kubernetes.io/component: eventing-controller - app.kubernetes.io/version: "1.8.4" - app.kubernetes.io/name: knative-eventing - spec: - # To avoid node becoming SPOF, spread our replicas to different nodes. - affinity: - podAntiAffinity: - preferredDuringSchedulingIgnoredDuringExecution: - - podAffinityTerm: - labelSelector: - matchLabels: - app: eventing-controller - topologyKey: kubernetes.io/hostname - weight: 100 - serviceAccountName: eventing-controller - enableServiceLinks: false - containers: - - name: eventing-controller - terminationMessagePolicy: FallbackToLogsOnError - image: gcr.io/knative-releases/knative.dev/eventing/cmd/controller@sha256:21be5dd3b6844df31f67d575e0bf6a69a976394df910bacd3ffe899d6431313b - resources: - requests: - cpu: 100m - memory: 100Mi - env: - - name: SYSTEM_NAMESPACE - valueFrom: - fieldRef: - fieldPath: metadata.namespace - - name: CONFIG_LOGGING_NAME - value: config-logging - - name: CONFIG_OBSERVABILITY_NAME - value: config-observability - - name: METRICS_DOMAIN - value: knative.dev/eventing - # APIServerSource - - name: APISERVER_RA_IMAGE - value: gcr.io/knative-releases/knative.dev/eventing/cmd/apiserver_receive_adapter@sha256:9b658a20bd9f500ab959af8322197c7416dd4bcee1d2eb994333f0ee1892067e - - name: POD_NAME - valueFrom: - fieldRef: - fieldPath: metadata.name - ## Adapter settings - # - name: K_LOGGING_CONFIG - # value: '' - # - name: K_LEADER_ELECTION_CONFIG - # value: '' - # - name: K_NO_SHUTDOWN_AFTER - # value: '' - ## Time in seconds the adapter will wait for the sink to respond. Default is no timeout - # - name: K_SINK_TIMEOUT - # value: '' - securityContext: - allowPrivilegeEscalation: false - readOnlyRootFilesystem: true - runAsNonRoot: true - capabilities: - drop: - - ALL - seccompProfile: - type: RuntimeDefault - livenessProbe: - httpGet: - path: /health - port: probes - scheme: HTTP - initialDelaySeconds: 20 - periodSeconds: 10 - timeoutSeconds: 5 - readinessProbe: - httpGet: - path: /readiness - port: probes - scheme: HTTP - initialDelaySeconds: 20 - periodSeconds: 10 - timeoutSeconds: 5 - ports: - - name: metrics - containerPort: 9090 - - name: profiling - containerPort: 8008 - - name: probes - containerPort: 8080 - ---- -# Copyright 2018 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: apps/v1 -kind: Deployment -metadata: - name: pingsource-mt-adapter - namespace: knative-eventing - labels: - eventing.knative.dev/release: "v1.8.4" - app.kubernetes.io/component: pingsource-mt-adapter - app.kubernetes.io/version: "1.8.4" - app.kubernetes.io/name: knative-eventing -spec: - # when set to 0 (and only 0) will be set to 1 when the first PingSource is created. - replicas: 0 - selector: - matchLabels: &labels - eventing.knative.dev/source: ping-source-controller - sources.knative.dev/role: adapter - template: - metadata: - labels: - !!merge <<: *labels - eventing.knative.dev/release: "v1.8.4" - app.kubernetes.io/component: pingsource-mt-adapter - app.kubernetes.io/version: "1.8.4" - app.kubernetes.io/name: knative-eventing - spec: - affinity: - podAntiAffinity: - preferredDuringSchedulingIgnoredDuringExecution: - - podAffinityTerm: - labelSelector: - matchLabels: *labels - topologyKey: kubernetes.io/hostname - weight: 100 - enableServiceLinks: false - containers: - - name: dispatcher - image: gcr.io/knative-releases/knative.dev/eventing/cmd/mtping@sha256:094ea7f60792550dd894253df0204cba7c3706be845299840f932faf05709a59 - env: - - name: SYSTEM_NAMESPACE - value: '' - valueFrom: - fieldRef: - apiVersion: v1 - fieldPath: metadata.namespace - - name: NAMESPACE - value: '' - valueFrom: - fieldRef: - apiVersion: v1 - fieldPath: metadata.namespace - # DO NOT MODIFY: The values below are being filled by the ping source controller - # See 500-controller.yaml - - name: K_METRICS_CONFIG - value: '' - - name: K_LOGGING_CONFIG - value: '' - - name: K_LEADER_ELECTION_CONFIG - value: '' - - name: K_NO_SHUTDOWN_AFTER - value: '' - - name: K_SINK_TIMEOUT - value: '-1' - - name: POD_NAME - valueFrom: - fieldRef: - fieldPath: metadata.name - ports: - - containerPort: 9090 - name: metrics - protocol: TCP - resources: - requests: - cpu: 125m - memory: 64Mi - limits: - cpu: 1000m - memory: 2048Mi - securityContext: - allowPrivilegeEscalation: false - readOnlyRootFilesystem: true - runAsNonRoot: true - capabilities: - drop: - - ALL - seccompProfile: - type: RuntimeDefault - serviceAccountName: pingsource-mt-adapter - ---- -# Copyright 2021 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: autoscaling/v2 -kind: HorizontalPodAutoscaler -metadata: - name: eventing-webhook - namespace: knative-eventing - labels: - eventing.knative.dev/release: "v1.8.4" - app.kubernetes.io/component: eventing-webhook - app.kubernetes.io/version: "1.8.4" - app.kubernetes.io/name: knative-eventing -spec: - scaleTargetRef: - apiVersion: apps/v1 - kind: Deployment - name: eventing-webhook - minReplicas: 1 - maxReplicas: 5 - metrics: - - type: Resource - resource: - name: cpu - target: - type: Utilization - averageUtilization: 100 ---- -# Webhook PDB. -apiVersion: policy/v1 -kind: PodDisruptionBudget -metadata: - name: eventing-webhook - namespace: knative-eventing - labels: - eventing.knative.dev/release: "v1.8.4" - app.kubernetes.io/component: eventing-webhook - app.kubernetes.io/version: "1.8.4" - app.kubernetes.io/name: knative-eventing -spec: - minAvailable: 80% - selector: - matchLabels: - app: eventing-webhook - ---- -# Copyright 2018 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: apps/v1 -kind: Deployment -metadata: - name: eventing-webhook - namespace: knative-eventing - labels: - eventing.knative.dev/release: "v1.8.4" - app.kubernetes.io/component: eventing-webhook - app.kubernetes.io/version: "1.8.4" - app.kubernetes.io/name: knative-eventing -spec: - selector: - matchLabels: &labels - app: eventing-webhook - role: eventing-webhook - template: - metadata: - labels: - !!merge <<: *labels - eventing.knative.dev/release: "v1.8.4" - app.kubernetes.io/component: eventing-webhook - app.kubernetes.io/version: "1.8.4" - app.kubernetes.io/name: knative-eventing - spec: - # To avoid node becoming SPOF, spread our replicas to different nodes. - affinity: - podAntiAffinity: - preferredDuringSchedulingIgnoredDuringExecution: - - podAffinityTerm: - labelSelector: - matchLabels: - app: eventing-webhook - topologyKey: kubernetes.io/hostname - weight: 100 - serviceAccountName: eventing-webhook - enableServiceLinks: false - containers: - - name: eventing-webhook - terminationMessagePolicy: FallbackToLogsOnError - # This is the Go import path for the binary that is containerized - # and substituted here. - image: gcr.io/knative-releases/knative.dev/eventing/cmd/webhook@sha256:98c1c3a0ae805d8ed43f0b89b131f4bfed7e83f27d67a4d75c204b69cafb36ef - resources: - requests: - # taken from serving. - cpu: 100m - memory: 50Mi - limits: - # taken from serving. - cpu: 200m - memory: 200Mi - env: - - name: SYSTEM_NAMESPACE - valueFrom: - fieldRef: - fieldPath: metadata.namespace - - name: CONFIG_LOGGING_NAME - value: config-logging - - name: METRICS_DOMAIN - value: knative.dev/eventing - - name: WEBHOOK_NAME - value: eventing-webhook - - name: WEBHOOK_PORT - value: "8443" - # SINK_BINDING_SELECTION_MODE specifies the NamespaceSelector and ObjectSelector - # for the sinkbinding webhook. - # If `inclusion` is selected, namespaces/objects labelled as `bindings.knative.dev/include:true` - # will be considered by the sinkbinding webhook; - # If `exclusion` is selected, namespaces/objects labelled as `bindings.knative.dev/exclude:true` - # will NOT be considered by the sinkbinding webhook. - # The default is `exclusion`. - - name: SINK_BINDING_SELECTION_MODE - value: "exclusion" - - name: POD_NAME - valueFrom: - fieldRef: - fieldPath: metadata.name - securityContext: - allowPrivilegeEscalation: false - readOnlyRootFilesystem: true - runAsNonRoot: true - capabilities: - drop: - - ALL - seccompProfile: - type: RuntimeDefault - ports: - - name: https-webhook - containerPort: 8443 - - name: metrics - containerPort: 9090 - - name: profiling - containerPort: 8008 - readinessProbe: &probe - periodSeconds: 1 - httpGet: - scheme: HTTPS - port: 8443 - httpHeaders: - - name: k-kubelet-probe - value: "webhook" - livenessProbe: - !!merge <<: *probe - initialDelaySeconds: 120 - # Our webhook should gracefully terminate by lame ducking first, set this to a sufficiently - # high value that we respect whatever value it has configured for the lame duck grace period. - terminationGracePeriodSeconds: 300 ---- -apiVersion: v1 -kind: Service -metadata: - labels: - eventing.knative.dev/release: "v1.8.4" - role: eventing-webhook - app.kubernetes.io/component: eventing-webhook - app.kubernetes.io/version: "1.8.4" - app.kubernetes.io/name: knative-eventing - name: eventing-webhook - namespace: knative-eventing -spec: - ports: - - name: https-webhook - port: 443 - targetPort: 8443 - selector: - role: eventing-webhook - ---- -# Copyright 2020 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - creationTimestamp: null - labels: - eventing.knative.dev/release: "v1.8.4" - eventing.knative.dev/source: "true" - duck.knative.dev/source: "true" - knative.dev/crd-install: "true" - app.kubernetes.io/version: "1.8.4" - app.kubernetes.io/name: knative-eventing - annotations: - # TODO add schemas and descriptions - registry.knative.dev/eventTypes: | - [ - { "type": "dev.knative.apiserver.resource.add" }, - { "type": "dev.knative.apiserver.resource.delete" }, - { "type": "dev.knative.apiserver.resource.update" }, - { "type": "dev.knative.apiserver.ref.add" }, - { "type": "dev.knative.apiserver.ref.delete" }, - { "type": "dev.knative.apiserver.ref.update" } - ] - name: apiserversources.sources.knative.dev -spec: - group: sources.knative.dev - versions: - - name: v1 - served: true - storage: true - subresources: - status: {} - schema: - openAPIV3Schema: - description: 'ApiServerSource is an event source that brings Kubernetes API server events into Knative.' - type: object - properties: - spec: - type: object - required: - - resources - properties: - ceOverrides: - description: CloudEventOverrides defines overrides to control the output format and modifications of the event sent to the sink. - type: object - properties: - extensions: - description: Extensions specify what attribute are added or overridden on the outbound event. Each `Extensions` key-value pair are set on the event as an attribute extension independently. - type: object - x-kubernetes-preserve-unknown-fields: true - mode: - description: EventMode controls the format of the event. `Reference` sends a dataref event type for the resource under watch. `Resource` send the full resource lifecycle event. Defaults to `Reference` - type: string - owner: - description: ResourceOwner is an additional filter to only track resources that are owned by a specific resource type. If ResourceOwner matches Resources[n] then Resources[n] is allowed to pass the ResourceOwner filter. - type: object - properties: - apiVersion: - description: APIVersion - the API version of the resource to watch. - type: string - kind: - description: 'Kind of the resource to watch. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - resources: - description: Resource are the resources this source will track and send related lifecycle events from the Kubernetes ApiServer, with an optional label selector to help filter. - type: array - items: - type: object - properties: - apiVersion: - description: APIVersion - the API version of the resource to watch. - type: string - kind: - description: 'Kind of the resource to watch. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - selector: - description: 'LabelSelector filters this source to objects to those resources pass the label selector. More info: http://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#label-selectors' - type: object - properties: - matchExpressions: - description: matchExpressions is a list of label selector requirements. The requirements are ANDed. - type: array - items: - type: object - properties: - key: - description: key is the label key that the selector applies to. - type: string - operator: - description: operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. - type: string - values: - description: values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. - type: array - items: - type: string - matchLabels: - description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. - type: object - x-kubernetes-preserve-unknown-fields: true - serviceAccountName: - description: ServiceAccountName is the name of the ServiceAccount to use to run this source. Defaults to default if not set. - type: string - sink: - description: Sink is a reference to an object that will resolve to a uri to use as the sink. - type: object - properties: - ref: - description: Ref points to an Addressable. - type: object - properties: - apiVersion: - description: API version of the referent. - type: string - kind: - description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - namespace: - description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ This is optional field, it gets defaulted to the object holding it if left out.' - type: string - uri: - description: URI can be an absolute URL(non-empty scheme and non-empty host) pointing to the target or a relative URI. Relative URIs will be resolved using the base URI retrieved from Ref. - type: string - status: - type: object - properties: - annotations: - description: Annotations is additional Status fields for the Resource to save some additional State as well as convey more information to the user. This is roughly akin to Annotations on any k8s resource, just the reconciler conveying richer information outwards. - type: object - x-kubernetes-preserve-unknown-fields: true - ceAttributes: - description: CloudEventAttributes are the specific attributes that the Source uses as part of its CloudEvents. - type: array - items: - type: object - properties: - source: - description: Source is the CloudEvents source attribute. - type: string - type: - description: Type refers to the CloudEvent type attribute. - type: string - conditions: - description: Conditions the latest available observations of a resource's current state. - type: array - items: - type: object - required: - - type - - status - properties: - lastTransitionTime: - description: LastTransitionTime is the last time the condition transitioned from one status to another. We use VolatileTime in place of metav1.Time to exclude this from creating equality.Semantic differences (all other things held constant). - type: string - message: - description: A human readable message indicating details about the transition. - type: string - reason: - description: The reason for the condition's last transition. - type: string - severity: - description: Severity with which to treat failures of this type of condition. When this is not specified, it defaults to Error. - type: string - status: - description: Status of the condition, one of True, False, Unknown. - type: string - type: - description: Type of condition. - type: string - observedGeneration: - description: ObservedGeneration is the 'Generation' of the Service that was last processed by the controller. - type: integer - format: int64 - sinkUri: - description: SinkURI is the current active sink URI that has been configured for the Source. - type: string - additionalPrinterColumns: - - name: Sink - type: string - jsonPath: ".status.sinkUri" - - name: Age - type: date - jsonPath: .metadata.creationTimestamp - - name: Ready - type: string - jsonPath: ".status.conditions[?(@.type==\"Ready\")].status" - - name: Reason - type: string - jsonPath: ".status.conditions[?(@.type==\"Ready\")].reason" - names: - categories: - - all - - knative - - sources - kind: ApiServerSource - plural: apiserversources - singular: apiserversource - scope: Namespaced - ---- -# Copyright 2020 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - name: brokers.eventing.knative.dev - labels: - eventing.knative.dev/release: "v1.8.4" - knative.dev/crd-install: "true" - duck.knative.dev/addressable: "true" - app.kubernetes.io/version: "1.8.4" - app.kubernetes.io/name: knative-eventing -spec: - group: eventing.knative.dev - versions: - - name: v1 - served: true - storage: true - subresources: - status: {} - schema: - openAPIV3Schema: - description: 'Broker collects a pool of events that are consumable using Triggers. Brokers provide a well-known endpoint for event delivery that senders can use with minimal knowledge of the event routing strategy. Subscribers use Triggers to request delivery of events from a Broker''s pool to a specific URL or Addressable endpoint.' - type: object - properties: - spec: - description: Spec defines the desired state of the Broker. - type: object - properties: - config: - description: Config is a KReference to the configuration that specifies configuration options for this Broker. For example, this could be a pointer to a ConfigMap. - type: object - properties: - apiVersion: - description: API version of the referent. - type: string - kind: - description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - namespace: - description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ This is optional field, it gets defaulted to the object holding it if left out.' - type: string - delivery: - description: Delivery contains the delivery spec for each trigger to this Broker. Each trigger delivery spec, if any, overrides this global delivery spec. - type: object - properties: - backoffDelay: - description: 'BackoffDelay is the delay before retrying. More information on Duration format: - https://www.iso.org/iso-8601-date-and-time-format.html - https://en.wikipedia.org/wiki/ISO_8601 For linear policy, backoff delay is backoffDelay*. For exponential policy, backoff delay is backoffDelay*2^.' - type: string - backoffPolicy: - description: BackoffPolicy is the retry backoff policy (linear, exponential). - type: string - deadLetterSink: - description: DeadLetterSink is the sink receiving event that could not be sent to a destination. - type: object - properties: - ref: - description: Ref points to an Addressable. - type: object - properties: - apiVersion: - description: API version of the referent. - type: string - kind: - description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - namespace: - description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ This is optional field, it gets defaulted to the object holding it if left out.' - type: string - uri: - description: URI can be an absolute URL(non-empty scheme and non-empty host) pointing to the target or a relative URI. Relative URIs will be resolved using the base URI retrieved from Ref. - type: string - retry: - description: Retry is the minimum number of retries the sender should attempt when sending an event before moving it to the dead letter sink. - type: integer - format: int32 - x-kubernetes-preserve-unknown-fields: true # This is necessary to enable the experimental feature delivery-timeout - status: - description: Status represents the current state of the Broker. This data may be out of date. - type: object - properties: - address: - description: Broker is Addressable. It exposes the endpoint as an URI to get events delivered into the Broker mesh. - type: object - properties: - url: - type: string - annotations: - description: Annotations is additional Status fields for the Resource to save some additional State as well as convey more information to the user. This is roughly akin to Annotations on any k8s resource, just the reconciler conveying richer information outwards. - type: object - x-kubernetes-preserve-unknown-fields: true - conditions: - description: Conditions the latest available observations of a resource's current state. - type: array - items: - type: object - required: - - type - - status - properties: - lastTransitionTime: - description: 'LastTransitionTime is the last time the condition transitioned from one status to another. We use VolatileTime in place of metav1.Time to exclude this from creating equality.Semantic differences (all other things held constant).' - type: string - message: - description: 'A human readable message indicating details about the transition.' - type: string - reason: - description: 'The reason for the condition''s last transition.' - type: string - severity: - description: 'Severity with which to treat failures of this type of condition. When this is not specified, it defaults to Error.' - type: string - status: - description: 'Status of the condition, one of True, False, Unknown.' - type: string - type: - description: 'Type of condition.' - type: string - deadLetterSinkUri: - description: DeadLetterSinkURI is the resolved URI of the dead letter sink that will be used as a fallback when not specified by Triggers. - type: string - observedGeneration: - description: ObservedGeneration is the 'Generation' of the Service that was last processed by the controller. - type: integer - format: int64 - additionalPrinterColumns: - - name: URL - type: string - jsonPath: .status.address.url - - name: Age - type: date - jsonPath: .metadata.creationTimestamp - - name: Ready - type: string - jsonPath: ".status.conditions[?(@.type==\"Ready\")].status" - - name: Reason - type: string - jsonPath: ".status.conditions[?(@.type==\"Ready\")].reason" - names: - kind: Broker - plural: brokers - singular: broker - categories: - - all - - knative - - eventing - scope: Namespaced - ---- -# Copyright 2020 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - name: channels.messaging.knative.dev - labels: - eventing.knative.dev/release: "v1.8.4" - knative.dev/crd-install: "true" - messaging.knative.dev/subscribable: "true" - duck.knative.dev/addressable: "true" - app.kubernetes.io/version: "1.8.4" - app.kubernetes.io/name: knative-eventing -spec: - group: messaging.knative.dev - versions: - - name: v1 - served: true - storage: true - subresources: - status: {} - additionalPrinterColumns: - - name: URL - type: string - jsonPath: .status.address.url - - name: Age - type: date - jsonPath: .metadata.creationTimestamp - - name: Ready - type: string - jsonPath: ".status.conditions[?(@.type==\"Ready\")].status" - - name: Reason - type: string - jsonPath: ".status.conditions[?(@.type==\"Ready\")].reason" - schema: - openAPIV3Schema: - description: 'Channel represents a generic Channel. It is normally used when we want a Channel, but do not need a specific Channel implementation.' - type: object - properties: - spec: - description: Spec defines the desired state of the Channel. - type: object - properties: - channelTemplate: - description: ChannelTemplate specifies which Channel CRD to use to create the CRD Channel backing this Channel. This is immutable after creation. Normally this is set by the Channel defaulter, not directly by the user. - type: object - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - spec: - description: Spec defines the Spec to use for each channel created. Passed in verbatim to the Channel CRD as Spec section. - type: object - x-kubernetes-preserve-unknown-fields: true - delivery: - description: DeliverySpec contains the default delivery spec for each subscription to this Channelable. Each subscription delivery spec, if any, overrides this global delivery spec. - type: object - properties: - backoffDelay: - description: 'BackoffDelay is the delay before retrying. More information on Duration format: - https://www.iso.org/iso-8601-date-and-time-format.html - https://en.wikipedia.org/wiki/ISO_8601 For linear policy, backoff delay is backoffDelay*. For exponential policy, backoff delay is backoffDelay*2^.' - type: string - backoffPolicy: - description: BackoffPolicy is the retry backoff policy (linear, exponential). - type: string - deadLetterSink: - description: DeadLetterSink is the sink receiving event that could not be sent to a destination. - type: object - properties: - ref: - description: Ref points to an Addressable. - type: object - properties: - apiVersion: - description: API version of the referent. - type: string - kind: - description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - namespace: - description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ This is optional field, it gets defaulted to the object holding it if left out.' - type: string - uri: - description: URI can be an absolute URL(non-empty scheme and non-empty host) pointing to the target or a relative URI. Relative URIs will be resolved using the base URI retrieved from Ref. - type: string - retry: - description: Retry is the minimum number of retries the sender should attempt when sending an event before moving it to the dead letter sink. - type: integer - format: int32 - x-kubernetes-preserve-unknown-fields: true # This is necessary to enable the experimental feature delivery-timeout - subscribers: - description: This is the list of subscriptions for this subscribable. - type: array - items: - type: object - properties: - delivery: - description: DeliverySpec contains options controlling the event delivery - type: object - properties: - backoffDelay: - description: 'BackoffDelay is the delay before retrying. More information on Duration format: - https://www.iso.org/iso-8601-date-and-time-format.html - https://en.wikipedia.org/wiki/ISO_8601 For linear policy, backoff delay is backoffDelay*. For exponential policy, backoff delay is backoffDelay*2^.' - type: string - backoffPolicy: - description: BackoffPolicy is the retry backoff policy (linear, exponential). - type: string - deadLetterSink: - description: DeadLetterSink is the sink receiving event that could not be sent to a destination. - type: object - properties: - ref: - description: Ref points to an Addressable. - type: object - properties: - apiVersion: - description: API version of the referent. - type: string - kind: - description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - namespace: - description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ This is optional field, it gets defaulted to the object holding it if left out.' - type: string - uri: - description: URI can be an absolute URL(non-empty scheme and non-empty host) pointing to the target or a relative URI. Relative URIs will be resolved using the base URI retrieved from Ref. - type: string - retry: - description: Retry is the minimum number of retries the sender should attempt when sending an event before moving it to the dead letter sink. - type: integer - format: int32 - x-kubernetes-preserve-unknown-fields: true # This is necessary to enable the experimental feature - generation: - description: Generation of the origin of the subscriber with uid:UID. - type: integer - format: int64 - replyUri: - description: ReplyURI is the endpoint for the reply - type: string - subscriberUri: - description: SubscriberURI is the endpoint for the subscriber - type: string - uid: - description: UID is used to understand the origin of the subscriber. - type: string - status: - description: Status represents the current state of the Channel. This data may be out of date. - type: object - properties: - address: - type: object - properties: - url: - type: string - annotations: - description: Annotations is additional Status fields for the Resource to save some additional State as well as convey more information to the user. This is roughly akin to Annotations on any k8s resource, just the reconciler conveying richer information outwards. - type: object - x-kubernetes-preserve-unknown-fields: true - channel: - description: Channel is an KReference to the Channel CRD backing this Channel. - type: object - properties: - apiVersion: - description: API version of the referent. - type: string - kind: - description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - namespace: - description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ This is optional field, it gets defaulted to the object holding it if left out.' - type: string - conditions: - description: Conditions the latest available observations of a resource's current state. - type: array - items: - type: object - required: - - type - - status - properties: - lastTransitionTime: - description: LastTransitionTime is the last time the condition transitioned from one status to another. We use VolatileTime in place of metav1.Time to exclude this from creating equality.Semantic differences (all other things held constant). - type: string - message: - description: A human readable message indicating details about the transition. - type: string - reason: - description: The reason for the condition's last transition. - type: string - severity: - description: Severity with which to treat failures of this type of condition. When this is not specified, it defaults to Error. - type: string - status: - description: Status of the condition, one of True, False, Unknown. - type: string - type: - description: Type of condition. - type: string - deadLetterChannel: - description: DeadLetterChannel is a KReference and is set by the channel when it supports native error handling via a channel Failed messages are delivered here. - type: object - properties: - apiVersion: - description: API version of the referent. - type: string - kind: - description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - namespace: - description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ This is optional field, it gets defaulted to the object holding it if left out.' - type: string - deadLetterSinkUri: - description: DeadLetterSinkURI is the resolved URI of the dead letter sink that will be used as a fallback when not specified by Triggers. - type: string - observedGeneration: - description: ObservedGeneration is the 'Generation' of the Service that was last processed by the controller. - type: integer - format: int64 - subscribers: - description: This is the list of subscription's statuses for this channel. - type: array - items: - type: object - properties: - message: - description: A human readable message indicating details of Ready status. - type: string - observedGeneration: - description: Generation of the origin of the subscriber with uid:UID. - type: integer - format: int64 - ready: - description: Status of the subscriber. - type: string - uid: - description: UID is used to understand the origin of the subscriber. - type: string - names: - kind: Channel - plural: channels - singular: channel - categories: - - all - - knative - - messaging - - channel - shortNames: - - ch - scope: Namespaced - ---- -# Copyright 2020 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - labels: - eventing.knative.dev/release: "v1.8.4" - eventing.knative.dev/source: "true" - duck.knative.dev/source: "true" - knative.dev/crd-install: "true" - app.kubernetes.io/version: "1.8.4" - app.kubernetes.io/name: knative-eventing - name: containersources.sources.knative.dev -spec: - group: sources.knative.dev - versions: - - name: v1 - served: true - storage: true - subresources: - status: {} - schema: - openAPIV3Schema: - description: 'ContainerSource is an event source that starts a container image which generates events under certain situations and sends messages to a sink URI' - type: object - properties: - spec: - type: object - properties: - ceOverrides: - description: CloudEventOverrides defines overrides to control the output format and modifications of the event sent to the sink. - type: object - properties: - extensions: - description: Extensions specify what attribute are added or overridden on the outbound event. Each `Extensions` key-value pair are set on the event as an attribute extension independently. - type: object - x-kubernetes-preserve-unknown-fields: true - sink: - description: Sink is a reference to an object that will resolve to a uri to use as the sink. - type: object - properties: - ref: - description: Ref points to an Addressable. - type: object - properties: - apiVersion: - description: API version of the referent. - type: string - kind: - description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - namespace: - description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ This is optional field, it gets defaulted to the object holding it if left out.' - type: string - uri: - description: URI can be an absolute URL(non-empty scheme and non-empty host) pointing to the target or a relative URI. Relative URIs will be resolved using the base URI retrieved from Ref. - type: string - # WARNING: the schema tool can not parse PodTemplateSpec, stub here and redirect to Deployment documentation. - template: - type: object - x-kubernetes-preserve-unknown-fields: true - description: 'A template in the shape of `Deployment.spec.template` to be used for this ContainerSource. More info: https://kubernetes.io/docs/concepts/workloads/controllers/deployment/' - status: - type: object - properties: - annotations: - description: Annotations is additional Status fields for the Resource to save some additional State as well as convey more information to the user. This is roughly akin to Annotations on any k8s resource, just the reconciler conveying richer information outwards. - type: object - x-kubernetes-preserve-unknown-fields: true - ceAttributes: - description: CloudEventAttributes are the specific attributes that the Source uses as part of its CloudEvents. - type: array - items: - type: object - properties: - source: - description: Source is the CloudEvents source attribute. - type: string - type: - description: Type refers to the CloudEvent type attribute. - type: string - conditions: - description: Conditions the latest available observations of a resource's current state. - type: array - items: - type: object - required: - - type - - status - properties: - lastTransitionTime: - description: LastTransitionTime is the last time the condition transitioned from one status to another. We use VolatileTime in place of metav1.Time to exclude this from creating equality.Semantic differences (all other things held constant). - type: string - message: - description: A human readable message indicating details about the transition. - type: string - reason: - description: The reason for the condition's last transition. - type: string - severity: - description: Severity with which to treat failures of this type of condition. When this is not specified, it defaults to Error. - type: string - status: - description: Status of the condition, one of True, False, Unknown. - type: string - type: - description: Type of condition. - type: string - observedGeneration: - description: ObservedGeneration is the 'Generation' of the Service that was last processed by the controller. - type: integer - format: int64 - sinkUri: - description: SinkURI is the current active sink URI that has been configured for the Source. - type: string - additionalPrinterColumns: - - name: Sink - type: string - jsonPath: ".status.sinkUri" - - name: Age - type: date - jsonPath: .metadata.creationTimestamp - - name: Ready - type: string - jsonPath: ".status.conditions[?(@.type==\"Ready\")].status" - - name: Reason - type: string - jsonPath: ".status.conditions[?(@.type=='Ready')].reason" - names: - categories: - - all - - knative - - sources - kind: ContainerSource - plural: containersources - singular: containersource - scope: Namespaced - ---- -# Copyright 2020 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - name: eventtypes.eventing.knative.dev - labels: - eventing.knative.dev/release: "v1.8.4" - knative.dev/crd-install: "true" - app.kubernetes.io/version: "1.8.4" - app.kubernetes.io/name: knative-eventing -spec: - group: eventing.knative.dev - versions: - - name: v1beta1 - served: true - storage: true - subresources: - status: {} - schema: - openAPIV3Schema: - type: object - description: 'EventType represents a type of event that can be consumed from a Broker.' - properties: - spec: - description: 'Spec defines the desired state of the EventType.' - type: object - properties: - broker: - type: string - description: - description: 'Description is an optional field used to describe the EventType, in any meaningful way.' - type: string - schema: - description: 'Schema is a URI, it represents the CloudEvents schemaurl extension attribute. It may be a JSON schema, a protobuf schema, etc. It is optional.' - type: string - schemaData: - description: 'SchemaData allows the CloudEvents schema to be stored directly in the EventType. Content is dependent on the encoding. Optional attribute. The contents are not validated or manipulated by the system.' - type: string - source: - description: 'Source is a URI, it represents the CloudEvents source.' - type: string - type: - description: 'Type represents the CloudEvents type. It is authoritative.' - type: string - status: - description: 'Status represents the current state of the EventType. This data may be out of date.' - type: object - properties: - annotations: - description: 'Annotations is additional Status fields for the Resource to save some additional State as well as convey more information to the user. This is roughly akin to Annotations on any k8s resource, just the reconciler conveying richer information outwards.' - type: object - x-kubernetes-preserve-unknown-fields: true - conditions: - description: 'Conditions the latest available observations of a resource''s current state.' - type: array - items: - type: object - required: - - type - - status - properties: - lastTransitionTime: - description: 'LastTransitionTime is the last time the condition transitioned from one status to another. We use VolatileTime in place of metav1.Time to exclude this from creating equality.Semantic differences (all other things held constant).' - type: string - message: - description: 'A human readable message indicating details about the transition.' - type: string - reason: - description: 'The reason for the condition''s last transition.' - type: string - severity: - description: 'Severity with which to treat failures of this type of condition. When this is not specified, it defaults to Error.' - type: string - status: - description: 'Status of the condition, one of True, False, Unknown.' - type: string - type: - description: 'Type of condition.' - type: string - observedGeneration: - description: 'ObservedGeneration is the ''Generation'' of the Service that was last processed by the controller.' - type: integer - format: int64 - additionalPrinterColumns: - - name: Type - type: string - jsonPath: ".spec.type" - - name: Source - type: string - jsonPath: ".spec.source" - - name: Schema - type: string - jsonPath: ".spec.schema" - - name: Broker - type: string - jsonPath: ".spec.broker" - - name: Description - type: string - jsonPath: ".spec.description" - # TODO remove Status https://github.com/knative/eventing/issues/2750 - - name: Ready - type: string - jsonPath: ".status.conditions[?(@.type==\"Ready\")].status" - - name: Reason - type: string - jsonPath: ".status.conditions[?(@.type==\"Ready\")].reason" - names: - kind: EventType - plural: eventtypes - singular: eventtype - categories: - - all - - knative - - eventing - scope: Namespaced - ---- -# Copyright 2020 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - name: parallels.flows.knative.dev - labels: - eventing.knative.dev/release: "v1.8.4" - knative.dev/crd-install: "true" - duck.knative.dev/addressable: "true" - app.kubernetes.io/version: "1.8.4" - app.kubernetes.io/name: knative-eventing -spec: - group: flows.knative.dev - versions: - - name: v1 - served: true - storage: true - subresources: - status: {} - schema: - openAPIV3Schema: - description: 'Parallel defines conditional branches that will be wired in series through Channels and Subscriptions.' - type: object - properties: - spec: - description: Spec defines the desired state of the Parallel. - type: object - properties: - branches: - description: Branches is the list of Filter/Subscribers pairs. - type: array - items: - type: object - x-kubernetes-preserve-unknown-fields: true - properties: - delivery: - description: Delivery is the delivery specification for events to the subscriber This includes things like retries, DLQ, etc. - type: object - properties: - backoffDelay: - description: 'BackoffDelay is the delay before retrying. More information on Duration format: - https://www.iso.org/iso-8601-date-and-time-format.html - https://en.wikipedia.org/wiki/ISO_8601 For linear policy, backoff delay is backoffDelay*. For exponential policy, backoff delay is backoffDelay*2^.' - type: string - backoffPolicy: - description: BackoffPolicy is the retry backoff policy (linear, exponential). - type: string - deadLetterSink: - description: DeadLetterSink is the sink receiving event that could not be sent to a destination. - type: object - properties: &addressableProperties - ref: - description: Ref points to an Addressable. - type: object - properties: - apiVersion: - description: API version of the referent. - type: string - kind: - description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - namespace: - description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ This is optional field, it gets defaulted to the object holding it if left out.' - type: string - uri: - description: URI can be an absolute URL(non-empty scheme and non-empty host) pointing to the target or a relative URI. Relative URIs will be resolved using the base URI retrieved from Ref. - type: string - retry: - description: Retry is the minimum number of retries the sender should attempt when sending an event before moving it to the dead letter sink. - type: integer - format: int32 - x-kubernetes-preserve-unknown-fields: true # This is necessary to enable the experimental feature delivery-timeout - filter: - description: Filter is the expression guarding the branch - type: object - properties: - !!merge <<: *addressableProperties - reply: - description: Reply is a Reference to where the result of Subscriber of this case gets sent to. If not specified, sent the result to the Parallel Reply - type: object - properties: - !!merge <<: *addressableProperties - subscriber: - description: Subscriber receiving the event when the filter passes - type: object - properties: - !!merge <<: *addressableProperties - channelTemplate: - description: ChannelTemplate specifies which Channel CRD to use. If left unspecified, it is set to the default Channel CRD for the namespace (or cluster, in case there are no defaults for the namespace). - type: object - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - spec: - description: Spec defines the Spec to use for each channel created. Passed in verbatim to the Channel CRD as Spec section. - type: object - x-kubernetes-preserve-unknown-fields: true - reply: - description: Reply is a Reference to where the result of a case Subscriber gets sent to when the case does not have a Reply - type: object - properties: - !!merge <<: *addressableProperties - status: - description: Status represents the current state of the Parallel. This data may be out of date. - type: object - properties: - address: - type: object - properties: - url: - type: string - annotations: - description: Annotations is additional Status fields for the Resource to save some additional State as well as convey more information to the user. This is roughly akin to Annotations on any k8s resource, just the reconciler conveying richer information outwards. - type: object - x-kubernetes-preserve-unknown-fields: true - branchStatuses: - description: BranchStatuses is an array of corresponding to branch statuses. Matches the Spec.Branches array in the order. - type: array - items: - type: object - properties: - filterChannelStatus: - description: FilterChannelStatus corresponds to the filter channel status. - type: object - properties: &channelProperties - channel: - description: Channel is the reference to the underlying channel. - type: object - properties: &referentProperties - apiVersion: - description: API version of the referent. - type: string - fieldPath: - description: 'If referring to a piece of an object instead of an entire object, this string should contain a valid JSON/Go field access statement, such as desiredState.manifest.containers[2]. For example, if the object reference is to a container within a pod, this would take on a value like: "spec.containers{name}" (where "name" refers to the name of the container that triggered the event) or if no container name is specified "spec.containers[2]" (container with index 2 in this pod). This syntax is chosen only to have some well-defined way of referencing a part of an object.' - type: string - kind: - description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - namespace: - description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' - type: string - resourceVersion: - description: 'Specific resourceVersion to which this reference is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency' - type: string - uid: - description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids' - type: string - ready: - description: ReadyCondition indicates whether the Channel is ready or not. - type: object - x-kubernetes-preserve-unknown-fields: true - properties: &readyConditionProperties - message: - description: A human readable message indicating details about the transition. - type: string - reason: - description: The reason for the condition's last transition. - type: string - severity: - description: Severity with which to treat failures of this type of condition. When this is not specified, it defaults to Error. - type: string - status: - description: Status of the condition, one of True, False, Unknown. - type: string - type: - description: Type of condition. - type: string - filterSubscriptionStatus: - description: FilterSubscriptionStatus corresponds to the filter subscription status. - type: object - properties: - ready: - description: ReadyCondition indicates whether the Subscription is ready or not. - type: object - properties: - !!merge <<: *readyConditionProperties - subscription: - description: Subscription is the reference to the underlying Subscription. - type: object - properties: - !!merge <<: *referentProperties - subscriberSubscriptionStatus: - description: SubscriptionStatus corresponds to the subscriber subscription status. - type: object - properties: - ready: - description: ReadyCondition indicates whether the Subscription is ready or not. - type: object - properties: - !!merge <<: *readyConditionProperties - subscription: - description: Subscription is the reference to the underlying Subscription. - type: object - properties: - !!merge <<: *referentProperties - conditions: - description: Conditions the latest available observations of a resource's current state. - type: array - items: - type: object - properties: - !!merge <<: *readyConditionProperties - ingressChannelStatus: - description: IngressChannelStatus corresponds to the ingress channel status. - type: object - properties: - !!merge <<: *channelProperties - observedGeneration: - description: ObservedGeneration is the 'Generation' of the Service that was last processed by the controller. - type: integer - format: int64 - additionalPrinterColumns: - - name: URL - type: string - jsonPath: .status.address.url - - name: Age - type: date - jsonPath: .metadata.creationTimestamp - - name: Ready - type: string - jsonPath: ".status.conditions[?(@.type==\"Ready\")].status" - - name: Reason - type: string - jsonPath: ".status.conditions[?(@.type==\"Ready\")].reason" - names: - kind: Parallel - plural: parallels - singular: parallel - categories: - - all - - knative - - flows - scope: Namespaced - ---- -# Copyright 2020 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - labels: - eventing.knative.dev/release: "v1.8.4" - eventing.knative.dev/source: "true" - duck.knative.dev/source: "true" - knative.dev/crd-install: "true" - app.kubernetes.io/version: "1.8.4" - app.kubernetes.io/name: knative-eventing - annotations: - # TODO add schemas and descriptions - registry.knative.dev/eventTypes: | - [ - { "type": "dev.knative.sources.ping" } - ] - name: pingsources.sources.knative.dev -spec: - group: sources.knative.dev - versions: - - &version - name: v1beta2 - served: true - storage: false - subresources: - status: {} - schema: - openAPIV3Schema: - type: object - description: 'PingSource describes an event source with a fixed payload produced on a specified cron schedule.' - properties: - spec: - type: object - description: 'PingSourceSpec defines the desired state of the PingSource (from the client).' - properties: - ceOverrides: - description: 'CloudEventOverrides defines overrides to control the output format and modifications of the event sent to the sink.' - type: object - properties: - extensions: - description: 'Extensions specify what attribute are added or overridden on the outbound event. Each `Extensions` key-value pair are set on the event as an attribute extension independently.' - type: object - additionalProperties: - type: string - x-kubernetes-preserve-unknown-fields: true - contentType: - description: 'ContentType is the media type of `data` or `dataBase64`. Default is empty.' - type: string - data: - description: 'Data is data used as the body of the event posted to the sink. Default is empty. Mutually exclusive with `dataBase64`.' - type: string - dataBase64: - description: "DataBase64 is the base64-encoded string of the actual event's body posted to the sink. Default is empty. Mutually exclusive with `data`." - type: string - schedule: - description: 'Schedule is the cron schedule. Defaults to `* * * * *`.' - type: string - sink: - description: 'Sink is a reference to an object that will resolve to a uri to use as the sink.' - type: object - properties: - ref: - description: 'Ref points to an Addressable.' - type: object - properties: - apiVersion: - description: 'API version of the referent.' - type: string - kind: - description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - namespace: - description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ This is optional field, it gets defaulted to the object holding it if left out.' - type: string - uri: - description: 'URI can be an absolute URL(non-empty scheme and non-empty host) pointing to the target or a relative URI. Relative URIs will be resolved using the base URI retrieved from Ref.' - type: string - timezone: - description: 'Timezone modifies the actual time relative to the specified timezone. Defaults to the system time zone. More general information about time zones: https://www.iana.org/time-zones List of valid timezone values: https://en.wikipedia.org/wiki/List_of_tz_database_time_zones' - type: string - status: - type: object - description: 'PingSourceStatus defines the observed state of PingSource (from the controller).' - properties: - annotations: - description: 'Annotations is additional Status fields for the Resource to save some additional State as well as convey more information to the user. This is roughly akin to Annotations on any k8s resource, just the reconciler conveying richer information outwards.' - type: object - x-kubernetes-preserve-unknown-fields: true - ceAttributes: - description: 'CloudEventAttributes are the specific attributes that the Source uses as part of its CloudEvents.' - type: array - items: - type: object - properties: - source: - description: 'Source is the CloudEvents source attribute.' - type: string - type: - description: 'Type refers to the CloudEvent type attribute.' - type: string - conditions: - description: 'Conditions the latest available observations of a resource''s current state.' - type: array - items: - type: object - required: - - type - - status - properties: - lastTransitionTime: - description: 'LastTransitionTime is the last time the condition transitioned from one status to another. We use VolatileTime in place of metav1.Time to exclude this from creating equality.Semantic differences (all other things held constant).' - type: string - message: - description: 'A human readable message indicating details about the transition.' - type: string - reason: - description: 'The reason for the condition''s last transition.' - type: string - severity: - description: 'Severity with which to treat failures of this type of condition. When this is not specified, it defaults to Error.' - type: string - status: - description: 'Status of the condition, one of True, False, Unknown.' - type: string - type: - description: 'Type of condition.' - type: string - observedGeneration: - description: 'ObservedGeneration is the "Generation" of the Service that was last processed by the controller.' - type: integer - format: int64 - sinkUri: - description: 'SinkURI is the current active sink URI that has been configured for the Source.' - type: string - additionalPrinterColumns: - - name: Sink - type: string - jsonPath: .status.sinkUri - - name: Schedule - type: string - jsonPath: .spec.schedule - - name: Age - type: date - jsonPath: .metadata.creationTimestamp - - name: Ready - type: string - jsonPath: ".status.conditions[?(@.type=='Ready')].status" - - name: Reason - type: string - jsonPath: ".status.conditions[?(@.type=='Ready')].reason" - - !!merge <<: *version - name: v1 - served: true - storage: true - # v1 schema is identical to the v1beta2 schema - names: - categories: - - all - - knative - - sources - kind: PingSource - plural: pingsources - singular: pingsource - scope: Namespaced - conversion: - strategy: Webhook - webhook: - conversionReviewVersions: ["v1", "v1beta1"] - clientConfig: - service: - name: eventing-webhook - namespace: knative-eventing - ---- -# Copyright 2020 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - name: sequences.flows.knative.dev - labels: - eventing.knative.dev/release: "v1.8.4" - knative.dev/crd-install: "true" - duck.knative.dev/addressable: "true" - app.kubernetes.io/version: "1.8.4" - app.kubernetes.io/name: knative-eventing -spec: - group: flows.knative.dev - versions: - - name: v1 - served: true - storage: true - subresources: - status: {} - schema: - openAPIV3Schema: - description: 'Sequence defines a sequence of Subscribers that will be wired in series through Channels and Subscriptions.' - type: object - properties: - spec: - description: Spec defines the desired state of the Sequence. - type: object - properties: - channelTemplate: - description: ChannelTemplate specifies which Channel CRD to use. If left unspecified, it is set to the default Channel CRD for the namespace (or cluster, in case there are no defaults for the namespace). - type: object - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - spec: - description: Spec defines the Spec to use for each channel created. Passed in verbatim to the Channel CRD as Spec section. - type: object - x-kubernetes-preserve-unknown-fields: true - reply: - description: Reply is a Reference to where the result of the last Subscriber gets sent to. - type: object - properties: - ref: - description: Ref points to an Addressable. - type: object - properties: - apiVersion: - description: API version of the referent. - type: string - kind: - description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - namespace: - description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ This is optional field, it gets defaulted to the object holding it if left out.' - type: string - uri: - description: URI can be an absolute URL(non-empty scheme and non-empty host) pointing to the target or a relative URI. Relative URIs will be resolved using the base URI retrieved from Ref. - type: string - steps: - description: Steps is the list of Destinations (processors / functions) that will be called in the order provided. Each step has its own delivery options - type: array - items: - type: object - properties: - delivery: - description: Delivery is the delivery specification for events to the subscriber This includes things like retries, DLQ, etc. - type: object - properties: - backoffDelay: - description: 'BackoffDelay is the delay before retrying. More information on Duration format: - https://www.iso.org/iso-8601-date-and-time-format.html - https://en.wikipedia.org/wiki/ISO_8601 For linear policy, backoff delay is backoffDelay*. For exponential policy, backoff delay is backoffDelay*2^.' - type: string - backoffPolicy: - description: BackoffPolicy is the retry backoff policy (linear, exponential). - type: string - deadLetterSink: - description: DeadLetterSink is the sink receiving event that could not be sent to a destination. - type: object - properties: - ref: - description: Ref points to an Addressable. - type: object - properties: - apiVersion: - description: API version of the referent. - type: string - kind: - description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - namespace: - description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ This is optional field, it gets defaulted to the object holding it if left out.' - type: string - uri: - description: URI can be an absolute URL(non-empty scheme and non-empty host) pointing to the target or a relative URI. Relative URIs will be resolved using the base URI retrieved from Ref. - type: string - retry: - description: Retry is the minimum number of retries the sender should attempt when sending an event before moving it to the dead letter sink. - type: integer - format: int32 - x-kubernetes-preserve-unknown-fields: true # This is necessary to enable the experimental feature delivery-timeout - ref: - description: Ref points to an Addressable. - type: object - properties: - apiVersion: - description: API version of the referent. - type: string - kind: - description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - namespace: - description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ This is optional field, it gets defaulted to the object holding it if left out.' - type: string - uri: - description: URI can be an absolute URL(non-empty scheme and non-empty host) pointing to the target or a relative URI. Relative URIs will be resolved using the base URI retrieved from Ref. - type: string - status: - description: Status represents the current state of the Sequence. This data may be out of date. - type: object - properties: - address: - type: object - properties: - url: - type: string - annotations: - description: Annotations is additional Status fields for the Resource to save some additional State as well as convey more information to the user. This is roughly akin to Annotations on any k8s resource, just the reconciler conveying richer information outwards. - type: object - x-kubernetes-preserve-unknown-fields: true - channelStatuses: - description: ChannelStatuses is an array of corresponding Channel statuses. Matches the Spec.Steps array in the order. - type: array - items: - type: object - properties: - channel: - description: Channel is the reference to the underlying channel. - type: object - properties: - apiVersion: - description: API version of the referent. - type: string - fieldPath: - description: 'If referring to a piece of an object instead of an entire object, this string should contain a valid JSON/Go field access statement, such as desiredState.manifest.containers[2]. For example, if the object reference is to a container within a pod, this would take on a value like: "spec.containers{name}" (where "name" refers to the name of the container that triggered the event) or if no container name is specified "spec.containers[2]" (container with index 2 in this pod). This syntax is chosen only to have some well-defined way of referencing a part of an object.' - type: string - kind: - description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - namespace: - description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' - type: string - resourceVersion: - description: 'Specific resourceVersion to which this reference is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency' - type: string - uid: - description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids' - type: string - ready: - description: ReadyCondition indicates whether the Channel is ready or not. - type: object - required: - - type - - status - properties: - lastTransitionTime: - description: LastTransitionTime is the last time the condition transitioned from one status to another. We use VolatileTime in place of metav1.Time to exclude this from creating equality.Semantic differences (all other things held constant). - type: string - message: - description: A human readable message indicating details about the transition. - type: string - reason: - description: The reason for the condition's last transition. - type: string - severity: - description: Severity with which to treat failures of this type of condition. When this is not specified, it defaults to Error. - type: string - status: - description: Status of the condition, one of True, False, Unknown. - type: string - type: - description: Type of condition. - type: string - conditions: - description: Conditions the latest available observations of a resource's current state. - type: array - items: - type: object - required: - - type - - status - properties: - lastTransitionTime: - description: LastTransitionTime is the last time the condition transitioned from one status to another. We use VolatileTime in place of metav1.Time to exclude this from creating equality.Semantic differences (all other things held constant). - type: string - message: - description: A human readable message indicating details about the transition. - type: string - reason: - description: The reason for the condition's last transition. - type: string - severity: - description: Severity with which to treat failures of this type of condition. When this is not specified, it defaults to Error. - type: string - status: - description: Status of the condition, one of True, False, Unknown. - type: string - type: - description: Type of condition. - type: string - observedGeneration: - description: ObservedGeneration is the 'Generation' of the Service that was last processed by the controller. - type: integer - format: int64 - subscriptionStatuses: - description: SubscriptionStatuses is an array of corresponding Subscription statuses. Matches the Spec.Steps array in the order. - type: array - items: - type: object - properties: - ready: - description: ReadyCondition indicates whether the Subscription is ready or not. - type: object - required: - - type - - status - properties: - lastTransitionTime: - description: LastTransitionTime is the last time the condition transitioned from one status to another. We use VolatileTime in place of metav1.Time to exclude this from creating equality.Semantic differences (all other things held constant). - type: string - message: - description: A human readable message indicating details about the transition. - type: string - reason: - description: The reason for the condition's last transition. - type: string - severity: - description: Severity with which to treat failures of this type of condition. When this is not specified, it defaults to Error. - type: string - status: - description: Status of the condition, one of True, False, Unknown. - type: string - type: - description: Type of condition. - type: string - subscription: - description: Subscription is the reference to the underlying Subscription. - type: object - properties: - apiVersion: - description: API version of the referent. - type: string - fieldPath: - description: 'If referring to a piece of an object instead of an entire object, this string should contain a valid JSON/Go field access statement, such as desiredState.manifest.containers[2]. For example, if the object reference is to a container within a pod, this would take on a value like: "spec.containers{name}" (where "name" refers to the name of the container that triggered the event) or if no container name is specified "spec.containers[2]" (container with index 2 in this pod). This syntax is chosen only to have some well-defined way of referencing a part of an object.' - type: string - kind: - description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - namespace: - description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' - type: string - resourceVersion: - description: 'Specific resourceVersion to which this reference is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency' - type: string - uid: - description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids' - type: string - additionalPrinterColumns: - - name: URL - type: string - jsonPath: .status.address.url - - name: Age - type: date - jsonPath: .metadata.creationTimestamp - - name: Ready - type: string - jsonPath: ".status.conditions[?(@.type==\"Ready\")].status" - - name: Reason - type: string - jsonPath: ".status.conditions[?(@.type==\"Ready\")].reason" - names: - kind: Sequence - plural: sequences - singular: sequence - categories: - - all - - knative - - flows - scope: Namespaced - ---- -# Copyright 2020 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - labels: - eventing.knative.dev/release: "v1.8.4" - eventing.knative.dev/source: "true" - duck.knative.dev/source: "true" - duck.knative.dev/binding: "true" - knative.dev/crd-install: "true" - app.kubernetes.io/version: "1.8.4" - app.kubernetes.io/name: knative-eventing - name: sinkbindings.sources.knative.dev -spec: - group: sources.knative.dev - versions: - - name: v1 - served: true - storage: true - subresources: - status: {} - schema: - openAPIV3Schema: - description: 'SinkBinding describes a Binding that is also a Source. The `sink` (from the Source duck) is resolved to a URL and then projected into the `subject` by augmenting the runtime contract of the referenced containers to have a `K_SINK` environment variable holding the endpoint to which to send cloud events.' - type: object - properties: - spec: - type: object - properties: - ceOverrides: - description: CloudEventOverrides defines overrides to control the output format and modifications of the event sent to the sink. - type: object - properties: - extensions: - description: Extensions specify what attribute are added or overridden on the outbound event. Each `Extensions` key-value pair are set on the event as an attribute extension independently. - type: object - x-kubernetes-preserve-unknown-fields: true - sink: - description: Sink is a reference to an object that will resolve to a uri to use as the sink. - type: object - properties: - ref: - description: Ref points to an Addressable. - type: object - properties: - apiVersion: - description: API version of the referent. - type: string - kind: - description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - namespace: - description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ This is optional field, it gets defaulted to the object holding it if left out.' - type: string - uri: - description: URI can be an absolute URL(non-empty scheme and non-empty host) pointing to the target or a relative URI. Relative URIs will be resolved using the base URI retrieved from Ref. - type: string - subject: - description: Subject references the resource(s) whose "runtime contract" should be augmented by Binding implementations. - type: object - properties: - apiVersion: - description: API version of the referent. - type: string - kind: - description: Kind of the referent. - type: string - name: - description: Name of the referent. Mutually exclusive with Selector. - type: string - namespace: - description: Namespace of the referent. - type: string - selector: - description: Selector of the referents. Mutually exclusive with Name. - type: object - properties: - matchExpressions: - description: matchExpressions is a list of label selector requirements. The requirements are ANDed. - type: array - items: - type: object - properties: - key: - description: key is the label key that the selector applies to. - type: string - operator: - description: operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. - type: string - values: - description: values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. - type: array - items: - type: string - matchLabels: - description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. - type: object - x-kubernetes-preserve-unknown-fields: true - status: - type: object - properties: - annotations: - description: Annotations is additional Status fields for the Resource to save some additional State as well as convey more information to the user. This is roughly akin to Annotations on any k8s resource, just the reconciler conveying richer information outwards. - type: object - x-kubernetes-preserve-unknown-fields: true - ceAttributes: - description: CloudEventAttributes are the specific attributes that the Source uses as part of its CloudEvents. - type: array - items: - type: object - properties: - source: - description: Source is the CloudEvents source attribute. - type: string - type: - description: Type refers to the CloudEvent type attribute. - type: string - conditions: - description: Conditions the latest available observations of a resource's current state. - type: array - items: - type: object - required: - - type - - status - properties: - lastTransitionTime: - description: LastTransitionTime is the last time the condition transitioned from one status to another. We use VolatileTime in place of metav1.Time to exclude this from creating equality.Semantic differences (all other things held constant). - type: string - message: - description: A human readable message indicating details about the transition. - type: string - reason: - description: The reason for the condition's last transition. - type: string - severity: - description: Severity with which to treat failures of this type of condition. When this is not specified, it defaults to Error. - type: string - status: - description: Status of the condition, one of True, False, Unknown. - type: string - type: - description: Type of condition. - type: string - observedGeneration: - description: ObservedGeneration is the 'Generation' of the Service that was last processed by the controller. - type: integer - format: int64 - sinkUri: - description: SinkURI is the current active sink URI that has been configured for the Source. - type: string - additionalPrinterColumns: - - name: Sink - type: string - jsonPath: ".status.sinkUri" - - name: Age - type: date - jsonPath: .metadata.creationTimestamp - - name: Ready - type: string - jsonPath: ".status.conditions[?(@.type=='Ready')].status" - - name: Reason - type: string - jsonPath: ".status.conditions[?(@.type=='Ready')].reason" - names: - categories: - - all - - knative - - sources - - bindings - kind: SinkBinding - plural: sinkbindings - singular: sinkbinding - scope: Namespaced - ---- -# Copyright 2020 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - name: subscriptions.messaging.knative.dev - labels: - eventing.knative.dev/release: "v1.8.4" - knative.dev/crd-install: "true" - app.kubernetes.io/version: "1.8.4" - app.kubernetes.io/name: knative-eventing -spec: - group: messaging.knative.dev - versions: - - name: v1 - served: true - storage: true - subresources: - status: {} - schema: - openAPIV3Schema: - description: 'Subscription routes events received on a Channel to a DNS name and corresponds to the subscriptions.channels.knative.dev CRD.' - type: object - properties: - spec: - type: object - properties: - channel: - description: 'Reference to a channel that will be used to create the subscription. You can specify only the following fields of the KReference: kind, apiVersion and name. The resource pointed by this KReference must meet the contract to the ChannelableSpec duck type. If the resource does not meet this contract it will be reflected in the Subscription''s status. This field is immutable. We have no good answer on what happens to the events that are currently in the channel being consumed from and what the semantics there should be. For now, you can always delete the Subscription and recreate it to point to a different channel, giving the user more control over what semantics should be used (drain the channel first, possibly have events dropped, etc.)' - type: object - properties: - apiVersion: - description: API version of the referent. - type: string - kind: - description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - x-kubernetes-preserve-unknown-fields: true # This is necessary to enable the experimental feature - delivery: - description: Delivery configuration - type: object - properties: - backoffDelay: - description: 'BackoffDelay is the delay before retrying. More information on Duration format: - https://www.iso.org/iso-8601-date-and-time-format.html - https://en.wikipedia.org/wiki/ISO_8601 For linear policy, backoff delay is backoffDelay*. For exponential policy, backoff delay is backoffDelay*2^.' - type: string - backoffPolicy: - description: BackoffPolicy is the retry backoff policy (linear, exponential). - type: string - deadLetterSink: - description: DeadLetterSink is the sink receiving event that could not be sent to a destination. - type: object - properties: - ref: - description: Ref points to an Addressable. - type: object - properties: - apiVersion: - description: API version of the referent. - type: string - kind: - description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - namespace: - description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ This is optional field, it gets defaulted to the object holding it if left out.' - type: string - uri: - description: URI can be an absolute URL(non-empty scheme and non-empty host) pointing to the target or a relative URI. Relative URIs will be resolved using the base URI retrieved from Ref. - type: string - retry: - description: Retry is the minimum number of retries the sender should attempt when sending an event before moving it to the dead letter sink. - type: integer - format: int32 - x-kubernetes-preserve-unknown-fields: true # This is necessary to enable the experimental feature delivery-timeout - reply: - description: Reply specifies (optionally) how to handle events returned from the Subscriber target. - type: object - properties: - ref: - description: Ref points to an Addressable. - type: object - properties: - apiVersion: - description: API version of the referent. - type: string - kind: - description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - namespace: - description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ This is optional field, it gets defaulted to the object holding it if left out.' - type: string - uri: - description: URI can be an absolute URL(non-empty scheme and non-empty host) pointing to the target or a relative URI. Relative URIs will be resolved using the base URI retrieved from Ref. - type: string - subscriber: - description: Subscriber is reference to (optional) function for processing events. Events from the Channel will be delivered here and replies are sent to a Destination as specified by the Reply. - type: object - properties: - ref: - description: Ref points to an Addressable. - type: object - properties: - apiVersion: - description: API version of the referent. - type: string - kind: - description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - namespace: - description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ This is optional field, it gets defaulted to the object holding it if left out.' - type: string - x-kubernetes-preserve-unknown-fields: true # This is necessary to enable the experimental feature - uri: - description: URI can be an absolute URL(non-empty scheme and non-empty host) pointing to the target or a relative URI. Relative URIs will be resolved using the base URI retrieved from Ref. - type: string - status: - type: object - properties: - annotations: - description: Annotations is additional Status fields for the Resource to save some additional State as well as convey more information to the user. This is roughly akin to Annotations on any k8s resource, just the reconciler conveying richer information outwards. - type: object - x-kubernetes-preserve-unknown-fields: true - conditions: - description: Conditions the latest available observations of a resource's current state. - type: array - items: - type: object - required: - - type - - status - properties: - lastTransitionTime: - description: LastTransitionTime is the last time the condition transitioned from one status to another. We use VolatileTime in place of metav1.Time to exclude this from creating equality.Semantic differences (all other things held constant). - type: string - message: - description: A human readable message indicating details about the transition. - type: string - reason: - description: The reason for the condition's last transition. - type: string - severity: - description: Severity with which to treat failures of this type of condition. When this is not specified, it defaults to Error. - type: string - status: - description: Status of the condition, one of True, False, Unknown. - type: string - type: - description: Type of condition. - type: string - observedGeneration: - description: ObservedGeneration is the 'Generation' of the Service that was last processed by the controller. - type: integer - format: int64 - physicalSubscription: - description: PhysicalSubscription is the fully resolved values that this Subscription represents. - type: object - properties: - deadLetterSinkUri: - description: ReplyURI is the fully resolved URI for the spec.delivery.deadLetterSink. - type: string - replyUri: - description: ReplyURI is the fully resolved URI for the spec.reply. - type: string - subscriberUri: - description: SubscriberURI is the fully resolved URI for spec.subscriber. - type: string - additionalPrinterColumns: - - name: Age - type: date - jsonPath: .metadata.creationTimestamp - - name: Ready - type: string - jsonPath: ".status.conditions[?(@.type==\"Ready\")].status" - - name: Reason - type: string - jsonPath: ".status.conditions[?(@.type==\"Ready\")].reason" - names: - kind: Subscription - plural: subscriptions - singular: subscription - categories: - - all - - knative - - messaging - shortNames: - - sub - scope: Namespaced - ---- -# Copyright 2020 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - name: triggers.eventing.knative.dev - labels: - eventing.knative.dev/release: "v1.8.4" - knative.dev/crd-install: "true" - app.kubernetes.io/version: "1.8.4" - app.kubernetes.io/name: knative-eventing -spec: - group: eventing.knative.dev - versions: - - name: v1 - served: true - storage: true - subresources: - status: {} - additionalPrinterColumns: - - name: Broker - type: string - jsonPath: .spec.broker - - name: Subscriber_URI - type: string - jsonPath: .status.subscriberUri - - name: Age - type: date - jsonPath: .metadata.creationTimestamp - - name: Ready - type: string - jsonPath: ".status.conditions[?(@.type==\"Ready\")].status" - - name: Reason - type: string - jsonPath: ".status.conditions[?(@.type==\"Ready\")].reason" - schema: - openAPIV3Schema: - description: 'Trigger represents a request to have events delivered to a subscriber from a Broker''s event pool.' - type: object - properties: - spec: - description: Spec defines the desired state of the Trigger. - type: object - x-kubernetes-preserve-unknown-fields: true - properties: - broker: - description: Broker is the broker that this trigger receives events from. - type: string - delivery: - description: Delivery contains the delivery spec for this specific trigger. - type: object - x-kubernetes-preserve-unknown-fields: true # This is necessary to enable the experimental feature delivery-timeout - properties: - backoffDelay: - description: 'BackoffDelay is the delay before retrying. More information on Duration format: - https://www.iso.org/iso-8601-date-and-time-format.html - https://en.wikipedia.org/wiki/ISO_8601 For linear policy, backoff delay is backoffDelay*. For exponential policy, backoff delay is backoffDelay*2^.' - type: string - backoffPolicy: - description: BackoffPolicy is the retry backoff policy (linear, exponential). - type: string - deadLetterSink: - description: DeadLetterSink is the sink receiving event that could not be sent to a destination. - type: object - properties: - ref: - description: Ref points to an Addressable. - type: object - properties: - apiVersion: - description: API version of the referent. - type: string - kind: - description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - namespace: - description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ This is optional field, it gets defaulted to the object holding it if left out.' - type: string - uri: - description: URI can be an absolute URL(non-empty scheme and non-empty host) pointing to the target or a relative URI. Relative URIs will be resolved using the base URI retrieved from Ref. - type: string - retry: - description: Retry is the minimum number of retries the sender should attempt when sending an event before moving it to the dead letter sink. - type: integer - format: int32 - filter: - description: 'Filter is the filter to apply against all events from the Broker. Only events that pass this filter will be sent to the Subscriber. If not specified, will default to allowing all events. ' - type: object - properties: - attributes: - description: 'Attributes filters events by exact match on event context attributes. Each key in the map is compared with the equivalent key in the event context. An event passes the filter if all values are equal to the specified values. Nested context attributes are not supported as keys. Only string values are supported. ' - type: object - x-kubernetes-preserve-unknown-fields: true - subscriber: - description: Subscriber is the addressable that receives events from the Broker that pass the Filter. It is required. - type: object - properties: - ref: - description: Ref points to an Addressable. - type: object - properties: - apiVersion: - description: API version of the referent. - type: string - kind: - description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - namespace: - description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ This is optional field, it gets defaulted to the object holding it if left out.' - type: string - uri: - description: URI can be an absolute URL(non-empty scheme and non-empty host) pointing to the target or a relative URI. Relative URIs will be resolved using the base URI retrieved from Ref. - type: string - status: - description: Status represents the current state of the Trigger. This data may be out of date. - type: object - properties: - annotations: - description: Annotations is additional Status fields for the Resource to save some additional State as well as convey more information to the user. This is roughly akin to Annotations on any k8s resource, just the reconciler conveying richer information outwards. - type: object - x-kubernetes-preserve-unknown-fields: true - conditions: - description: Conditions the latest available observations of a resource's current state. - type: array - items: - type: object - required: - - type - - status - properties: - lastTransitionTime: - description: 'LastTransitionTime is the last time the condition transitioned from one status to another. We use VolatileTime in place of metav1.Time to exclude this from creating equality.Semantic differences (all other things held constant).' - type: string - message: - description: 'A human readable message indicating details about the transition.' - type: string - reason: - description: 'The reason for the condition''s last transition.' - type: string - severity: - description: 'Severity with which to treat failures of this type of condition. When this is not specified, it defaults to Error.' - type: string - status: - description: 'Status of the condition, one of True, False, Unknown.' - type: string - type: - description: 'Type of condition.' - type: string - deadLetterSinkUri: - description: DeadLetterSinkURI is the resolved URI of the dead letter sink for this Trigger, in case there is none this will fallback to it's Broker status DeadLetterSinkURI. - type: string - observedGeneration: - description: ObservedGeneration is the 'Generation' of the Service that was last processed by the controller. - type: integer - format: int64 - subscriberUri: - description: SubscriberURI is the resolved URI of the receiver for this Trigger. - type: string - names: - kind: Trigger - plural: triggers - singular: trigger - categories: - - all - - knative - - eventing - scope: Namespaced - ---- -# Copyright 2019 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -# Use this aggregated ClusterRole when you need readonly access to "Addressables" -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRole -metadata: - name: addressable-resolver - labels: - eventing.knative.dev/release: "v1.8.4" - app.kubernetes.io/version: "1.8.4" - app.kubernetes.io/name: knative-eventing -aggregationRule: - clusterRoleSelectors: - - matchLabels: - duck.knative.dev/addressable: "true" -rules: [] # Rules are automatically filled in by the controller manager. ---- -kind: ClusterRole -apiVersion: rbac.authorization.k8s.io/v1 -metadata: - name: service-addressable-resolver - labels: - eventing.knative.dev/release: "v1.8.4" - duck.knative.dev/addressable: "true" - app.kubernetes.io/version: "1.8.4" - app.kubernetes.io/name: knative-eventing -# Do not use this role directly. These rules will be added to the "addressable-resolver" role. -rules: - - apiGroups: - - "" - resources: - - services - verbs: - - get - - list - - watch ---- -kind: ClusterRole -apiVersion: rbac.authorization.k8s.io/v1 -metadata: - name: serving-addressable-resolver - labels: - eventing.knative.dev/release: "v1.8.4" - duck.knative.dev/addressable: "true" - app.kubernetes.io/version: "1.8.4" - app.kubernetes.io/name: knative-eventing -# Do not use this role directly. These rules will be added to the "addressable-resolver" role. -rules: - - apiGroups: - - serving.knative.dev - resources: - - routes - - routes/status - - services - - services/status - verbs: - - get - - list - - watch ---- -kind: ClusterRole -apiVersion: rbac.authorization.k8s.io/v1 -metadata: - name: channel-addressable-resolver - labels: - eventing.knative.dev/release: "v1.8.4" - duck.knative.dev/addressable: "true" - app.kubernetes.io/version: "1.8.4" - app.kubernetes.io/name: knative-eventing -# Do not use this role directly. These rules will be added to the "addressable-resolver" role. -rules: - - apiGroups: - - messaging.knative.dev - resources: - - channels - - channels/status - verbs: - - get - - list - - watch - - apiGroups: - - messaging.knative.dev - resources: - - channels/finalizers - verbs: - - update ---- -kind: ClusterRole -apiVersion: rbac.authorization.k8s.io/v1 -metadata: - name: broker-addressable-resolver - labels: - eventing.knative.dev/release: "v1.8.4" - duck.knative.dev/addressable: "true" - app.kubernetes.io/version: "1.8.4" - app.kubernetes.io/name: knative-eventing -# Do not use this role directly. These rules will be added to the "addressable-resolver" role. -rules: - - apiGroups: - - eventing.knative.dev - resources: - - brokers - - brokers/status - verbs: - - get - - list - - watch ---- -kind: ClusterRole -apiVersion: rbac.authorization.k8s.io/v1 -metadata: - name: flows-addressable-resolver - labels: - eventing.knative.dev/release: "v1.8.4" - duck.knative.dev/addressable: "true" - app.kubernetes.io/version: "1.8.4" - app.kubernetes.io/name: knative-eventing -# Do not use this role directly. These rules will be added to the "addressable-resolver" role. -rules: - - apiGroups: - - flows.knative.dev - resources: - - sequences - - sequences/status - - parallels - - parallels/status - verbs: - - get - - list - - watch - ---- -# Copyright 2019 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRole -metadata: - name: eventing-broker-filter - labels: - eventing.knative.dev/release: "v1.8.4" - app.kubernetes.io/version: "1.8.4" - app.kubernetes.io/name: knative-eventing -rules: - - apiGroups: - - "" - resources: - - "configmaps" - verbs: - - "get" - - "list" - - "watch" - - apiGroups: - - "eventing.knative.dev" - resources: - - "triggers" - - "triggers/status" - verbs: - - "get" - - "list" - - "watch" ---- -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRole -metadata: - name: eventing-broker-ingress - labels: - eventing.knative.dev/release: "v1.8.4" - app.kubernetes.io/version: "1.8.4" - app.kubernetes.io/name: knative-eventing -rules: - - apiGroups: - - "" - resources: - - "configmaps" - verbs: - - "get" - - "list" - - "watch" ---- -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRole -metadata: - name: eventing-config-reader - labels: - eventing.knative.dev/release: "v1.8.4" - app.kubernetes.io/version: "1.8.4" - app.kubernetes.io/name: knative-eventing -rules: - - apiGroups: - - "" - resources: - - "configmaps" - verbs: - - "get" - - "list" - - "watch" - ---- -# Copyright 2019 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -# Use this aggregated ClusterRole when you need read and update permissions on "Channelables". -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRole -metadata: - name: channelable-manipulator - labels: - eventing.knative.dev/release: "v1.8.4" - app.kubernetes.io/version: "1.8.4" - app.kubernetes.io/name: knative-eventing -aggregationRule: - clusterRoleSelectors: - - matchLabels: - duck.knative.dev/channelable: "true" -rules: [] # Rules are automatically filled in by the controller manager. ---- -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRole -metadata: - name: meta-channelable-manipulator - labels: - eventing.knative.dev/release: "v1.8.4" - duck.knative.dev/channelable: "true" - app.kubernetes.io/version: "1.8.4" - app.kubernetes.io/name: knative-eventing -# Do not use this role directly. These rules will be added to the "channelable-manipulator" role. -rules: - - apiGroups: - - messaging.knative.dev - resources: - - channels - - channels/status - verbs: - - create - - get - - list - - watch - - update - - patch - - delete - ---- -# Copyright 2019 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -kind: ClusterRole -apiVersion: rbac.authorization.k8s.io/v1 -metadata: - name: knative-eventing-namespaced-admin - labels: - eventing.knative.dev/release: "v1.8.4" - rbac.authorization.k8s.io/aggregate-to-admin: "true" - app.kubernetes.io/version: "1.8.4" - app.kubernetes.io/name: knative-eventing -rules: - - apiGroups: ["eventing.knative.dev"] - resources: ["*"] - verbs: ["*"] ---- -kind: ClusterRole -apiVersion: rbac.authorization.k8s.io/v1 -metadata: - name: knative-messaging-namespaced-admin - labels: - eventing.knative.dev/release: "v1.8.4" - rbac.authorization.k8s.io/aggregate-to-admin: "true" - app.kubernetes.io/version: "1.8.4" - app.kubernetes.io/name: knative-eventing -rules: - - apiGroups: ["messaging.knative.dev"] - resources: ["*"] - verbs: ["*"] ---- -kind: ClusterRole -apiVersion: rbac.authorization.k8s.io/v1 -metadata: - name: knative-flows-namespaced-admin - labels: - eventing.knative.dev/release: "v1.8.4" - rbac.authorization.k8s.io/aggregate-to-admin: "true" - app.kubernetes.io/version: "1.8.4" - app.kubernetes.io/name: knative-eventing -rules: - - apiGroups: ["flows.knative.dev"] - resources: ["*"] - verbs: ["*"] ---- -kind: ClusterRole -apiVersion: rbac.authorization.k8s.io/v1 -metadata: - name: knative-sources-namespaced-admin - labels: - eventing.knative.dev/release: "v1.8.4" - rbac.authorization.k8s.io/aggregate-to-admin: "true" - app.kubernetes.io/version: "1.8.4" - app.kubernetes.io/name: knative-eventing -rules: - - apiGroups: ["sources.knative.dev"] - resources: ["*"] - verbs: ["*"] ---- -kind: ClusterRole -apiVersion: rbac.authorization.k8s.io/v1 -metadata: - name: knative-bindings-namespaced-admin - labels: - eventing.knative.dev/release: "v1.8.4" - rbac.authorization.k8s.io/aggregate-to-admin: "true" - app.kubernetes.io/version: "1.8.4" - app.kubernetes.io/name: knative-eventing -rules: - - apiGroups: ["bindings.knative.dev"] - resources: ["*"] - verbs: ["*"] ---- -kind: ClusterRole -apiVersion: rbac.authorization.k8s.io/v1 -metadata: - name: knative-eventing-namespaced-edit - labels: - rbac.authorization.k8s.io/aggregate-to-edit: "true" - eventing.knative.dev/release: "v1.8.4" - app.kubernetes.io/version: "1.8.4" - app.kubernetes.io/name: knative-eventing -rules: - - apiGroups: ["eventing.knative.dev", "messaging.knative.dev", "sources.knative.dev", "flows.knative.dev", "bindings.knative.dev"] - resources: ["*"] - verbs: ["create", "update", "patch", "delete"] ---- -kind: ClusterRole -apiVersion: rbac.authorization.k8s.io/v1 -metadata: - name: knative-eventing-namespaced-view - labels: - rbac.authorization.k8s.io/aggregate-to-view: "true" - eventing.knative.dev/release: "v1.8.4" - app.kubernetes.io/version: "1.8.4" - app.kubernetes.io/name: knative-eventing -rules: - - apiGroups: ["eventing.knative.dev", "messaging.knative.dev", "sources.knative.dev", "flows.knative.dev", "bindings.knative.dev"] - resources: ["*"] - verbs: ["get", "list", "watch"] - ---- -# Copyright 2019 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRole -metadata: - name: knative-eventing-controller - labels: - eventing.knative.dev/release: "v1.8.4" - app.kubernetes.io/version: "1.8.4" - app.kubernetes.io/name: knative-eventing -rules: - - apiGroups: - - "" - resources: - - "namespaces" - - "secrets" - - "configmaps" - - "services" - - "endpoints" - - "events" - - "serviceaccounts" - - "pods" - verbs: &everything - - "get" - - "list" - - "create" - - "update" - - "delete" - - "patch" - - "watch" - # Brokers and the namespace annotation controllers manipulate Deployments. - - apiGroups: - - "apps" - resources: - - "deployments" - verbs: *everything - # PingSource controller manipulates Deployment owner reference - - apiGroups: - - "apps" - resources: - - "deployments/finalizers" - verbs: - - "update" - # The namespace annotation controller needs to manipulate RoleBindings. - - apiGroups: - - "rbac.authorization.k8s.io" - resources: - - "rolebindings" - verbs: *everything - # Our own resources and statuses we care about. - - apiGroups: - - "eventing.knative.dev" - resources: - - "brokers" - - "brokers/status" - - "triggers" - - "triggers/status" - - "eventtypes" - - "eventtypes/status" - verbs: *everything - # Eventing resources and finalizers we care about. - - apiGroups: - - "eventing.knative.dev" - resources: - - "brokers/finalizers" - - "triggers/finalizers" - verbs: - - "update" - # Our own resources and statuses we care about. - - apiGroups: - - "messaging.knative.dev" - resources: - - "sequences" - - "sequences/status" - - "channels" - - "channels/status" - - "parallels" - - "parallels/status" - - "subscriptions" - - "subscriptions/status" - verbs: *everything - # Flow resources and statuses we care about. - - apiGroups: - - "flows.knative.dev" - resources: - - "sequences" - - "sequences/status" - - "parallels" - - "parallels/status" - verbs: *everything - # Messaging resources and finalizers we care about. - - apiGroups: - - "messaging.knative.dev" - resources: - - "sequences/finalizers" - - "parallels/finalizers" - - "channels/finalizers" - verbs: - - "update" - # Flows resources and finalizers we care about. - - apiGroups: - - "flows.knative.dev" - resources: - - "sequences/finalizers" - - "parallels/finalizers" - verbs: - - "update" - # The subscription controller needs to retrieve and watch CustomResourceDefinitions. - - apiGroups: - - "apiextensions.k8s.io" - resources: - - "customresourcedefinitions" - verbs: - - "get" - - "list" - - "watch" - # For leader election - - apiGroups: - - "coordination.k8s.io" - resources: - - "leases" - verbs: *everything - ---- -# Copyright 2020 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRole -metadata: - name: knative-eventing-pingsource-mt-adapter - labels: - eventing.knative.dev/release: "v1.8.4" - app.kubernetes.io/version: "1.8.4" - app.kubernetes.io/name: knative-eventing -rules: - - apiGroups: - - "" - resources: - - "configmaps" - verbs: - - "get" - - "list" - - "watch" - - apiGroups: - - sources.knative.dev - resources: - - pingsources - - pingsources/status - verbs: - - get - - list - - watch - - patch - - apiGroups: - - sources.knative.dev - resources: - - pingsources/finalizers - verbs: - - "patch" - - apiGroups: - - "" - resources: - - events - verbs: - - "create" - - "patch" - - apiGroups: - - coordination.k8s.io - resources: - - leases - verbs: - - get - - list - - watch - - create - - update - - patch - ---- -# Copyright 2019 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -# Use this aggregated ClusterRole when you need readonly access to "PodSpecables" -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRole -metadata: - name: podspecable-binding - labels: - eventing.knative.dev/release: "v1.8.4" - app.kubernetes.io/version: "1.8.4" - app.kubernetes.io/name: knative-eventing -aggregationRule: - clusterRoleSelectors: - - matchLabels: - duck.knative.dev/podspecable: "true" -rules: [] # Rules are automatically filled in by the controller manager. ---- -kind: ClusterRole -apiVersion: rbac.authorization.k8s.io/v1 -metadata: - name: builtin-podspecable-binding - labels: - eventing.knative.dev/release: "v1.8.4" - duck.knative.dev/podspecable: "true" - app.kubernetes.io/version: "1.8.4" - app.kubernetes.io/name: knative-eventing -# Do not use this role directly. These rules will be added to the "podspecable-binding role. -rules: - # To patch the subjects of our bindings - - apiGroups: - - "apps" - resources: - - "deployments" - - "daemonsets" - - "statefulsets" - - "replicasets" - verbs: - - "list" - - "watch" - - "patch" - - apiGroups: - - "batch" - resources: - - "jobs" - verbs: - - "list" - - "watch" - - "patch" - ---- -# Copyright 2019 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -# Use this aggregated ClusterRole when you need to read "Sources". -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRole -metadata: - name: source-observer - labels: - eventing.knative.dev/release: "v1.8.4" - app.kubernetes.io/version: "1.8.4" - app.kubernetes.io/name: knative-eventing -aggregationRule: - clusterRoleSelectors: - - matchLabels: - duck.knative.dev/source: "true" -rules: [] # Rules are automatically filled in by the controller manager. ---- -kind: ClusterRole -apiVersion: rbac.authorization.k8s.io/v1 -metadata: - name: eventing-sources-source-observer - labels: - eventing.knative.dev/release: "v1.8.4" - duck.knative.dev/source: "true" - app.kubernetes.io/version: "1.8.4" - app.kubernetes.io/name: knative-eventing -# Do not use this role directly. These rules will be added to the "source-observer" role. -rules: - - apiGroups: - - sources.knative.dev - resources: - - apiserversources - - pingsources - - sinkbindings - - containersources - verbs: - - get - - list - - watch - ---- -# Copyright 2019 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRole -metadata: - name: knative-eventing-sources-controller - labels: - eventing.knative.dev/release: "v1.8.4" - app.kubernetes.io/version: "1.8.4" - app.kubernetes.io/name: knative-eventing -rules: - - apiGroups: - - "" - resources: - - "secrets" - - "configmaps" - - "services" - verbs: &everything - - "get" - - "list" - - "create" - - "update" - - "delete" - - "patch" - - "watch" - # Deployments admin - - apiGroups: - - "apps" - resources: - - "deployments" - verbs: *everything - # Source resources and statuses we care about. - - apiGroups: - - "sources.knative.dev" - resources: - - "sinkbindings" - - "sinkbindings/status" - - "sinkbindings/finalizers" - - "apiserversources" - - "apiserversources/status" - - "apiserversources/finalizers" - - "pingsources" - - "pingsources/status" - - "pingsources/finalizers" - - "containersources" - - "containersources/status" - - "containersources/finalizers" - verbs: *everything - # Knative Services admin - - apiGroups: - - serving.knative.dev - resources: - - services - verbs: *everything - # EventTypes admin - - apiGroups: - - eventing.knative.dev - resources: - - eventtypes - verbs: *everything - # Events admin - - apiGroups: - - "" - resources: - - events - verbs: *everything - # Authorization checker - - apiGroups: - - authorization.k8s.io - resources: - - subjectaccessreviews - verbs: - - create - ---- -# Copyright 2019 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRole -metadata: - name: knative-eventing-webhook - labels: - eventing.knative.dev/release: "v1.8.4" - app.kubernetes.io/version: "1.8.4" - app.kubernetes.io/name: knative-eventing -rules: - # For watching logging configuration and getting certs. - - apiGroups: - - "" - resources: - - "configmaps" - verbs: - - "get" - - "list" - - "watch" - # For manipulating certs into secrets. - - apiGroups: - - "" - resources: - - "namespaces" - verbs: - - "get" - - "create" - - "update" - - "list" - - "watch" - - "patch" - # finalizers are needed for the owner reference of the webhook - - apiGroups: - - "" - resources: - - "namespaces/finalizers" - verbs: - - "update" - # For getting our Deployment so we can decorate with ownerref. - - apiGroups: - - "apps" - resources: - - "deployments" - verbs: - - "get" - - apiGroups: - - "apps" - resources: - - "deployments/finalizers" - verbs: - - update - # For actually registering our webhook. - - apiGroups: - - "admissionregistration.k8s.io" - resources: - - "mutatingwebhookconfigurations" - - "validatingwebhookconfigurations" - verbs: &everything - - "get" - - "list" - - "create" - - "update" - - "delete" - - "patch" - - "watch" - # For running the SinkBinding reconciler. - - apiGroups: - - "sources.knative.dev" - resources: - - "sinkbindings" - - "sinkbindings/status" - - "sinkbindings/finalizers" - verbs: *everything - # For leader election - - apiGroups: - - "coordination.k8s.io" - resources: - - "leases" - verbs: *everything - # Necessary for conversion webhook. These are copied from the serving - # TODO: Do we really need all these permissions? - - apiGroups: ["apiextensions.k8s.io"] - resources: ["customresourcedefinitions"] - verbs: ["get", "list", "create", "update", "delete", "patch", "watch"] - ---- -# Copyright 2020 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: rbac.authorization.k8s.io/v1 -kind: Role -metadata: - namespace: knative-eventing - name: knative-eventing-webhook - labels: - eventing.knative.dev/release: "v1.8.4" - app.kubernetes.io/version: "1.8.4" - app.kubernetes.io/name: knative-eventing -rules: - # For manipulating certs into secrets. - - apiGroups: - - "" - resources: - - "secrets" - verbs: - - "get" - - "create" - - "update" - - "list" - - "watch" - - "patch" - ---- -# Copyright 2018 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: admissionregistration.k8s.io/v1 -kind: ValidatingWebhookConfiguration -metadata: - name: config.webhook.eventing.knative.dev - labels: - eventing.knative.dev/release: "v1.8.4" - app.kubernetes.io/version: "1.8.4" - app.kubernetes.io/name: knative-eventing -webhooks: - - admissionReviewVersions: ["v1", "v1beta1"] - clientConfig: - service: - name: eventing-webhook - namespace: knative-eventing - sideEffects: None - failurePolicy: Ignore - name: config.webhook.eventing.knative.dev - namespaceSelector: - matchExpressions: - - key: eventing.knative.dev/release - operator: Exists - timeoutSeconds: 10 - ---- -# Copyright 2018 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: admissionregistration.k8s.io/v1 -kind: MutatingWebhookConfiguration -metadata: - name: webhook.eventing.knative.dev - labels: - eventing.knative.dev/release: "v1.8.4" - app.kubernetes.io/version: "1.8.4" - app.kubernetes.io/name: knative-eventing -webhooks: - - admissionReviewVersions: ["v1", "v1beta1"] - clientConfig: - service: - name: eventing-webhook - namespace: knative-eventing - sideEffects: None - failurePolicy: Fail - name: webhook.eventing.knative.dev - timeoutSeconds: 10 - ---- -# Copyright 2018 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: admissionregistration.k8s.io/v1 -kind: ValidatingWebhookConfiguration -metadata: - name: validation.webhook.eventing.knative.dev - labels: - eventing.knative.dev/release: "v1.8.4" - app.kubernetes.io/version: "1.8.4" - app.kubernetes.io/name: knative-eventing -webhooks: - - admissionReviewVersions: ["v1", "v1beta1"] - clientConfig: - service: - name: eventing-webhook - namespace: knative-eventing - sideEffects: None - failurePolicy: Fail - name: validation.webhook.eventing.knative.dev - timeoutSeconds: 10 - ---- -# Copyright 2018 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: v1 -kind: Secret -metadata: - name: eventing-webhook-certs - namespace: knative-eventing - labels: - eventing.knative.dev/release: "v1.8.4" - app.kubernetes.io/version: "1.8.4" - app.kubernetes.io/name: knative-eventing -# The data is populated at install time. - ---- -# Copyright 2018 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: admissionregistration.k8s.io/v1 -kind: MutatingWebhookConfiguration -metadata: - name: sinkbindings.webhook.sources.knative.dev - labels: - eventing.knative.dev/release: "v1.8.4" - app.kubernetes.io/version: "1.8.4" - app.kubernetes.io/name: knative-eventing -webhooks: - - admissionReviewVersions: ["v1", "v1beta1"] - clientConfig: - service: - name: eventing-webhook - namespace: knative-eventing - failurePolicy: Fail - sideEffects: None - name: sinkbindings.webhook.sources.knative.dev - timeoutSeconds: 10 - ---- diff --git a/cmd/operator/kodata/knative-eventing/1.8.4/3-in-memory-channel.yaml b/cmd/operator/kodata/knative-eventing/1.8.4/3-in-memory-channel.yaml deleted file mode 100644 index b4f311ddd5..0000000000 --- a/cmd/operator/kodata/knative-eventing/1.8.4/3-in-memory-channel.yaml +++ /dev/null @@ -1,1215 +0,0 @@ -# Copyright 2021 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: v1 -kind: ServiceAccount -metadata: - name: imc-controller - namespace: knative-eventing - labels: - eventing.knative.dev/release: "v1.8.4" - app.kubernetes.io/version: "1.8.4" - app.kubernetes.io/name: knative-eventing ---- -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRoleBinding -metadata: - name: imc-controller - labels: - eventing.knative.dev/release: "v1.8.4" - app.kubernetes.io/version: "1.8.4" - app.kubernetes.io/name: knative-eventing -subjects: - - kind: ServiceAccount - name: imc-controller - namespace: knative-eventing -roleRef: - kind: ClusterRole - name: imc-controller - apiGroup: rbac.authorization.k8s.io ---- -apiVersion: rbac.authorization.k8s.io/v1 -kind: RoleBinding -metadata: - namespace: knative-eventing - name: imc-controller - labels: - eventing.knative.dev/release: "v1.8.4" - app.kubernetes.io/version: "1.8.4" - app.kubernetes.io/name: knative-eventing -subjects: - - kind: ServiceAccount - name: imc-controller - namespace: knative-eventing -roleRef: - kind: Role - name: knative-inmemorychannel-webhook - apiGroup: rbac.authorization.k8s.io ---- -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRoleBinding -metadata: - name: imc-controller-resolver - labels: - eventing.knative.dev/release: "v1.8.4" - app.kubernetes.io/version: "1.8.4" - app.kubernetes.io/name: knative-eventing -subjects: - - kind: ServiceAccount - name: imc-controller - namespace: knative-eventing -roleRef: - kind: ClusterRole - name: addressable-resolver - apiGroup: rbac.authorization.k8s.io - ---- -# Copyright 2021 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: v1 -kind: ServiceAccount -metadata: - name: imc-dispatcher - namespace: knative-eventing - labels: - eventing.knative.dev/release: "v1.8.4" - app.kubernetes.io/version: "1.8.4" - app.kubernetes.io/name: knative-eventing ---- -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRoleBinding -metadata: - name: imc-dispatcher - labels: - eventing.knative.dev/release: "v1.8.4" - app.kubernetes.io/version: "1.8.4" - app.kubernetes.io/name: knative-eventing -subjects: - - kind: ServiceAccount - name: imc-dispatcher - namespace: knative-eventing -roleRef: - kind: ClusterRole - name: imc-dispatcher - apiGroup: rbac.authorization.k8s.io - ---- -# Copyright 2020 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: v1 -kind: ConfigMap -metadata: - name: config-imc-event-dispatcher - namespace: knative-eventing - labels: - eventing.knative.dev/release: "v1.8.4" - app.kubernetes.io/component: imc-controller - app.kubernetes.io/version: "1.8.4" - app.kubernetes.io/name: knative-eventing -data: - MaxIdleConnections: "1000" - MaxIdleConnectionsPerHost: "100" - ---- -# Copyright 2019 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: v1 -kind: ConfigMap -metadata: - name: config-observability - namespace: knative-eventing - labels: - eventing.knative.dev/release: "v1.8.4" - knative.dev/config-propagation: original - knative.dev/config-category: eventing - app.kubernetes.io/version: "1.8.4" - app.kubernetes.io/name: knative-eventing - annotations: - knative.dev/example-checksum: "f46cf09d" -data: - _example: | - ################################ - # # - # EXAMPLE CONFIGURATION # - # # - ################################ - - # This block is not actually functional configuration, - # but serves to illustrate the available configuration - # options and document them in a way that is accessible - # to users that `kubectl edit` this config map. - # - # These sample configuration options may be copied out of - # this example block and unindented to be in the data block - # to actually change the configuration. - - # metrics.backend-destination field specifies the system metrics destination. - # It supports either prometheus (the default) or stackdriver. - # Note: Using stackdriver will incur additional charges - metrics.backend-destination: prometheus - - # metrics.request-metrics-backend-destination specifies the request metrics - # destination. If non-empty, it enables queue proxy to send request metrics. - # Currently supported values: prometheus, stackdriver. - metrics.request-metrics-backend-destination: prometheus - - # metrics.stackdriver-project-id field specifies the stackdriver project ID. This - # field is optional. When running on GCE, application default credentials will be - # used if this field is not provided. - metrics.stackdriver-project-id: "" - - # metrics.allow-stackdriver-custom-metrics indicates whether it is allowed to send metrics to - # Stackdriver using "global" resource type and custom metric type if the - # metrics are not supported by "knative_broker", "knative_trigger", and "knative_source" resource types. - # Setting this flag to "true" could cause extra Stackdriver charge. - # If metrics.backend-destination is not Stackdriver, this is ignored. - metrics.allow-stackdriver-custom-metrics: "false" - - # profiling.enable indicates whether it is allowed to retrieve runtime profiling data from - # the pods via an HTTP server in the format expected by the pprof visualization tool. When - # enabled, the Knative Eventing pods expose the profiling data on an alternate HTTP port 8008. - # The HTTP context root for profiling is then /debug/pprof/. - profiling.enable: "false" - - # sink-event-error-reporting.enable whether the adapter reports a kube event to the CRD indicating - # a failure to send a cloud event to the sink. - sink-event-error-reporting.enable: "false" - ---- -# Copyright 2019 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: v1 -kind: ConfigMap -metadata: - name: config-tracing - namespace: knative-eventing - labels: - eventing.knative.dev/release: "v1.8.4" - knative.dev/config-propagation: original - knative.dev/config-category: eventing - app.kubernetes.io/version: "1.8.4" - app.kubernetes.io/name: knative-eventing - annotations: - knative.dev/example-checksum: "0492ceb0" -data: - _example: | - ################################ - # # - # EXAMPLE CONFIGURATION # - # # - ################################ - # This block is not actually functional configuration, - # but serves to illustrate the available configuration - # options and document them in a way that is accessible - # to users that `kubectl edit` this config map. - # - # These sample configuration options may be copied out of - # this example block and unindented to be in the data block - # to actually change the configuration. - # - # This may be "zipkin" or "none". the default is "none" - backend: "none" - - # URL to zipkin collector where traces are sent. - # This must be specified when backend is "zipkin" - zipkin-endpoint: "http://zipkin.istio-system.svc.cluster.local:9411/api/v2/spans" - - # Enable zipkin debug mode. This allows all spans to be sent to the server - # bypassing sampling. - debug: "false" - - # Percentage (0-1) of requests to trace - sample-rate: "0.1" - ---- -# Copyright 2019 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: apps/v1 -kind: Deployment -metadata: - name: imc-controller - namespace: knative-eventing - labels: - eventing.knative.dev/release: "v1.8.4" - knative.dev/high-availability: "true" - app.kubernetes.io/component: imc-controller - app.kubernetes.io/version: "1.8.4" - app.kubernetes.io/name: knative-eventing -spec: - selector: - matchLabels: &labels - messaging.knative.dev/channel: in-memory-channel - messaging.knative.dev/role: controller - template: - metadata: - labels: - !!merge <<: *labels - app.kubernetes.io/component: imc-controller - app.kubernetes.io/version: "1.8.4" - app.kubernetes.io/name: knative-eventing - spec: - affinity: - podAntiAffinity: - preferredDuringSchedulingIgnoredDuringExecution: - - podAffinityTerm: - labelSelector: - matchLabels: *labels - topologyKey: kubernetes.io/hostname - weight: 100 - serviceAccountName: imc-controller - enableServiceLinks: false - containers: - - name: controller - image: gcr.io/knative-releases/knative.dev/eventing/cmd/in_memory/channel_controller@sha256:ffd5710874d53f32de42d866f60a6601a2f01a127e1e2fe9d6a42189dc21e9c2 - env: - - name: WEBHOOK_NAME - value: inmemorychannel-webhook - - name: WEBHOOK_PORT - value: "8443" - - name: CONFIG_LOGGING_NAME - value: config-logging - - name: CONFIG_OBSERVABILITY_NAME - value: config-observability - - name: METRICS_DOMAIN - value: knative.dev/inmemorychannel-controller - - name: SYSTEM_NAMESPACE - valueFrom: - fieldRef: - fieldPath: metadata.namespace - - name: DISPATCHER_IMAGE - value: gcr.io/knative-releases/knative.dev/eventing/cmd/in_memory/channel_dispatcher@sha256:7d904a17ca3a03fb3283ff4d3ef5ac7aaf9924cb3fe026f762b4cc89364defc4 - - name: POD_NAME - valueFrom: - fieldRef: - fieldPath: metadata.name - securityContext: - allowPrivilegeEscalation: false - readOnlyRootFilesystem: true - runAsNonRoot: true - capabilities: - drop: - - ALL - seccompProfile: - type: RuntimeDefault - ports: - - name: metrics - containerPort: 9090 - - name: profiling - containerPort: 8008 - - name: https-webhook - containerPort: 8443 - readinessProbe: &probe - periodSeconds: 1 - httpGet: - scheme: HTTPS - port: 8443 - httpHeaders: - - name: k-kubelet-probe - value: "webhook" - livenessProbe: - !!merge <<: *probe - initialDelaySeconds: 120 - # Our webhook should gracefully terminate by lame ducking first, set this to a sufficiently - # high value that we respect whatever value it has configured for the lame duck grace period. - terminationGracePeriodSeconds: 300 ---- -apiVersion: v1 -kind: Service -metadata: - labels: - app.kubernetes.io/component: imc-controller - app.kubernetes.io/version: "1.8.4" - app.kubernetes.io/name: knative-eventing - eventing.knative.dev/release: "v1.8.4" - name: inmemorychannel-webhook - namespace: knative-eventing -spec: - ports: - - name: https-webhook - port: 443 - targetPort: 8443 - - name: http-metrics - port: 9090 - targetPort: 9090 - - name: http-profiling - port: 8008 - targetPort: 8008 - selector: - messaging.knative.dev/channel: in-memory-channel - messaging.knative.dev/role: controller - ---- -# Copyright 2019 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -apiVersion: v1 -kind: Service -metadata: - name: imc-dispatcher - namespace: knative-eventing - labels: - eventing.knative.dev/release: "v1.8.4" - messaging.knative.dev/channel: in-memory-channel - messaging.knative.dev/role: dispatcher - app.kubernetes.io/component: imc-dispatcher - app.kubernetes.io/version: "1.8.4" - app.kubernetes.io/name: knative-eventing -spec: - selector: - messaging.knative.dev/channel: in-memory-channel - messaging.knative.dev/role: dispatcher - ports: - - name: http-dispatcher - port: 80 - protocol: TCP - targetPort: 8080 - - name: http-metrics - port: 9090 - targetPort: 9090 - ---- -# Copyright 2019 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: apps/v1 -kind: Deployment -metadata: - name: imc-dispatcher - namespace: knative-eventing - labels: - eventing.knative.dev/release: "v1.8.4" - knative.dev/high-availability: "true" - app.kubernetes.io/component: imc-dispatcher - app.kubernetes.io/version: "1.8.4" - app.kubernetes.io/name: knative-eventing -spec: - selector: - matchLabels: &labels - messaging.knative.dev/channel: in-memory-channel - messaging.knative.dev/role: dispatcher - template: - metadata: - labels: - !!merge <<: *labels - app.kubernetes.io/component: imc-dispatcher - app.kubernetes.io/version: "1.8.4" - app.kubernetes.io/name: knative-eventing - spec: - affinity: - podAntiAffinity: - preferredDuringSchedulingIgnoredDuringExecution: - - podAffinityTerm: - labelSelector: - matchLabels: *labels - topologyKey: kubernetes.io/hostname - weight: 100 - serviceAccountName: imc-dispatcher - enableServiceLinks: false - containers: - - name: dispatcher - image: gcr.io/knative-releases/knative.dev/eventing/cmd/in_memory/channel_dispatcher@sha256:7d904a17ca3a03fb3283ff4d3ef5ac7aaf9924cb3fe026f762b4cc89364defc4 - readinessProbe: &probe - failureThreshold: 3 - httpGet: - path: /healthz - port: 8080 - scheme: HTTP - periodSeconds: 2 - successThreshold: 1 - timeoutSeconds: 1 - livenessProbe: - !!merge <<: *probe - initialDelaySeconds: 5 - env: - - name: CONFIG_LOGGING_NAME - value: config-logging - - name: CONFIG_OBSERVABILITY_NAME - value: config-observability - - name: METRICS_DOMAIN - value: knative.dev/inmemorychannel-dispatcher - - name: SYSTEM_NAMESPACE - valueFrom: - fieldRef: - fieldPath: metadata.namespace - - name: POD_NAME - valueFrom: - fieldRef: - fieldPath: metadata.name - - name: CONTAINER_NAME - value: dispatcher - - name: MAX_IDLE_CONNS - value: "1000" - - name: MAX_IDLE_CONNS_PER_HOST - value: "1000" - ports: - - containerPort: 8080 - name: http - protocol: TCP - - containerPort: 9090 - name: metrics - securityContext: - allowPrivilegeEscalation: false - readOnlyRootFilesystem: true - runAsNonRoot: true - capabilities: - drop: - - ALL - seccompProfile: - type: RuntimeDefault - ---- -# Copyright 2019 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - name: inmemorychannels.messaging.knative.dev - labels: - eventing.knative.dev/release: "v1.8.4" - knative.dev/crd-install: "true" - messaging.knative.dev/subscribable: "true" - duck.knative.dev/addressable: "true" - app.kubernetes.io/version: "1.8.4" - app.kubernetes.io/name: knative-eventing -spec: - group: messaging.knative.dev - versions: - - name: v1 - served: true - storage: true - subresources: - status: {} - schema: - openAPIV3Schema: - description: 'InMemoryChannel is a resource representing an in memory channel' - type: object - properties: - spec: - description: Spec defines the desired state of the Channel. - type: object - properties: - delivery: - description: DeliverySpec contains the default delivery spec for each subscription to this Channelable. Each subscription delivery spec, if any, overrides this global delivery spec. - type: object - properties: - backoffDelay: - description: 'BackoffDelay is the delay before retrying. More information on Duration format: - https://www.iso.org/iso-8601-date-and-time-format.html - https://en.wikipedia.org/wiki/ISO_8601 For linear policy, backoff delay is backoffDelay*. For exponential policy, backoff delay is backoffDelay*2^.' - type: string - backoffPolicy: - description: BackoffPolicy is the retry backoff policy (linear, exponential). - type: string - deadLetterSink: - description: DeadLetterSink is the sink receiving event that could not be sent to a destination. - type: object - properties: - ref: - description: Ref points to an Addressable. - type: object - properties: - apiVersion: - description: API version of the referent. - type: string - kind: - description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - namespace: - description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ This is optional field, it gets defaulted to the object holding it if left out.' - type: string - uri: - description: URI can be an absolute URL(non-empty scheme and non-empty host) pointing to the target or a relative URI. Relative URIs will be resolved using the base URI retrieved from Ref. - type: string - retry: - description: Retry is the minimum number of retries the sender should attempt when sending an event before moving it to the dead letter sink. - type: integer - format: int32 - x-kubernetes-preserve-unknown-fields: true # This is necessary to enable the experimental feature delivery-timeout - subscribers: - description: This is the list of subscriptions for this subscribable. - type: array - items: - type: object - properties: - delivery: - description: DeliverySpec contains options controlling the event delivery - type: object - properties: - backoffDelay: - description: 'BackoffDelay is the delay before retrying. More information on Duration format: - https://www.iso.org/iso-8601-date-and-time-format.html - https://en.wikipedia.org/wiki/ISO_8601 For linear policy, backoff delay is backoffDelay*. For exponential policy, backoff delay is backoffDelay*2^.' - type: string - backoffPolicy: - description: BackoffPolicy is the retry backoff policy (linear, exponential). - type: string - deadLetterSink: - description: DeadLetterSink is the sink receiving event that could not be sent to a destination. - type: object - properties: - ref: - description: Ref points to an Addressable. - type: object - properties: - apiVersion: - description: API version of the referent. - type: string - kind: - description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - namespace: - description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ This is optional field, it gets defaulted to the object holding it if left out.' - type: string - uri: - description: URI can be an absolute URL(non-empty scheme and non-empty host) pointing to the target or a relative URI. Relative URIs will be resolved using the base URI retrieved from Ref. - type: string - retry: - description: Retry is the minimum number of retries the sender should attempt when sending an event before moving it to the dead letter sink. - type: integer - format: int32 - x-kubernetes-preserve-unknown-fields: true # This is necessary to enable the experimental feature - generation: - description: Generation of the origin of the subscriber with uid:UID. - type: integer - format: int64 - replyUri: - description: ReplyURI is the endpoint for the reply - type: string - subscriberUri: - description: SubscriberURI is the endpoint for the subscriber - type: string - uid: - description: UID is used to understand the origin of the subscriber. - type: string - status: - description: Status represents the current state of the Channel. This data may be out of date. - type: object - properties: - address: - type: object - properties: - url: - type: string - annotations: - description: Annotations is additional Status fields for the Resource to save some additional State as well as convey more information to the user. This is roughly akin to Annotations on any k8s resource, just the reconciler conveying richer information outwards. - type: object - x-kubernetes-preserve-unknown-fields: true - conditions: - description: Conditions the latest available observations of a resource's current state. - type: array - items: - type: object - required: - - type - - status - properties: - lastTransitionTime: - description: LastTransitionTime is the last time the condition transitioned from one status to another. We use VolatileTime in place of metav1.Time to exclude this from creating equality.Semantic differences (all other things held constant). - type: string - message: - description: A human readable message indicating details about the transition. - type: string - reason: - description: The reason for the condition's last transition. - type: string - severity: - description: Severity with which to treat failures of this type of condition. When this is not specified, it defaults to Error. - type: string - status: - description: Status of the condition, one of True, False, Unknown. - type: string - type: - description: Type of condition. - type: string - deadLetterChannel: - description: DeadLetterChannel is a KReference and is set by the channel when it supports native error handling via a channel Failed messages are delivered here. - type: object - properties: - apiVersion: - description: API version of the referent. - type: string - kind: - description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - namespace: - description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ This is optional field, it gets defaulted to the object holding it if left out.' - type: string - deadLetterSinkUri: - description: DeadLetterSinkURI is the resolved URI of the dead letter ref if one is specified in the Spec.Delivery. - type: string - observedGeneration: - description: ObservedGeneration is the 'Generation' of the Service that was last processed by the controller. - type: integer - format: int64 - subscribers: - description: This is the list of subscription's statuses for this channel. - type: array - items: - type: object - properties: - message: - description: A human readable message indicating details of Ready status. - type: string - observedGeneration: - description: Generation of the origin of the subscriber with uid:UID. - type: integer - format: int64 - ready: - description: Status of the subscriber. - type: string - uid: - description: UID is used to understand the origin of the subscriber. - type: string - additionalPrinterColumns: - - name: URL - type: string - jsonPath: .status.address.url - - name: Age - type: date - jsonPath: .metadata.creationTimestamp - - name: Ready - type: string - jsonPath: ".status.conditions[?(@.type==\"Ready\")].status" - - name: Reason - type: string - jsonPath: ".status.conditions[?(@.type==\"Ready\")].reason" - names: - kind: InMemoryChannel - plural: inmemorychannels - singular: inmemorychannel - categories: - - all - - knative - - messaging - - channel - shortNames: - - imc - scope: Namespaced - ---- -# Copyright 2019 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRole -metadata: - name: imc-addressable-resolver - labels: - eventing.knative.dev/release: "v1.8.4" - duck.knative.dev/addressable: "true" - app.kubernetes.io/version: "1.8.4" - app.kubernetes.io/name: knative-eventing -# Do not use this role directly. These rules will be added to the "addressable-resolver" role. -rules: - - apiGroups: - - messaging.knative.dev - resources: - - inmemorychannels - - inmemorychannels/status - verbs: - - get - - list - - watch - ---- -# Copyright 2019 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRole -metadata: - name: imc-channelable-manipulator - labels: - eventing.knative.dev/release: "v1.8.4" - duck.knative.dev/channelable: "true" - app.kubernetes.io/version: "1.8.4" - app.kubernetes.io/name: knative-eventing -# Do not use this role directly. These rules will be added to the "channelable-manipulator" role. -rules: - - apiGroups: - - messaging.knative.dev - resources: - - inmemorychannels - - inmemorychannels/status - verbs: - - create - - get - - list - - watch - - update - - patch - - delete - ---- -# Copyright 2019 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRole -metadata: - name: imc-controller - labels: - eventing.knative.dev/release: "v1.8.4" - app.kubernetes.io/version: "1.8.4" - app.kubernetes.io/name: knative-eventing -rules: - - apiGroups: - - messaging.knative.dev - resources: - - inmemorychannels - - inmemorychannels/status - verbs: - - get - - list - - watch - - update - - apiGroups: - - messaging.knative.dev - resources: - - inmemorychannels/finalizers - verbs: - - update - - apiGroups: - - messaging.knative.dev - resources: - - inmemorychannels/finalizers - - inmemorychannels/status - - inmemorychannels - verbs: - - patch - - apiGroups: - - "" - resources: - - services - - serviceaccounts - verbs: &everything - - get - - list - - watch - - create - - update - - patch - - apiGroups: - - "" - resources: - - endpoints - verbs: - - get - - list - - watch - - apiGroups: - - "rbac.authorization.k8s.io" - resources: - - rolebindings - verbs: *everything - - apiGroups: - - apps - resources: - - deployments - verbs: *everything - - apiGroups: - - apps - resources: - - deployments/status - verbs: - - get - - list - - watch - - apiGroups: - - "" - resources: - - configmaps - verbs: - - get - - list - - watch - - apiGroups: - - "" - resources: - - events - verbs: - - create - - patch - - apiGroups: - - coordination.k8s.io - resources: - - leases - verbs: *everything - # For actually registering our webhook. - - apiGroups: - - "admissionregistration.k8s.io" - resources: - - "mutatingwebhookconfigurations" - - "validatingwebhookconfigurations" - verbs: &everything - - "get" - - "list" - - "create" - - "update" - - "delete" - - "patch" - - "watch" - # For manipulating certs into secrets. - - apiGroups: - - "" - resources: - - "namespaces" - verbs: - - "get" - - "create" - - "update" - - "list" - - "watch" - - "patch" - # finalizers are needed for the owner reference of the webhook - - apiGroups: - - "" - resources: - - "namespaces/finalizers" - verbs: - - "update" - ---- -# Copyright 2019 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRole -metadata: - name: imc-dispatcher - labels: - eventing.knative.dev/release: "v1.8.4" - app.kubernetes.io/version: "1.8.4" - app.kubernetes.io/name: knative-eventing -rules: - - apiGroups: - - messaging.knative.dev - resources: - - inmemorychannels - - inmemorychannels/status - verbs: - - get - - list - - watch - - apiGroups: - - "" # Core API group. - resources: - - configmaps - verbs: - - get - - list - - watch - - apiGroups: - - "" - resources: - - events - verbs: - - create - - patch - # Updates the finalizer so we can remove our handlers when channel is deleted - # Patches the status.subscribers to reflect when the subscription dataplane has been - # configured. - - apiGroups: - - messaging.knative.dev - resources: - - inmemorychannels/finalizers - - inmemorychannels/status - - inmemorychannels - verbs: - - patch - - apiGroups: - - coordination.k8s.io - resources: - - leases - verbs: - - get - - list - - watch - - create - - update - - patch - ---- -# Copyright 2020 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: rbac.authorization.k8s.io/v1 -kind: Role -metadata: - namespace: knative-eventing - name: knative-inmemorychannel-webhook - labels: - eventing.knative.dev/release: "v1.8.4" - app.kubernetes.io/version: "1.8.4" - app.kubernetes.io/name: knative-eventing -rules: - # For manipulating certs into secrets. - - apiGroups: - - "" - resources: - - "secrets" - verbs: - - "get" - - "create" - - "update" - - "list" - - "watch" - - "patch" - ---- -# Copyright 2021 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: admissionregistration.k8s.io/v1 -kind: MutatingWebhookConfiguration -metadata: - name: inmemorychannel.eventing.knative.dev - labels: - eventing.knative.dev/release: "v1.8.4" - app.kubernetes.io/version: "1.8.4" - app.kubernetes.io/name: knative-eventing -webhooks: - - admissionReviewVersions: ["v1"] - clientConfig: - service: - name: inmemorychannel-webhook - namespace: knative-eventing - sideEffects: None - failurePolicy: Fail - name: inmemorychannel.eventing.knative.dev - timeoutSeconds: 10 - ---- -# Copyright 2021 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: admissionregistration.k8s.io/v1 -kind: ValidatingWebhookConfiguration -metadata: - name: validation.inmemorychannel.eventing.knative.dev - labels: - eventing.knative.dev/release: "v1.8.4" - app.kubernetes.io/version: "1.8.4" - app.kubernetes.io/name: knative-eventing -webhooks: - - admissionReviewVersions: ["v1"] - clientConfig: - service: - name: inmemorychannel-webhook - namespace: knative-eventing - sideEffects: None - failurePolicy: Fail - name: validation.inmemorychannel.eventing.knative.dev - timeoutSeconds: 10 - ---- -# Copyright 2021 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: v1 -kind: Secret -metadata: - name: inmemorychannel-webhook-certs - namespace: knative-eventing - labels: - eventing.knative.dev/release: "v1.8.4" - app.kubernetes.io/version: "1.8.4" - app.kubernetes.io/name: knative-eventing -# The data is populated at install time. - ---- diff --git a/cmd/operator/kodata/knative-eventing/1.8.4/4-mt-channel-broker.yaml b/cmd/operator/kodata/knative-eventing/1.8.4/4-mt-channel-broker.yaml deleted file mode 100644 index 7825e1b824..0000000000 --- a/cmd/operator/kodata/knative-eventing/1.8.4/4-mt-channel-broker.yaml +++ /dev/null @@ -1,675 +0,0 @@ -# Copyright 2020 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRole -metadata: - name: knative-eventing-mt-channel-broker-controller - labels: - eventing.knative.dev/release: "v1.8.4" - app.kubernetes.io/version: "1.8.4" - app.kubernetes.io/name: knative-eventing -rules: - # Configs resources and status we care about. - - apiGroups: - - "" - resources: - - "namespaces/finalizers" - verbs: - - "update" - - apiGroups: - - coordination.k8s.io - resources: - - leases - verbs: - - "get" - - "list" - - "create" - - "update" - - "delete" - - "patch" - - "watch" - ---- -# Copyright 2020 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRole -metadata: - name: knative-eventing-mt-broker-filter - labels: - eventing.knative.dev/release: "v1.8.4" - app.kubernetes.io/version: "1.8.4" - app.kubernetes.io/name: knative-eventing -rules: - - apiGroups: - - eventing.knative.dev - resources: - - triggers - - triggers/status - verbs: - - get - - list - - watch - - apiGroups: - - "" - resources: - - "configmaps" - verbs: - - get - - list - - watch - ---- -# Copyright 2020 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -apiVersion: v1 -kind: ServiceAccount -metadata: - name: mt-broker-filter - namespace: knative-eventing - labels: - eventing.knative.dev/release: "v1.8.4" - app.kubernetes.io/version: "1.8.4" - app.kubernetes.io/name: knative-eventing - ---- -# Copyright 2020 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRole -metadata: - name: knative-eventing-mt-broker-ingress - labels: - eventing.knative.dev/release: "v1.8.4" - app.kubernetes.io/version: "1.8.4" - app.kubernetes.io/name: knative-eventing -rules: - - apiGroups: - - eventing.knative.dev - resources: - - brokers - verbs: - - get - - list - - watch - - apiGroups: - - "" - resources: - - "configmaps" - verbs: - - get - - list - - watch - ---- -# Copyright 2020 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -apiVersion: v1 -kind: ServiceAccount -metadata: - name: mt-broker-ingress - namespace: knative-eventing - labels: - eventing.knative.dev/release: "v1.8.4" - app.kubernetes.io/version: "1.8.4" - app.kubernetes.io/name: knative-eventing - ---- -# Copyright 2020 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRoleBinding -metadata: - name: eventing-mt-channel-broker-controller - labels: - eventing.knative.dev/release: "v1.8.4" - app.kubernetes.io/version: "1.8.4" - app.kubernetes.io/name: knative-eventing -subjects: - - kind: ServiceAccount - name: eventing-controller - namespace: knative-eventing -roleRef: - kind: ClusterRole - name: knative-eventing-mt-channel-broker-controller - apiGroup: rbac.authorization.k8s.io - ---- -# Copyright 2020 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRoleBinding -metadata: - name: knative-eventing-mt-broker-filter - labels: - eventing.knative.dev/release: "v1.8.4" - app.kubernetes.io/version: "1.8.4" - app.kubernetes.io/name: knative-eventing -subjects: - - kind: ServiceAccount - name: mt-broker-filter - namespace: knative-eventing -roleRef: - kind: ClusterRole - name: knative-eventing-mt-broker-filter - apiGroup: rbac.authorization.k8s.io - ---- -# Copyright 2020 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRoleBinding -metadata: - name: knative-eventing-mt-broker-ingress - labels: - eventing.knative.dev/release: "v1.8.4" - app.kubernetes.io/version: "1.8.4" - app.kubernetes.io/name: knative-eventing -subjects: - - kind: ServiceAccount - name: mt-broker-ingress - namespace: knative-eventing -roleRef: - kind: ClusterRole - name: knative-eventing-mt-broker-ingress - apiGroup: rbac.authorization.k8s.io - ---- -# Copyright 2020 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: apps/v1 -kind: Deployment -metadata: - name: mt-broker-filter - namespace: knative-eventing - labels: - eventing.knative.dev/release: "v1.8.4" - app.kubernetes.io/component: broker-filter - app.kubernetes.io/version: "1.8.4" - app.kubernetes.io/name: knative-eventing -spec: - selector: - matchLabels: - eventing.knative.dev/brokerRole: filter - template: - metadata: - labels: - eventing.knative.dev/brokerRole: filter - eventing.knative.dev/release: "v1.8.4" - app.kubernetes.io/component: broker-filter - app.kubernetes.io/version: "1.8.4" - app.kubernetes.io/name: knative-eventing - spec: - serviceAccountName: mt-broker-filter - enableServiceLinks: false - containers: - - name: filter - terminationMessagePolicy: FallbackToLogsOnError - image: gcr.io/knative-releases/knative.dev/eventing/cmd/broker/filter@sha256:da62df1f9a8eefdf514f9f18c6156738d37140b7fe420665fbdb1d68211c6c62 - readinessProbe: &probe - failureThreshold: 3 - httpGet: - path: /healthz - port: 8080 - scheme: HTTP - periodSeconds: 2 - successThreshold: 1 - timeoutSeconds: 1 - livenessProbe: - !!merge <<: *probe - initialDelaySeconds: 5 - resources: - requests: - cpu: 100m - memory: 100Mi - ports: - - containerPort: 8080 - name: http - protocol: TCP - - containerPort: 9092 - name: metrics - protocol: TCP - terminationMessagePath: /dev/termination-log - env: - - name: SYSTEM_NAMESPACE - valueFrom: - fieldRef: - fieldPath: metadata.namespace - - name: NAMESPACE - valueFrom: - fieldRef: - apiVersion: v1 - fieldPath: metadata.namespace - - name: POD_NAME - valueFrom: - fieldRef: - apiVersion: v1 - fieldPath: metadata.name - - name: CONTAINER_NAME - value: filter - - name: CONFIG_LOGGING_NAME - value: config-logging - - name: CONFIG_OBSERVABILITY_NAME - value: config-observability - - name: METRICS_DOMAIN - value: knative.dev/internal/eventing - - name: FILTER_PORT - value: "8080" - securityContext: - allowPrivilegeEscalation: false - readOnlyRootFilesystem: true - runAsNonRoot: true - capabilities: - drop: - - ALL - seccompProfile: - type: RuntimeDefault ---- -apiVersion: v1 -kind: Service -metadata: - labels: - eventing.knative.dev/brokerRole: filter - eventing.knative.dev/release: "v1.8.4" - app.kubernetes.io/component: broker-filter - app.kubernetes.io/version: "1.8.4" - app.kubernetes.io/name: knative-eventing - name: broker-filter - namespace: knative-eventing -spec: - ports: - - name: http - port: 80 - protocol: TCP - targetPort: 8080 - - name: http-metrics - port: 9092 - protocol: TCP - targetPort: 9092 - selector: - eventing.knative.dev/brokerRole: filter - ---- -# Copyright 2020 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: apps/v1 -kind: Deployment -metadata: - name: mt-broker-ingress - namespace: knative-eventing - labels: - eventing.knative.dev/release: "v1.8.4" - app.kubernetes.io/component: broker-ingress - app.kubernetes.io/version: "1.8.4" - app.kubernetes.io/name: knative-eventing -spec: - selector: - matchLabels: - eventing.knative.dev/brokerRole: ingress - template: - metadata: - labels: - eventing.knative.dev/brokerRole: ingress - eventing.knative.dev/release: "v1.8.4" - app.kubernetes.io/component: broker-ingress - app.kubernetes.io/version: "1.8.4" - app.kubernetes.io/name: knative-eventing - spec: - serviceAccountName: mt-broker-ingress - enableServiceLinks: false - containers: - - name: ingress - terminationMessagePolicy: FallbackToLogsOnError - image: gcr.io/knative-releases/knative.dev/eventing/cmd/broker/ingress@sha256:64939c2c2914e6bbdbbad2366613744f0b950fcc792bf1dd38c9ccaca5b2aa4f - readinessProbe: &probe - failureThreshold: 3 - httpGet: - path: /healthz - port: 8080 - scheme: HTTP - periodSeconds: 2 - successThreshold: 1 - timeoutSeconds: 1 - livenessProbe: - !!merge <<: *probe - initialDelaySeconds: 5 - resources: - requests: - cpu: 100m - memory: 100Mi - ports: - - containerPort: 8080 - name: http - protocol: TCP - - containerPort: 9092 - name: metrics - protocol: TCP - terminationMessagePath: /dev/termination-log - env: - - name: SYSTEM_NAMESPACE - valueFrom: - fieldRef: - fieldPath: metadata.namespace - - name: NAMESPACE - valueFrom: - fieldRef: - apiVersion: v1 - fieldPath: metadata.namespace - - name: POD_NAME - valueFrom: - fieldRef: - apiVersion: v1 - fieldPath: metadata.name - - name: CONTAINER_NAME - value: ingress - - name: CONFIG_LOGGING_NAME - value: config-logging - - name: CONFIG_OBSERVABILITY_NAME - value: config-observability - - name: METRICS_DOMAIN - value: knative.dev/internal/eventing - - name: INGRESS_PORT - value: "8080" - securityContext: - allowPrivilegeEscalation: false - readOnlyRootFilesystem: true - runAsNonRoot: true - capabilities: - drop: - - ALL - seccompProfile: - type: RuntimeDefault ---- -apiVersion: v1 -kind: Service -metadata: - labels: - eventing.knative.dev/brokerRole: ingress - eventing.knative.dev/release: "v1.8.4" - app.kubernetes.io/component: broker-ingress - app.kubernetes.io/version: "1.8.4" - app.kubernetes.io/name: knative-eventing - name: broker-ingress - namespace: knative-eventing -spec: - ports: - - name: http - port: 80 - protocol: TCP - targetPort: 8080 - - name: http-metrics - port: 9092 - protocol: TCP - targetPort: 9092 - selector: - eventing.knative.dev/brokerRole: ingress - ---- -# Copyright 2020 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: apps/v1 -kind: Deployment -metadata: - name: mt-broker-controller - namespace: knative-eventing - labels: - eventing.knative.dev/release: "v1.8.4" - app.kubernetes.io/component: mt-broker-controller - app.kubernetes.io/version: "1.8.4" - app.kubernetes.io/name: knative-eventing -spec: - selector: - matchLabels: - app: mt-broker-controller - template: - metadata: - labels: - app: mt-broker-controller - eventing.knative.dev/release: "v1.8.4" - app.kubernetes.io/component: broker-controller - app.kubernetes.io/version: "1.8.4" - app.kubernetes.io/name: knative-eventing - spec: - # To avoid node becoming SPOF, spread our replicas to different nodes. - affinity: - podAntiAffinity: - preferredDuringSchedulingIgnoredDuringExecution: - - podAffinityTerm: - labelSelector: - matchLabels: - app: mt-broker-controller - topologyKey: kubernetes.io/hostname - weight: 100 - serviceAccountName: eventing-controller - enableServiceLinks: false - containers: - - name: mt-broker-controller - terminationMessagePolicy: FallbackToLogsOnError - image: gcr.io/knative-releases/knative.dev/eventing/cmd/mtchannel_broker@sha256:76fe227f90936800872e4667424339ca80796553aa86b592d86fbb180e6cb986 - resources: - requests: - cpu: 100m - memory: 100Mi - env: - - name: SYSTEM_NAMESPACE - valueFrom: - fieldRef: - fieldPath: metadata.namespace - - name: CONFIG_LOGGING_NAME - value: config-logging - - name: CONFIG_OBSERVABILITY_NAME - value: config-observability - - name: METRICS_DOMAIN - value: knative.dev/eventing - - name: POD_NAME - valueFrom: - fieldRef: - fieldPath: metadata.name - securityContext: - allowPrivilegeEscalation: false - readOnlyRootFilesystem: true - runAsNonRoot: true - capabilities: - drop: - - ALL - seccompProfile: - type: RuntimeDefault - ports: - - name: metrics - containerPort: 9090 - - name: profiling - containerPort: 8008 - ---- -# Copyright 2020 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: autoscaling/v2 -kind: HorizontalPodAutoscaler -metadata: - name: broker-ingress-hpa - namespace: knative-eventing - labels: - eventing.knative.dev/release: "v1.8.4" - app.kubernetes.io/component: broker-ingress - app.kubernetes.io/version: "1.8.4" - app.kubernetes.io/name: knative-eventing -spec: - scaleTargetRef: - apiVersion: apps/v1 - kind: Deployment - name: mt-broker-ingress - minReplicas: 1 - maxReplicas: 10 - metrics: - - type: Resource - resource: - name: cpu - target: - type: Utilization - averageUtilization: 70 ---- -apiVersion: autoscaling/v2 -kind: HorizontalPodAutoscaler -metadata: - name: broker-filter-hpa - namespace: knative-eventing - labels: - eventing.knative.dev/release: "v1.8.4" - app.kubernetes.io/component: broker-filter - app.kubernetes.io/version: "1.8.4" - app.kubernetes.io/name: knative-eventing -spec: - scaleTargetRef: - apiVersion: apps/v1 - kind: Deployment - name: mt-broker-filter - minReplicas: 1 - maxReplicas: 10 - metrics: - - type: Resource - resource: - name: cpu - target: - type: Utilization - averageUtilization: 70 - ---- diff --git a/cmd/operator/kodata/knative-eventing/1.8.4/5-eventing-post-install.yaml b/cmd/operator/kodata/knative-eventing/1.8.4/5-eventing-post-install.yaml deleted file mode 100644 index b8ec7b9441..0000000000 --- a/cmd/operator/kodata/knative-eventing/1.8.4/5-eventing-post-install.yaml +++ /dev/null @@ -1,231 +0,0 @@ -# Copyright 2020 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRole -metadata: - name: knative-eventing-post-install-job-role - labels: - app.kubernetes.io/version: "1.8.4" - app.kubernetes.io/name: knative-eventing - eventing.knative.dev/release: "v1.8.4" -rules: - # Storage version upgrader needs to be able to patch CRDs. - - apiGroups: - - "apiextensions.k8s.io" - resources: - - "customresourcedefinitions" - - "customresourcedefinitions/status" - verbs: - - "get" - - "list" - - "update" - - "patch" - - "watch" - # Our own resources we care about. - - apiGroups: - - "sources.knative.dev" - resources: - - "apiserversources" - - "apiserversources/finalizers" - - "apiserversources/status" - - "containersources" - - "containersources/finalizers" - - "containersources/status" - - "pingsources" - - "pingsources/finalizers" - - "pingsources/status" - - "sinkbindings" - - "sinkbindings/finalizers" - - "sinkbindings/status" - verbs: - - "get" - - "list" - - "create" - - "update" - - "patch" - - "watch" - - apiGroups: - - "eventing.knative.dev" - resources: - - "brokers" - - "brokers/finalizers" - - "brokers/status" - - "eventtypes" - - "eventtypes/finalizers" - - "eventtypes/status" - - "triggers" - - "triggers/finalizers" - - "triggers/status" - verbs: - - "get" - - "list" - - "create" - - "update" - - "patch" - - "watch" - - apiGroups: - - "messaging.knative.dev" - resources: - - "channels" - - "channels/finalizers" - - "channels/status" - - "inmemorychannels" - - "inmemorychannels/finalizers" - - "inmemorychannels/status" - - "subscriptions" - - "subscriptions/finalizers" - - "subscriptions/status" - verbs: - - "get" - - "list" - - "create" - - "update" - - "patch" - - "watch" - - apiGroups: - - "flows.knative.dev" - resources: - - "parallels" - - "parallels/finalizers" - - "parallels/status" - - "sequences" - - "sequences/finalizers" - - "sequences/status" - verbs: - - "get" - - "list" - - "create" - - "update" - - "patch" - - "watch" - - apiGroups: - - "" - resources: - - "namespaces" - verbs: - - "get" - - "list" - ---- -# Copyright 2020 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: v1 -kind: ServiceAccount -metadata: - name: knative-eventing-post-install-job - namespace: knative-eventing - labels: - eventing.knative.dev/release: "v1.8.4" - app.kubernetes.io/version: "1.8.4" - app.kubernetes.io/name: knative-eventing ---- -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRoleBinding -metadata: - name: knative-eventing-post-install-job-role-binding - labels: - eventing.knative.dev/release: "v1.8.4" - app.kubernetes.io/version: "1.8.4" - app.kubernetes.io/name: knative-eventing -subjects: - - kind: ServiceAccount - name: knative-eventing-post-install-job - namespace: knative-eventing -roleRef: - kind: ClusterRole - name: knative-eventing-post-install-job-role - apiGroup: rbac.authorization.k8s.io - ---- -# Copyright 2020 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: batch/v1 -kind: Job -metadata: - generateName: storage-version-migration-eventing- - namespace: knative-eventing - labels: - app: "storage-version-migration-eventing" - app.kubernetes.io/name: knative-eventing - app.kubernetes.io/component: storage-version-migration-job - app.kubernetes.io/version: "1.8.4" - eventing.knative.dev/release: "v1.8.4" -spec: - ttlSecondsAfterFinished: 600 - backoffLimit: 10 - template: - metadata: - labels: - app: "storage-version-migration-eventing" - app.kubernetes.io/name: knative-eventing - app.kubernetes.io/component: storage-version-migration-job - app.kubernetes.io/version: "1.8.4" - eventing.knative.dev/release: "v1.8.4" - annotations: - sidecar.istio.io/inject: "false" - spec: - serviceAccountName: knative-eventing-post-install-job - restartPolicy: OnFailure - containers: - - name: migrate - image: gcr.io/knative-releases/knative.dev/pkg/apiextensions/storageversion/cmd/migrate@sha256:4f235e634da6e5bcde3a1b08ca61b80dd9886bf5889962f4feecaaebe02d3ce8 - args: - - "apiserversources.sources.knative.dev" - - "brokers.eventing.knative.dev" - - "channels.messaging.knative.dev" - - "containersources.sources.knative.dev" - - "eventtypes.eventing.knative.dev" - - "inmemorychannels.messaging.knative.dev" - - "parallels.flows.knative.dev" - - "pingsources.sources.knative.dev" - - "sequences.flows.knative.dev" - - "sinkbindings.sources.knative.dev" - - "subscriptions.messaging.knative.dev" - - "triggers.eventing.knative.dev" - securityContext: - allowPrivilegeEscalation: false - readOnlyRootFilesystem: true - runAsNonRoot: true - capabilities: - drop: - - ALL - seccompProfile: - type: RuntimeDefault - ---- diff --git a/cmd/operator/kodata/knative-eventing/1.8.5/1-eventing-crds.yaml b/cmd/operator/kodata/knative-eventing/1.8.5/1-eventing-crds.yaml deleted file mode 100644 index d489e96732..0000000000 --- a/cmd/operator/kodata/knative-eventing/1.8.5/1-eventing-crds.yaml +++ /dev/null @@ -1,2296 +0,0 @@ -# Copyright 2020 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - creationTimestamp: null - labels: - eventing.knative.dev/release: "v1.8.5" - eventing.knative.dev/source: "true" - duck.knative.dev/source: "true" - knative.dev/crd-install: "true" - app.kubernetes.io/version: "1.8.5" - app.kubernetes.io/name: knative-eventing - annotations: - # TODO add schemas and descriptions - registry.knative.dev/eventTypes: | - [ - { "type": "dev.knative.apiserver.resource.add" }, - { "type": "dev.knative.apiserver.resource.delete" }, - { "type": "dev.knative.apiserver.resource.update" }, - { "type": "dev.knative.apiserver.ref.add" }, - { "type": "dev.knative.apiserver.ref.delete" }, - { "type": "dev.knative.apiserver.ref.update" } - ] - name: apiserversources.sources.knative.dev -spec: - group: sources.knative.dev - versions: - - name: v1 - served: true - storage: true - subresources: - status: {} - schema: - openAPIV3Schema: - description: 'ApiServerSource is an event source that brings Kubernetes API server events into Knative.' - type: object - properties: - spec: - type: object - required: - - resources - properties: - ceOverrides: - description: CloudEventOverrides defines overrides to control the output format and modifications of the event sent to the sink. - type: object - properties: - extensions: - description: Extensions specify what attribute are added or overridden on the outbound event. Each `Extensions` key-value pair are set on the event as an attribute extension independently. - type: object - x-kubernetes-preserve-unknown-fields: true - mode: - description: EventMode controls the format of the event. `Reference` sends a dataref event type for the resource under watch. `Resource` send the full resource lifecycle event. Defaults to `Reference` - type: string - owner: - description: ResourceOwner is an additional filter to only track resources that are owned by a specific resource type. If ResourceOwner matches Resources[n] then Resources[n] is allowed to pass the ResourceOwner filter. - type: object - properties: - apiVersion: - description: APIVersion - the API version of the resource to watch. - type: string - kind: - description: 'Kind of the resource to watch. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - resources: - description: Resource are the resources this source will track and send related lifecycle events from the Kubernetes ApiServer, with an optional label selector to help filter. - type: array - items: - type: object - properties: - apiVersion: - description: APIVersion - the API version of the resource to watch. - type: string - kind: - description: 'Kind of the resource to watch. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - selector: - description: 'LabelSelector filters this source to objects to those resources pass the label selector. More info: http://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#label-selectors' - type: object - properties: - matchExpressions: - description: matchExpressions is a list of label selector requirements. The requirements are ANDed. - type: array - items: - type: object - properties: - key: - description: key is the label key that the selector applies to. - type: string - operator: - description: operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. - type: string - values: - description: values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. - type: array - items: - type: string - matchLabels: - description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. - type: object - x-kubernetes-preserve-unknown-fields: true - serviceAccountName: - description: ServiceAccountName is the name of the ServiceAccount to use to run this source. Defaults to default if not set. - type: string - sink: - description: Sink is a reference to an object that will resolve to a uri to use as the sink. - type: object - properties: - ref: - description: Ref points to an Addressable. - type: object - properties: - apiVersion: - description: API version of the referent. - type: string - kind: - description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - namespace: - description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ This is optional field, it gets defaulted to the object holding it if left out.' - type: string - uri: - description: URI can be an absolute URL(non-empty scheme and non-empty host) pointing to the target or a relative URI. Relative URIs will be resolved using the base URI retrieved from Ref. - type: string - status: - type: object - properties: - annotations: - description: Annotations is additional Status fields for the Resource to save some additional State as well as convey more information to the user. This is roughly akin to Annotations on any k8s resource, just the reconciler conveying richer information outwards. - type: object - x-kubernetes-preserve-unknown-fields: true - ceAttributes: - description: CloudEventAttributes are the specific attributes that the Source uses as part of its CloudEvents. - type: array - items: - type: object - properties: - source: - description: Source is the CloudEvents source attribute. - type: string - type: - description: Type refers to the CloudEvent type attribute. - type: string - conditions: - description: Conditions the latest available observations of a resource's current state. - type: array - items: - type: object - required: - - type - - status - properties: - lastTransitionTime: - description: LastTransitionTime is the last time the condition transitioned from one status to another. We use VolatileTime in place of metav1.Time to exclude this from creating equality.Semantic differences (all other things held constant). - type: string - message: - description: A human readable message indicating details about the transition. - type: string - reason: - description: The reason for the condition's last transition. - type: string - severity: - description: Severity with which to treat failures of this type of condition. When this is not specified, it defaults to Error. - type: string - status: - description: Status of the condition, one of True, False, Unknown. - type: string - type: - description: Type of condition. - type: string - observedGeneration: - description: ObservedGeneration is the 'Generation' of the Service that was last processed by the controller. - type: integer - format: int64 - sinkUri: - description: SinkURI is the current active sink URI that has been configured for the Source. - type: string - additionalPrinterColumns: - - name: Sink - type: string - jsonPath: ".status.sinkUri" - - name: Age - type: date - jsonPath: .metadata.creationTimestamp - - name: Ready - type: string - jsonPath: ".status.conditions[?(@.type==\"Ready\")].status" - - name: Reason - type: string - jsonPath: ".status.conditions[?(@.type==\"Ready\")].reason" - names: - categories: - - all - - knative - - sources - kind: ApiServerSource - plural: apiserversources - singular: apiserversource - scope: Namespaced - ---- -# Copyright 2020 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - name: brokers.eventing.knative.dev - labels: - eventing.knative.dev/release: "v1.8.5" - knative.dev/crd-install: "true" - duck.knative.dev/addressable: "true" - app.kubernetes.io/version: "1.8.5" - app.kubernetes.io/name: knative-eventing -spec: - group: eventing.knative.dev - versions: - - name: v1 - served: true - storage: true - subresources: - status: {} - schema: - openAPIV3Schema: - description: 'Broker collects a pool of events that are consumable using Triggers. Brokers provide a well-known endpoint for event delivery that senders can use with minimal knowledge of the event routing strategy. Subscribers use Triggers to request delivery of events from a Broker''s pool to a specific URL or Addressable endpoint.' - type: object - properties: - spec: - description: Spec defines the desired state of the Broker. - type: object - properties: - config: - description: Config is a KReference to the configuration that specifies configuration options for this Broker. For example, this could be a pointer to a ConfigMap. - type: object - properties: - apiVersion: - description: API version of the referent. - type: string - kind: - description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - namespace: - description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ This is optional field, it gets defaulted to the object holding it if left out.' - type: string - delivery: - description: Delivery contains the delivery spec for each trigger to this Broker. Each trigger delivery spec, if any, overrides this global delivery spec. - type: object - properties: - backoffDelay: - description: 'BackoffDelay is the delay before retrying. More information on Duration format: - https://www.iso.org/iso-8601-date-and-time-format.html - https://en.wikipedia.org/wiki/ISO_8601 For linear policy, backoff delay is backoffDelay*. For exponential policy, backoff delay is backoffDelay*2^.' - type: string - backoffPolicy: - description: BackoffPolicy is the retry backoff policy (linear, exponential). - type: string - deadLetterSink: - description: DeadLetterSink is the sink receiving event that could not be sent to a destination. - type: object - properties: - ref: - description: Ref points to an Addressable. - type: object - properties: - apiVersion: - description: API version of the referent. - type: string - kind: - description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - namespace: - description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ This is optional field, it gets defaulted to the object holding it if left out.' - type: string - uri: - description: URI can be an absolute URL(non-empty scheme and non-empty host) pointing to the target or a relative URI. Relative URIs will be resolved using the base URI retrieved from Ref. - type: string - retry: - description: Retry is the minimum number of retries the sender should attempt when sending an event before moving it to the dead letter sink. - type: integer - format: int32 - x-kubernetes-preserve-unknown-fields: true # This is necessary to enable the experimental feature delivery-timeout - status: - description: Status represents the current state of the Broker. This data may be out of date. - type: object - properties: - address: - description: Broker is Addressable. It exposes the endpoint as an URI to get events delivered into the Broker mesh. - type: object - properties: - url: - type: string - annotations: - description: Annotations is additional Status fields for the Resource to save some additional State as well as convey more information to the user. This is roughly akin to Annotations on any k8s resource, just the reconciler conveying richer information outwards. - type: object - x-kubernetes-preserve-unknown-fields: true - conditions: - description: Conditions the latest available observations of a resource's current state. - type: array - items: - type: object - required: - - type - - status - properties: - lastTransitionTime: - description: 'LastTransitionTime is the last time the condition transitioned from one status to another. We use VolatileTime in place of metav1.Time to exclude this from creating equality.Semantic differences (all other things held constant).' - type: string - message: - description: 'A human readable message indicating details about the transition.' - type: string - reason: - description: 'The reason for the condition''s last transition.' - type: string - severity: - description: 'Severity with which to treat failures of this type of condition. When this is not specified, it defaults to Error.' - type: string - status: - description: 'Status of the condition, one of True, False, Unknown.' - type: string - type: - description: 'Type of condition.' - type: string - deadLetterSinkUri: - description: DeadLetterSinkURI is the resolved URI of the dead letter sink that will be used as a fallback when not specified by Triggers. - type: string - observedGeneration: - description: ObservedGeneration is the 'Generation' of the Service that was last processed by the controller. - type: integer - format: int64 - additionalPrinterColumns: - - name: URL - type: string - jsonPath: .status.address.url - - name: Age - type: date - jsonPath: .metadata.creationTimestamp - - name: Ready - type: string - jsonPath: ".status.conditions[?(@.type==\"Ready\")].status" - - name: Reason - type: string - jsonPath: ".status.conditions[?(@.type==\"Ready\")].reason" - names: - kind: Broker - plural: brokers - singular: broker - categories: - - all - - knative - - eventing - scope: Namespaced - ---- -# Copyright 2020 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - name: channels.messaging.knative.dev - labels: - eventing.knative.dev/release: "v1.8.5" - knative.dev/crd-install: "true" - messaging.knative.dev/subscribable: "true" - duck.knative.dev/addressable: "true" - app.kubernetes.io/version: "1.8.5" - app.kubernetes.io/name: knative-eventing -spec: - group: messaging.knative.dev - versions: - - name: v1 - served: true - storage: true - subresources: - status: {} - additionalPrinterColumns: - - name: URL - type: string - jsonPath: .status.address.url - - name: Age - type: date - jsonPath: .metadata.creationTimestamp - - name: Ready - type: string - jsonPath: ".status.conditions[?(@.type==\"Ready\")].status" - - name: Reason - type: string - jsonPath: ".status.conditions[?(@.type==\"Ready\")].reason" - schema: - openAPIV3Schema: - description: 'Channel represents a generic Channel. It is normally used when we want a Channel, but do not need a specific Channel implementation.' - type: object - properties: - spec: - description: Spec defines the desired state of the Channel. - type: object - properties: - channelTemplate: - description: ChannelTemplate specifies which Channel CRD to use to create the CRD Channel backing this Channel. This is immutable after creation. Normally this is set by the Channel defaulter, not directly by the user. - type: object - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - spec: - description: Spec defines the Spec to use for each channel created. Passed in verbatim to the Channel CRD as Spec section. - type: object - x-kubernetes-preserve-unknown-fields: true - delivery: - description: DeliverySpec contains the default delivery spec for each subscription to this Channelable. Each subscription delivery spec, if any, overrides this global delivery spec. - type: object - properties: - backoffDelay: - description: 'BackoffDelay is the delay before retrying. More information on Duration format: - https://www.iso.org/iso-8601-date-and-time-format.html - https://en.wikipedia.org/wiki/ISO_8601 For linear policy, backoff delay is backoffDelay*. For exponential policy, backoff delay is backoffDelay*2^.' - type: string - backoffPolicy: - description: BackoffPolicy is the retry backoff policy (linear, exponential). - type: string - deadLetterSink: - description: DeadLetterSink is the sink receiving event that could not be sent to a destination. - type: object - properties: - ref: - description: Ref points to an Addressable. - type: object - properties: - apiVersion: - description: API version of the referent. - type: string - kind: - description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - namespace: - description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ This is optional field, it gets defaulted to the object holding it if left out.' - type: string - uri: - description: URI can be an absolute URL(non-empty scheme and non-empty host) pointing to the target or a relative URI. Relative URIs will be resolved using the base URI retrieved from Ref. - type: string - retry: - description: Retry is the minimum number of retries the sender should attempt when sending an event before moving it to the dead letter sink. - type: integer - format: int32 - x-kubernetes-preserve-unknown-fields: true # This is necessary to enable the experimental feature delivery-timeout - subscribers: - description: This is the list of subscriptions for this subscribable. - type: array - items: - type: object - properties: - delivery: - description: DeliverySpec contains options controlling the event delivery - type: object - properties: - backoffDelay: - description: 'BackoffDelay is the delay before retrying. More information on Duration format: - https://www.iso.org/iso-8601-date-and-time-format.html - https://en.wikipedia.org/wiki/ISO_8601 For linear policy, backoff delay is backoffDelay*. For exponential policy, backoff delay is backoffDelay*2^.' - type: string - backoffPolicy: - description: BackoffPolicy is the retry backoff policy (linear, exponential). - type: string - deadLetterSink: - description: DeadLetterSink is the sink receiving event that could not be sent to a destination. - type: object - properties: - ref: - description: Ref points to an Addressable. - type: object - properties: - apiVersion: - description: API version of the referent. - type: string - kind: - description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - namespace: - description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ This is optional field, it gets defaulted to the object holding it if left out.' - type: string - uri: - description: URI can be an absolute URL(non-empty scheme and non-empty host) pointing to the target or a relative URI. Relative URIs will be resolved using the base URI retrieved from Ref. - type: string - retry: - description: Retry is the minimum number of retries the sender should attempt when sending an event before moving it to the dead letter sink. - type: integer - format: int32 - x-kubernetes-preserve-unknown-fields: true # This is necessary to enable the experimental feature - generation: - description: Generation of the origin of the subscriber with uid:UID. - type: integer - format: int64 - replyUri: - description: ReplyURI is the endpoint for the reply - type: string - subscriberUri: - description: SubscriberURI is the endpoint for the subscriber - type: string - uid: - description: UID is used to understand the origin of the subscriber. - type: string - status: - description: Status represents the current state of the Channel. This data may be out of date. - type: object - properties: - address: - type: object - properties: - url: - type: string - annotations: - description: Annotations is additional Status fields for the Resource to save some additional State as well as convey more information to the user. This is roughly akin to Annotations on any k8s resource, just the reconciler conveying richer information outwards. - type: object - x-kubernetes-preserve-unknown-fields: true - channel: - description: Channel is an KReference to the Channel CRD backing this Channel. - type: object - properties: - apiVersion: - description: API version of the referent. - type: string - kind: - description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - namespace: - description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ This is optional field, it gets defaulted to the object holding it if left out.' - type: string - conditions: - description: Conditions the latest available observations of a resource's current state. - type: array - items: - type: object - required: - - type - - status - properties: - lastTransitionTime: - description: LastTransitionTime is the last time the condition transitioned from one status to another. We use VolatileTime in place of metav1.Time to exclude this from creating equality.Semantic differences (all other things held constant). - type: string - message: - description: A human readable message indicating details about the transition. - type: string - reason: - description: The reason for the condition's last transition. - type: string - severity: - description: Severity with which to treat failures of this type of condition. When this is not specified, it defaults to Error. - type: string - status: - description: Status of the condition, one of True, False, Unknown. - type: string - type: - description: Type of condition. - type: string - deadLetterChannel: - description: DeadLetterChannel is a KReference and is set by the channel when it supports native error handling via a channel Failed messages are delivered here. - type: object - properties: - apiVersion: - description: API version of the referent. - type: string - kind: - description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - namespace: - description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ This is optional field, it gets defaulted to the object holding it if left out.' - type: string - deadLetterSinkUri: - description: DeadLetterSinkURI is the resolved URI of the dead letter sink that will be used as a fallback when not specified by Triggers. - type: string - observedGeneration: - description: ObservedGeneration is the 'Generation' of the Service that was last processed by the controller. - type: integer - format: int64 - subscribers: - description: This is the list of subscription's statuses for this channel. - type: array - items: - type: object - properties: - message: - description: A human readable message indicating details of Ready status. - type: string - observedGeneration: - description: Generation of the origin of the subscriber with uid:UID. - type: integer - format: int64 - ready: - description: Status of the subscriber. - type: string - uid: - description: UID is used to understand the origin of the subscriber. - type: string - names: - kind: Channel - plural: channels - singular: channel - categories: - - all - - knative - - messaging - - channel - shortNames: - - ch - scope: Namespaced - ---- -# Copyright 2020 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - labels: - eventing.knative.dev/release: "v1.8.5" - eventing.knative.dev/source: "true" - duck.knative.dev/source: "true" - knative.dev/crd-install: "true" - app.kubernetes.io/version: "1.8.5" - app.kubernetes.io/name: knative-eventing - name: containersources.sources.knative.dev -spec: - group: sources.knative.dev - versions: - - name: v1 - served: true - storage: true - subresources: - status: {} - schema: - openAPIV3Schema: - description: 'ContainerSource is an event source that starts a container image which generates events under certain situations and sends messages to a sink URI' - type: object - properties: - spec: - type: object - properties: - ceOverrides: - description: CloudEventOverrides defines overrides to control the output format and modifications of the event sent to the sink. - type: object - properties: - extensions: - description: Extensions specify what attribute are added or overridden on the outbound event. Each `Extensions` key-value pair are set on the event as an attribute extension independently. - type: object - x-kubernetes-preserve-unknown-fields: true - sink: - description: Sink is a reference to an object that will resolve to a uri to use as the sink. - type: object - properties: - ref: - description: Ref points to an Addressable. - type: object - properties: - apiVersion: - description: API version of the referent. - type: string - kind: - description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - namespace: - description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ This is optional field, it gets defaulted to the object holding it if left out.' - type: string - uri: - description: URI can be an absolute URL(non-empty scheme and non-empty host) pointing to the target or a relative URI. Relative URIs will be resolved using the base URI retrieved from Ref. - type: string - # WARNING: the schema tool can not parse PodTemplateSpec, stub here and redirect to Deployment documentation. - template: - type: object - x-kubernetes-preserve-unknown-fields: true - description: 'A template in the shape of `Deployment.spec.template` to be used for this ContainerSource. More info: https://kubernetes.io/docs/concepts/workloads/controllers/deployment/' - status: - type: object - properties: - annotations: - description: Annotations is additional Status fields for the Resource to save some additional State as well as convey more information to the user. This is roughly akin to Annotations on any k8s resource, just the reconciler conveying richer information outwards. - type: object - x-kubernetes-preserve-unknown-fields: true - ceAttributes: - description: CloudEventAttributes are the specific attributes that the Source uses as part of its CloudEvents. - type: array - items: - type: object - properties: - source: - description: Source is the CloudEvents source attribute. - type: string - type: - description: Type refers to the CloudEvent type attribute. - type: string - conditions: - description: Conditions the latest available observations of a resource's current state. - type: array - items: - type: object - required: - - type - - status - properties: - lastTransitionTime: - description: LastTransitionTime is the last time the condition transitioned from one status to another. We use VolatileTime in place of metav1.Time to exclude this from creating equality.Semantic differences (all other things held constant). - type: string - message: - description: A human readable message indicating details about the transition. - type: string - reason: - description: The reason for the condition's last transition. - type: string - severity: - description: Severity with which to treat failures of this type of condition. When this is not specified, it defaults to Error. - type: string - status: - description: Status of the condition, one of True, False, Unknown. - type: string - type: - description: Type of condition. - type: string - observedGeneration: - description: ObservedGeneration is the 'Generation' of the Service that was last processed by the controller. - type: integer - format: int64 - sinkUri: - description: SinkURI is the current active sink URI that has been configured for the Source. - type: string - additionalPrinterColumns: - - name: Sink - type: string - jsonPath: ".status.sinkUri" - - name: Age - type: date - jsonPath: .metadata.creationTimestamp - - name: Ready - type: string - jsonPath: ".status.conditions[?(@.type==\"Ready\")].status" - - name: Reason - type: string - jsonPath: ".status.conditions[?(@.type=='Ready')].reason" - names: - categories: - - all - - knative - - sources - kind: ContainerSource - plural: containersources - singular: containersource - scope: Namespaced - ---- -# Copyright 2020 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - name: eventtypes.eventing.knative.dev - labels: - eventing.knative.dev/release: "v1.8.5" - knative.dev/crd-install: "true" - app.kubernetes.io/version: "1.8.5" - app.kubernetes.io/name: knative-eventing -spec: - group: eventing.knative.dev - versions: - - name: v1beta1 - served: true - storage: true - subresources: - status: {} - schema: - openAPIV3Schema: - type: object - description: 'EventType represents a type of event that can be consumed from a Broker.' - properties: - spec: - description: 'Spec defines the desired state of the EventType.' - type: object - properties: - broker: - type: string - description: - description: 'Description is an optional field used to describe the EventType, in any meaningful way.' - type: string - schema: - description: 'Schema is a URI, it represents the CloudEvents schemaurl extension attribute. It may be a JSON schema, a protobuf schema, etc. It is optional.' - type: string - schemaData: - description: 'SchemaData allows the CloudEvents schema to be stored directly in the EventType. Content is dependent on the encoding. Optional attribute. The contents are not validated or manipulated by the system.' - type: string - source: - description: 'Source is a URI, it represents the CloudEvents source.' - type: string - type: - description: 'Type represents the CloudEvents type. It is authoritative.' - type: string - status: - description: 'Status represents the current state of the EventType. This data may be out of date.' - type: object - properties: - annotations: - description: 'Annotations is additional Status fields for the Resource to save some additional State as well as convey more information to the user. This is roughly akin to Annotations on any k8s resource, just the reconciler conveying richer information outwards.' - type: object - x-kubernetes-preserve-unknown-fields: true - conditions: - description: 'Conditions the latest available observations of a resource''s current state.' - type: array - items: - type: object - required: - - type - - status - properties: - lastTransitionTime: - description: 'LastTransitionTime is the last time the condition transitioned from one status to another. We use VolatileTime in place of metav1.Time to exclude this from creating equality.Semantic differences (all other things held constant).' - type: string - message: - description: 'A human readable message indicating details about the transition.' - type: string - reason: - description: 'The reason for the condition''s last transition.' - type: string - severity: - description: 'Severity with which to treat failures of this type of condition. When this is not specified, it defaults to Error.' - type: string - status: - description: 'Status of the condition, one of True, False, Unknown.' - type: string - type: - description: 'Type of condition.' - type: string - observedGeneration: - description: 'ObservedGeneration is the ''Generation'' of the Service that was last processed by the controller.' - type: integer - format: int64 - additionalPrinterColumns: - - name: Type - type: string - jsonPath: ".spec.type" - - name: Source - type: string - jsonPath: ".spec.source" - - name: Schema - type: string - jsonPath: ".spec.schema" - - name: Broker - type: string - jsonPath: ".spec.broker" - - name: Description - type: string - jsonPath: ".spec.description" - # TODO remove Status https://github.com/knative/eventing/issues/2750 - - name: Ready - type: string - jsonPath: ".status.conditions[?(@.type==\"Ready\")].status" - - name: Reason - type: string - jsonPath: ".status.conditions[?(@.type==\"Ready\")].reason" - names: - kind: EventType - plural: eventtypes - singular: eventtype - categories: - - all - - knative - - eventing - scope: Namespaced - ---- -# Copyright 2020 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - name: parallels.flows.knative.dev - labels: - eventing.knative.dev/release: "v1.8.5" - knative.dev/crd-install: "true" - duck.knative.dev/addressable: "true" - app.kubernetes.io/version: "1.8.5" - app.kubernetes.io/name: knative-eventing -spec: - group: flows.knative.dev - versions: - - name: v1 - served: true - storage: true - subresources: - status: {} - schema: - openAPIV3Schema: - description: 'Parallel defines conditional branches that will be wired in series through Channels and Subscriptions.' - type: object - properties: - spec: - description: Spec defines the desired state of the Parallel. - type: object - properties: - branches: - description: Branches is the list of Filter/Subscribers pairs. - type: array - items: - type: object - x-kubernetes-preserve-unknown-fields: true - properties: - delivery: - description: Delivery is the delivery specification for events to the subscriber This includes things like retries, DLQ, etc. - type: object - properties: - backoffDelay: - description: 'BackoffDelay is the delay before retrying. More information on Duration format: - https://www.iso.org/iso-8601-date-and-time-format.html - https://en.wikipedia.org/wiki/ISO_8601 For linear policy, backoff delay is backoffDelay*. For exponential policy, backoff delay is backoffDelay*2^.' - type: string - backoffPolicy: - description: BackoffPolicy is the retry backoff policy (linear, exponential). - type: string - deadLetterSink: - description: DeadLetterSink is the sink receiving event that could not be sent to a destination. - type: object - properties: &addressableProperties - ref: - description: Ref points to an Addressable. - type: object - properties: - apiVersion: - description: API version of the referent. - type: string - kind: - description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - namespace: - description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ This is optional field, it gets defaulted to the object holding it if left out.' - type: string - uri: - description: URI can be an absolute URL(non-empty scheme and non-empty host) pointing to the target or a relative URI. Relative URIs will be resolved using the base URI retrieved from Ref. - type: string - retry: - description: Retry is the minimum number of retries the sender should attempt when sending an event before moving it to the dead letter sink. - type: integer - format: int32 - x-kubernetes-preserve-unknown-fields: true # This is necessary to enable the experimental feature delivery-timeout - filter: - description: Filter is the expression guarding the branch - type: object - properties: - !!merge <<: *addressableProperties - reply: - description: Reply is a Reference to where the result of Subscriber of this case gets sent to. If not specified, sent the result to the Parallel Reply - type: object - properties: - !!merge <<: *addressableProperties - subscriber: - description: Subscriber receiving the event when the filter passes - type: object - properties: - !!merge <<: *addressableProperties - channelTemplate: - description: ChannelTemplate specifies which Channel CRD to use. If left unspecified, it is set to the default Channel CRD for the namespace (or cluster, in case there are no defaults for the namespace). - type: object - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - spec: - description: Spec defines the Spec to use for each channel created. Passed in verbatim to the Channel CRD as Spec section. - type: object - x-kubernetes-preserve-unknown-fields: true - reply: - description: Reply is a Reference to where the result of a case Subscriber gets sent to when the case does not have a Reply - type: object - properties: - !!merge <<: *addressableProperties - status: - description: Status represents the current state of the Parallel. This data may be out of date. - type: object - properties: - address: - type: object - properties: - url: - type: string - annotations: - description: Annotations is additional Status fields for the Resource to save some additional State as well as convey more information to the user. This is roughly akin to Annotations on any k8s resource, just the reconciler conveying richer information outwards. - type: object - x-kubernetes-preserve-unknown-fields: true - branchStatuses: - description: BranchStatuses is an array of corresponding to branch statuses. Matches the Spec.Branches array in the order. - type: array - items: - type: object - properties: - filterChannelStatus: - description: FilterChannelStatus corresponds to the filter channel status. - type: object - properties: &channelProperties - channel: - description: Channel is the reference to the underlying channel. - type: object - properties: &referentProperties - apiVersion: - description: API version of the referent. - type: string - fieldPath: - description: 'If referring to a piece of an object instead of an entire object, this string should contain a valid JSON/Go field access statement, such as desiredState.manifest.containers[2]. For example, if the object reference is to a container within a pod, this would take on a value like: "spec.containers{name}" (where "name" refers to the name of the container that triggered the event) or if no container name is specified "spec.containers[2]" (container with index 2 in this pod). This syntax is chosen only to have some well-defined way of referencing a part of an object.' - type: string - kind: - description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - namespace: - description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' - type: string - resourceVersion: - description: 'Specific resourceVersion to which this reference is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency' - type: string - uid: - description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids' - type: string - ready: - description: ReadyCondition indicates whether the Channel is ready or not. - type: object - x-kubernetes-preserve-unknown-fields: true - properties: &readyConditionProperties - message: - description: A human readable message indicating details about the transition. - type: string - reason: - description: The reason for the condition's last transition. - type: string - severity: - description: Severity with which to treat failures of this type of condition. When this is not specified, it defaults to Error. - type: string - status: - description: Status of the condition, one of True, False, Unknown. - type: string - type: - description: Type of condition. - type: string - filterSubscriptionStatus: - description: FilterSubscriptionStatus corresponds to the filter subscription status. - type: object - properties: - ready: - description: ReadyCondition indicates whether the Subscription is ready or not. - type: object - properties: - !!merge <<: *readyConditionProperties - subscription: - description: Subscription is the reference to the underlying Subscription. - type: object - properties: - !!merge <<: *referentProperties - subscriberSubscriptionStatus: - description: SubscriptionStatus corresponds to the subscriber subscription status. - type: object - properties: - ready: - description: ReadyCondition indicates whether the Subscription is ready or not. - type: object - properties: - !!merge <<: *readyConditionProperties - subscription: - description: Subscription is the reference to the underlying Subscription. - type: object - properties: - !!merge <<: *referentProperties - conditions: - description: Conditions the latest available observations of a resource's current state. - type: array - items: - type: object - properties: - !!merge <<: *readyConditionProperties - ingressChannelStatus: - description: IngressChannelStatus corresponds to the ingress channel status. - type: object - properties: - !!merge <<: *channelProperties - observedGeneration: - description: ObservedGeneration is the 'Generation' of the Service that was last processed by the controller. - type: integer - format: int64 - additionalPrinterColumns: - - name: URL - type: string - jsonPath: .status.address.url - - name: Age - type: date - jsonPath: .metadata.creationTimestamp - - name: Ready - type: string - jsonPath: ".status.conditions[?(@.type==\"Ready\")].status" - - name: Reason - type: string - jsonPath: ".status.conditions[?(@.type==\"Ready\")].reason" - names: - kind: Parallel - plural: parallels - singular: parallel - categories: - - all - - knative - - flows - scope: Namespaced - ---- -# Copyright 2020 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - labels: - eventing.knative.dev/release: "v1.8.5" - eventing.knative.dev/source: "true" - duck.knative.dev/source: "true" - knative.dev/crd-install: "true" - app.kubernetes.io/version: "1.8.5" - app.kubernetes.io/name: knative-eventing - annotations: - # TODO add schemas and descriptions - registry.knative.dev/eventTypes: | - [ - { "type": "dev.knative.sources.ping" } - ] - name: pingsources.sources.knative.dev -spec: - group: sources.knative.dev - versions: - - &version - name: v1beta2 - served: true - storage: false - subresources: - status: {} - schema: - openAPIV3Schema: - type: object - description: 'PingSource describes an event source with a fixed payload produced on a specified cron schedule.' - properties: - spec: - type: object - description: 'PingSourceSpec defines the desired state of the PingSource (from the client).' - properties: - ceOverrides: - description: 'CloudEventOverrides defines overrides to control the output format and modifications of the event sent to the sink.' - type: object - properties: - extensions: - description: 'Extensions specify what attribute are added or overridden on the outbound event. Each `Extensions` key-value pair are set on the event as an attribute extension independently.' - type: object - additionalProperties: - type: string - x-kubernetes-preserve-unknown-fields: true - contentType: - description: 'ContentType is the media type of `data` or `dataBase64`. Default is empty.' - type: string - data: - description: 'Data is data used as the body of the event posted to the sink. Default is empty. Mutually exclusive with `dataBase64`.' - type: string - dataBase64: - description: "DataBase64 is the base64-encoded string of the actual event's body posted to the sink. Default is empty. Mutually exclusive with `data`." - type: string - schedule: - description: 'Schedule is the cron schedule. Defaults to `* * * * *`.' - type: string - sink: - description: 'Sink is a reference to an object that will resolve to a uri to use as the sink.' - type: object - properties: - ref: - description: 'Ref points to an Addressable.' - type: object - properties: - apiVersion: - description: 'API version of the referent.' - type: string - kind: - description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - namespace: - description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ This is optional field, it gets defaulted to the object holding it if left out.' - type: string - uri: - description: 'URI can be an absolute URL(non-empty scheme and non-empty host) pointing to the target or a relative URI. Relative URIs will be resolved using the base URI retrieved from Ref.' - type: string - timezone: - description: 'Timezone modifies the actual time relative to the specified timezone. Defaults to the system time zone. More general information about time zones: https://www.iana.org/time-zones List of valid timezone values: https://en.wikipedia.org/wiki/List_of_tz_database_time_zones' - type: string - status: - type: object - description: 'PingSourceStatus defines the observed state of PingSource (from the controller).' - properties: - annotations: - description: 'Annotations is additional Status fields for the Resource to save some additional State as well as convey more information to the user. This is roughly akin to Annotations on any k8s resource, just the reconciler conveying richer information outwards.' - type: object - x-kubernetes-preserve-unknown-fields: true - ceAttributes: - description: 'CloudEventAttributes are the specific attributes that the Source uses as part of its CloudEvents.' - type: array - items: - type: object - properties: - source: - description: 'Source is the CloudEvents source attribute.' - type: string - type: - description: 'Type refers to the CloudEvent type attribute.' - type: string - conditions: - description: 'Conditions the latest available observations of a resource''s current state.' - type: array - items: - type: object - required: - - type - - status - properties: - lastTransitionTime: - description: 'LastTransitionTime is the last time the condition transitioned from one status to another. We use VolatileTime in place of metav1.Time to exclude this from creating equality.Semantic differences (all other things held constant).' - type: string - message: - description: 'A human readable message indicating details about the transition.' - type: string - reason: - description: 'The reason for the condition''s last transition.' - type: string - severity: - description: 'Severity with which to treat failures of this type of condition. When this is not specified, it defaults to Error.' - type: string - status: - description: 'Status of the condition, one of True, False, Unknown.' - type: string - type: - description: 'Type of condition.' - type: string - observedGeneration: - description: 'ObservedGeneration is the "Generation" of the Service that was last processed by the controller.' - type: integer - format: int64 - sinkUri: - description: 'SinkURI is the current active sink URI that has been configured for the Source.' - type: string - additionalPrinterColumns: - - name: Sink - type: string - jsonPath: .status.sinkUri - - name: Schedule - type: string - jsonPath: .spec.schedule - - name: Age - type: date - jsonPath: .metadata.creationTimestamp - - name: Ready - type: string - jsonPath: ".status.conditions[?(@.type=='Ready')].status" - - name: Reason - type: string - jsonPath: ".status.conditions[?(@.type=='Ready')].reason" - - !!merge <<: *version - name: v1 - served: true - storage: true - # v1 schema is identical to the v1beta2 schema - names: - categories: - - all - - knative - - sources - kind: PingSource - plural: pingsources - singular: pingsource - scope: Namespaced - conversion: - strategy: Webhook - webhook: - conversionReviewVersions: ["v1", "v1beta1"] - clientConfig: - service: - name: eventing-webhook - namespace: knative-eventing - ---- -# Copyright 2020 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - name: sequences.flows.knative.dev - labels: - eventing.knative.dev/release: "v1.8.5" - knative.dev/crd-install: "true" - duck.knative.dev/addressable: "true" - app.kubernetes.io/version: "1.8.5" - app.kubernetes.io/name: knative-eventing -spec: - group: flows.knative.dev - versions: - - name: v1 - served: true - storage: true - subresources: - status: {} - schema: - openAPIV3Schema: - description: 'Sequence defines a sequence of Subscribers that will be wired in series through Channels and Subscriptions.' - type: object - properties: - spec: - description: Spec defines the desired state of the Sequence. - type: object - properties: - channelTemplate: - description: ChannelTemplate specifies which Channel CRD to use. If left unspecified, it is set to the default Channel CRD for the namespace (or cluster, in case there are no defaults for the namespace). - type: object - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - spec: - description: Spec defines the Spec to use for each channel created. Passed in verbatim to the Channel CRD as Spec section. - type: object - x-kubernetes-preserve-unknown-fields: true - reply: - description: Reply is a Reference to where the result of the last Subscriber gets sent to. - type: object - properties: - ref: - description: Ref points to an Addressable. - type: object - properties: - apiVersion: - description: API version of the referent. - type: string - kind: - description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - namespace: - description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ This is optional field, it gets defaulted to the object holding it if left out.' - type: string - uri: - description: URI can be an absolute URL(non-empty scheme and non-empty host) pointing to the target or a relative URI. Relative URIs will be resolved using the base URI retrieved from Ref. - type: string - steps: - description: Steps is the list of Destinations (processors / functions) that will be called in the order provided. Each step has its own delivery options - type: array - items: - type: object - properties: - delivery: - description: Delivery is the delivery specification for events to the subscriber This includes things like retries, DLQ, etc. - type: object - properties: - backoffDelay: - description: 'BackoffDelay is the delay before retrying. More information on Duration format: - https://www.iso.org/iso-8601-date-and-time-format.html - https://en.wikipedia.org/wiki/ISO_8601 For linear policy, backoff delay is backoffDelay*. For exponential policy, backoff delay is backoffDelay*2^.' - type: string - backoffPolicy: - description: BackoffPolicy is the retry backoff policy (linear, exponential). - type: string - deadLetterSink: - description: DeadLetterSink is the sink receiving event that could not be sent to a destination. - type: object - properties: - ref: - description: Ref points to an Addressable. - type: object - properties: - apiVersion: - description: API version of the referent. - type: string - kind: - description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - namespace: - description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ This is optional field, it gets defaulted to the object holding it if left out.' - type: string - uri: - description: URI can be an absolute URL(non-empty scheme and non-empty host) pointing to the target or a relative URI. Relative URIs will be resolved using the base URI retrieved from Ref. - type: string - retry: - description: Retry is the minimum number of retries the sender should attempt when sending an event before moving it to the dead letter sink. - type: integer - format: int32 - x-kubernetes-preserve-unknown-fields: true # This is necessary to enable the experimental feature delivery-timeout - ref: - description: Ref points to an Addressable. - type: object - properties: - apiVersion: - description: API version of the referent. - type: string - kind: - description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - namespace: - description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ This is optional field, it gets defaulted to the object holding it if left out.' - type: string - uri: - description: URI can be an absolute URL(non-empty scheme and non-empty host) pointing to the target or a relative URI. Relative URIs will be resolved using the base URI retrieved from Ref. - type: string - status: - description: Status represents the current state of the Sequence. This data may be out of date. - type: object - properties: - address: - type: object - properties: - url: - type: string - annotations: - description: Annotations is additional Status fields for the Resource to save some additional State as well as convey more information to the user. This is roughly akin to Annotations on any k8s resource, just the reconciler conveying richer information outwards. - type: object - x-kubernetes-preserve-unknown-fields: true - channelStatuses: - description: ChannelStatuses is an array of corresponding Channel statuses. Matches the Spec.Steps array in the order. - type: array - items: - type: object - properties: - channel: - description: Channel is the reference to the underlying channel. - type: object - properties: - apiVersion: - description: API version of the referent. - type: string - fieldPath: - description: 'If referring to a piece of an object instead of an entire object, this string should contain a valid JSON/Go field access statement, such as desiredState.manifest.containers[2]. For example, if the object reference is to a container within a pod, this would take on a value like: "spec.containers{name}" (where "name" refers to the name of the container that triggered the event) or if no container name is specified "spec.containers[2]" (container with index 2 in this pod). This syntax is chosen only to have some well-defined way of referencing a part of an object.' - type: string - kind: - description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - namespace: - description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' - type: string - resourceVersion: - description: 'Specific resourceVersion to which this reference is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency' - type: string - uid: - description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids' - type: string - ready: - description: ReadyCondition indicates whether the Channel is ready or not. - type: object - required: - - type - - status - properties: - lastTransitionTime: - description: LastTransitionTime is the last time the condition transitioned from one status to another. We use VolatileTime in place of metav1.Time to exclude this from creating equality.Semantic differences (all other things held constant). - type: string - message: - description: A human readable message indicating details about the transition. - type: string - reason: - description: The reason for the condition's last transition. - type: string - severity: - description: Severity with which to treat failures of this type of condition. When this is not specified, it defaults to Error. - type: string - status: - description: Status of the condition, one of True, False, Unknown. - type: string - type: - description: Type of condition. - type: string - conditions: - description: Conditions the latest available observations of a resource's current state. - type: array - items: - type: object - required: - - type - - status - properties: - lastTransitionTime: - description: LastTransitionTime is the last time the condition transitioned from one status to another. We use VolatileTime in place of metav1.Time to exclude this from creating equality.Semantic differences (all other things held constant). - type: string - message: - description: A human readable message indicating details about the transition. - type: string - reason: - description: The reason for the condition's last transition. - type: string - severity: - description: Severity with which to treat failures of this type of condition. When this is not specified, it defaults to Error. - type: string - status: - description: Status of the condition, one of True, False, Unknown. - type: string - type: - description: Type of condition. - type: string - observedGeneration: - description: ObservedGeneration is the 'Generation' of the Service that was last processed by the controller. - type: integer - format: int64 - subscriptionStatuses: - description: SubscriptionStatuses is an array of corresponding Subscription statuses. Matches the Spec.Steps array in the order. - type: array - items: - type: object - properties: - ready: - description: ReadyCondition indicates whether the Subscription is ready or not. - type: object - required: - - type - - status - properties: - lastTransitionTime: - description: LastTransitionTime is the last time the condition transitioned from one status to another. We use VolatileTime in place of metav1.Time to exclude this from creating equality.Semantic differences (all other things held constant). - type: string - message: - description: A human readable message indicating details about the transition. - type: string - reason: - description: The reason for the condition's last transition. - type: string - severity: - description: Severity with which to treat failures of this type of condition. When this is not specified, it defaults to Error. - type: string - status: - description: Status of the condition, one of True, False, Unknown. - type: string - type: - description: Type of condition. - type: string - subscription: - description: Subscription is the reference to the underlying Subscription. - type: object - properties: - apiVersion: - description: API version of the referent. - type: string - fieldPath: - description: 'If referring to a piece of an object instead of an entire object, this string should contain a valid JSON/Go field access statement, such as desiredState.manifest.containers[2]. For example, if the object reference is to a container within a pod, this would take on a value like: "spec.containers{name}" (where "name" refers to the name of the container that triggered the event) or if no container name is specified "spec.containers[2]" (container with index 2 in this pod). This syntax is chosen only to have some well-defined way of referencing a part of an object.' - type: string - kind: - description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - namespace: - description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' - type: string - resourceVersion: - description: 'Specific resourceVersion to which this reference is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency' - type: string - uid: - description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids' - type: string - additionalPrinterColumns: - - name: URL - type: string - jsonPath: .status.address.url - - name: Age - type: date - jsonPath: .metadata.creationTimestamp - - name: Ready - type: string - jsonPath: ".status.conditions[?(@.type==\"Ready\")].status" - - name: Reason - type: string - jsonPath: ".status.conditions[?(@.type==\"Ready\")].reason" - names: - kind: Sequence - plural: sequences - singular: sequence - categories: - - all - - knative - - flows - scope: Namespaced - ---- -# Copyright 2020 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - labels: - eventing.knative.dev/release: "v1.8.5" - eventing.knative.dev/source: "true" - duck.knative.dev/source: "true" - duck.knative.dev/binding: "true" - knative.dev/crd-install: "true" - app.kubernetes.io/version: "1.8.5" - app.kubernetes.io/name: knative-eventing - name: sinkbindings.sources.knative.dev -spec: - group: sources.knative.dev - versions: - - name: v1 - served: true - storage: true - subresources: - status: {} - schema: - openAPIV3Schema: - description: 'SinkBinding describes a Binding that is also a Source. The `sink` (from the Source duck) is resolved to a URL and then projected into the `subject` by augmenting the runtime contract of the referenced containers to have a `K_SINK` environment variable holding the endpoint to which to send cloud events.' - type: object - properties: - spec: - type: object - properties: - ceOverrides: - description: CloudEventOverrides defines overrides to control the output format and modifications of the event sent to the sink. - type: object - properties: - extensions: - description: Extensions specify what attribute are added or overridden on the outbound event. Each `Extensions` key-value pair are set on the event as an attribute extension independently. - type: object - x-kubernetes-preserve-unknown-fields: true - sink: - description: Sink is a reference to an object that will resolve to a uri to use as the sink. - type: object - properties: - ref: - description: Ref points to an Addressable. - type: object - properties: - apiVersion: - description: API version of the referent. - type: string - kind: - description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - namespace: - description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ This is optional field, it gets defaulted to the object holding it if left out.' - type: string - uri: - description: URI can be an absolute URL(non-empty scheme and non-empty host) pointing to the target or a relative URI. Relative URIs will be resolved using the base URI retrieved from Ref. - type: string - subject: - description: Subject references the resource(s) whose "runtime contract" should be augmented by Binding implementations. - type: object - properties: - apiVersion: - description: API version of the referent. - type: string - kind: - description: Kind of the referent. - type: string - name: - description: Name of the referent. Mutually exclusive with Selector. - type: string - namespace: - description: Namespace of the referent. - type: string - selector: - description: Selector of the referents. Mutually exclusive with Name. - type: object - properties: - matchExpressions: - description: matchExpressions is a list of label selector requirements. The requirements are ANDed. - type: array - items: - type: object - properties: - key: - description: key is the label key that the selector applies to. - type: string - operator: - description: operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. - type: string - values: - description: values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. - type: array - items: - type: string - matchLabels: - description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. - type: object - x-kubernetes-preserve-unknown-fields: true - status: - type: object - properties: - annotations: - description: Annotations is additional Status fields for the Resource to save some additional State as well as convey more information to the user. This is roughly akin to Annotations on any k8s resource, just the reconciler conveying richer information outwards. - type: object - x-kubernetes-preserve-unknown-fields: true - ceAttributes: - description: CloudEventAttributes are the specific attributes that the Source uses as part of its CloudEvents. - type: array - items: - type: object - properties: - source: - description: Source is the CloudEvents source attribute. - type: string - type: - description: Type refers to the CloudEvent type attribute. - type: string - conditions: - description: Conditions the latest available observations of a resource's current state. - type: array - items: - type: object - required: - - type - - status - properties: - lastTransitionTime: - description: LastTransitionTime is the last time the condition transitioned from one status to another. We use VolatileTime in place of metav1.Time to exclude this from creating equality.Semantic differences (all other things held constant). - type: string - message: - description: A human readable message indicating details about the transition. - type: string - reason: - description: The reason for the condition's last transition. - type: string - severity: - description: Severity with which to treat failures of this type of condition. When this is not specified, it defaults to Error. - type: string - status: - description: Status of the condition, one of True, False, Unknown. - type: string - type: - description: Type of condition. - type: string - observedGeneration: - description: ObservedGeneration is the 'Generation' of the Service that was last processed by the controller. - type: integer - format: int64 - sinkUri: - description: SinkURI is the current active sink URI that has been configured for the Source. - type: string - additionalPrinterColumns: - - name: Sink - type: string - jsonPath: ".status.sinkUri" - - name: Age - type: date - jsonPath: .metadata.creationTimestamp - - name: Ready - type: string - jsonPath: ".status.conditions[?(@.type=='Ready')].status" - - name: Reason - type: string - jsonPath: ".status.conditions[?(@.type=='Ready')].reason" - names: - categories: - - all - - knative - - sources - - bindings - kind: SinkBinding - plural: sinkbindings - singular: sinkbinding - scope: Namespaced - ---- -# Copyright 2020 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - name: subscriptions.messaging.knative.dev - labels: - eventing.knative.dev/release: "v1.8.5" - knative.dev/crd-install: "true" - app.kubernetes.io/version: "1.8.5" - app.kubernetes.io/name: knative-eventing -spec: - group: messaging.knative.dev - versions: - - name: v1 - served: true - storage: true - subresources: - status: {} - schema: - openAPIV3Schema: - description: 'Subscription routes events received on a Channel to a DNS name and corresponds to the subscriptions.channels.knative.dev CRD.' - type: object - properties: - spec: - type: object - properties: - channel: - description: 'Reference to a channel that will be used to create the subscription. You can specify only the following fields of the KReference: kind, apiVersion and name. The resource pointed by this KReference must meet the contract to the ChannelableSpec duck type. If the resource does not meet this contract it will be reflected in the Subscription''s status. This field is immutable. We have no good answer on what happens to the events that are currently in the channel being consumed from and what the semantics there should be. For now, you can always delete the Subscription and recreate it to point to a different channel, giving the user more control over what semantics should be used (drain the channel first, possibly have events dropped, etc.)' - type: object - properties: - apiVersion: - description: API version of the referent. - type: string - kind: - description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - x-kubernetes-preserve-unknown-fields: true # This is necessary to enable the experimental feature - delivery: - description: Delivery configuration - type: object - properties: - backoffDelay: - description: 'BackoffDelay is the delay before retrying. More information on Duration format: - https://www.iso.org/iso-8601-date-and-time-format.html - https://en.wikipedia.org/wiki/ISO_8601 For linear policy, backoff delay is backoffDelay*. For exponential policy, backoff delay is backoffDelay*2^.' - type: string - backoffPolicy: - description: BackoffPolicy is the retry backoff policy (linear, exponential). - type: string - deadLetterSink: - description: DeadLetterSink is the sink receiving event that could not be sent to a destination. - type: object - properties: - ref: - description: Ref points to an Addressable. - type: object - properties: - apiVersion: - description: API version of the referent. - type: string - kind: - description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - namespace: - description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ This is optional field, it gets defaulted to the object holding it if left out.' - type: string - uri: - description: URI can be an absolute URL(non-empty scheme and non-empty host) pointing to the target or a relative URI. Relative URIs will be resolved using the base URI retrieved from Ref. - type: string - retry: - description: Retry is the minimum number of retries the sender should attempt when sending an event before moving it to the dead letter sink. - type: integer - format: int32 - x-kubernetes-preserve-unknown-fields: true # This is necessary to enable the experimental feature delivery-timeout - reply: - description: Reply specifies (optionally) how to handle events returned from the Subscriber target. - type: object - properties: - ref: - description: Ref points to an Addressable. - type: object - properties: - apiVersion: - description: API version of the referent. - type: string - kind: - description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - namespace: - description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ This is optional field, it gets defaulted to the object holding it if left out.' - type: string - uri: - description: URI can be an absolute URL(non-empty scheme and non-empty host) pointing to the target or a relative URI. Relative URIs will be resolved using the base URI retrieved from Ref. - type: string - subscriber: - description: Subscriber is reference to (optional) function for processing events. Events from the Channel will be delivered here and replies are sent to a Destination as specified by the Reply. - type: object - properties: - ref: - description: Ref points to an Addressable. - type: object - properties: - apiVersion: - description: API version of the referent. - type: string - kind: - description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - namespace: - description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ This is optional field, it gets defaulted to the object holding it if left out.' - type: string - x-kubernetes-preserve-unknown-fields: true # This is necessary to enable the experimental feature - uri: - description: URI can be an absolute URL(non-empty scheme and non-empty host) pointing to the target or a relative URI. Relative URIs will be resolved using the base URI retrieved from Ref. - type: string - status: - type: object - properties: - annotations: - description: Annotations is additional Status fields for the Resource to save some additional State as well as convey more information to the user. This is roughly akin to Annotations on any k8s resource, just the reconciler conveying richer information outwards. - type: object - x-kubernetes-preserve-unknown-fields: true - conditions: - description: Conditions the latest available observations of a resource's current state. - type: array - items: - type: object - required: - - type - - status - properties: - lastTransitionTime: - description: LastTransitionTime is the last time the condition transitioned from one status to another. We use VolatileTime in place of metav1.Time to exclude this from creating equality.Semantic differences (all other things held constant). - type: string - message: - description: A human readable message indicating details about the transition. - type: string - reason: - description: The reason for the condition's last transition. - type: string - severity: - description: Severity with which to treat failures of this type of condition. When this is not specified, it defaults to Error. - type: string - status: - description: Status of the condition, one of True, False, Unknown. - type: string - type: - description: Type of condition. - type: string - observedGeneration: - description: ObservedGeneration is the 'Generation' of the Service that was last processed by the controller. - type: integer - format: int64 - physicalSubscription: - description: PhysicalSubscription is the fully resolved values that this Subscription represents. - type: object - properties: - deadLetterSinkUri: - description: ReplyURI is the fully resolved URI for the spec.delivery.deadLetterSink. - type: string - replyUri: - description: ReplyURI is the fully resolved URI for the spec.reply. - type: string - subscriberUri: - description: SubscriberURI is the fully resolved URI for spec.subscriber. - type: string - additionalPrinterColumns: - - name: Age - type: date - jsonPath: .metadata.creationTimestamp - - name: Ready - type: string - jsonPath: ".status.conditions[?(@.type==\"Ready\")].status" - - name: Reason - type: string - jsonPath: ".status.conditions[?(@.type==\"Ready\")].reason" - names: - kind: Subscription - plural: subscriptions - singular: subscription - categories: - - all - - knative - - messaging - shortNames: - - sub - scope: Namespaced - ---- -# Copyright 2020 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - name: triggers.eventing.knative.dev - labels: - eventing.knative.dev/release: "v1.8.5" - knative.dev/crd-install: "true" - app.kubernetes.io/version: "1.8.5" - app.kubernetes.io/name: knative-eventing -spec: - group: eventing.knative.dev - versions: - - name: v1 - served: true - storage: true - subresources: - status: {} - additionalPrinterColumns: - - name: Broker - type: string - jsonPath: .spec.broker - - name: Subscriber_URI - type: string - jsonPath: .status.subscriberUri - - name: Age - type: date - jsonPath: .metadata.creationTimestamp - - name: Ready - type: string - jsonPath: ".status.conditions[?(@.type==\"Ready\")].status" - - name: Reason - type: string - jsonPath: ".status.conditions[?(@.type==\"Ready\")].reason" - schema: - openAPIV3Schema: - description: 'Trigger represents a request to have events delivered to a subscriber from a Broker''s event pool.' - type: object - properties: - spec: - description: Spec defines the desired state of the Trigger. - type: object - x-kubernetes-preserve-unknown-fields: true - properties: - broker: - description: Broker is the broker that this trigger receives events from. - type: string - delivery: - description: Delivery contains the delivery spec for this specific trigger. - type: object - x-kubernetes-preserve-unknown-fields: true # This is necessary to enable the experimental feature delivery-timeout - properties: - backoffDelay: - description: 'BackoffDelay is the delay before retrying. More information on Duration format: - https://www.iso.org/iso-8601-date-and-time-format.html - https://en.wikipedia.org/wiki/ISO_8601 For linear policy, backoff delay is backoffDelay*. For exponential policy, backoff delay is backoffDelay*2^.' - type: string - backoffPolicy: - description: BackoffPolicy is the retry backoff policy (linear, exponential). - type: string - deadLetterSink: - description: DeadLetterSink is the sink receiving event that could not be sent to a destination. - type: object - properties: - ref: - description: Ref points to an Addressable. - type: object - properties: - apiVersion: - description: API version of the referent. - type: string - kind: - description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - namespace: - description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ This is optional field, it gets defaulted to the object holding it if left out.' - type: string - uri: - description: URI can be an absolute URL(non-empty scheme and non-empty host) pointing to the target or a relative URI. Relative URIs will be resolved using the base URI retrieved from Ref. - type: string - retry: - description: Retry is the minimum number of retries the sender should attempt when sending an event before moving it to the dead letter sink. - type: integer - format: int32 - filter: - description: 'Filter is the filter to apply against all events from the Broker. Only events that pass this filter will be sent to the Subscriber. If not specified, will default to allowing all events. ' - type: object - properties: - attributes: - description: 'Attributes filters events by exact match on event context attributes. Each key in the map is compared with the equivalent key in the event context. An event passes the filter if all values are equal to the specified values. Nested context attributes are not supported as keys. Only string values are supported. ' - type: object - x-kubernetes-preserve-unknown-fields: true - subscriber: - description: Subscriber is the addressable that receives events from the Broker that pass the Filter. It is required. - type: object - properties: - ref: - description: Ref points to an Addressable. - type: object - properties: - apiVersion: - description: API version of the referent. - type: string - kind: - description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - namespace: - description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ This is optional field, it gets defaulted to the object holding it if left out.' - type: string - uri: - description: URI can be an absolute URL(non-empty scheme and non-empty host) pointing to the target or a relative URI. Relative URIs will be resolved using the base URI retrieved from Ref. - type: string - status: - description: Status represents the current state of the Trigger. This data may be out of date. - type: object - properties: - annotations: - description: Annotations is additional Status fields for the Resource to save some additional State as well as convey more information to the user. This is roughly akin to Annotations on any k8s resource, just the reconciler conveying richer information outwards. - type: object - x-kubernetes-preserve-unknown-fields: true - conditions: - description: Conditions the latest available observations of a resource's current state. - type: array - items: - type: object - required: - - type - - status - properties: - lastTransitionTime: - description: 'LastTransitionTime is the last time the condition transitioned from one status to another. We use VolatileTime in place of metav1.Time to exclude this from creating equality.Semantic differences (all other things held constant).' - type: string - message: - description: 'A human readable message indicating details about the transition.' - type: string - reason: - description: 'The reason for the condition''s last transition.' - type: string - severity: - description: 'Severity with which to treat failures of this type of condition. When this is not specified, it defaults to Error.' - type: string - status: - description: 'Status of the condition, one of True, False, Unknown.' - type: string - type: - description: 'Type of condition.' - type: string - deadLetterSinkUri: - description: DeadLetterSinkURI is the resolved URI of the dead letter sink for this Trigger, in case there is none this will fallback to it's Broker status DeadLetterSinkURI. - type: string - observedGeneration: - description: ObservedGeneration is the 'Generation' of the Service that was last processed by the controller. - type: integer - format: int64 - subscriberUri: - description: SubscriberURI is the resolved URI of the receiver for this Trigger. - type: string - names: - kind: Trigger - plural: triggers - singular: trigger - categories: - - all - - knative - - eventing - scope: Namespaced - ---- diff --git a/cmd/operator/kodata/knative-eventing/1.8.5/2-eventing-core.yaml b/cmd/operator/kodata/knative-eventing/1.8.5/2-eventing-core.yaml deleted file mode 100644 index c533e8278a..0000000000 --- a/cmd/operator/kodata/knative-eventing/1.8.5/2-eventing-core.yaml +++ /dev/null @@ -1,4640 +0,0 @@ -# Copyright 2018 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -apiVersion: v1 -kind: Namespace -metadata: - name: knative-eventing - labels: - eventing.knative.dev/release: "v1.8.5" - app.kubernetes.io/version: "1.8.5" - app.kubernetes.io/name: knative-eventing - ---- -# Copyright 2018 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: v1 -kind: ServiceAccount -metadata: - name: eventing-controller - namespace: knative-eventing - labels: - eventing.knative.dev/release: "v1.8.5" - app.kubernetes.io/version: "1.8.5" - app.kubernetes.io/name: knative-eventing ---- -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRoleBinding -metadata: - name: eventing-controller - labels: - eventing.knative.dev/release: "v1.8.5" - app.kubernetes.io/version: "1.8.5" - app.kubernetes.io/name: knative-eventing -subjects: - - kind: ServiceAccount - name: eventing-controller - namespace: knative-eventing -roleRef: - kind: ClusterRole - name: knative-eventing-controller - apiGroup: rbac.authorization.k8s.io ---- -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRoleBinding -metadata: - name: eventing-controller-resolver - labels: - eventing.knative.dev/release: "v1.8.5" - app.kubernetes.io/version: "1.8.5" - app.kubernetes.io/name: knative-eventing -subjects: - - kind: ServiceAccount - name: eventing-controller - namespace: knative-eventing -roleRef: - kind: ClusterRole - name: addressable-resolver - apiGroup: rbac.authorization.k8s.io ---- -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRoleBinding -metadata: - name: eventing-controller-source-observer - labels: - eventing.knative.dev/release: "v1.8.5" - app.kubernetes.io/version: "1.8.5" - app.kubernetes.io/name: knative-eventing -subjects: - - kind: ServiceAccount - name: eventing-controller - namespace: knative-eventing -roleRef: - kind: ClusterRole - name: source-observer - apiGroup: rbac.authorization.k8s.io ---- -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRoleBinding -metadata: - name: eventing-controller-sources-controller - labels: - eventing.knative.dev/release: "v1.8.5" - app.kubernetes.io/version: "1.8.5" - app.kubernetes.io/name: knative-eventing -subjects: - - kind: ServiceAccount - name: eventing-controller - namespace: knative-eventing -roleRef: - kind: ClusterRole - name: knative-eventing-sources-controller - apiGroup: rbac.authorization.k8s.io ---- -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRoleBinding -metadata: - name: eventing-controller-manipulator - labels: - eventing.knative.dev/release: "v1.8.5" - app.kubernetes.io/version: "1.8.5" - app.kubernetes.io/name: knative-eventing -subjects: - - kind: ServiceAccount - name: eventing-controller - namespace: knative-eventing -roleRef: - kind: ClusterRole - name: channelable-manipulator - apiGroup: rbac.authorization.k8s.io - ---- -# Copyright 2020 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: v1 -kind: ServiceAccount -metadata: - name: pingsource-mt-adapter - namespace: knative-eventing - labels: - eventing.knative.dev/release: "v1.8.5" - app.kubernetes.io/version: "1.8.5" - app.kubernetes.io/name: knative-eventing ---- -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRoleBinding -metadata: - name: knative-eventing-pingsource-mt-adapter - labels: - eventing.knative.dev/release: "v1.8.5" - app.kubernetes.io/version: "1.8.5" - app.kubernetes.io/name: knative-eventing -subjects: - - kind: ServiceAccount - name: pingsource-mt-adapter - namespace: knative-eventing -roleRef: - kind: ClusterRole - name: knative-eventing-pingsource-mt-adapter - apiGroup: rbac.authorization.k8s.io - ---- -# Copyright 2018 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: v1 -kind: ServiceAccount -metadata: - name: eventing-webhook - namespace: knative-eventing - labels: - eventing.knative.dev/release: "v1.8.5" - app.kubernetes.io/version: "1.8.5" - app.kubernetes.io/name: knative-eventing ---- -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRoleBinding -metadata: - name: eventing-webhook - labels: - eventing.knative.dev/release: "v1.8.5" - app.kubernetes.io/version: "1.8.5" - app.kubernetes.io/name: knative-eventing -subjects: - - kind: ServiceAccount - name: eventing-webhook - namespace: knative-eventing -roleRef: - kind: ClusterRole - name: knative-eventing-webhook - apiGroup: rbac.authorization.k8s.io ---- -apiVersion: rbac.authorization.k8s.io/v1 -kind: RoleBinding -metadata: - namespace: knative-eventing - name: eventing-webhook - labels: - eventing.knative.dev/release: "v1.8.5" - app.kubernetes.io/version: "1.8.5" - app.kubernetes.io/name: knative-eventing -subjects: - - kind: ServiceAccount - name: eventing-webhook - namespace: knative-eventing -roleRef: - kind: Role - name: knative-eventing-webhook - apiGroup: rbac.authorization.k8s.io ---- -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRoleBinding -metadata: - name: eventing-webhook-resolver - labels: - eventing.knative.dev/release: "v1.8.5" - app.kubernetes.io/version: "1.8.5" - app.kubernetes.io/name: knative-eventing -subjects: - - kind: ServiceAccount - name: eventing-webhook - namespace: knative-eventing -roleRef: - kind: ClusterRole - name: addressable-resolver - apiGroup: rbac.authorization.k8s.io ---- -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRoleBinding -metadata: - name: eventing-webhook-podspecable-binding - labels: - eventing.knative.dev/release: "v1.8.5" - app.kubernetes.io/version: "1.8.5" - app.kubernetes.io/name: knative-eventing -subjects: - - kind: ServiceAccount - name: eventing-webhook - namespace: knative-eventing -roleRef: - kind: ClusterRole - name: podspecable-binding - apiGroup: rbac.authorization.k8s.io - ---- -# Copyright 2020 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: v1 -kind: ConfigMap -metadata: - name: config-br-default-channel - namespace: knative-eventing - labels: - eventing.knative.dev/release: "v1.8.5" - app.kubernetes.io/version: "1.8.5" - app.kubernetes.io/name: knative-eventing -data: - channel-template-spec: | - apiVersion: messaging.knative.dev/v1 - kind: InMemoryChannel - ---- -# Copyright 2021 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: v1 -kind: ConfigMap -metadata: - name: config-br-defaults - namespace: knative-eventing - labels: - eventing.knative.dev/release: "v1.8.5" - app.kubernetes.io/version: "1.8.5" - app.kubernetes.io/name: knative-eventing -data: - # Configures the default for any Broker that does not specify a spec.config or Broker class. - default-br-config: | - clusterDefault: - brokerClass: MTChannelBasedBroker - apiVersion: v1 - kind: ConfigMap - name: config-br-default-channel - namespace: knative-eventing - delivery: - retry: 10 - backoffPolicy: exponential - backoffDelay: PT0.2S - ---- -# Copyright 2018 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: v1 -kind: ConfigMap -metadata: - name: default-ch-webhook - namespace: knative-eventing - labels: - eventing.knative.dev/release: "v1.8.5" - app.kubernetes.io/version: "1.8.5" - app.kubernetes.io/name: knative-eventing -data: - # Configuration for defaulting channels that do not specify CRD implementations. - default-ch-config: | - clusterDefault: - apiVersion: messaging.knative.dev/v1 - kind: InMemoryChannel - namespaceDefaults: - some-namespace: - apiVersion: messaging.knative.dev/v1 - kind: InMemoryChannel - ---- -# Copyright 2020 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: v1 -kind: ConfigMap -metadata: - name: config-ping-defaults - namespace: knative-eventing - labels: - eventing.knative.dev/release: "v1.8.5" - annotations: - knative.dev/example-checksum: "9185c153" - app.kubernetes.io/version: "1.8.5" - app.kubernetes.io/name: knative-eventing -data: - _example: | - ################################ - # # - # EXAMPLE CONFIGURATION # - # # - ################################ - - # This block is not actually functional configuration, - # but serves to illustrate the available configuration - # options and document them in a way that is accessible - # to users that `kubectl edit` this config map. - # - # These sample configuration options may be copied out of - # this example block and unindented to be in the data block - # to actually change the configuration. - - # Max number of bytes allowed to be sent for message excluding any - # base64 decoding. Default is no limit set for data - data-max-size: -1 - ---- -# Copyright 2021 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: v1 -kind: ConfigMap -metadata: - name: config-features - namespace: knative-eventing - labels: - eventing.knative.dev/release: "v1.8.5" - knative.dev/config-propagation: original - knative.dev/config-category: eventing - app.kubernetes.io/version: "1.8.5" - app.kubernetes.io/name: knative-eventing -data: - # ALPHA feature: The kreference-group allows you to use the Group field in KReferences. - # For more details: https://github.com/knative/eventing/issues/5086 - kreference-group: "disabled" - # ALPHA feature: The delivery-retryafter allows you to use the RetryAfter field in DeliverySpec. - # For more details: https://github.com/knative/eventing/issues/5811 - delivery-retryafter: "disabled" - # BETA feature: The delivery-timeout allows you to use the Timeout field in DeliverySpec. - # For more details: https://github.com/knative/eventing/issues/5148 - delivery-timeout: "enabled" - # ALPHA feature: The kreference-mapping allows you to map kreference onto templated URI - # For more details: https://github.com/knative/eventing/issues/5593 - kreference-mapping: "disabled" - # BETA feature: The subscriber-strict flag force subscriptions to define a subscriber - # For more details: https://github.com/knative/eventing/issues/5756 - strict-subscriber: "enabled" - # ALPHA feature: The new-trigger-filters flag allows you to use the new `filters` field - # in Trigger objects with its rich filtering capabilities. - # For more details: https://github.com/knative/eventing/issues/5204 - new-trigger-filters: "disabled" - ---- -# Copyright 2021 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: v1 -kind: ConfigMap -metadata: - name: config-kreference-mapping - namespace: knative-eventing - labels: - eventing.knative.dev/release: "v1.8.5" - knative.dev/config-propagation: original - knative.dev/config-category: eventing - annotations: - knative.dev/example-checksum: "7375dbe1" -data: - _example: | - ################################ - # # - # EXAMPLE CONFIGURATION # - # # - ################################ - - # This block is not actually functional configuration, - # but serves to illustrate the available configuration - # options and document them in a way that is accessible - # to users that `kubectl edit` this config map. - - # this is an example of mapping from pod to addressable-pod service - # the data key must be of the form "kind.version.group" - # the data value must be a valid URL. Valid template data are: - # - Name: reference name - # - Namespace: reference namespace - # - SystemNamespace: knative namespace - # - UID: reference UID - # - # Pod.v1: https://addressable-pod.{{ .SystemNamespace }}.svc.cluster.local/{{ .Name }} - ---- -# Copyright 2018 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: v1 -kind: ConfigMap -metadata: - name: config-leader-election - namespace: knative-eventing - labels: - eventing.knative.dev/release: "v1.8.5" - app.kubernetes.io/version: "1.8.5" - app.kubernetes.io/name: knative-eventing - annotations: - knative.dev/example-checksum: "f7948630" -data: - _example: | - ################################ - # # - # EXAMPLE CONFIGURATION # - # # - ################################ - - # This block is not actually functional configuration, - # but serves to illustrate the available configuration - # options and document them in a way that is accessible - # to users that `kubectl edit` this config map. - # - # These sample configuration options may be copied out of - # this example block and unindented to be in the data block - # to actually change the configuration. - - # lease-duration is how long non-leaders will wait to try to acquire the - # lock; 15 seconds is the value used by core kubernetes controllers. - lease-duration: "15s" - - # renew-deadline is how long a leader will try to renew the lease before - # giving up; 10 seconds is the value used by core kubernetes controllers. - renew-deadline: "10s" - - # retry-period is how long the leader election client waits between tries of - # actions; 2 seconds is the value used by core kubernetes controllers. - retry-period: "2s" - - # buckets is the number of buckets used to partition key space of each - # Reconciler. If this number is M and the replica number of the controller - # is N, the N replicas will compete for the M buckets. The owner of a - # bucket will take care of the reconciling for the keys partitioned into - # that bucket. - buckets: "1" - ---- -# Copyright 2018 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: v1 -kind: ConfigMap -metadata: - name: config-logging - namespace: knative-eventing - labels: - eventing.knative.dev/release: "v1.8.5" - knative.dev/config-propagation: original - knative.dev/config-category: eventing - app.kubernetes.io/version: "1.8.5" - app.kubernetes.io/name: knative-eventing -data: - # Common configuration for all Knative codebase - zap-logger-config: | - { - "level": "info", - "development": false, - "outputPaths": ["stdout"], - "errorOutputPaths": ["stderr"], - "encoding": "json", - "encoderConfig": { - "timeKey": "ts", - "levelKey": "level", - "nameKey": "logger", - "callerKey": "caller", - "messageKey": "msg", - "stacktraceKey": "stacktrace", - "lineEnding": "", - "levelEncoder": "", - "timeEncoder": "iso8601", - "durationEncoder": "", - "callerEncoder": "" - } - } - # Log level overrides - # For all components changes are be picked up immediately. - loglevel.controller: "info" - loglevel.webhook: "info" - ---- -# Copyright 2019 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: v1 -kind: ConfigMap -metadata: - name: config-observability - namespace: knative-eventing - labels: - eventing.knative.dev/release: "v1.8.5" - knative.dev/config-propagation: original - knative.dev/config-category: eventing - app.kubernetes.io/version: "1.8.5" - app.kubernetes.io/name: knative-eventing - annotations: - knative.dev/example-checksum: "f46cf09d" -data: - _example: | - ################################ - # # - # EXAMPLE CONFIGURATION # - # # - ################################ - - # This block is not actually functional configuration, - # but serves to illustrate the available configuration - # options and document them in a way that is accessible - # to users that `kubectl edit` this config map. - # - # These sample configuration options may be copied out of - # this example block and unindented to be in the data block - # to actually change the configuration. - - # metrics.backend-destination field specifies the system metrics destination. - # It supports either prometheus (the default) or stackdriver. - # Note: Using stackdriver will incur additional charges - metrics.backend-destination: prometheus - - # metrics.request-metrics-backend-destination specifies the request metrics - # destination. If non-empty, it enables queue proxy to send request metrics. - # Currently supported values: prometheus, stackdriver. - metrics.request-metrics-backend-destination: prometheus - - # metrics.stackdriver-project-id field specifies the stackdriver project ID. This - # field is optional. When running on GCE, application default credentials will be - # used if this field is not provided. - metrics.stackdriver-project-id: "" - - # metrics.allow-stackdriver-custom-metrics indicates whether it is allowed to send metrics to - # Stackdriver using "global" resource type and custom metric type if the - # metrics are not supported by "knative_broker", "knative_trigger", and "knative_source" resource types. - # Setting this flag to "true" could cause extra Stackdriver charge. - # If metrics.backend-destination is not Stackdriver, this is ignored. - metrics.allow-stackdriver-custom-metrics: "false" - - # profiling.enable indicates whether it is allowed to retrieve runtime profiling data from - # the pods via an HTTP server in the format expected by the pprof visualization tool. When - # enabled, the Knative Eventing pods expose the profiling data on an alternate HTTP port 8008. - # The HTTP context root for profiling is then /debug/pprof/. - profiling.enable: "false" - - # sink-event-error-reporting.enable whether the adapter reports a kube event to the CRD indicating - # a failure to send a cloud event to the sink. - sink-event-error-reporting.enable: "false" - ---- -# Copyright 2022 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: v1 -kind: ConfigMap -metadata: - name: config-sugar - namespace: knative-eventing - labels: - eventing.knative.dev/release: "v1.8.5" - app.kubernetes.io/version: "1.8.5" - app.kubernetes.io/name: knative-eventing - annotations: - knative.dev/example-checksum: "62dfac6f" -data: - _example: | - ################################ - # # - # EXAMPLE CONFIGURATION # - # # - ################################ - # This block is not actually functional configuration, - # but serves to illustrate the available configuration - # options and document them in a way that is accessible - # to users that `kubectl edit` this config map. - # - # These sample configuration options may be copied out of - # this example block and unindented to be in the data block - # to actually change the configuration. - - # namespace-selector specifies a LabelSelector which - # determines which namespaces the Sugar Controller should operate upon - # Use an empty value to disable the feature (this is the default): - namespace-selector: "" - - # Use an empty object as a string to enable for all namespaces - namespace-selector: "{}" - - # trigger-selector specifies a LabelSelector which - # determines which triggers the Sugar Controller should operate upon - # Use an empty value to disable the feature (this is the default): - trigger-selector: "" - - # Use an empty object as string to enable for all triggers - trigger-selector: "{}" - ---- -# Copyright 2019 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: v1 -kind: ConfigMap -metadata: - name: config-tracing - namespace: knative-eventing - labels: - eventing.knative.dev/release: "v1.8.5" - knative.dev/config-propagation: original - knative.dev/config-category: eventing - app.kubernetes.io/version: "1.8.5" - app.kubernetes.io/name: knative-eventing - annotations: - knative.dev/example-checksum: "0492ceb0" -data: - _example: | - ################################ - # # - # EXAMPLE CONFIGURATION # - # # - ################################ - # This block is not actually functional configuration, - # but serves to illustrate the available configuration - # options and document them in a way that is accessible - # to users that `kubectl edit` this config map. - # - # These sample configuration options may be copied out of - # this example block and unindented to be in the data block - # to actually change the configuration. - # - # This may be "zipkin" or "none". the default is "none" - backend: "none" - - # URL to zipkin collector where traces are sent. - # This must be specified when backend is "zipkin" - zipkin-endpoint: "http://zipkin.istio-system.svc.cluster.local:9411/api/v2/spans" - - # Enable zipkin debug mode. This allows all spans to be sent to the server - # bypassing sampling. - debug: "false" - - # Percentage (0-1) of requests to trace - sample-rate: "0.1" - ---- -# Copyright 2018 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: apps/v1 -kind: Deployment -metadata: - name: eventing-controller - namespace: knative-eventing - labels: - eventing.knative.dev/release: "v1.8.5" - knative.dev/high-availability: "true" - app.kubernetes.io/component: eventing-controller - app.kubernetes.io/version: "1.8.5" - app.kubernetes.io/name: knative-eventing -spec: - selector: - matchLabels: - app: eventing-controller - template: - metadata: - labels: - app: eventing-controller - eventing.knative.dev/release: "v1.8.5" - app.kubernetes.io/component: eventing-controller - app.kubernetes.io/version: "1.8.5" - app.kubernetes.io/name: knative-eventing - spec: - # To avoid node becoming SPOF, spread our replicas to different nodes. - affinity: - podAntiAffinity: - preferredDuringSchedulingIgnoredDuringExecution: - - podAffinityTerm: - labelSelector: - matchLabels: - app: eventing-controller - topologyKey: kubernetes.io/hostname - weight: 100 - serviceAccountName: eventing-controller - enableServiceLinks: false - containers: - - name: eventing-controller - terminationMessagePolicy: FallbackToLogsOnError - image: gcr.io/knative-releases/knative.dev/eventing/cmd/controller@sha256:a7acb44c2b9a9604c3acb62f7b7f8bb235e3c4e6d366a5cb3dc029210351a01b - resources: - requests: - cpu: 100m - memory: 100Mi - env: - - name: SYSTEM_NAMESPACE - valueFrom: - fieldRef: - fieldPath: metadata.namespace - - name: CONFIG_LOGGING_NAME - value: config-logging - - name: CONFIG_OBSERVABILITY_NAME - value: config-observability - - name: METRICS_DOMAIN - value: knative.dev/eventing - # APIServerSource - - name: APISERVER_RA_IMAGE - value: gcr.io/knative-releases/knative.dev/eventing/cmd/apiserver_receive_adapter@sha256:ae928262a20121925967c5b9e1f5c25f7324aeb0c18557cda2d50c740c5a8e18 - - name: POD_NAME - valueFrom: - fieldRef: - fieldPath: metadata.name - ## Adapter settings - # - name: K_LOGGING_CONFIG - # value: '' - # - name: K_LEADER_ELECTION_CONFIG - # value: '' - # - name: K_NO_SHUTDOWN_AFTER - # value: '' - ## Time in seconds the adapter will wait for the sink to respond. Default is no timeout - # - name: K_SINK_TIMEOUT - # value: '' - securityContext: - allowPrivilegeEscalation: false - readOnlyRootFilesystem: true - runAsNonRoot: true - capabilities: - drop: - - ALL - seccompProfile: - type: RuntimeDefault - livenessProbe: - httpGet: - path: /health - port: probes - scheme: HTTP - initialDelaySeconds: 20 - periodSeconds: 10 - timeoutSeconds: 5 - readinessProbe: - httpGet: - path: /readiness - port: probes - scheme: HTTP - initialDelaySeconds: 20 - periodSeconds: 10 - timeoutSeconds: 5 - ports: - - name: metrics - containerPort: 9090 - - name: profiling - containerPort: 8008 - - name: probes - containerPort: 8080 - ---- -# Copyright 2018 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: apps/v1 -kind: Deployment -metadata: - name: pingsource-mt-adapter - namespace: knative-eventing - labels: - eventing.knative.dev/release: "v1.8.5" - app.kubernetes.io/component: pingsource-mt-adapter - app.kubernetes.io/version: "1.8.5" - app.kubernetes.io/name: knative-eventing -spec: - # when set to 0 (and only 0) will be set to 1 when the first PingSource is created. - replicas: 0 - selector: - matchLabels: &labels - eventing.knative.dev/source: ping-source-controller - sources.knative.dev/role: adapter - template: - metadata: - labels: - !!merge <<: *labels - eventing.knative.dev/release: "v1.8.5" - app.kubernetes.io/component: pingsource-mt-adapter - app.kubernetes.io/version: "1.8.5" - app.kubernetes.io/name: knative-eventing - spec: - affinity: - podAntiAffinity: - preferredDuringSchedulingIgnoredDuringExecution: - - podAffinityTerm: - labelSelector: - matchLabels: *labels - topologyKey: kubernetes.io/hostname - weight: 100 - enableServiceLinks: false - containers: - - name: dispatcher - image: gcr.io/knative-releases/knative.dev/eventing/cmd/mtping@sha256:aa4524d8d7bea50866d311bab4ce69a201e0f27c856eccf29f7573b734e08537 - env: - - name: SYSTEM_NAMESPACE - value: '' - valueFrom: - fieldRef: - apiVersion: v1 - fieldPath: metadata.namespace - - name: NAMESPACE - value: '' - valueFrom: - fieldRef: - apiVersion: v1 - fieldPath: metadata.namespace - # DO NOT MODIFY: The values below are being filled by the ping source controller - # See 500-controller.yaml - - name: K_METRICS_CONFIG - value: '' - - name: K_LOGGING_CONFIG - value: '' - - name: K_LEADER_ELECTION_CONFIG - value: '' - - name: K_NO_SHUTDOWN_AFTER - value: '' - - name: K_SINK_TIMEOUT - value: '-1' - - name: POD_NAME - valueFrom: - fieldRef: - fieldPath: metadata.name - ports: - - containerPort: 9090 - name: metrics - protocol: TCP - resources: - requests: - cpu: 125m - memory: 64Mi - limits: - cpu: 1000m - memory: 2048Mi - securityContext: - allowPrivilegeEscalation: false - readOnlyRootFilesystem: true - runAsNonRoot: true - capabilities: - drop: - - ALL - seccompProfile: - type: RuntimeDefault - serviceAccountName: pingsource-mt-adapter - ---- -# Copyright 2021 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: autoscaling/v2 -kind: HorizontalPodAutoscaler -metadata: - name: eventing-webhook - namespace: knative-eventing - labels: - eventing.knative.dev/release: "v1.8.5" - app.kubernetes.io/component: eventing-webhook - app.kubernetes.io/version: "1.8.5" - app.kubernetes.io/name: knative-eventing -spec: - scaleTargetRef: - apiVersion: apps/v1 - kind: Deployment - name: eventing-webhook - minReplicas: 1 - maxReplicas: 5 - metrics: - - type: Resource - resource: - name: cpu - target: - type: Utilization - averageUtilization: 100 ---- -# Webhook PDB. -apiVersion: policy/v1 -kind: PodDisruptionBudget -metadata: - name: eventing-webhook - namespace: knative-eventing - labels: - eventing.knative.dev/release: "v1.8.5" - app.kubernetes.io/component: eventing-webhook - app.kubernetes.io/version: "1.8.5" - app.kubernetes.io/name: knative-eventing -spec: - minAvailable: 80% - selector: - matchLabels: - app: eventing-webhook - ---- -# Copyright 2018 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: apps/v1 -kind: Deployment -metadata: - name: eventing-webhook - namespace: knative-eventing - labels: - eventing.knative.dev/release: "v1.8.5" - app.kubernetes.io/component: eventing-webhook - app.kubernetes.io/version: "1.8.5" - app.kubernetes.io/name: knative-eventing -spec: - selector: - matchLabels: &labels - app: eventing-webhook - role: eventing-webhook - template: - metadata: - labels: - !!merge <<: *labels - eventing.knative.dev/release: "v1.8.5" - app.kubernetes.io/component: eventing-webhook - app.kubernetes.io/version: "1.8.5" - app.kubernetes.io/name: knative-eventing - spec: - # To avoid node becoming SPOF, spread our replicas to different nodes. - affinity: - podAntiAffinity: - preferredDuringSchedulingIgnoredDuringExecution: - - podAffinityTerm: - labelSelector: - matchLabels: - app: eventing-webhook - topologyKey: kubernetes.io/hostname - weight: 100 - serviceAccountName: eventing-webhook - enableServiceLinks: false - containers: - - name: eventing-webhook - terminationMessagePolicy: FallbackToLogsOnError - # This is the Go import path for the binary that is containerized - # and substituted here. - image: gcr.io/knative-releases/knative.dev/eventing/cmd/webhook@sha256:cfca809cd804ac18ba36d5c36c828fdf21110f1a383e4d6784db55820cea98af - resources: - requests: - # taken from serving. - cpu: 100m - memory: 50Mi - limits: - # taken from serving. - cpu: 200m - memory: 200Mi - env: - - name: SYSTEM_NAMESPACE - valueFrom: - fieldRef: - fieldPath: metadata.namespace - - name: CONFIG_LOGGING_NAME - value: config-logging - - name: METRICS_DOMAIN - value: knative.dev/eventing - - name: WEBHOOK_NAME - value: eventing-webhook - - name: WEBHOOK_PORT - value: "8443" - # SINK_BINDING_SELECTION_MODE specifies the NamespaceSelector and ObjectSelector - # for the sinkbinding webhook. - # If `inclusion` is selected, namespaces/objects labelled as `bindings.knative.dev/include:true` - # will be considered by the sinkbinding webhook; - # If `exclusion` is selected, namespaces/objects labelled as `bindings.knative.dev/exclude:true` - # will NOT be considered by the sinkbinding webhook. - # The default is `exclusion`. - - name: SINK_BINDING_SELECTION_MODE - value: "exclusion" - - name: POD_NAME - valueFrom: - fieldRef: - fieldPath: metadata.name - securityContext: - allowPrivilegeEscalation: false - readOnlyRootFilesystem: true - runAsNonRoot: true - capabilities: - drop: - - ALL - seccompProfile: - type: RuntimeDefault - ports: - - name: https-webhook - containerPort: 8443 - - name: metrics - containerPort: 9090 - - name: profiling - containerPort: 8008 - readinessProbe: &probe - periodSeconds: 1 - httpGet: - scheme: HTTPS - port: 8443 - httpHeaders: - - name: k-kubelet-probe - value: "webhook" - livenessProbe: - !!merge <<: *probe - initialDelaySeconds: 120 - # Our webhook should gracefully terminate by lame ducking first, set this to a sufficiently - # high value that we respect whatever value it has configured for the lame duck grace period. - terminationGracePeriodSeconds: 300 ---- -apiVersion: v1 -kind: Service -metadata: - labels: - eventing.knative.dev/release: "v1.8.5" - role: eventing-webhook - app.kubernetes.io/component: eventing-webhook - app.kubernetes.io/version: "1.8.5" - app.kubernetes.io/name: knative-eventing - name: eventing-webhook - namespace: knative-eventing -spec: - ports: - - name: https-webhook - port: 443 - targetPort: 8443 - selector: - role: eventing-webhook - ---- -# Copyright 2020 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - creationTimestamp: null - labels: - eventing.knative.dev/release: "v1.8.5" - eventing.knative.dev/source: "true" - duck.knative.dev/source: "true" - knative.dev/crd-install: "true" - app.kubernetes.io/version: "1.8.5" - app.kubernetes.io/name: knative-eventing - annotations: - # TODO add schemas and descriptions - registry.knative.dev/eventTypes: | - [ - { "type": "dev.knative.apiserver.resource.add" }, - { "type": "dev.knative.apiserver.resource.delete" }, - { "type": "dev.knative.apiserver.resource.update" }, - { "type": "dev.knative.apiserver.ref.add" }, - { "type": "dev.knative.apiserver.ref.delete" }, - { "type": "dev.knative.apiserver.ref.update" } - ] - name: apiserversources.sources.knative.dev -spec: - group: sources.knative.dev - versions: - - name: v1 - served: true - storage: true - subresources: - status: {} - schema: - openAPIV3Schema: - description: 'ApiServerSource is an event source that brings Kubernetes API server events into Knative.' - type: object - properties: - spec: - type: object - required: - - resources - properties: - ceOverrides: - description: CloudEventOverrides defines overrides to control the output format and modifications of the event sent to the sink. - type: object - properties: - extensions: - description: Extensions specify what attribute are added or overridden on the outbound event. Each `Extensions` key-value pair are set on the event as an attribute extension independently. - type: object - x-kubernetes-preserve-unknown-fields: true - mode: - description: EventMode controls the format of the event. `Reference` sends a dataref event type for the resource under watch. `Resource` send the full resource lifecycle event. Defaults to `Reference` - type: string - owner: - description: ResourceOwner is an additional filter to only track resources that are owned by a specific resource type. If ResourceOwner matches Resources[n] then Resources[n] is allowed to pass the ResourceOwner filter. - type: object - properties: - apiVersion: - description: APIVersion - the API version of the resource to watch. - type: string - kind: - description: 'Kind of the resource to watch. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - resources: - description: Resource are the resources this source will track and send related lifecycle events from the Kubernetes ApiServer, with an optional label selector to help filter. - type: array - items: - type: object - properties: - apiVersion: - description: APIVersion - the API version of the resource to watch. - type: string - kind: - description: 'Kind of the resource to watch. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - selector: - description: 'LabelSelector filters this source to objects to those resources pass the label selector. More info: http://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#label-selectors' - type: object - properties: - matchExpressions: - description: matchExpressions is a list of label selector requirements. The requirements are ANDed. - type: array - items: - type: object - properties: - key: - description: key is the label key that the selector applies to. - type: string - operator: - description: operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. - type: string - values: - description: values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. - type: array - items: - type: string - matchLabels: - description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. - type: object - x-kubernetes-preserve-unknown-fields: true - serviceAccountName: - description: ServiceAccountName is the name of the ServiceAccount to use to run this source. Defaults to default if not set. - type: string - sink: - description: Sink is a reference to an object that will resolve to a uri to use as the sink. - type: object - properties: - ref: - description: Ref points to an Addressable. - type: object - properties: - apiVersion: - description: API version of the referent. - type: string - kind: - description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - namespace: - description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ This is optional field, it gets defaulted to the object holding it if left out.' - type: string - uri: - description: URI can be an absolute URL(non-empty scheme and non-empty host) pointing to the target or a relative URI. Relative URIs will be resolved using the base URI retrieved from Ref. - type: string - status: - type: object - properties: - annotations: - description: Annotations is additional Status fields for the Resource to save some additional State as well as convey more information to the user. This is roughly akin to Annotations on any k8s resource, just the reconciler conveying richer information outwards. - type: object - x-kubernetes-preserve-unknown-fields: true - ceAttributes: - description: CloudEventAttributes are the specific attributes that the Source uses as part of its CloudEvents. - type: array - items: - type: object - properties: - source: - description: Source is the CloudEvents source attribute. - type: string - type: - description: Type refers to the CloudEvent type attribute. - type: string - conditions: - description: Conditions the latest available observations of a resource's current state. - type: array - items: - type: object - required: - - type - - status - properties: - lastTransitionTime: - description: LastTransitionTime is the last time the condition transitioned from one status to another. We use VolatileTime in place of metav1.Time to exclude this from creating equality.Semantic differences (all other things held constant). - type: string - message: - description: A human readable message indicating details about the transition. - type: string - reason: - description: The reason for the condition's last transition. - type: string - severity: - description: Severity with which to treat failures of this type of condition. When this is not specified, it defaults to Error. - type: string - status: - description: Status of the condition, one of True, False, Unknown. - type: string - type: - description: Type of condition. - type: string - observedGeneration: - description: ObservedGeneration is the 'Generation' of the Service that was last processed by the controller. - type: integer - format: int64 - sinkUri: - description: SinkURI is the current active sink URI that has been configured for the Source. - type: string - additionalPrinterColumns: - - name: Sink - type: string - jsonPath: ".status.sinkUri" - - name: Age - type: date - jsonPath: .metadata.creationTimestamp - - name: Ready - type: string - jsonPath: ".status.conditions[?(@.type==\"Ready\")].status" - - name: Reason - type: string - jsonPath: ".status.conditions[?(@.type==\"Ready\")].reason" - names: - categories: - - all - - knative - - sources - kind: ApiServerSource - plural: apiserversources - singular: apiserversource - scope: Namespaced - ---- -# Copyright 2020 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - name: brokers.eventing.knative.dev - labels: - eventing.knative.dev/release: "v1.8.5" - knative.dev/crd-install: "true" - duck.knative.dev/addressable: "true" - app.kubernetes.io/version: "1.8.5" - app.kubernetes.io/name: knative-eventing -spec: - group: eventing.knative.dev - versions: - - name: v1 - served: true - storage: true - subresources: - status: {} - schema: - openAPIV3Schema: - description: 'Broker collects a pool of events that are consumable using Triggers. Brokers provide a well-known endpoint for event delivery that senders can use with minimal knowledge of the event routing strategy. Subscribers use Triggers to request delivery of events from a Broker''s pool to a specific URL or Addressable endpoint.' - type: object - properties: - spec: - description: Spec defines the desired state of the Broker. - type: object - properties: - config: - description: Config is a KReference to the configuration that specifies configuration options for this Broker. For example, this could be a pointer to a ConfigMap. - type: object - properties: - apiVersion: - description: API version of the referent. - type: string - kind: - description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - namespace: - description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ This is optional field, it gets defaulted to the object holding it if left out.' - type: string - delivery: - description: Delivery contains the delivery spec for each trigger to this Broker. Each trigger delivery spec, if any, overrides this global delivery spec. - type: object - properties: - backoffDelay: - description: 'BackoffDelay is the delay before retrying. More information on Duration format: - https://www.iso.org/iso-8601-date-and-time-format.html - https://en.wikipedia.org/wiki/ISO_8601 For linear policy, backoff delay is backoffDelay*. For exponential policy, backoff delay is backoffDelay*2^.' - type: string - backoffPolicy: - description: BackoffPolicy is the retry backoff policy (linear, exponential). - type: string - deadLetterSink: - description: DeadLetterSink is the sink receiving event that could not be sent to a destination. - type: object - properties: - ref: - description: Ref points to an Addressable. - type: object - properties: - apiVersion: - description: API version of the referent. - type: string - kind: - description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - namespace: - description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ This is optional field, it gets defaulted to the object holding it if left out.' - type: string - uri: - description: URI can be an absolute URL(non-empty scheme and non-empty host) pointing to the target or a relative URI. Relative URIs will be resolved using the base URI retrieved from Ref. - type: string - retry: - description: Retry is the minimum number of retries the sender should attempt when sending an event before moving it to the dead letter sink. - type: integer - format: int32 - x-kubernetes-preserve-unknown-fields: true # This is necessary to enable the experimental feature delivery-timeout - status: - description: Status represents the current state of the Broker. This data may be out of date. - type: object - properties: - address: - description: Broker is Addressable. It exposes the endpoint as an URI to get events delivered into the Broker mesh. - type: object - properties: - url: - type: string - annotations: - description: Annotations is additional Status fields for the Resource to save some additional State as well as convey more information to the user. This is roughly akin to Annotations on any k8s resource, just the reconciler conveying richer information outwards. - type: object - x-kubernetes-preserve-unknown-fields: true - conditions: - description: Conditions the latest available observations of a resource's current state. - type: array - items: - type: object - required: - - type - - status - properties: - lastTransitionTime: - description: 'LastTransitionTime is the last time the condition transitioned from one status to another. We use VolatileTime in place of metav1.Time to exclude this from creating equality.Semantic differences (all other things held constant).' - type: string - message: - description: 'A human readable message indicating details about the transition.' - type: string - reason: - description: 'The reason for the condition''s last transition.' - type: string - severity: - description: 'Severity with which to treat failures of this type of condition. When this is not specified, it defaults to Error.' - type: string - status: - description: 'Status of the condition, one of True, False, Unknown.' - type: string - type: - description: 'Type of condition.' - type: string - deadLetterSinkUri: - description: DeadLetterSinkURI is the resolved URI of the dead letter sink that will be used as a fallback when not specified by Triggers. - type: string - observedGeneration: - description: ObservedGeneration is the 'Generation' of the Service that was last processed by the controller. - type: integer - format: int64 - additionalPrinterColumns: - - name: URL - type: string - jsonPath: .status.address.url - - name: Age - type: date - jsonPath: .metadata.creationTimestamp - - name: Ready - type: string - jsonPath: ".status.conditions[?(@.type==\"Ready\")].status" - - name: Reason - type: string - jsonPath: ".status.conditions[?(@.type==\"Ready\")].reason" - names: - kind: Broker - plural: brokers - singular: broker - categories: - - all - - knative - - eventing - scope: Namespaced - ---- -# Copyright 2020 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - name: channels.messaging.knative.dev - labels: - eventing.knative.dev/release: "v1.8.5" - knative.dev/crd-install: "true" - messaging.knative.dev/subscribable: "true" - duck.knative.dev/addressable: "true" - app.kubernetes.io/version: "1.8.5" - app.kubernetes.io/name: knative-eventing -spec: - group: messaging.knative.dev - versions: - - name: v1 - served: true - storage: true - subresources: - status: {} - additionalPrinterColumns: - - name: URL - type: string - jsonPath: .status.address.url - - name: Age - type: date - jsonPath: .metadata.creationTimestamp - - name: Ready - type: string - jsonPath: ".status.conditions[?(@.type==\"Ready\")].status" - - name: Reason - type: string - jsonPath: ".status.conditions[?(@.type==\"Ready\")].reason" - schema: - openAPIV3Schema: - description: 'Channel represents a generic Channel. It is normally used when we want a Channel, but do not need a specific Channel implementation.' - type: object - properties: - spec: - description: Spec defines the desired state of the Channel. - type: object - properties: - channelTemplate: - description: ChannelTemplate specifies which Channel CRD to use to create the CRD Channel backing this Channel. This is immutable after creation. Normally this is set by the Channel defaulter, not directly by the user. - type: object - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - spec: - description: Spec defines the Spec to use for each channel created. Passed in verbatim to the Channel CRD as Spec section. - type: object - x-kubernetes-preserve-unknown-fields: true - delivery: - description: DeliverySpec contains the default delivery spec for each subscription to this Channelable. Each subscription delivery spec, if any, overrides this global delivery spec. - type: object - properties: - backoffDelay: - description: 'BackoffDelay is the delay before retrying. More information on Duration format: - https://www.iso.org/iso-8601-date-and-time-format.html - https://en.wikipedia.org/wiki/ISO_8601 For linear policy, backoff delay is backoffDelay*. For exponential policy, backoff delay is backoffDelay*2^.' - type: string - backoffPolicy: - description: BackoffPolicy is the retry backoff policy (linear, exponential). - type: string - deadLetterSink: - description: DeadLetterSink is the sink receiving event that could not be sent to a destination. - type: object - properties: - ref: - description: Ref points to an Addressable. - type: object - properties: - apiVersion: - description: API version of the referent. - type: string - kind: - description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - namespace: - description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ This is optional field, it gets defaulted to the object holding it if left out.' - type: string - uri: - description: URI can be an absolute URL(non-empty scheme and non-empty host) pointing to the target or a relative URI. Relative URIs will be resolved using the base URI retrieved from Ref. - type: string - retry: - description: Retry is the minimum number of retries the sender should attempt when sending an event before moving it to the dead letter sink. - type: integer - format: int32 - x-kubernetes-preserve-unknown-fields: true # This is necessary to enable the experimental feature delivery-timeout - subscribers: - description: This is the list of subscriptions for this subscribable. - type: array - items: - type: object - properties: - delivery: - description: DeliverySpec contains options controlling the event delivery - type: object - properties: - backoffDelay: - description: 'BackoffDelay is the delay before retrying. More information on Duration format: - https://www.iso.org/iso-8601-date-and-time-format.html - https://en.wikipedia.org/wiki/ISO_8601 For linear policy, backoff delay is backoffDelay*. For exponential policy, backoff delay is backoffDelay*2^.' - type: string - backoffPolicy: - description: BackoffPolicy is the retry backoff policy (linear, exponential). - type: string - deadLetterSink: - description: DeadLetterSink is the sink receiving event that could not be sent to a destination. - type: object - properties: - ref: - description: Ref points to an Addressable. - type: object - properties: - apiVersion: - description: API version of the referent. - type: string - kind: - description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - namespace: - description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ This is optional field, it gets defaulted to the object holding it if left out.' - type: string - uri: - description: URI can be an absolute URL(non-empty scheme and non-empty host) pointing to the target or a relative URI. Relative URIs will be resolved using the base URI retrieved from Ref. - type: string - retry: - description: Retry is the minimum number of retries the sender should attempt when sending an event before moving it to the dead letter sink. - type: integer - format: int32 - x-kubernetes-preserve-unknown-fields: true # This is necessary to enable the experimental feature - generation: - description: Generation of the origin of the subscriber with uid:UID. - type: integer - format: int64 - replyUri: - description: ReplyURI is the endpoint for the reply - type: string - subscriberUri: - description: SubscriberURI is the endpoint for the subscriber - type: string - uid: - description: UID is used to understand the origin of the subscriber. - type: string - status: - description: Status represents the current state of the Channel. This data may be out of date. - type: object - properties: - address: - type: object - properties: - url: - type: string - annotations: - description: Annotations is additional Status fields for the Resource to save some additional State as well as convey more information to the user. This is roughly akin to Annotations on any k8s resource, just the reconciler conveying richer information outwards. - type: object - x-kubernetes-preserve-unknown-fields: true - channel: - description: Channel is an KReference to the Channel CRD backing this Channel. - type: object - properties: - apiVersion: - description: API version of the referent. - type: string - kind: - description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - namespace: - description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ This is optional field, it gets defaulted to the object holding it if left out.' - type: string - conditions: - description: Conditions the latest available observations of a resource's current state. - type: array - items: - type: object - required: - - type - - status - properties: - lastTransitionTime: - description: LastTransitionTime is the last time the condition transitioned from one status to another. We use VolatileTime in place of metav1.Time to exclude this from creating equality.Semantic differences (all other things held constant). - type: string - message: - description: A human readable message indicating details about the transition. - type: string - reason: - description: The reason for the condition's last transition. - type: string - severity: - description: Severity with which to treat failures of this type of condition. When this is not specified, it defaults to Error. - type: string - status: - description: Status of the condition, one of True, False, Unknown. - type: string - type: - description: Type of condition. - type: string - deadLetterChannel: - description: DeadLetterChannel is a KReference and is set by the channel when it supports native error handling via a channel Failed messages are delivered here. - type: object - properties: - apiVersion: - description: API version of the referent. - type: string - kind: - description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - namespace: - description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ This is optional field, it gets defaulted to the object holding it if left out.' - type: string - deadLetterSinkUri: - description: DeadLetterSinkURI is the resolved URI of the dead letter sink that will be used as a fallback when not specified by Triggers. - type: string - observedGeneration: - description: ObservedGeneration is the 'Generation' of the Service that was last processed by the controller. - type: integer - format: int64 - subscribers: - description: This is the list of subscription's statuses for this channel. - type: array - items: - type: object - properties: - message: - description: A human readable message indicating details of Ready status. - type: string - observedGeneration: - description: Generation of the origin of the subscriber with uid:UID. - type: integer - format: int64 - ready: - description: Status of the subscriber. - type: string - uid: - description: UID is used to understand the origin of the subscriber. - type: string - names: - kind: Channel - plural: channels - singular: channel - categories: - - all - - knative - - messaging - - channel - shortNames: - - ch - scope: Namespaced - ---- -# Copyright 2020 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - labels: - eventing.knative.dev/release: "v1.8.5" - eventing.knative.dev/source: "true" - duck.knative.dev/source: "true" - knative.dev/crd-install: "true" - app.kubernetes.io/version: "1.8.5" - app.kubernetes.io/name: knative-eventing - name: containersources.sources.knative.dev -spec: - group: sources.knative.dev - versions: - - name: v1 - served: true - storage: true - subresources: - status: {} - schema: - openAPIV3Schema: - description: 'ContainerSource is an event source that starts a container image which generates events under certain situations and sends messages to a sink URI' - type: object - properties: - spec: - type: object - properties: - ceOverrides: - description: CloudEventOverrides defines overrides to control the output format and modifications of the event sent to the sink. - type: object - properties: - extensions: - description: Extensions specify what attribute are added or overridden on the outbound event. Each `Extensions` key-value pair are set on the event as an attribute extension independently. - type: object - x-kubernetes-preserve-unknown-fields: true - sink: - description: Sink is a reference to an object that will resolve to a uri to use as the sink. - type: object - properties: - ref: - description: Ref points to an Addressable. - type: object - properties: - apiVersion: - description: API version of the referent. - type: string - kind: - description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - namespace: - description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ This is optional field, it gets defaulted to the object holding it if left out.' - type: string - uri: - description: URI can be an absolute URL(non-empty scheme and non-empty host) pointing to the target or a relative URI. Relative URIs will be resolved using the base URI retrieved from Ref. - type: string - # WARNING: the schema tool can not parse PodTemplateSpec, stub here and redirect to Deployment documentation. - template: - type: object - x-kubernetes-preserve-unknown-fields: true - description: 'A template in the shape of `Deployment.spec.template` to be used for this ContainerSource. More info: https://kubernetes.io/docs/concepts/workloads/controllers/deployment/' - status: - type: object - properties: - annotations: - description: Annotations is additional Status fields for the Resource to save some additional State as well as convey more information to the user. This is roughly akin to Annotations on any k8s resource, just the reconciler conveying richer information outwards. - type: object - x-kubernetes-preserve-unknown-fields: true - ceAttributes: - description: CloudEventAttributes are the specific attributes that the Source uses as part of its CloudEvents. - type: array - items: - type: object - properties: - source: - description: Source is the CloudEvents source attribute. - type: string - type: - description: Type refers to the CloudEvent type attribute. - type: string - conditions: - description: Conditions the latest available observations of a resource's current state. - type: array - items: - type: object - required: - - type - - status - properties: - lastTransitionTime: - description: LastTransitionTime is the last time the condition transitioned from one status to another. We use VolatileTime in place of metav1.Time to exclude this from creating equality.Semantic differences (all other things held constant). - type: string - message: - description: A human readable message indicating details about the transition. - type: string - reason: - description: The reason for the condition's last transition. - type: string - severity: - description: Severity with which to treat failures of this type of condition. When this is not specified, it defaults to Error. - type: string - status: - description: Status of the condition, one of True, False, Unknown. - type: string - type: - description: Type of condition. - type: string - observedGeneration: - description: ObservedGeneration is the 'Generation' of the Service that was last processed by the controller. - type: integer - format: int64 - sinkUri: - description: SinkURI is the current active sink URI that has been configured for the Source. - type: string - additionalPrinterColumns: - - name: Sink - type: string - jsonPath: ".status.sinkUri" - - name: Age - type: date - jsonPath: .metadata.creationTimestamp - - name: Ready - type: string - jsonPath: ".status.conditions[?(@.type==\"Ready\")].status" - - name: Reason - type: string - jsonPath: ".status.conditions[?(@.type=='Ready')].reason" - names: - categories: - - all - - knative - - sources - kind: ContainerSource - plural: containersources - singular: containersource - scope: Namespaced - ---- -# Copyright 2020 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - name: eventtypes.eventing.knative.dev - labels: - eventing.knative.dev/release: "v1.8.5" - knative.dev/crd-install: "true" - app.kubernetes.io/version: "1.8.5" - app.kubernetes.io/name: knative-eventing -spec: - group: eventing.knative.dev - versions: - - name: v1beta1 - served: true - storage: true - subresources: - status: {} - schema: - openAPIV3Schema: - type: object - description: 'EventType represents a type of event that can be consumed from a Broker.' - properties: - spec: - description: 'Spec defines the desired state of the EventType.' - type: object - properties: - broker: - type: string - description: - description: 'Description is an optional field used to describe the EventType, in any meaningful way.' - type: string - schema: - description: 'Schema is a URI, it represents the CloudEvents schemaurl extension attribute. It may be a JSON schema, a protobuf schema, etc. It is optional.' - type: string - schemaData: - description: 'SchemaData allows the CloudEvents schema to be stored directly in the EventType. Content is dependent on the encoding. Optional attribute. The contents are not validated or manipulated by the system.' - type: string - source: - description: 'Source is a URI, it represents the CloudEvents source.' - type: string - type: - description: 'Type represents the CloudEvents type. It is authoritative.' - type: string - status: - description: 'Status represents the current state of the EventType. This data may be out of date.' - type: object - properties: - annotations: - description: 'Annotations is additional Status fields for the Resource to save some additional State as well as convey more information to the user. This is roughly akin to Annotations on any k8s resource, just the reconciler conveying richer information outwards.' - type: object - x-kubernetes-preserve-unknown-fields: true - conditions: - description: 'Conditions the latest available observations of a resource''s current state.' - type: array - items: - type: object - required: - - type - - status - properties: - lastTransitionTime: - description: 'LastTransitionTime is the last time the condition transitioned from one status to another. We use VolatileTime in place of metav1.Time to exclude this from creating equality.Semantic differences (all other things held constant).' - type: string - message: - description: 'A human readable message indicating details about the transition.' - type: string - reason: - description: 'The reason for the condition''s last transition.' - type: string - severity: - description: 'Severity with which to treat failures of this type of condition. When this is not specified, it defaults to Error.' - type: string - status: - description: 'Status of the condition, one of True, False, Unknown.' - type: string - type: - description: 'Type of condition.' - type: string - observedGeneration: - description: 'ObservedGeneration is the ''Generation'' of the Service that was last processed by the controller.' - type: integer - format: int64 - additionalPrinterColumns: - - name: Type - type: string - jsonPath: ".spec.type" - - name: Source - type: string - jsonPath: ".spec.source" - - name: Schema - type: string - jsonPath: ".spec.schema" - - name: Broker - type: string - jsonPath: ".spec.broker" - - name: Description - type: string - jsonPath: ".spec.description" - # TODO remove Status https://github.com/knative/eventing/issues/2750 - - name: Ready - type: string - jsonPath: ".status.conditions[?(@.type==\"Ready\")].status" - - name: Reason - type: string - jsonPath: ".status.conditions[?(@.type==\"Ready\")].reason" - names: - kind: EventType - plural: eventtypes - singular: eventtype - categories: - - all - - knative - - eventing - scope: Namespaced - ---- -# Copyright 2020 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - name: parallels.flows.knative.dev - labels: - eventing.knative.dev/release: "v1.8.5" - knative.dev/crd-install: "true" - duck.knative.dev/addressable: "true" - app.kubernetes.io/version: "1.8.5" - app.kubernetes.io/name: knative-eventing -spec: - group: flows.knative.dev - versions: - - name: v1 - served: true - storage: true - subresources: - status: {} - schema: - openAPIV3Schema: - description: 'Parallel defines conditional branches that will be wired in series through Channels and Subscriptions.' - type: object - properties: - spec: - description: Spec defines the desired state of the Parallel. - type: object - properties: - branches: - description: Branches is the list of Filter/Subscribers pairs. - type: array - items: - type: object - x-kubernetes-preserve-unknown-fields: true - properties: - delivery: - description: Delivery is the delivery specification for events to the subscriber This includes things like retries, DLQ, etc. - type: object - properties: - backoffDelay: - description: 'BackoffDelay is the delay before retrying. More information on Duration format: - https://www.iso.org/iso-8601-date-and-time-format.html - https://en.wikipedia.org/wiki/ISO_8601 For linear policy, backoff delay is backoffDelay*. For exponential policy, backoff delay is backoffDelay*2^.' - type: string - backoffPolicy: - description: BackoffPolicy is the retry backoff policy (linear, exponential). - type: string - deadLetterSink: - description: DeadLetterSink is the sink receiving event that could not be sent to a destination. - type: object - properties: &addressableProperties - ref: - description: Ref points to an Addressable. - type: object - properties: - apiVersion: - description: API version of the referent. - type: string - kind: - description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - namespace: - description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ This is optional field, it gets defaulted to the object holding it if left out.' - type: string - uri: - description: URI can be an absolute URL(non-empty scheme and non-empty host) pointing to the target or a relative URI. Relative URIs will be resolved using the base URI retrieved from Ref. - type: string - retry: - description: Retry is the minimum number of retries the sender should attempt when sending an event before moving it to the dead letter sink. - type: integer - format: int32 - x-kubernetes-preserve-unknown-fields: true # This is necessary to enable the experimental feature delivery-timeout - filter: - description: Filter is the expression guarding the branch - type: object - properties: - !!merge <<: *addressableProperties - reply: - description: Reply is a Reference to where the result of Subscriber of this case gets sent to. If not specified, sent the result to the Parallel Reply - type: object - properties: - !!merge <<: *addressableProperties - subscriber: - description: Subscriber receiving the event when the filter passes - type: object - properties: - !!merge <<: *addressableProperties - channelTemplate: - description: ChannelTemplate specifies which Channel CRD to use. If left unspecified, it is set to the default Channel CRD for the namespace (or cluster, in case there are no defaults for the namespace). - type: object - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - spec: - description: Spec defines the Spec to use for each channel created. Passed in verbatim to the Channel CRD as Spec section. - type: object - x-kubernetes-preserve-unknown-fields: true - reply: - description: Reply is a Reference to where the result of a case Subscriber gets sent to when the case does not have a Reply - type: object - properties: - !!merge <<: *addressableProperties - status: - description: Status represents the current state of the Parallel. This data may be out of date. - type: object - properties: - address: - type: object - properties: - url: - type: string - annotations: - description: Annotations is additional Status fields for the Resource to save some additional State as well as convey more information to the user. This is roughly akin to Annotations on any k8s resource, just the reconciler conveying richer information outwards. - type: object - x-kubernetes-preserve-unknown-fields: true - branchStatuses: - description: BranchStatuses is an array of corresponding to branch statuses. Matches the Spec.Branches array in the order. - type: array - items: - type: object - properties: - filterChannelStatus: - description: FilterChannelStatus corresponds to the filter channel status. - type: object - properties: &channelProperties - channel: - description: Channel is the reference to the underlying channel. - type: object - properties: &referentProperties - apiVersion: - description: API version of the referent. - type: string - fieldPath: - description: 'If referring to a piece of an object instead of an entire object, this string should contain a valid JSON/Go field access statement, such as desiredState.manifest.containers[2]. For example, if the object reference is to a container within a pod, this would take on a value like: "spec.containers{name}" (where "name" refers to the name of the container that triggered the event) or if no container name is specified "spec.containers[2]" (container with index 2 in this pod). This syntax is chosen only to have some well-defined way of referencing a part of an object.' - type: string - kind: - description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - namespace: - description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' - type: string - resourceVersion: - description: 'Specific resourceVersion to which this reference is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency' - type: string - uid: - description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids' - type: string - ready: - description: ReadyCondition indicates whether the Channel is ready or not. - type: object - x-kubernetes-preserve-unknown-fields: true - properties: &readyConditionProperties - message: - description: A human readable message indicating details about the transition. - type: string - reason: - description: The reason for the condition's last transition. - type: string - severity: - description: Severity with which to treat failures of this type of condition. When this is not specified, it defaults to Error. - type: string - status: - description: Status of the condition, one of True, False, Unknown. - type: string - type: - description: Type of condition. - type: string - filterSubscriptionStatus: - description: FilterSubscriptionStatus corresponds to the filter subscription status. - type: object - properties: - ready: - description: ReadyCondition indicates whether the Subscription is ready or not. - type: object - properties: - !!merge <<: *readyConditionProperties - subscription: - description: Subscription is the reference to the underlying Subscription. - type: object - properties: - !!merge <<: *referentProperties - subscriberSubscriptionStatus: - description: SubscriptionStatus corresponds to the subscriber subscription status. - type: object - properties: - ready: - description: ReadyCondition indicates whether the Subscription is ready or not. - type: object - properties: - !!merge <<: *readyConditionProperties - subscription: - description: Subscription is the reference to the underlying Subscription. - type: object - properties: - !!merge <<: *referentProperties - conditions: - description: Conditions the latest available observations of a resource's current state. - type: array - items: - type: object - properties: - !!merge <<: *readyConditionProperties - ingressChannelStatus: - description: IngressChannelStatus corresponds to the ingress channel status. - type: object - properties: - !!merge <<: *channelProperties - observedGeneration: - description: ObservedGeneration is the 'Generation' of the Service that was last processed by the controller. - type: integer - format: int64 - additionalPrinterColumns: - - name: URL - type: string - jsonPath: .status.address.url - - name: Age - type: date - jsonPath: .metadata.creationTimestamp - - name: Ready - type: string - jsonPath: ".status.conditions[?(@.type==\"Ready\")].status" - - name: Reason - type: string - jsonPath: ".status.conditions[?(@.type==\"Ready\")].reason" - names: - kind: Parallel - plural: parallels - singular: parallel - categories: - - all - - knative - - flows - scope: Namespaced - ---- -# Copyright 2020 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - labels: - eventing.knative.dev/release: "v1.8.5" - eventing.knative.dev/source: "true" - duck.knative.dev/source: "true" - knative.dev/crd-install: "true" - app.kubernetes.io/version: "1.8.5" - app.kubernetes.io/name: knative-eventing - annotations: - # TODO add schemas and descriptions - registry.knative.dev/eventTypes: | - [ - { "type": "dev.knative.sources.ping" } - ] - name: pingsources.sources.knative.dev -spec: - group: sources.knative.dev - versions: - - &version - name: v1beta2 - served: true - storage: false - subresources: - status: {} - schema: - openAPIV3Schema: - type: object - description: 'PingSource describes an event source with a fixed payload produced on a specified cron schedule.' - properties: - spec: - type: object - description: 'PingSourceSpec defines the desired state of the PingSource (from the client).' - properties: - ceOverrides: - description: 'CloudEventOverrides defines overrides to control the output format and modifications of the event sent to the sink.' - type: object - properties: - extensions: - description: 'Extensions specify what attribute are added or overridden on the outbound event. Each `Extensions` key-value pair are set on the event as an attribute extension independently.' - type: object - additionalProperties: - type: string - x-kubernetes-preserve-unknown-fields: true - contentType: - description: 'ContentType is the media type of `data` or `dataBase64`. Default is empty.' - type: string - data: - description: 'Data is data used as the body of the event posted to the sink. Default is empty. Mutually exclusive with `dataBase64`.' - type: string - dataBase64: - description: "DataBase64 is the base64-encoded string of the actual event's body posted to the sink. Default is empty. Mutually exclusive with `data`." - type: string - schedule: - description: 'Schedule is the cron schedule. Defaults to `* * * * *`.' - type: string - sink: - description: 'Sink is a reference to an object that will resolve to a uri to use as the sink.' - type: object - properties: - ref: - description: 'Ref points to an Addressable.' - type: object - properties: - apiVersion: - description: 'API version of the referent.' - type: string - kind: - description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - namespace: - description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ This is optional field, it gets defaulted to the object holding it if left out.' - type: string - uri: - description: 'URI can be an absolute URL(non-empty scheme and non-empty host) pointing to the target or a relative URI. Relative URIs will be resolved using the base URI retrieved from Ref.' - type: string - timezone: - description: 'Timezone modifies the actual time relative to the specified timezone. Defaults to the system time zone. More general information about time zones: https://www.iana.org/time-zones List of valid timezone values: https://en.wikipedia.org/wiki/List_of_tz_database_time_zones' - type: string - status: - type: object - description: 'PingSourceStatus defines the observed state of PingSource (from the controller).' - properties: - annotations: - description: 'Annotations is additional Status fields for the Resource to save some additional State as well as convey more information to the user. This is roughly akin to Annotations on any k8s resource, just the reconciler conveying richer information outwards.' - type: object - x-kubernetes-preserve-unknown-fields: true - ceAttributes: - description: 'CloudEventAttributes are the specific attributes that the Source uses as part of its CloudEvents.' - type: array - items: - type: object - properties: - source: - description: 'Source is the CloudEvents source attribute.' - type: string - type: - description: 'Type refers to the CloudEvent type attribute.' - type: string - conditions: - description: 'Conditions the latest available observations of a resource''s current state.' - type: array - items: - type: object - required: - - type - - status - properties: - lastTransitionTime: - description: 'LastTransitionTime is the last time the condition transitioned from one status to another. We use VolatileTime in place of metav1.Time to exclude this from creating equality.Semantic differences (all other things held constant).' - type: string - message: - description: 'A human readable message indicating details about the transition.' - type: string - reason: - description: 'The reason for the condition''s last transition.' - type: string - severity: - description: 'Severity with which to treat failures of this type of condition. When this is not specified, it defaults to Error.' - type: string - status: - description: 'Status of the condition, one of True, False, Unknown.' - type: string - type: - description: 'Type of condition.' - type: string - observedGeneration: - description: 'ObservedGeneration is the "Generation" of the Service that was last processed by the controller.' - type: integer - format: int64 - sinkUri: - description: 'SinkURI is the current active sink URI that has been configured for the Source.' - type: string - additionalPrinterColumns: - - name: Sink - type: string - jsonPath: .status.sinkUri - - name: Schedule - type: string - jsonPath: .spec.schedule - - name: Age - type: date - jsonPath: .metadata.creationTimestamp - - name: Ready - type: string - jsonPath: ".status.conditions[?(@.type=='Ready')].status" - - name: Reason - type: string - jsonPath: ".status.conditions[?(@.type=='Ready')].reason" - - !!merge <<: *version - name: v1 - served: true - storage: true - # v1 schema is identical to the v1beta2 schema - names: - categories: - - all - - knative - - sources - kind: PingSource - plural: pingsources - singular: pingsource - scope: Namespaced - conversion: - strategy: Webhook - webhook: - conversionReviewVersions: ["v1", "v1beta1"] - clientConfig: - service: - name: eventing-webhook - namespace: knative-eventing - ---- -# Copyright 2020 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - name: sequences.flows.knative.dev - labels: - eventing.knative.dev/release: "v1.8.5" - knative.dev/crd-install: "true" - duck.knative.dev/addressable: "true" - app.kubernetes.io/version: "1.8.5" - app.kubernetes.io/name: knative-eventing -spec: - group: flows.knative.dev - versions: - - name: v1 - served: true - storage: true - subresources: - status: {} - schema: - openAPIV3Schema: - description: 'Sequence defines a sequence of Subscribers that will be wired in series through Channels and Subscriptions.' - type: object - properties: - spec: - description: Spec defines the desired state of the Sequence. - type: object - properties: - channelTemplate: - description: ChannelTemplate specifies which Channel CRD to use. If left unspecified, it is set to the default Channel CRD for the namespace (or cluster, in case there are no defaults for the namespace). - type: object - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - spec: - description: Spec defines the Spec to use for each channel created. Passed in verbatim to the Channel CRD as Spec section. - type: object - x-kubernetes-preserve-unknown-fields: true - reply: - description: Reply is a Reference to where the result of the last Subscriber gets sent to. - type: object - properties: - ref: - description: Ref points to an Addressable. - type: object - properties: - apiVersion: - description: API version of the referent. - type: string - kind: - description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - namespace: - description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ This is optional field, it gets defaulted to the object holding it if left out.' - type: string - uri: - description: URI can be an absolute URL(non-empty scheme and non-empty host) pointing to the target or a relative URI. Relative URIs will be resolved using the base URI retrieved from Ref. - type: string - steps: - description: Steps is the list of Destinations (processors / functions) that will be called in the order provided. Each step has its own delivery options - type: array - items: - type: object - properties: - delivery: - description: Delivery is the delivery specification for events to the subscriber This includes things like retries, DLQ, etc. - type: object - properties: - backoffDelay: - description: 'BackoffDelay is the delay before retrying. More information on Duration format: - https://www.iso.org/iso-8601-date-and-time-format.html - https://en.wikipedia.org/wiki/ISO_8601 For linear policy, backoff delay is backoffDelay*. For exponential policy, backoff delay is backoffDelay*2^.' - type: string - backoffPolicy: - description: BackoffPolicy is the retry backoff policy (linear, exponential). - type: string - deadLetterSink: - description: DeadLetterSink is the sink receiving event that could not be sent to a destination. - type: object - properties: - ref: - description: Ref points to an Addressable. - type: object - properties: - apiVersion: - description: API version of the referent. - type: string - kind: - description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - namespace: - description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ This is optional field, it gets defaulted to the object holding it if left out.' - type: string - uri: - description: URI can be an absolute URL(non-empty scheme and non-empty host) pointing to the target or a relative URI. Relative URIs will be resolved using the base URI retrieved from Ref. - type: string - retry: - description: Retry is the minimum number of retries the sender should attempt when sending an event before moving it to the dead letter sink. - type: integer - format: int32 - x-kubernetes-preserve-unknown-fields: true # This is necessary to enable the experimental feature delivery-timeout - ref: - description: Ref points to an Addressable. - type: object - properties: - apiVersion: - description: API version of the referent. - type: string - kind: - description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - namespace: - description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ This is optional field, it gets defaulted to the object holding it if left out.' - type: string - uri: - description: URI can be an absolute URL(non-empty scheme and non-empty host) pointing to the target or a relative URI. Relative URIs will be resolved using the base URI retrieved from Ref. - type: string - status: - description: Status represents the current state of the Sequence. This data may be out of date. - type: object - properties: - address: - type: object - properties: - url: - type: string - annotations: - description: Annotations is additional Status fields for the Resource to save some additional State as well as convey more information to the user. This is roughly akin to Annotations on any k8s resource, just the reconciler conveying richer information outwards. - type: object - x-kubernetes-preserve-unknown-fields: true - channelStatuses: - description: ChannelStatuses is an array of corresponding Channel statuses. Matches the Spec.Steps array in the order. - type: array - items: - type: object - properties: - channel: - description: Channel is the reference to the underlying channel. - type: object - properties: - apiVersion: - description: API version of the referent. - type: string - fieldPath: - description: 'If referring to a piece of an object instead of an entire object, this string should contain a valid JSON/Go field access statement, such as desiredState.manifest.containers[2]. For example, if the object reference is to a container within a pod, this would take on a value like: "spec.containers{name}" (where "name" refers to the name of the container that triggered the event) or if no container name is specified "spec.containers[2]" (container with index 2 in this pod). This syntax is chosen only to have some well-defined way of referencing a part of an object.' - type: string - kind: - description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - namespace: - description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' - type: string - resourceVersion: - description: 'Specific resourceVersion to which this reference is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency' - type: string - uid: - description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids' - type: string - ready: - description: ReadyCondition indicates whether the Channel is ready or not. - type: object - required: - - type - - status - properties: - lastTransitionTime: - description: LastTransitionTime is the last time the condition transitioned from one status to another. We use VolatileTime in place of metav1.Time to exclude this from creating equality.Semantic differences (all other things held constant). - type: string - message: - description: A human readable message indicating details about the transition. - type: string - reason: - description: The reason for the condition's last transition. - type: string - severity: - description: Severity with which to treat failures of this type of condition. When this is not specified, it defaults to Error. - type: string - status: - description: Status of the condition, one of True, False, Unknown. - type: string - type: - description: Type of condition. - type: string - conditions: - description: Conditions the latest available observations of a resource's current state. - type: array - items: - type: object - required: - - type - - status - properties: - lastTransitionTime: - description: LastTransitionTime is the last time the condition transitioned from one status to another. We use VolatileTime in place of metav1.Time to exclude this from creating equality.Semantic differences (all other things held constant). - type: string - message: - description: A human readable message indicating details about the transition. - type: string - reason: - description: The reason for the condition's last transition. - type: string - severity: - description: Severity with which to treat failures of this type of condition. When this is not specified, it defaults to Error. - type: string - status: - description: Status of the condition, one of True, False, Unknown. - type: string - type: - description: Type of condition. - type: string - observedGeneration: - description: ObservedGeneration is the 'Generation' of the Service that was last processed by the controller. - type: integer - format: int64 - subscriptionStatuses: - description: SubscriptionStatuses is an array of corresponding Subscription statuses. Matches the Spec.Steps array in the order. - type: array - items: - type: object - properties: - ready: - description: ReadyCondition indicates whether the Subscription is ready or not. - type: object - required: - - type - - status - properties: - lastTransitionTime: - description: LastTransitionTime is the last time the condition transitioned from one status to another. We use VolatileTime in place of metav1.Time to exclude this from creating equality.Semantic differences (all other things held constant). - type: string - message: - description: A human readable message indicating details about the transition. - type: string - reason: - description: The reason for the condition's last transition. - type: string - severity: - description: Severity with which to treat failures of this type of condition. When this is not specified, it defaults to Error. - type: string - status: - description: Status of the condition, one of True, False, Unknown. - type: string - type: - description: Type of condition. - type: string - subscription: - description: Subscription is the reference to the underlying Subscription. - type: object - properties: - apiVersion: - description: API version of the referent. - type: string - fieldPath: - description: 'If referring to a piece of an object instead of an entire object, this string should contain a valid JSON/Go field access statement, such as desiredState.manifest.containers[2]. For example, if the object reference is to a container within a pod, this would take on a value like: "spec.containers{name}" (where "name" refers to the name of the container that triggered the event) or if no container name is specified "spec.containers[2]" (container with index 2 in this pod). This syntax is chosen only to have some well-defined way of referencing a part of an object.' - type: string - kind: - description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - namespace: - description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' - type: string - resourceVersion: - description: 'Specific resourceVersion to which this reference is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency' - type: string - uid: - description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids' - type: string - additionalPrinterColumns: - - name: URL - type: string - jsonPath: .status.address.url - - name: Age - type: date - jsonPath: .metadata.creationTimestamp - - name: Ready - type: string - jsonPath: ".status.conditions[?(@.type==\"Ready\")].status" - - name: Reason - type: string - jsonPath: ".status.conditions[?(@.type==\"Ready\")].reason" - names: - kind: Sequence - plural: sequences - singular: sequence - categories: - - all - - knative - - flows - scope: Namespaced - ---- -# Copyright 2020 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - labels: - eventing.knative.dev/release: "v1.8.5" - eventing.knative.dev/source: "true" - duck.knative.dev/source: "true" - duck.knative.dev/binding: "true" - knative.dev/crd-install: "true" - app.kubernetes.io/version: "1.8.5" - app.kubernetes.io/name: knative-eventing - name: sinkbindings.sources.knative.dev -spec: - group: sources.knative.dev - versions: - - name: v1 - served: true - storage: true - subresources: - status: {} - schema: - openAPIV3Schema: - description: 'SinkBinding describes a Binding that is also a Source. The `sink` (from the Source duck) is resolved to a URL and then projected into the `subject` by augmenting the runtime contract of the referenced containers to have a `K_SINK` environment variable holding the endpoint to which to send cloud events.' - type: object - properties: - spec: - type: object - properties: - ceOverrides: - description: CloudEventOverrides defines overrides to control the output format and modifications of the event sent to the sink. - type: object - properties: - extensions: - description: Extensions specify what attribute are added or overridden on the outbound event. Each `Extensions` key-value pair are set on the event as an attribute extension independently. - type: object - x-kubernetes-preserve-unknown-fields: true - sink: - description: Sink is a reference to an object that will resolve to a uri to use as the sink. - type: object - properties: - ref: - description: Ref points to an Addressable. - type: object - properties: - apiVersion: - description: API version of the referent. - type: string - kind: - description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - namespace: - description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ This is optional field, it gets defaulted to the object holding it if left out.' - type: string - uri: - description: URI can be an absolute URL(non-empty scheme and non-empty host) pointing to the target or a relative URI. Relative URIs will be resolved using the base URI retrieved from Ref. - type: string - subject: - description: Subject references the resource(s) whose "runtime contract" should be augmented by Binding implementations. - type: object - properties: - apiVersion: - description: API version of the referent. - type: string - kind: - description: Kind of the referent. - type: string - name: - description: Name of the referent. Mutually exclusive with Selector. - type: string - namespace: - description: Namespace of the referent. - type: string - selector: - description: Selector of the referents. Mutually exclusive with Name. - type: object - properties: - matchExpressions: - description: matchExpressions is a list of label selector requirements. The requirements are ANDed. - type: array - items: - type: object - properties: - key: - description: key is the label key that the selector applies to. - type: string - operator: - description: operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. - type: string - values: - description: values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. - type: array - items: - type: string - matchLabels: - description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. - type: object - x-kubernetes-preserve-unknown-fields: true - status: - type: object - properties: - annotations: - description: Annotations is additional Status fields for the Resource to save some additional State as well as convey more information to the user. This is roughly akin to Annotations on any k8s resource, just the reconciler conveying richer information outwards. - type: object - x-kubernetes-preserve-unknown-fields: true - ceAttributes: - description: CloudEventAttributes are the specific attributes that the Source uses as part of its CloudEvents. - type: array - items: - type: object - properties: - source: - description: Source is the CloudEvents source attribute. - type: string - type: - description: Type refers to the CloudEvent type attribute. - type: string - conditions: - description: Conditions the latest available observations of a resource's current state. - type: array - items: - type: object - required: - - type - - status - properties: - lastTransitionTime: - description: LastTransitionTime is the last time the condition transitioned from one status to another. We use VolatileTime in place of metav1.Time to exclude this from creating equality.Semantic differences (all other things held constant). - type: string - message: - description: A human readable message indicating details about the transition. - type: string - reason: - description: The reason for the condition's last transition. - type: string - severity: - description: Severity with which to treat failures of this type of condition. When this is not specified, it defaults to Error. - type: string - status: - description: Status of the condition, one of True, False, Unknown. - type: string - type: - description: Type of condition. - type: string - observedGeneration: - description: ObservedGeneration is the 'Generation' of the Service that was last processed by the controller. - type: integer - format: int64 - sinkUri: - description: SinkURI is the current active sink URI that has been configured for the Source. - type: string - additionalPrinterColumns: - - name: Sink - type: string - jsonPath: ".status.sinkUri" - - name: Age - type: date - jsonPath: .metadata.creationTimestamp - - name: Ready - type: string - jsonPath: ".status.conditions[?(@.type=='Ready')].status" - - name: Reason - type: string - jsonPath: ".status.conditions[?(@.type=='Ready')].reason" - names: - categories: - - all - - knative - - sources - - bindings - kind: SinkBinding - plural: sinkbindings - singular: sinkbinding - scope: Namespaced - ---- -# Copyright 2020 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - name: subscriptions.messaging.knative.dev - labels: - eventing.knative.dev/release: "v1.8.5" - knative.dev/crd-install: "true" - app.kubernetes.io/version: "1.8.5" - app.kubernetes.io/name: knative-eventing -spec: - group: messaging.knative.dev - versions: - - name: v1 - served: true - storage: true - subresources: - status: {} - schema: - openAPIV3Schema: - description: 'Subscription routes events received on a Channel to a DNS name and corresponds to the subscriptions.channels.knative.dev CRD.' - type: object - properties: - spec: - type: object - properties: - channel: - description: 'Reference to a channel that will be used to create the subscription. You can specify only the following fields of the KReference: kind, apiVersion and name. The resource pointed by this KReference must meet the contract to the ChannelableSpec duck type. If the resource does not meet this contract it will be reflected in the Subscription''s status. This field is immutable. We have no good answer on what happens to the events that are currently in the channel being consumed from and what the semantics there should be. For now, you can always delete the Subscription and recreate it to point to a different channel, giving the user more control over what semantics should be used (drain the channel first, possibly have events dropped, etc.)' - type: object - properties: - apiVersion: - description: API version of the referent. - type: string - kind: - description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - x-kubernetes-preserve-unknown-fields: true # This is necessary to enable the experimental feature - delivery: - description: Delivery configuration - type: object - properties: - backoffDelay: - description: 'BackoffDelay is the delay before retrying. More information on Duration format: - https://www.iso.org/iso-8601-date-and-time-format.html - https://en.wikipedia.org/wiki/ISO_8601 For linear policy, backoff delay is backoffDelay*. For exponential policy, backoff delay is backoffDelay*2^.' - type: string - backoffPolicy: - description: BackoffPolicy is the retry backoff policy (linear, exponential). - type: string - deadLetterSink: - description: DeadLetterSink is the sink receiving event that could not be sent to a destination. - type: object - properties: - ref: - description: Ref points to an Addressable. - type: object - properties: - apiVersion: - description: API version of the referent. - type: string - kind: - description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - namespace: - description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ This is optional field, it gets defaulted to the object holding it if left out.' - type: string - uri: - description: URI can be an absolute URL(non-empty scheme and non-empty host) pointing to the target or a relative URI. Relative URIs will be resolved using the base URI retrieved from Ref. - type: string - retry: - description: Retry is the minimum number of retries the sender should attempt when sending an event before moving it to the dead letter sink. - type: integer - format: int32 - x-kubernetes-preserve-unknown-fields: true # This is necessary to enable the experimental feature delivery-timeout - reply: - description: Reply specifies (optionally) how to handle events returned from the Subscriber target. - type: object - properties: - ref: - description: Ref points to an Addressable. - type: object - properties: - apiVersion: - description: API version of the referent. - type: string - kind: - description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - namespace: - description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ This is optional field, it gets defaulted to the object holding it if left out.' - type: string - uri: - description: URI can be an absolute URL(non-empty scheme and non-empty host) pointing to the target or a relative URI. Relative URIs will be resolved using the base URI retrieved from Ref. - type: string - subscriber: - description: Subscriber is reference to (optional) function for processing events. Events from the Channel will be delivered here and replies are sent to a Destination as specified by the Reply. - type: object - properties: - ref: - description: Ref points to an Addressable. - type: object - properties: - apiVersion: - description: API version of the referent. - type: string - kind: - description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - namespace: - description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ This is optional field, it gets defaulted to the object holding it if left out.' - type: string - x-kubernetes-preserve-unknown-fields: true # This is necessary to enable the experimental feature - uri: - description: URI can be an absolute URL(non-empty scheme and non-empty host) pointing to the target or a relative URI. Relative URIs will be resolved using the base URI retrieved from Ref. - type: string - status: - type: object - properties: - annotations: - description: Annotations is additional Status fields for the Resource to save some additional State as well as convey more information to the user. This is roughly akin to Annotations on any k8s resource, just the reconciler conveying richer information outwards. - type: object - x-kubernetes-preserve-unknown-fields: true - conditions: - description: Conditions the latest available observations of a resource's current state. - type: array - items: - type: object - required: - - type - - status - properties: - lastTransitionTime: - description: LastTransitionTime is the last time the condition transitioned from one status to another. We use VolatileTime in place of metav1.Time to exclude this from creating equality.Semantic differences (all other things held constant). - type: string - message: - description: A human readable message indicating details about the transition. - type: string - reason: - description: The reason for the condition's last transition. - type: string - severity: - description: Severity with which to treat failures of this type of condition. When this is not specified, it defaults to Error. - type: string - status: - description: Status of the condition, one of True, False, Unknown. - type: string - type: - description: Type of condition. - type: string - observedGeneration: - description: ObservedGeneration is the 'Generation' of the Service that was last processed by the controller. - type: integer - format: int64 - physicalSubscription: - description: PhysicalSubscription is the fully resolved values that this Subscription represents. - type: object - properties: - deadLetterSinkUri: - description: ReplyURI is the fully resolved URI for the spec.delivery.deadLetterSink. - type: string - replyUri: - description: ReplyURI is the fully resolved URI for the spec.reply. - type: string - subscriberUri: - description: SubscriberURI is the fully resolved URI for spec.subscriber. - type: string - additionalPrinterColumns: - - name: Age - type: date - jsonPath: .metadata.creationTimestamp - - name: Ready - type: string - jsonPath: ".status.conditions[?(@.type==\"Ready\")].status" - - name: Reason - type: string - jsonPath: ".status.conditions[?(@.type==\"Ready\")].reason" - names: - kind: Subscription - plural: subscriptions - singular: subscription - categories: - - all - - knative - - messaging - shortNames: - - sub - scope: Namespaced - ---- -# Copyright 2020 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - name: triggers.eventing.knative.dev - labels: - eventing.knative.dev/release: "v1.8.5" - knative.dev/crd-install: "true" - app.kubernetes.io/version: "1.8.5" - app.kubernetes.io/name: knative-eventing -spec: - group: eventing.knative.dev - versions: - - name: v1 - served: true - storage: true - subresources: - status: {} - additionalPrinterColumns: - - name: Broker - type: string - jsonPath: .spec.broker - - name: Subscriber_URI - type: string - jsonPath: .status.subscriberUri - - name: Age - type: date - jsonPath: .metadata.creationTimestamp - - name: Ready - type: string - jsonPath: ".status.conditions[?(@.type==\"Ready\")].status" - - name: Reason - type: string - jsonPath: ".status.conditions[?(@.type==\"Ready\")].reason" - schema: - openAPIV3Schema: - description: 'Trigger represents a request to have events delivered to a subscriber from a Broker''s event pool.' - type: object - properties: - spec: - description: Spec defines the desired state of the Trigger. - type: object - x-kubernetes-preserve-unknown-fields: true - properties: - broker: - description: Broker is the broker that this trigger receives events from. - type: string - delivery: - description: Delivery contains the delivery spec for this specific trigger. - type: object - x-kubernetes-preserve-unknown-fields: true # This is necessary to enable the experimental feature delivery-timeout - properties: - backoffDelay: - description: 'BackoffDelay is the delay before retrying. More information on Duration format: - https://www.iso.org/iso-8601-date-and-time-format.html - https://en.wikipedia.org/wiki/ISO_8601 For linear policy, backoff delay is backoffDelay*. For exponential policy, backoff delay is backoffDelay*2^.' - type: string - backoffPolicy: - description: BackoffPolicy is the retry backoff policy (linear, exponential). - type: string - deadLetterSink: - description: DeadLetterSink is the sink receiving event that could not be sent to a destination. - type: object - properties: - ref: - description: Ref points to an Addressable. - type: object - properties: - apiVersion: - description: API version of the referent. - type: string - kind: - description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - namespace: - description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ This is optional field, it gets defaulted to the object holding it if left out.' - type: string - uri: - description: URI can be an absolute URL(non-empty scheme and non-empty host) pointing to the target or a relative URI. Relative URIs will be resolved using the base URI retrieved from Ref. - type: string - retry: - description: Retry is the minimum number of retries the sender should attempt when sending an event before moving it to the dead letter sink. - type: integer - format: int32 - filter: - description: 'Filter is the filter to apply against all events from the Broker. Only events that pass this filter will be sent to the Subscriber. If not specified, will default to allowing all events. ' - type: object - properties: - attributes: - description: 'Attributes filters events by exact match on event context attributes. Each key in the map is compared with the equivalent key in the event context. An event passes the filter if all values are equal to the specified values. Nested context attributes are not supported as keys. Only string values are supported. ' - type: object - x-kubernetes-preserve-unknown-fields: true - subscriber: - description: Subscriber is the addressable that receives events from the Broker that pass the Filter. It is required. - type: object - properties: - ref: - description: Ref points to an Addressable. - type: object - properties: - apiVersion: - description: API version of the referent. - type: string - kind: - description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - namespace: - description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ This is optional field, it gets defaulted to the object holding it if left out.' - type: string - uri: - description: URI can be an absolute URL(non-empty scheme and non-empty host) pointing to the target or a relative URI. Relative URIs will be resolved using the base URI retrieved from Ref. - type: string - status: - description: Status represents the current state of the Trigger. This data may be out of date. - type: object - properties: - annotations: - description: Annotations is additional Status fields for the Resource to save some additional State as well as convey more information to the user. This is roughly akin to Annotations on any k8s resource, just the reconciler conveying richer information outwards. - type: object - x-kubernetes-preserve-unknown-fields: true - conditions: - description: Conditions the latest available observations of a resource's current state. - type: array - items: - type: object - required: - - type - - status - properties: - lastTransitionTime: - description: 'LastTransitionTime is the last time the condition transitioned from one status to another. We use VolatileTime in place of metav1.Time to exclude this from creating equality.Semantic differences (all other things held constant).' - type: string - message: - description: 'A human readable message indicating details about the transition.' - type: string - reason: - description: 'The reason for the condition''s last transition.' - type: string - severity: - description: 'Severity with which to treat failures of this type of condition. When this is not specified, it defaults to Error.' - type: string - status: - description: 'Status of the condition, one of True, False, Unknown.' - type: string - type: - description: 'Type of condition.' - type: string - deadLetterSinkUri: - description: DeadLetterSinkURI is the resolved URI of the dead letter sink for this Trigger, in case there is none this will fallback to it's Broker status DeadLetterSinkURI. - type: string - observedGeneration: - description: ObservedGeneration is the 'Generation' of the Service that was last processed by the controller. - type: integer - format: int64 - subscriberUri: - description: SubscriberURI is the resolved URI of the receiver for this Trigger. - type: string - names: - kind: Trigger - plural: triggers - singular: trigger - categories: - - all - - knative - - eventing - scope: Namespaced - ---- -# Copyright 2019 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -# Use this aggregated ClusterRole when you need readonly access to "Addressables" -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRole -metadata: - name: addressable-resolver - labels: - eventing.knative.dev/release: "v1.8.5" - app.kubernetes.io/version: "1.8.5" - app.kubernetes.io/name: knative-eventing -aggregationRule: - clusterRoleSelectors: - - matchLabels: - duck.knative.dev/addressable: "true" -rules: [] # Rules are automatically filled in by the controller manager. ---- -kind: ClusterRole -apiVersion: rbac.authorization.k8s.io/v1 -metadata: - name: service-addressable-resolver - labels: - eventing.knative.dev/release: "v1.8.5" - duck.knative.dev/addressable: "true" - app.kubernetes.io/version: "1.8.5" - app.kubernetes.io/name: knative-eventing -# Do not use this role directly. These rules will be added to the "addressable-resolver" role. -rules: - - apiGroups: - - "" - resources: - - services - verbs: - - get - - list - - watch ---- -kind: ClusterRole -apiVersion: rbac.authorization.k8s.io/v1 -metadata: - name: serving-addressable-resolver - labels: - eventing.knative.dev/release: "v1.8.5" - duck.knative.dev/addressable: "true" - app.kubernetes.io/version: "1.8.5" - app.kubernetes.io/name: knative-eventing -# Do not use this role directly. These rules will be added to the "addressable-resolver" role. -rules: - - apiGroups: - - serving.knative.dev - resources: - - routes - - routes/status - - services - - services/status - verbs: - - get - - list - - watch ---- -kind: ClusterRole -apiVersion: rbac.authorization.k8s.io/v1 -metadata: - name: channel-addressable-resolver - labels: - eventing.knative.dev/release: "v1.8.5" - duck.knative.dev/addressable: "true" - app.kubernetes.io/version: "1.8.5" - app.kubernetes.io/name: knative-eventing -# Do not use this role directly. These rules will be added to the "addressable-resolver" role. -rules: - - apiGroups: - - messaging.knative.dev - resources: - - channels - - channels/status - verbs: - - get - - list - - watch - - apiGroups: - - messaging.knative.dev - resources: - - channels/finalizers - verbs: - - update ---- -kind: ClusterRole -apiVersion: rbac.authorization.k8s.io/v1 -metadata: - name: broker-addressable-resolver - labels: - eventing.knative.dev/release: "v1.8.5" - duck.knative.dev/addressable: "true" - app.kubernetes.io/version: "1.8.5" - app.kubernetes.io/name: knative-eventing -# Do not use this role directly. These rules will be added to the "addressable-resolver" role. -rules: - - apiGroups: - - eventing.knative.dev - resources: - - brokers - - brokers/status - verbs: - - get - - list - - watch ---- -kind: ClusterRole -apiVersion: rbac.authorization.k8s.io/v1 -metadata: - name: flows-addressable-resolver - labels: - eventing.knative.dev/release: "v1.8.5" - duck.knative.dev/addressable: "true" - app.kubernetes.io/version: "1.8.5" - app.kubernetes.io/name: knative-eventing -# Do not use this role directly. These rules will be added to the "addressable-resolver" role. -rules: - - apiGroups: - - flows.knative.dev - resources: - - sequences - - sequences/status - - parallels - - parallels/status - verbs: - - get - - list - - watch - ---- -# Copyright 2019 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRole -metadata: - name: eventing-broker-filter - labels: - eventing.knative.dev/release: "v1.8.5" - app.kubernetes.io/version: "1.8.5" - app.kubernetes.io/name: knative-eventing -rules: - - apiGroups: - - "" - resources: - - "configmaps" - verbs: - - "get" - - "list" - - "watch" - - apiGroups: - - "eventing.knative.dev" - resources: - - "triggers" - - "triggers/status" - verbs: - - "get" - - "list" - - "watch" ---- -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRole -metadata: - name: eventing-broker-ingress - labels: - eventing.knative.dev/release: "v1.8.5" - app.kubernetes.io/version: "1.8.5" - app.kubernetes.io/name: knative-eventing -rules: - - apiGroups: - - "" - resources: - - "configmaps" - verbs: - - "get" - - "list" - - "watch" ---- -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRole -metadata: - name: eventing-config-reader - labels: - eventing.knative.dev/release: "v1.8.5" - app.kubernetes.io/version: "1.8.5" - app.kubernetes.io/name: knative-eventing -rules: - - apiGroups: - - "" - resources: - - "configmaps" - verbs: - - "get" - - "list" - - "watch" - ---- -# Copyright 2019 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -# Use this aggregated ClusterRole when you need read and update permissions on "Channelables". -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRole -metadata: - name: channelable-manipulator - labels: - eventing.knative.dev/release: "v1.8.5" - app.kubernetes.io/version: "1.8.5" - app.kubernetes.io/name: knative-eventing -aggregationRule: - clusterRoleSelectors: - - matchLabels: - duck.knative.dev/channelable: "true" -rules: [] # Rules are automatically filled in by the controller manager. ---- -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRole -metadata: - name: meta-channelable-manipulator - labels: - eventing.knative.dev/release: "v1.8.5" - duck.knative.dev/channelable: "true" - app.kubernetes.io/version: "1.8.5" - app.kubernetes.io/name: knative-eventing -# Do not use this role directly. These rules will be added to the "channelable-manipulator" role. -rules: - - apiGroups: - - messaging.knative.dev - resources: - - channels - - channels/status - verbs: - - create - - get - - list - - watch - - update - - patch - - delete - ---- -# Copyright 2019 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -kind: ClusterRole -apiVersion: rbac.authorization.k8s.io/v1 -metadata: - name: knative-eventing-namespaced-admin - labels: - eventing.knative.dev/release: "v1.8.5" - rbac.authorization.k8s.io/aggregate-to-admin: "true" - app.kubernetes.io/version: "1.8.5" - app.kubernetes.io/name: knative-eventing -rules: - - apiGroups: ["eventing.knative.dev"] - resources: ["*"] - verbs: ["*"] ---- -kind: ClusterRole -apiVersion: rbac.authorization.k8s.io/v1 -metadata: - name: knative-messaging-namespaced-admin - labels: - eventing.knative.dev/release: "v1.8.5" - rbac.authorization.k8s.io/aggregate-to-admin: "true" - app.kubernetes.io/version: "1.8.5" - app.kubernetes.io/name: knative-eventing -rules: - - apiGroups: ["messaging.knative.dev"] - resources: ["*"] - verbs: ["*"] ---- -kind: ClusterRole -apiVersion: rbac.authorization.k8s.io/v1 -metadata: - name: knative-flows-namespaced-admin - labels: - eventing.knative.dev/release: "v1.8.5" - rbac.authorization.k8s.io/aggregate-to-admin: "true" - app.kubernetes.io/version: "1.8.5" - app.kubernetes.io/name: knative-eventing -rules: - - apiGroups: ["flows.knative.dev"] - resources: ["*"] - verbs: ["*"] ---- -kind: ClusterRole -apiVersion: rbac.authorization.k8s.io/v1 -metadata: - name: knative-sources-namespaced-admin - labels: - eventing.knative.dev/release: "v1.8.5" - rbac.authorization.k8s.io/aggregate-to-admin: "true" - app.kubernetes.io/version: "1.8.5" - app.kubernetes.io/name: knative-eventing -rules: - - apiGroups: ["sources.knative.dev"] - resources: ["*"] - verbs: ["*"] ---- -kind: ClusterRole -apiVersion: rbac.authorization.k8s.io/v1 -metadata: - name: knative-bindings-namespaced-admin - labels: - eventing.knative.dev/release: "v1.8.5" - rbac.authorization.k8s.io/aggregate-to-admin: "true" - app.kubernetes.io/version: "1.8.5" - app.kubernetes.io/name: knative-eventing -rules: - - apiGroups: ["bindings.knative.dev"] - resources: ["*"] - verbs: ["*"] ---- -kind: ClusterRole -apiVersion: rbac.authorization.k8s.io/v1 -metadata: - name: knative-eventing-namespaced-edit - labels: - rbac.authorization.k8s.io/aggregate-to-edit: "true" - eventing.knative.dev/release: "v1.8.5" - app.kubernetes.io/version: "1.8.5" - app.kubernetes.io/name: knative-eventing -rules: - - apiGroups: ["eventing.knative.dev", "messaging.knative.dev", "sources.knative.dev", "flows.knative.dev", "bindings.knative.dev"] - resources: ["*"] - verbs: ["create", "update", "patch", "delete"] ---- -kind: ClusterRole -apiVersion: rbac.authorization.k8s.io/v1 -metadata: - name: knative-eventing-namespaced-view - labels: - rbac.authorization.k8s.io/aggregate-to-view: "true" - eventing.knative.dev/release: "v1.8.5" - app.kubernetes.io/version: "1.8.5" - app.kubernetes.io/name: knative-eventing -rules: - - apiGroups: ["eventing.knative.dev", "messaging.knative.dev", "sources.knative.dev", "flows.knative.dev", "bindings.knative.dev"] - resources: ["*"] - verbs: ["get", "list", "watch"] - ---- -# Copyright 2019 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRole -metadata: - name: knative-eventing-controller - labels: - eventing.knative.dev/release: "v1.8.5" - app.kubernetes.io/version: "1.8.5" - app.kubernetes.io/name: knative-eventing -rules: - - apiGroups: - - "" - resources: - - "namespaces" - - "secrets" - - "configmaps" - - "services" - - "endpoints" - - "events" - - "serviceaccounts" - - "pods" - verbs: &everything - - "get" - - "list" - - "create" - - "update" - - "delete" - - "patch" - - "watch" - # Brokers and the namespace annotation controllers manipulate Deployments. - - apiGroups: - - "apps" - resources: - - "deployments" - verbs: *everything - # PingSource controller manipulates Deployment owner reference - - apiGroups: - - "apps" - resources: - - "deployments/finalizers" - verbs: - - "update" - # The namespace annotation controller needs to manipulate RoleBindings. - - apiGroups: - - "rbac.authorization.k8s.io" - resources: - - "rolebindings" - verbs: *everything - # Our own resources and statuses we care about. - - apiGroups: - - "eventing.knative.dev" - resources: - - "brokers" - - "brokers/status" - - "triggers" - - "triggers/status" - - "eventtypes" - - "eventtypes/status" - verbs: *everything - # Eventing resources and finalizers we care about. - - apiGroups: - - "eventing.knative.dev" - resources: - - "brokers/finalizers" - - "triggers/finalizers" - verbs: - - "update" - # Our own resources and statuses we care about. - - apiGroups: - - "messaging.knative.dev" - resources: - - "sequences" - - "sequences/status" - - "channels" - - "channels/status" - - "parallels" - - "parallels/status" - - "subscriptions" - - "subscriptions/status" - verbs: *everything - # Flow resources and statuses we care about. - - apiGroups: - - "flows.knative.dev" - resources: - - "sequences" - - "sequences/status" - - "parallels" - - "parallels/status" - verbs: *everything - # Messaging resources and finalizers we care about. - - apiGroups: - - "messaging.knative.dev" - resources: - - "sequences/finalizers" - - "parallels/finalizers" - - "channels/finalizers" - verbs: - - "update" - # Flows resources and finalizers we care about. - - apiGroups: - - "flows.knative.dev" - resources: - - "sequences/finalizers" - - "parallels/finalizers" - verbs: - - "update" - # The subscription controller needs to retrieve and watch CustomResourceDefinitions. - - apiGroups: - - "apiextensions.k8s.io" - resources: - - "customresourcedefinitions" - verbs: - - "get" - - "list" - - "watch" - # For leader election - - apiGroups: - - "coordination.k8s.io" - resources: - - "leases" - verbs: *everything - ---- -# Copyright 2020 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRole -metadata: - name: knative-eventing-pingsource-mt-adapter - labels: - eventing.knative.dev/release: "v1.8.5" - app.kubernetes.io/version: "1.8.5" - app.kubernetes.io/name: knative-eventing -rules: - - apiGroups: - - "" - resources: - - "configmaps" - verbs: - - "get" - - "list" - - "watch" - - apiGroups: - - sources.knative.dev - resources: - - pingsources - - pingsources/status - verbs: - - get - - list - - watch - - patch - - apiGroups: - - sources.knative.dev - resources: - - pingsources/finalizers - verbs: - - "patch" - - apiGroups: - - "" - resources: - - events - verbs: - - "create" - - "patch" - - apiGroups: - - coordination.k8s.io - resources: - - leases - verbs: - - get - - list - - watch - - create - - update - - patch - ---- -# Copyright 2019 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -# Use this aggregated ClusterRole when you need readonly access to "PodSpecables" -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRole -metadata: - name: podspecable-binding - labels: - eventing.knative.dev/release: "v1.8.5" - app.kubernetes.io/version: "1.8.5" - app.kubernetes.io/name: knative-eventing -aggregationRule: - clusterRoleSelectors: - - matchLabels: - duck.knative.dev/podspecable: "true" -rules: [] # Rules are automatically filled in by the controller manager. ---- -kind: ClusterRole -apiVersion: rbac.authorization.k8s.io/v1 -metadata: - name: builtin-podspecable-binding - labels: - eventing.knative.dev/release: "v1.8.5" - duck.knative.dev/podspecable: "true" - app.kubernetes.io/version: "1.8.5" - app.kubernetes.io/name: knative-eventing -# Do not use this role directly. These rules will be added to the "podspecable-binding role. -rules: - # To patch the subjects of our bindings - - apiGroups: - - "apps" - resources: - - "deployments" - - "daemonsets" - - "statefulsets" - - "replicasets" - verbs: - - "list" - - "watch" - - "patch" - - apiGroups: - - "batch" - resources: - - "jobs" - verbs: - - "list" - - "watch" - - "patch" - ---- -# Copyright 2019 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -# Use this aggregated ClusterRole when you need to read "Sources". -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRole -metadata: - name: source-observer - labels: - eventing.knative.dev/release: "v1.8.5" - app.kubernetes.io/version: "1.8.5" - app.kubernetes.io/name: knative-eventing -aggregationRule: - clusterRoleSelectors: - - matchLabels: - duck.knative.dev/source: "true" -rules: [] # Rules are automatically filled in by the controller manager. ---- -kind: ClusterRole -apiVersion: rbac.authorization.k8s.io/v1 -metadata: - name: eventing-sources-source-observer - labels: - eventing.knative.dev/release: "v1.8.5" - duck.knative.dev/source: "true" - app.kubernetes.io/version: "1.8.5" - app.kubernetes.io/name: knative-eventing -# Do not use this role directly. These rules will be added to the "source-observer" role. -rules: - - apiGroups: - - sources.knative.dev - resources: - - apiserversources - - pingsources - - sinkbindings - - containersources - verbs: - - get - - list - - watch - ---- -# Copyright 2019 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRole -metadata: - name: knative-eventing-sources-controller - labels: - eventing.knative.dev/release: "v1.8.5" - app.kubernetes.io/version: "1.8.5" - app.kubernetes.io/name: knative-eventing -rules: - - apiGroups: - - "" - resources: - - "secrets" - - "configmaps" - - "services" - verbs: &everything - - "get" - - "list" - - "create" - - "update" - - "delete" - - "patch" - - "watch" - # Deployments admin - - apiGroups: - - "apps" - resources: - - "deployments" - verbs: *everything - # Source resources and statuses we care about. - - apiGroups: - - "sources.knative.dev" - resources: - - "sinkbindings" - - "sinkbindings/status" - - "sinkbindings/finalizers" - - "apiserversources" - - "apiserversources/status" - - "apiserversources/finalizers" - - "pingsources" - - "pingsources/status" - - "pingsources/finalizers" - - "containersources" - - "containersources/status" - - "containersources/finalizers" - verbs: *everything - # Knative Services admin - - apiGroups: - - serving.knative.dev - resources: - - services - verbs: *everything - # EventTypes admin - - apiGroups: - - eventing.knative.dev - resources: - - eventtypes - verbs: *everything - # Events admin - - apiGroups: - - "" - resources: - - events - verbs: *everything - # Authorization checker - - apiGroups: - - authorization.k8s.io - resources: - - subjectaccessreviews - verbs: - - create - ---- -# Copyright 2019 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRole -metadata: - name: knative-eventing-webhook - labels: - eventing.knative.dev/release: "v1.8.5" - app.kubernetes.io/version: "1.8.5" - app.kubernetes.io/name: knative-eventing -rules: - # For watching logging configuration and getting certs. - - apiGroups: - - "" - resources: - - "configmaps" - verbs: - - "get" - - "list" - - "watch" - # For manipulating certs into secrets. - - apiGroups: - - "" - resources: - - "namespaces" - verbs: - - "get" - - "create" - - "update" - - "list" - - "watch" - - "patch" - # finalizers are needed for the owner reference of the webhook - - apiGroups: - - "" - resources: - - "namespaces/finalizers" - verbs: - - "update" - # For getting our Deployment so we can decorate with ownerref. - - apiGroups: - - "apps" - resources: - - "deployments" - verbs: - - "get" - - apiGroups: - - "apps" - resources: - - "deployments/finalizers" - verbs: - - update - # For actually registering our webhook. - - apiGroups: - - "admissionregistration.k8s.io" - resources: - - "mutatingwebhookconfigurations" - - "validatingwebhookconfigurations" - verbs: &everything - - "get" - - "list" - - "create" - - "update" - - "delete" - - "patch" - - "watch" - # For running the SinkBinding reconciler. - - apiGroups: - - "sources.knative.dev" - resources: - - "sinkbindings" - - "sinkbindings/status" - - "sinkbindings/finalizers" - verbs: *everything - # For leader election - - apiGroups: - - "coordination.k8s.io" - resources: - - "leases" - verbs: *everything - # Necessary for conversion webhook. These are copied from the serving - # TODO: Do we really need all these permissions? - - apiGroups: ["apiextensions.k8s.io"] - resources: ["customresourcedefinitions"] - verbs: ["get", "list", "create", "update", "delete", "patch", "watch"] - ---- -# Copyright 2020 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: rbac.authorization.k8s.io/v1 -kind: Role -metadata: - namespace: knative-eventing - name: knative-eventing-webhook - labels: - eventing.knative.dev/release: "v1.8.5" - app.kubernetes.io/version: "1.8.5" - app.kubernetes.io/name: knative-eventing -rules: - # For manipulating certs into secrets. - - apiGroups: - - "" - resources: - - "secrets" - verbs: - - "get" - - "create" - - "update" - - "list" - - "watch" - - "patch" - ---- -# Copyright 2018 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: admissionregistration.k8s.io/v1 -kind: ValidatingWebhookConfiguration -metadata: - name: config.webhook.eventing.knative.dev - labels: - eventing.knative.dev/release: "v1.8.5" - app.kubernetes.io/version: "1.8.5" - app.kubernetes.io/name: knative-eventing -webhooks: - - admissionReviewVersions: ["v1", "v1beta1"] - clientConfig: - service: - name: eventing-webhook - namespace: knative-eventing - sideEffects: None - failurePolicy: Ignore - name: config.webhook.eventing.knative.dev - namespaceSelector: - matchExpressions: - - key: eventing.knative.dev/release - operator: Exists - timeoutSeconds: 10 - ---- -# Copyright 2018 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: admissionregistration.k8s.io/v1 -kind: MutatingWebhookConfiguration -metadata: - name: webhook.eventing.knative.dev - labels: - eventing.knative.dev/release: "v1.8.5" - app.kubernetes.io/version: "1.8.5" - app.kubernetes.io/name: knative-eventing -webhooks: - - admissionReviewVersions: ["v1", "v1beta1"] - clientConfig: - service: - name: eventing-webhook - namespace: knative-eventing - sideEffects: None - failurePolicy: Fail - name: webhook.eventing.knative.dev - timeoutSeconds: 10 - ---- -# Copyright 2018 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: admissionregistration.k8s.io/v1 -kind: ValidatingWebhookConfiguration -metadata: - name: validation.webhook.eventing.knative.dev - labels: - eventing.knative.dev/release: "v1.8.5" - app.kubernetes.io/version: "1.8.5" - app.kubernetes.io/name: knative-eventing -webhooks: - - admissionReviewVersions: ["v1", "v1beta1"] - clientConfig: - service: - name: eventing-webhook - namespace: knative-eventing - sideEffects: None - failurePolicy: Fail - name: validation.webhook.eventing.knative.dev - timeoutSeconds: 10 - ---- -# Copyright 2018 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: v1 -kind: Secret -metadata: - name: eventing-webhook-certs - namespace: knative-eventing - labels: - eventing.knative.dev/release: "v1.8.5" - app.kubernetes.io/version: "1.8.5" - app.kubernetes.io/name: knative-eventing -# The data is populated at install time. - ---- -# Copyright 2018 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: admissionregistration.k8s.io/v1 -kind: MutatingWebhookConfiguration -metadata: - name: sinkbindings.webhook.sources.knative.dev - labels: - eventing.knative.dev/release: "v1.8.5" - app.kubernetes.io/version: "1.8.5" - app.kubernetes.io/name: knative-eventing -webhooks: - - admissionReviewVersions: ["v1", "v1beta1"] - clientConfig: - service: - name: eventing-webhook - namespace: knative-eventing - failurePolicy: Fail - sideEffects: None - name: sinkbindings.webhook.sources.knative.dev - timeoutSeconds: 10 - ---- diff --git a/cmd/operator/kodata/knative-eventing/1.8.5/3-in-memory-channel.yaml b/cmd/operator/kodata/knative-eventing/1.8.5/3-in-memory-channel.yaml deleted file mode 100644 index e0d7acbc59..0000000000 --- a/cmd/operator/kodata/knative-eventing/1.8.5/3-in-memory-channel.yaml +++ /dev/null @@ -1,1215 +0,0 @@ -# Copyright 2021 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: v1 -kind: ServiceAccount -metadata: - name: imc-controller - namespace: knative-eventing - labels: - eventing.knative.dev/release: "v1.8.5" - app.kubernetes.io/version: "1.8.5" - app.kubernetes.io/name: knative-eventing ---- -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRoleBinding -metadata: - name: imc-controller - labels: - eventing.knative.dev/release: "v1.8.5" - app.kubernetes.io/version: "1.8.5" - app.kubernetes.io/name: knative-eventing -subjects: - - kind: ServiceAccount - name: imc-controller - namespace: knative-eventing -roleRef: - kind: ClusterRole - name: imc-controller - apiGroup: rbac.authorization.k8s.io ---- -apiVersion: rbac.authorization.k8s.io/v1 -kind: RoleBinding -metadata: - namespace: knative-eventing - name: imc-controller - labels: - eventing.knative.dev/release: "v1.8.5" - app.kubernetes.io/version: "1.8.5" - app.kubernetes.io/name: knative-eventing -subjects: - - kind: ServiceAccount - name: imc-controller - namespace: knative-eventing -roleRef: - kind: Role - name: knative-inmemorychannel-webhook - apiGroup: rbac.authorization.k8s.io ---- -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRoleBinding -metadata: - name: imc-controller-resolver - labels: - eventing.knative.dev/release: "v1.8.5" - app.kubernetes.io/version: "1.8.5" - app.kubernetes.io/name: knative-eventing -subjects: - - kind: ServiceAccount - name: imc-controller - namespace: knative-eventing -roleRef: - kind: ClusterRole - name: addressable-resolver - apiGroup: rbac.authorization.k8s.io - ---- -# Copyright 2021 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: v1 -kind: ServiceAccount -metadata: - name: imc-dispatcher - namespace: knative-eventing - labels: - eventing.knative.dev/release: "v1.8.5" - app.kubernetes.io/version: "1.8.5" - app.kubernetes.io/name: knative-eventing ---- -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRoleBinding -metadata: - name: imc-dispatcher - labels: - eventing.knative.dev/release: "v1.8.5" - app.kubernetes.io/version: "1.8.5" - app.kubernetes.io/name: knative-eventing -subjects: - - kind: ServiceAccount - name: imc-dispatcher - namespace: knative-eventing -roleRef: - kind: ClusterRole - name: imc-dispatcher - apiGroup: rbac.authorization.k8s.io - ---- -# Copyright 2020 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: v1 -kind: ConfigMap -metadata: - name: config-imc-event-dispatcher - namespace: knative-eventing - labels: - eventing.knative.dev/release: "v1.8.5" - app.kubernetes.io/component: imc-controller - app.kubernetes.io/version: "1.8.5" - app.kubernetes.io/name: knative-eventing -data: - MaxIdleConnections: "1000" - MaxIdleConnectionsPerHost: "100" - ---- -# Copyright 2019 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: v1 -kind: ConfigMap -metadata: - name: config-observability - namespace: knative-eventing - labels: - eventing.knative.dev/release: "v1.8.5" - knative.dev/config-propagation: original - knative.dev/config-category: eventing - app.kubernetes.io/version: "1.8.5" - app.kubernetes.io/name: knative-eventing - annotations: - knative.dev/example-checksum: "f46cf09d" -data: - _example: | - ################################ - # # - # EXAMPLE CONFIGURATION # - # # - ################################ - - # This block is not actually functional configuration, - # but serves to illustrate the available configuration - # options and document them in a way that is accessible - # to users that `kubectl edit` this config map. - # - # These sample configuration options may be copied out of - # this example block and unindented to be in the data block - # to actually change the configuration. - - # metrics.backend-destination field specifies the system metrics destination. - # It supports either prometheus (the default) or stackdriver. - # Note: Using stackdriver will incur additional charges - metrics.backend-destination: prometheus - - # metrics.request-metrics-backend-destination specifies the request metrics - # destination. If non-empty, it enables queue proxy to send request metrics. - # Currently supported values: prometheus, stackdriver. - metrics.request-metrics-backend-destination: prometheus - - # metrics.stackdriver-project-id field specifies the stackdriver project ID. This - # field is optional. When running on GCE, application default credentials will be - # used if this field is not provided. - metrics.stackdriver-project-id: "" - - # metrics.allow-stackdriver-custom-metrics indicates whether it is allowed to send metrics to - # Stackdriver using "global" resource type and custom metric type if the - # metrics are not supported by "knative_broker", "knative_trigger", and "knative_source" resource types. - # Setting this flag to "true" could cause extra Stackdriver charge. - # If metrics.backend-destination is not Stackdriver, this is ignored. - metrics.allow-stackdriver-custom-metrics: "false" - - # profiling.enable indicates whether it is allowed to retrieve runtime profiling data from - # the pods via an HTTP server in the format expected by the pprof visualization tool. When - # enabled, the Knative Eventing pods expose the profiling data on an alternate HTTP port 8008. - # The HTTP context root for profiling is then /debug/pprof/. - profiling.enable: "false" - - # sink-event-error-reporting.enable whether the adapter reports a kube event to the CRD indicating - # a failure to send a cloud event to the sink. - sink-event-error-reporting.enable: "false" - ---- -# Copyright 2019 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: v1 -kind: ConfigMap -metadata: - name: config-tracing - namespace: knative-eventing - labels: - eventing.knative.dev/release: "v1.8.5" - knative.dev/config-propagation: original - knative.dev/config-category: eventing - app.kubernetes.io/version: "1.8.5" - app.kubernetes.io/name: knative-eventing - annotations: - knative.dev/example-checksum: "0492ceb0" -data: - _example: | - ################################ - # # - # EXAMPLE CONFIGURATION # - # # - ################################ - # This block is not actually functional configuration, - # but serves to illustrate the available configuration - # options and document them in a way that is accessible - # to users that `kubectl edit` this config map. - # - # These sample configuration options may be copied out of - # this example block and unindented to be in the data block - # to actually change the configuration. - # - # This may be "zipkin" or "none". the default is "none" - backend: "none" - - # URL to zipkin collector where traces are sent. - # This must be specified when backend is "zipkin" - zipkin-endpoint: "http://zipkin.istio-system.svc.cluster.local:9411/api/v2/spans" - - # Enable zipkin debug mode. This allows all spans to be sent to the server - # bypassing sampling. - debug: "false" - - # Percentage (0-1) of requests to trace - sample-rate: "0.1" - ---- -# Copyright 2019 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: apps/v1 -kind: Deployment -metadata: - name: imc-controller - namespace: knative-eventing - labels: - eventing.knative.dev/release: "v1.8.5" - knative.dev/high-availability: "true" - app.kubernetes.io/component: imc-controller - app.kubernetes.io/version: "1.8.5" - app.kubernetes.io/name: knative-eventing -spec: - selector: - matchLabels: &labels - messaging.knative.dev/channel: in-memory-channel - messaging.knative.dev/role: controller - template: - metadata: - labels: - !!merge <<: *labels - app.kubernetes.io/component: imc-controller - app.kubernetes.io/version: "1.8.5" - app.kubernetes.io/name: knative-eventing - spec: - affinity: - podAntiAffinity: - preferredDuringSchedulingIgnoredDuringExecution: - - podAffinityTerm: - labelSelector: - matchLabels: *labels - topologyKey: kubernetes.io/hostname - weight: 100 - serviceAccountName: imc-controller - enableServiceLinks: false - containers: - - name: controller - image: gcr.io/knative-releases/knative.dev/eventing/cmd/in_memory/channel_controller@sha256:cb1934b9b47b47cf70c7e7784a31bc7b9e48a60355630dddb0695eaf1dc51df6 - env: - - name: WEBHOOK_NAME - value: inmemorychannel-webhook - - name: WEBHOOK_PORT - value: "8443" - - name: CONFIG_LOGGING_NAME - value: config-logging - - name: CONFIG_OBSERVABILITY_NAME - value: config-observability - - name: METRICS_DOMAIN - value: knative.dev/inmemorychannel-controller - - name: SYSTEM_NAMESPACE - valueFrom: - fieldRef: - fieldPath: metadata.namespace - - name: DISPATCHER_IMAGE - value: gcr.io/knative-releases/knative.dev/eventing/cmd/in_memory/channel_dispatcher@sha256:c78403d47f2c280a5688071e750e0202b07b251568b770e88fb2e449b32fc8e0 - - name: POD_NAME - valueFrom: - fieldRef: - fieldPath: metadata.name - securityContext: - allowPrivilegeEscalation: false - readOnlyRootFilesystem: true - runAsNonRoot: true - capabilities: - drop: - - ALL - seccompProfile: - type: RuntimeDefault - ports: - - name: metrics - containerPort: 9090 - - name: profiling - containerPort: 8008 - - name: https-webhook - containerPort: 8443 - readinessProbe: &probe - periodSeconds: 1 - httpGet: - scheme: HTTPS - port: 8443 - httpHeaders: - - name: k-kubelet-probe - value: "webhook" - livenessProbe: - !!merge <<: *probe - initialDelaySeconds: 120 - # Our webhook should gracefully terminate by lame ducking first, set this to a sufficiently - # high value that we respect whatever value it has configured for the lame duck grace period. - terminationGracePeriodSeconds: 300 ---- -apiVersion: v1 -kind: Service -metadata: - labels: - app.kubernetes.io/component: imc-controller - app.kubernetes.io/version: "1.8.5" - app.kubernetes.io/name: knative-eventing - eventing.knative.dev/release: "v1.8.5" - name: inmemorychannel-webhook - namespace: knative-eventing -spec: - ports: - - name: https-webhook - port: 443 - targetPort: 8443 - - name: http-metrics - port: 9090 - targetPort: 9090 - - name: http-profiling - port: 8008 - targetPort: 8008 - selector: - messaging.knative.dev/channel: in-memory-channel - messaging.knative.dev/role: controller - ---- -# Copyright 2019 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -apiVersion: v1 -kind: Service -metadata: - name: imc-dispatcher - namespace: knative-eventing - labels: - eventing.knative.dev/release: "v1.8.5" - messaging.knative.dev/channel: in-memory-channel - messaging.knative.dev/role: dispatcher - app.kubernetes.io/component: imc-dispatcher - app.kubernetes.io/version: "1.8.5" - app.kubernetes.io/name: knative-eventing -spec: - selector: - messaging.knative.dev/channel: in-memory-channel - messaging.knative.dev/role: dispatcher - ports: - - name: http-dispatcher - port: 80 - protocol: TCP - targetPort: 8080 - - name: http-metrics - port: 9090 - targetPort: 9090 - ---- -# Copyright 2019 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: apps/v1 -kind: Deployment -metadata: - name: imc-dispatcher - namespace: knative-eventing - labels: - eventing.knative.dev/release: "v1.8.5" - knative.dev/high-availability: "true" - app.kubernetes.io/component: imc-dispatcher - app.kubernetes.io/version: "1.8.5" - app.kubernetes.io/name: knative-eventing -spec: - selector: - matchLabels: &labels - messaging.knative.dev/channel: in-memory-channel - messaging.knative.dev/role: dispatcher - template: - metadata: - labels: - !!merge <<: *labels - app.kubernetes.io/component: imc-dispatcher - app.kubernetes.io/version: "1.8.5" - app.kubernetes.io/name: knative-eventing - spec: - affinity: - podAntiAffinity: - preferredDuringSchedulingIgnoredDuringExecution: - - podAffinityTerm: - labelSelector: - matchLabels: *labels - topologyKey: kubernetes.io/hostname - weight: 100 - serviceAccountName: imc-dispatcher - enableServiceLinks: false - containers: - - name: dispatcher - image: gcr.io/knative-releases/knative.dev/eventing/cmd/in_memory/channel_dispatcher@sha256:c78403d47f2c280a5688071e750e0202b07b251568b770e88fb2e449b32fc8e0 - readinessProbe: &probe - failureThreshold: 3 - httpGet: - path: /healthz - port: 8080 - scheme: HTTP - periodSeconds: 2 - successThreshold: 1 - timeoutSeconds: 1 - livenessProbe: - !!merge <<: *probe - initialDelaySeconds: 5 - env: - - name: CONFIG_LOGGING_NAME - value: config-logging - - name: CONFIG_OBSERVABILITY_NAME - value: config-observability - - name: METRICS_DOMAIN - value: knative.dev/inmemorychannel-dispatcher - - name: SYSTEM_NAMESPACE - valueFrom: - fieldRef: - fieldPath: metadata.namespace - - name: POD_NAME - valueFrom: - fieldRef: - fieldPath: metadata.name - - name: CONTAINER_NAME - value: dispatcher - - name: MAX_IDLE_CONNS - value: "1000" - - name: MAX_IDLE_CONNS_PER_HOST - value: "1000" - ports: - - containerPort: 8080 - name: http - protocol: TCP - - containerPort: 9090 - name: metrics - securityContext: - allowPrivilegeEscalation: false - readOnlyRootFilesystem: true - runAsNonRoot: true - capabilities: - drop: - - ALL - seccompProfile: - type: RuntimeDefault - ---- -# Copyright 2019 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - name: inmemorychannels.messaging.knative.dev - labels: - eventing.knative.dev/release: "v1.8.5" - knative.dev/crd-install: "true" - messaging.knative.dev/subscribable: "true" - duck.knative.dev/addressable: "true" - app.kubernetes.io/version: "1.8.5" - app.kubernetes.io/name: knative-eventing -spec: - group: messaging.knative.dev - versions: - - name: v1 - served: true - storage: true - subresources: - status: {} - schema: - openAPIV3Schema: - description: 'InMemoryChannel is a resource representing an in memory channel' - type: object - properties: - spec: - description: Spec defines the desired state of the Channel. - type: object - properties: - delivery: - description: DeliverySpec contains the default delivery spec for each subscription to this Channelable. Each subscription delivery spec, if any, overrides this global delivery spec. - type: object - properties: - backoffDelay: - description: 'BackoffDelay is the delay before retrying. More information on Duration format: - https://www.iso.org/iso-8601-date-and-time-format.html - https://en.wikipedia.org/wiki/ISO_8601 For linear policy, backoff delay is backoffDelay*. For exponential policy, backoff delay is backoffDelay*2^.' - type: string - backoffPolicy: - description: BackoffPolicy is the retry backoff policy (linear, exponential). - type: string - deadLetterSink: - description: DeadLetterSink is the sink receiving event that could not be sent to a destination. - type: object - properties: - ref: - description: Ref points to an Addressable. - type: object - properties: - apiVersion: - description: API version of the referent. - type: string - kind: - description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - namespace: - description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ This is optional field, it gets defaulted to the object holding it if left out.' - type: string - uri: - description: URI can be an absolute URL(non-empty scheme and non-empty host) pointing to the target or a relative URI. Relative URIs will be resolved using the base URI retrieved from Ref. - type: string - retry: - description: Retry is the minimum number of retries the sender should attempt when sending an event before moving it to the dead letter sink. - type: integer - format: int32 - x-kubernetes-preserve-unknown-fields: true # This is necessary to enable the experimental feature delivery-timeout - subscribers: - description: This is the list of subscriptions for this subscribable. - type: array - items: - type: object - properties: - delivery: - description: DeliverySpec contains options controlling the event delivery - type: object - properties: - backoffDelay: - description: 'BackoffDelay is the delay before retrying. More information on Duration format: - https://www.iso.org/iso-8601-date-and-time-format.html - https://en.wikipedia.org/wiki/ISO_8601 For linear policy, backoff delay is backoffDelay*. For exponential policy, backoff delay is backoffDelay*2^.' - type: string - backoffPolicy: - description: BackoffPolicy is the retry backoff policy (linear, exponential). - type: string - deadLetterSink: - description: DeadLetterSink is the sink receiving event that could not be sent to a destination. - type: object - properties: - ref: - description: Ref points to an Addressable. - type: object - properties: - apiVersion: - description: API version of the referent. - type: string - kind: - description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - namespace: - description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ This is optional field, it gets defaulted to the object holding it if left out.' - type: string - uri: - description: URI can be an absolute URL(non-empty scheme and non-empty host) pointing to the target or a relative URI. Relative URIs will be resolved using the base URI retrieved from Ref. - type: string - retry: - description: Retry is the minimum number of retries the sender should attempt when sending an event before moving it to the dead letter sink. - type: integer - format: int32 - x-kubernetes-preserve-unknown-fields: true # This is necessary to enable the experimental feature - generation: - description: Generation of the origin of the subscriber with uid:UID. - type: integer - format: int64 - replyUri: - description: ReplyURI is the endpoint for the reply - type: string - subscriberUri: - description: SubscriberURI is the endpoint for the subscriber - type: string - uid: - description: UID is used to understand the origin of the subscriber. - type: string - status: - description: Status represents the current state of the Channel. This data may be out of date. - type: object - properties: - address: - type: object - properties: - url: - type: string - annotations: - description: Annotations is additional Status fields for the Resource to save some additional State as well as convey more information to the user. This is roughly akin to Annotations on any k8s resource, just the reconciler conveying richer information outwards. - type: object - x-kubernetes-preserve-unknown-fields: true - conditions: - description: Conditions the latest available observations of a resource's current state. - type: array - items: - type: object - required: - - type - - status - properties: - lastTransitionTime: - description: LastTransitionTime is the last time the condition transitioned from one status to another. We use VolatileTime in place of metav1.Time to exclude this from creating equality.Semantic differences (all other things held constant). - type: string - message: - description: A human readable message indicating details about the transition. - type: string - reason: - description: The reason for the condition's last transition. - type: string - severity: - description: Severity with which to treat failures of this type of condition. When this is not specified, it defaults to Error. - type: string - status: - description: Status of the condition, one of True, False, Unknown. - type: string - type: - description: Type of condition. - type: string - deadLetterChannel: - description: DeadLetterChannel is a KReference and is set by the channel when it supports native error handling via a channel Failed messages are delivered here. - type: object - properties: - apiVersion: - description: API version of the referent. - type: string - kind: - description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - namespace: - description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ This is optional field, it gets defaulted to the object holding it if left out.' - type: string - deadLetterSinkUri: - description: DeadLetterSinkURI is the resolved URI of the dead letter ref if one is specified in the Spec.Delivery. - type: string - observedGeneration: - description: ObservedGeneration is the 'Generation' of the Service that was last processed by the controller. - type: integer - format: int64 - subscribers: - description: This is the list of subscription's statuses for this channel. - type: array - items: - type: object - properties: - message: - description: A human readable message indicating details of Ready status. - type: string - observedGeneration: - description: Generation of the origin of the subscriber with uid:UID. - type: integer - format: int64 - ready: - description: Status of the subscriber. - type: string - uid: - description: UID is used to understand the origin of the subscriber. - type: string - additionalPrinterColumns: - - name: URL - type: string - jsonPath: .status.address.url - - name: Age - type: date - jsonPath: .metadata.creationTimestamp - - name: Ready - type: string - jsonPath: ".status.conditions[?(@.type==\"Ready\")].status" - - name: Reason - type: string - jsonPath: ".status.conditions[?(@.type==\"Ready\")].reason" - names: - kind: InMemoryChannel - plural: inmemorychannels - singular: inmemorychannel - categories: - - all - - knative - - messaging - - channel - shortNames: - - imc - scope: Namespaced - ---- -# Copyright 2019 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRole -metadata: - name: imc-addressable-resolver - labels: - eventing.knative.dev/release: "v1.8.5" - duck.knative.dev/addressable: "true" - app.kubernetes.io/version: "1.8.5" - app.kubernetes.io/name: knative-eventing -# Do not use this role directly. These rules will be added to the "addressable-resolver" role. -rules: - - apiGroups: - - messaging.knative.dev - resources: - - inmemorychannels - - inmemorychannels/status - verbs: - - get - - list - - watch - ---- -# Copyright 2019 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRole -metadata: - name: imc-channelable-manipulator - labels: - eventing.knative.dev/release: "v1.8.5" - duck.knative.dev/channelable: "true" - app.kubernetes.io/version: "1.8.5" - app.kubernetes.io/name: knative-eventing -# Do not use this role directly. These rules will be added to the "channelable-manipulator" role. -rules: - - apiGroups: - - messaging.knative.dev - resources: - - inmemorychannels - - inmemorychannels/status - verbs: - - create - - get - - list - - watch - - update - - patch - - delete - ---- -# Copyright 2019 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRole -metadata: - name: imc-controller - labels: - eventing.knative.dev/release: "v1.8.5" - app.kubernetes.io/version: "1.8.5" - app.kubernetes.io/name: knative-eventing -rules: - - apiGroups: - - messaging.knative.dev - resources: - - inmemorychannels - - inmemorychannels/status - verbs: - - get - - list - - watch - - update - - apiGroups: - - messaging.knative.dev - resources: - - inmemorychannels/finalizers - verbs: - - update - - apiGroups: - - messaging.knative.dev - resources: - - inmemorychannels/finalizers - - inmemorychannels/status - - inmemorychannels - verbs: - - patch - - apiGroups: - - "" - resources: - - services - - serviceaccounts - verbs: &everything - - get - - list - - watch - - create - - update - - patch - - apiGroups: - - "" - resources: - - endpoints - verbs: - - get - - list - - watch - - apiGroups: - - "rbac.authorization.k8s.io" - resources: - - rolebindings - verbs: *everything - - apiGroups: - - apps - resources: - - deployments - verbs: *everything - - apiGroups: - - apps - resources: - - deployments/status - verbs: - - get - - list - - watch - - apiGroups: - - "" - resources: - - configmaps - verbs: - - get - - list - - watch - - apiGroups: - - "" - resources: - - events - verbs: - - create - - patch - - apiGroups: - - coordination.k8s.io - resources: - - leases - verbs: *everything - # For actually registering our webhook. - - apiGroups: - - "admissionregistration.k8s.io" - resources: - - "mutatingwebhookconfigurations" - - "validatingwebhookconfigurations" - verbs: &everything - - "get" - - "list" - - "create" - - "update" - - "delete" - - "patch" - - "watch" - # For manipulating certs into secrets. - - apiGroups: - - "" - resources: - - "namespaces" - verbs: - - "get" - - "create" - - "update" - - "list" - - "watch" - - "patch" - # finalizers are needed for the owner reference of the webhook - - apiGroups: - - "" - resources: - - "namespaces/finalizers" - verbs: - - "update" - ---- -# Copyright 2019 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRole -metadata: - name: imc-dispatcher - labels: - eventing.knative.dev/release: "v1.8.5" - app.kubernetes.io/version: "1.8.5" - app.kubernetes.io/name: knative-eventing -rules: - - apiGroups: - - messaging.knative.dev - resources: - - inmemorychannels - - inmemorychannels/status - verbs: - - get - - list - - watch - - apiGroups: - - "" # Core API group. - resources: - - configmaps - verbs: - - get - - list - - watch - - apiGroups: - - "" - resources: - - events - verbs: - - create - - patch - # Updates the finalizer so we can remove our handlers when channel is deleted - # Patches the status.subscribers to reflect when the subscription dataplane has been - # configured. - - apiGroups: - - messaging.knative.dev - resources: - - inmemorychannels/finalizers - - inmemorychannels/status - - inmemorychannels - verbs: - - patch - - apiGroups: - - coordination.k8s.io - resources: - - leases - verbs: - - get - - list - - watch - - create - - update - - patch - ---- -# Copyright 2020 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: rbac.authorization.k8s.io/v1 -kind: Role -metadata: - namespace: knative-eventing - name: knative-inmemorychannel-webhook - labels: - eventing.knative.dev/release: "v1.8.5" - app.kubernetes.io/version: "1.8.5" - app.kubernetes.io/name: knative-eventing -rules: - # For manipulating certs into secrets. - - apiGroups: - - "" - resources: - - "secrets" - verbs: - - "get" - - "create" - - "update" - - "list" - - "watch" - - "patch" - ---- -# Copyright 2021 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: admissionregistration.k8s.io/v1 -kind: MutatingWebhookConfiguration -metadata: - name: inmemorychannel.eventing.knative.dev - labels: - eventing.knative.dev/release: "v1.8.5" - app.kubernetes.io/version: "1.8.5" - app.kubernetes.io/name: knative-eventing -webhooks: - - admissionReviewVersions: ["v1"] - clientConfig: - service: - name: inmemorychannel-webhook - namespace: knative-eventing - sideEffects: None - failurePolicy: Fail - name: inmemorychannel.eventing.knative.dev - timeoutSeconds: 10 - ---- -# Copyright 2021 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: admissionregistration.k8s.io/v1 -kind: ValidatingWebhookConfiguration -metadata: - name: validation.inmemorychannel.eventing.knative.dev - labels: - eventing.knative.dev/release: "v1.8.5" - app.kubernetes.io/version: "1.8.5" - app.kubernetes.io/name: knative-eventing -webhooks: - - admissionReviewVersions: ["v1"] - clientConfig: - service: - name: inmemorychannel-webhook - namespace: knative-eventing - sideEffects: None - failurePolicy: Fail - name: validation.inmemorychannel.eventing.knative.dev - timeoutSeconds: 10 - ---- -# Copyright 2021 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: v1 -kind: Secret -metadata: - name: inmemorychannel-webhook-certs - namespace: knative-eventing - labels: - eventing.knative.dev/release: "v1.8.5" - app.kubernetes.io/version: "1.8.5" - app.kubernetes.io/name: knative-eventing -# The data is populated at install time. - ---- diff --git a/cmd/operator/kodata/knative-eventing/1.8.5/4-mt-channel-broker.yaml b/cmd/operator/kodata/knative-eventing/1.8.5/4-mt-channel-broker.yaml deleted file mode 100644 index 96daacc17d..0000000000 --- a/cmd/operator/kodata/knative-eventing/1.8.5/4-mt-channel-broker.yaml +++ /dev/null @@ -1,675 +0,0 @@ -# Copyright 2020 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRole -metadata: - name: knative-eventing-mt-channel-broker-controller - labels: - eventing.knative.dev/release: "v1.8.5" - app.kubernetes.io/version: "1.8.5" - app.kubernetes.io/name: knative-eventing -rules: - # Configs resources and status we care about. - - apiGroups: - - "" - resources: - - "namespaces/finalizers" - verbs: - - "update" - - apiGroups: - - coordination.k8s.io - resources: - - leases - verbs: - - "get" - - "list" - - "create" - - "update" - - "delete" - - "patch" - - "watch" - ---- -# Copyright 2020 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRole -metadata: - name: knative-eventing-mt-broker-filter - labels: - eventing.knative.dev/release: "v1.8.5" - app.kubernetes.io/version: "1.8.5" - app.kubernetes.io/name: knative-eventing -rules: - - apiGroups: - - eventing.knative.dev - resources: - - triggers - - triggers/status - verbs: - - get - - list - - watch - - apiGroups: - - "" - resources: - - "configmaps" - verbs: - - get - - list - - watch - ---- -# Copyright 2020 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -apiVersion: v1 -kind: ServiceAccount -metadata: - name: mt-broker-filter - namespace: knative-eventing - labels: - eventing.knative.dev/release: "v1.8.5" - app.kubernetes.io/version: "1.8.5" - app.kubernetes.io/name: knative-eventing - ---- -# Copyright 2020 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRole -metadata: - name: knative-eventing-mt-broker-ingress - labels: - eventing.knative.dev/release: "v1.8.5" - app.kubernetes.io/version: "1.8.5" - app.kubernetes.io/name: knative-eventing -rules: - - apiGroups: - - eventing.knative.dev - resources: - - brokers - verbs: - - get - - list - - watch - - apiGroups: - - "" - resources: - - "configmaps" - verbs: - - get - - list - - watch - ---- -# Copyright 2020 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -apiVersion: v1 -kind: ServiceAccount -metadata: - name: mt-broker-ingress - namespace: knative-eventing - labels: - eventing.knative.dev/release: "v1.8.5" - app.kubernetes.io/version: "1.8.5" - app.kubernetes.io/name: knative-eventing - ---- -# Copyright 2020 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRoleBinding -metadata: - name: eventing-mt-channel-broker-controller - labels: - eventing.knative.dev/release: "v1.8.5" - app.kubernetes.io/version: "1.8.5" - app.kubernetes.io/name: knative-eventing -subjects: - - kind: ServiceAccount - name: eventing-controller - namespace: knative-eventing -roleRef: - kind: ClusterRole - name: knative-eventing-mt-channel-broker-controller - apiGroup: rbac.authorization.k8s.io - ---- -# Copyright 2020 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRoleBinding -metadata: - name: knative-eventing-mt-broker-filter - labels: - eventing.knative.dev/release: "v1.8.5" - app.kubernetes.io/version: "1.8.5" - app.kubernetes.io/name: knative-eventing -subjects: - - kind: ServiceAccount - name: mt-broker-filter - namespace: knative-eventing -roleRef: - kind: ClusterRole - name: knative-eventing-mt-broker-filter - apiGroup: rbac.authorization.k8s.io - ---- -# Copyright 2020 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRoleBinding -metadata: - name: knative-eventing-mt-broker-ingress - labels: - eventing.knative.dev/release: "v1.8.5" - app.kubernetes.io/version: "1.8.5" - app.kubernetes.io/name: knative-eventing -subjects: - - kind: ServiceAccount - name: mt-broker-ingress - namespace: knative-eventing -roleRef: - kind: ClusterRole - name: knative-eventing-mt-broker-ingress - apiGroup: rbac.authorization.k8s.io - ---- -# Copyright 2020 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: apps/v1 -kind: Deployment -metadata: - name: mt-broker-filter - namespace: knative-eventing - labels: - eventing.knative.dev/release: "v1.8.5" - app.kubernetes.io/component: broker-filter - app.kubernetes.io/version: "1.8.5" - app.kubernetes.io/name: knative-eventing -spec: - selector: - matchLabels: - eventing.knative.dev/brokerRole: filter - template: - metadata: - labels: - eventing.knative.dev/brokerRole: filter - eventing.knative.dev/release: "v1.8.5" - app.kubernetes.io/component: broker-filter - app.kubernetes.io/version: "1.8.5" - app.kubernetes.io/name: knative-eventing - spec: - serviceAccountName: mt-broker-filter - enableServiceLinks: false - containers: - - name: filter - terminationMessagePolicy: FallbackToLogsOnError - image: gcr.io/knative-releases/knative.dev/eventing/cmd/broker/filter@sha256:da22c6ec6fe86d84c51de6e0a61d381cf643cea7d10707d490d13d151bf0ffac - readinessProbe: &probe - failureThreshold: 3 - httpGet: - path: /healthz - port: 8080 - scheme: HTTP - periodSeconds: 2 - successThreshold: 1 - timeoutSeconds: 1 - livenessProbe: - !!merge <<: *probe - initialDelaySeconds: 5 - resources: - requests: - cpu: 100m - memory: 100Mi - ports: - - containerPort: 8080 - name: http - protocol: TCP - - containerPort: 9092 - name: metrics - protocol: TCP - terminationMessagePath: /dev/termination-log - env: - - name: SYSTEM_NAMESPACE - valueFrom: - fieldRef: - fieldPath: metadata.namespace - - name: NAMESPACE - valueFrom: - fieldRef: - apiVersion: v1 - fieldPath: metadata.namespace - - name: POD_NAME - valueFrom: - fieldRef: - apiVersion: v1 - fieldPath: metadata.name - - name: CONTAINER_NAME - value: filter - - name: CONFIG_LOGGING_NAME - value: config-logging - - name: CONFIG_OBSERVABILITY_NAME - value: config-observability - - name: METRICS_DOMAIN - value: knative.dev/internal/eventing - - name: FILTER_PORT - value: "8080" - securityContext: - allowPrivilegeEscalation: false - readOnlyRootFilesystem: true - runAsNonRoot: true - capabilities: - drop: - - ALL - seccompProfile: - type: RuntimeDefault ---- -apiVersion: v1 -kind: Service -metadata: - labels: - eventing.knative.dev/brokerRole: filter - eventing.knative.dev/release: "v1.8.5" - app.kubernetes.io/component: broker-filter - app.kubernetes.io/version: "1.8.5" - app.kubernetes.io/name: knative-eventing - name: broker-filter - namespace: knative-eventing -spec: - ports: - - name: http - port: 80 - protocol: TCP - targetPort: 8080 - - name: http-metrics - port: 9092 - protocol: TCP - targetPort: 9092 - selector: - eventing.knative.dev/brokerRole: filter - ---- -# Copyright 2020 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: apps/v1 -kind: Deployment -metadata: - name: mt-broker-ingress - namespace: knative-eventing - labels: - eventing.knative.dev/release: "v1.8.5" - app.kubernetes.io/component: broker-ingress - app.kubernetes.io/version: "1.8.5" - app.kubernetes.io/name: knative-eventing -spec: - selector: - matchLabels: - eventing.knative.dev/brokerRole: ingress - template: - metadata: - labels: - eventing.knative.dev/brokerRole: ingress - eventing.knative.dev/release: "v1.8.5" - app.kubernetes.io/component: broker-ingress - app.kubernetes.io/version: "1.8.5" - app.kubernetes.io/name: knative-eventing - spec: - serviceAccountName: mt-broker-ingress - enableServiceLinks: false - containers: - - name: ingress - terminationMessagePolicy: FallbackToLogsOnError - image: gcr.io/knative-releases/knative.dev/eventing/cmd/broker/ingress@sha256:4d941cac8f3d519180a351b09c57fc8cf065717ec60640257d2ecbac4324b21a - readinessProbe: &probe - failureThreshold: 3 - httpGet: - path: /healthz - port: 8080 - scheme: HTTP - periodSeconds: 2 - successThreshold: 1 - timeoutSeconds: 1 - livenessProbe: - !!merge <<: *probe - initialDelaySeconds: 5 - resources: - requests: - cpu: 100m - memory: 100Mi - ports: - - containerPort: 8080 - name: http - protocol: TCP - - containerPort: 9092 - name: metrics - protocol: TCP - terminationMessagePath: /dev/termination-log - env: - - name: SYSTEM_NAMESPACE - valueFrom: - fieldRef: - fieldPath: metadata.namespace - - name: NAMESPACE - valueFrom: - fieldRef: - apiVersion: v1 - fieldPath: metadata.namespace - - name: POD_NAME - valueFrom: - fieldRef: - apiVersion: v1 - fieldPath: metadata.name - - name: CONTAINER_NAME - value: ingress - - name: CONFIG_LOGGING_NAME - value: config-logging - - name: CONFIG_OBSERVABILITY_NAME - value: config-observability - - name: METRICS_DOMAIN - value: knative.dev/internal/eventing - - name: INGRESS_PORT - value: "8080" - securityContext: - allowPrivilegeEscalation: false - readOnlyRootFilesystem: true - runAsNonRoot: true - capabilities: - drop: - - ALL - seccompProfile: - type: RuntimeDefault ---- -apiVersion: v1 -kind: Service -metadata: - labels: - eventing.knative.dev/brokerRole: ingress - eventing.knative.dev/release: "v1.8.5" - app.kubernetes.io/component: broker-ingress - app.kubernetes.io/version: "1.8.5" - app.kubernetes.io/name: knative-eventing - name: broker-ingress - namespace: knative-eventing -spec: - ports: - - name: http - port: 80 - protocol: TCP - targetPort: 8080 - - name: http-metrics - port: 9092 - protocol: TCP - targetPort: 9092 - selector: - eventing.knative.dev/brokerRole: ingress - ---- -# Copyright 2020 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: apps/v1 -kind: Deployment -metadata: - name: mt-broker-controller - namespace: knative-eventing - labels: - eventing.knative.dev/release: "v1.8.5" - app.kubernetes.io/component: mt-broker-controller - app.kubernetes.io/version: "1.8.5" - app.kubernetes.io/name: knative-eventing -spec: - selector: - matchLabels: - app: mt-broker-controller - template: - metadata: - labels: - app: mt-broker-controller - eventing.knative.dev/release: "v1.8.5" - app.kubernetes.io/component: broker-controller - app.kubernetes.io/version: "1.8.5" - app.kubernetes.io/name: knative-eventing - spec: - # To avoid node becoming SPOF, spread our replicas to different nodes. - affinity: - podAntiAffinity: - preferredDuringSchedulingIgnoredDuringExecution: - - podAffinityTerm: - labelSelector: - matchLabels: - app: mt-broker-controller - topologyKey: kubernetes.io/hostname - weight: 100 - serviceAccountName: eventing-controller - enableServiceLinks: false - containers: - - name: mt-broker-controller - terminationMessagePolicy: FallbackToLogsOnError - image: gcr.io/knative-releases/knative.dev/eventing/cmd/mtchannel_broker@sha256:6ba786ba15be0c5bab44bd89a9667405dd98b97bccf95089f462d6bba5650450 - resources: - requests: - cpu: 100m - memory: 100Mi - env: - - name: SYSTEM_NAMESPACE - valueFrom: - fieldRef: - fieldPath: metadata.namespace - - name: CONFIG_LOGGING_NAME - value: config-logging - - name: CONFIG_OBSERVABILITY_NAME - value: config-observability - - name: METRICS_DOMAIN - value: knative.dev/eventing - - name: POD_NAME - valueFrom: - fieldRef: - fieldPath: metadata.name - securityContext: - allowPrivilegeEscalation: false - readOnlyRootFilesystem: true - runAsNonRoot: true - capabilities: - drop: - - ALL - seccompProfile: - type: RuntimeDefault - ports: - - name: metrics - containerPort: 9090 - - name: profiling - containerPort: 8008 - ---- -# Copyright 2020 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: autoscaling/v2 -kind: HorizontalPodAutoscaler -metadata: - name: broker-ingress-hpa - namespace: knative-eventing - labels: - eventing.knative.dev/release: "v1.8.5" - app.kubernetes.io/component: broker-ingress - app.kubernetes.io/version: "1.8.5" - app.kubernetes.io/name: knative-eventing -spec: - scaleTargetRef: - apiVersion: apps/v1 - kind: Deployment - name: mt-broker-ingress - minReplicas: 1 - maxReplicas: 10 - metrics: - - type: Resource - resource: - name: cpu - target: - type: Utilization - averageUtilization: 70 ---- -apiVersion: autoscaling/v2 -kind: HorizontalPodAutoscaler -metadata: - name: broker-filter-hpa - namespace: knative-eventing - labels: - eventing.knative.dev/release: "v1.8.5" - app.kubernetes.io/component: broker-filter - app.kubernetes.io/version: "1.8.5" - app.kubernetes.io/name: knative-eventing -spec: - scaleTargetRef: - apiVersion: apps/v1 - kind: Deployment - name: mt-broker-filter - minReplicas: 1 - maxReplicas: 10 - metrics: - - type: Resource - resource: - name: cpu - target: - type: Utilization - averageUtilization: 70 - ---- diff --git a/cmd/operator/kodata/knative-eventing/1.8.5/5-eventing-post-install.yaml b/cmd/operator/kodata/knative-eventing/1.8.5/5-eventing-post-install.yaml deleted file mode 100644 index e9972b4dc0..0000000000 --- a/cmd/operator/kodata/knative-eventing/1.8.5/5-eventing-post-install.yaml +++ /dev/null @@ -1,231 +0,0 @@ -# Copyright 2020 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRole -metadata: - name: knative-eventing-post-install-job-role - labels: - app.kubernetes.io/version: "1.8.5" - app.kubernetes.io/name: knative-eventing - eventing.knative.dev/release: "v1.8.5" -rules: - # Storage version upgrader needs to be able to patch CRDs. - - apiGroups: - - "apiextensions.k8s.io" - resources: - - "customresourcedefinitions" - - "customresourcedefinitions/status" - verbs: - - "get" - - "list" - - "update" - - "patch" - - "watch" - # Our own resources we care about. - - apiGroups: - - "sources.knative.dev" - resources: - - "apiserversources" - - "apiserversources/finalizers" - - "apiserversources/status" - - "containersources" - - "containersources/finalizers" - - "containersources/status" - - "pingsources" - - "pingsources/finalizers" - - "pingsources/status" - - "sinkbindings" - - "sinkbindings/finalizers" - - "sinkbindings/status" - verbs: - - "get" - - "list" - - "create" - - "update" - - "patch" - - "watch" - - apiGroups: - - "eventing.knative.dev" - resources: - - "brokers" - - "brokers/finalizers" - - "brokers/status" - - "eventtypes" - - "eventtypes/finalizers" - - "eventtypes/status" - - "triggers" - - "triggers/finalizers" - - "triggers/status" - verbs: - - "get" - - "list" - - "create" - - "update" - - "patch" - - "watch" - - apiGroups: - - "messaging.knative.dev" - resources: - - "channels" - - "channels/finalizers" - - "channels/status" - - "inmemorychannels" - - "inmemorychannels/finalizers" - - "inmemorychannels/status" - - "subscriptions" - - "subscriptions/finalizers" - - "subscriptions/status" - verbs: - - "get" - - "list" - - "create" - - "update" - - "patch" - - "watch" - - apiGroups: - - "flows.knative.dev" - resources: - - "parallels" - - "parallels/finalizers" - - "parallels/status" - - "sequences" - - "sequences/finalizers" - - "sequences/status" - verbs: - - "get" - - "list" - - "create" - - "update" - - "patch" - - "watch" - - apiGroups: - - "" - resources: - - "namespaces" - verbs: - - "get" - - "list" - ---- -# Copyright 2020 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: v1 -kind: ServiceAccount -metadata: - name: knative-eventing-post-install-job - namespace: knative-eventing - labels: - eventing.knative.dev/release: "v1.8.5" - app.kubernetes.io/version: "1.8.5" - app.kubernetes.io/name: knative-eventing ---- -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRoleBinding -metadata: - name: knative-eventing-post-install-job-role-binding - labels: - eventing.knative.dev/release: "v1.8.5" - app.kubernetes.io/version: "1.8.5" - app.kubernetes.io/name: knative-eventing -subjects: - - kind: ServiceAccount - name: knative-eventing-post-install-job - namespace: knative-eventing -roleRef: - kind: ClusterRole - name: knative-eventing-post-install-job-role - apiGroup: rbac.authorization.k8s.io - ---- -# Copyright 2020 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: batch/v1 -kind: Job -metadata: - generateName: storage-version-migration-eventing- - namespace: knative-eventing - labels: - app: "storage-version-migration-eventing" - app.kubernetes.io/name: knative-eventing - app.kubernetes.io/component: storage-version-migration-job - app.kubernetes.io/version: "1.8.5" - eventing.knative.dev/release: "v1.8.5" -spec: - ttlSecondsAfterFinished: 600 - backoffLimit: 10 - template: - metadata: - labels: - app: "storage-version-migration-eventing" - app.kubernetes.io/name: knative-eventing - app.kubernetes.io/component: storage-version-migration-job - app.kubernetes.io/version: "1.8.5" - eventing.knative.dev/release: "v1.8.5" - annotations: - sidecar.istio.io/inject: "false" - spec: - serviceAccountName: knative-eventing-post-install-job - restartPolicy: OnFailure - containers: - - name: migrate - image: gcr.io/knative-releases/knative.dev/pkg/apiextensions/storageversion/cmd/migrate@sha256:a697a9b2dd74530e51637115de2884bb3bc6d0447ce05a2701b8c6d9f1a8f8f1 - args: - - "apiserversources.sources.knative.dev" - - "brokers.eventing.knative.dev" - - "channels.messaging.knative.dev" - - "containersources.sources.knative.dev" - - "eventtypes.eventing.knative.dev" - - "inmemorychannels.messaging.knative.dev" - - "parallels.flows.knative.dev" - - "pingsources.sources.knative.dev" - - "sequences.flows.knative.dev" - - "sinkbindings.sources.knative.dev" - - "subscriptions.messaging.knative.dev" - - "triggers.eventing.knative.dev" - securityContext: - allowPrivilegeEscalation: false - readOnlyRootFilesystem: true - runAsNonRoot: true - capabilities: - drop: - - ALL - seccompProfile: - type: RuntimeDefault - ---- diff --git a/cmd/operator/kodata/knative-eventing/1.8.6/1-eventing-crds.yaml b/cmd/operator/kodata/knative-eventing/1.8.6/1-eventing-crds.yaml deleted file mode 100644 index 90a006c972..0000000000 --- a/cmd/operator/kodata/knative-eventing/1.8.6/1-eventing-crds.yaml +++ /dev/null @@ -1,2296 +0,0 @@ -# Copyright 2020 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - creationTimestamp: null - labels: - eventing.knative.dev/release: "v1.8.6" - eventing.knative.dev/source: "true" - duck.knative.dev/source: "true" - knative.dev/crd-install: "true" - app.kubernetes.io/version: "1.8.6" - app.kubernetes.io/name: knative-eventing - annotations: - # TODO add schemas and descriptions - registry.knative.dev/eventTypes: | - [ - { "type": "dev.knative.apiserver.resource.add" }, - { "type": "dev.knative.apiserver.resource.delete" }, - { "type": "dev.knative.apiserver.resource.update" }, - { "type": "dev.knative.apiserver.ref.add" }, - { "type": "dev.knative.apiserver.ref.delete" }, - { "type": "dev.knative.apiserver.ref.update" } - ] - name: apiserversources.sources.knative.dev -spec: - group: sources.knative.dev - versions: - - name: v1 - served: true - storage: true - subresources: - status: {} - schema: - openAPIV3Schema: - description: 'ApiServerSource is an event source that brings Kubernetes API server events into Knative.' - type: object - properties: - spec: - type: object - required: - - resources - properties: - ceOverrides: - description: CloudEventOverrides defines overrides to control the output format and modifications of the event sent to the sink. - type: object - properties: - extensions: - description: Extensions specify what attribute are added or overridden on the outbound event. Each `Extensions` key-value pair are set on the event as an attribute extension independently. - type: object - x-kubernetes-preserve-unknown-fields: true - mode: - description: EventMode controls the format of the event. `Reference` sends a dataref event type for the resource under watch. `Resource` send the full resource lifecycle event. Defaults to `Reference` - type: string - owner: - description: ResourceOwner is an additional filter to only track resources that are owned by a specific resource type. If ResourceOwner matches Resources[n] then Resources[n] is allowed to pass the ResourceOwner filter. - type: object - properties: - apiVersion: - description: APIVersion - the API version of the resource to watch. - type: string - kind: - description: 'Kind of the resource to watch. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - resources: - description: Resource are the resources this source will track and send related lifecycle events from the Kubernetes ApiServer, with an optional label selector to help filter. - type: array - items: - type: object - properties: - apiVersion: - description: APIVersion - the API version of the resource to watch. - type: string - kind: - description: 'Kind of the resource to watch. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - selector: - description: 'LabelSelector filters this source to objects to those resources pass the label selector. More info: http://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#label-selectors' - type: object - properties: - matchExpressions: - description: matchExpressions is a list of label selector requirements. The requirements are ANDed. - type: array - items: - type: object - properties: - key: - description: key is the label key that the selector applies to. - type: string - operator: - description: operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. - type: string - values: - description: values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. - type: array - items: - type: string - matchLabels: - description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. - type: object - x-kubernetes-preserve-unknown-fields: true - serviceAccountName: - description: ServiceAccountName is the name of the ServiceAccount to use to run this source. Defaults to default if not set. - type: string - sink: - description: Sink is a reference to an object that will resolve to a uri to use as the sink. - type: object - properties: - ref: - description: Ref points to an Addressable. - type: object - properties: - apiVersion: - description: API version of the referent. - type: string - kind: - description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - namespace: - description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ This is optional field, it gets defaulted to the object holding it if left out.' - type: string - uri: - description: URI can be an absolute URL(non-empty scheme and non-empty host) pointing to the target or a relative URI. Relative URIs will be resolved using the base URI retrieved from Ref. - type: string - status: - type: object - properties: - annotations: - description: Annotations is additional Status fields for the Resource to save some additional State as well as convey more information to the user. This is roughly akin to Annotations on any k8s resource, just the reconciler conveying richer information outwards. - type: object - x-kubernetes-preserve-unknown-fields: true - ceAttributes: - description: CloudEventAttributes are the specific attributes that the Source uses as part of its CloudEvents. - type: array - items: - type: object - properties: - source: - description: Source is the CloudEvents source attribute. - type: string - type: - description: Type refers to the CloudEvent type attribute. - type: string - conditions: - description: Conditions the latest available observations of a resource's current state. - type: array - items: - type: object - required: - - type - - status - properties: - lastTransitionTime: - description: LastTransitionTime is the last time the condition transitioned from one status to another. We use VolatileTime in place of metav1.Time to exclude this from creating equality.Semantic differences (all other things held constant). - type: string - message: - description: A human readable message indicating details about the transition. - type: string - reason: - description: The reason for the condition's last transition. - type: string - severity: - description: Severity with which to treat failures of this type of condition. When this is not specified, it defaults to Error. - type: string - status: - description: Status of the condition, one of True, False, Unknown. - type: string - type: - description: Type of condition. - type: string - observedGeneration: - description: ObservedGeneration is the 'Generation' of the Service that was last processed by the controller. - type: integer - format: int64 - sinkUri: - description: SinkURI is the current active sink URI that has been configured for the Source. - type: string - additionalPrinterColumns: - - name: Sink - type: string - jsonPath: ".status.sinkUri" - - name: Age - type: date - jsonPath: .metadata.creationTimestamp - - name: Ready - type: string - jsonPath: ".status.conditions[?(@.type==\"Ready\")].status" - - name: Reason - type: string - jsonPath: ".status.conditions[?(@.type==\"Ready\")].reason" - names: - categories: - - all - - knative - - sources - kind: ApiServerSource - plural: apiserversources - singular: apiserversource - scope: Namespaced - ---- -# Copyright 2020 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - name: brokers.eventing.knative.dev - labels: - eventing.knative.dev/release: "v1.8.6" - knative.dev/crd-install: "true" - duck.knative.dev/addressable: "true" - app.kubernetes.io/version: "1.8.6" - app.kubernetes.io/name: knative-eventing -spec: - group: eventing.knative.dev - versions: - - name: v1 - served: true - storage: true - subresources: - status: {} - schema: - openAPIV3Schema: - description: 'Broker collects a pool of events that are consumable using Triggers. Brokers provide a well-known endpoint for event delivery that senders can use with minimal knowledge of the event routing strategy. Subscribers use Triggers to request delivery of events from a Broker''s pool to a specific URL or Addressable endpoint.' - type: object - properties: - spec: - description: Spec defines the desired state of the Broker. - type: object - properties: - config: - description: Config is a KReference to the configuration that specifies configuration options for this Broker. For example, this could be a pointer to a ConfigMap. - type: object - properties: - apiVersion: - description: API version of the referent. - type: string - kind: - description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - namespace: - description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ This is optional field, it gets defaulted to the object holding it if left out.' - type: string - delivery: - description: Delivery contains the delivery spec for each trigger to this Broker. Each trigger delivery spec, if any, overrides this global delivery spec. - type: object - properties: - backoffDelay: - description: 'BackoffDelay is the delay before retrying. More information on Duration format: - https://www.iso.org/iso-8601-date-and-time-format.html - https://en.wikipedia.org/wiki/ISO_8601 For linear policy, backoff delay is backoffDelay*. For exponential policy, backoff delay is backoffDelay*2^.' - type: string - backoffPolicy: - description: BackoffPolicy is the retry backoff policy (linear, exponential). - type: string - deadLetterSink: - description: DeadLetterSink is the sink receiving event that could not be sent to a destination. - type: object - properties: - ref: - description: Ref points to an Addressable. - type: object - properties: - apiVersion: - description: API version of the referent. - type: string - kind: - description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - namespace: - description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ This is optional field, it gets defaulted to the object holding it if left out.' - type: string - uri: - description: URI can be an absolute URL(non-empty scheme and non-empty host) pointing to the target or a relative URI. Relative URIs will be resolved using the base URI retrieved from Ref. - type: string - retry: - description: Retry is the minimum number of retries the sender should attempt when sending an event before moving it to the dead letter sink. - type: integer - format: int32 - x-kubernetes-preserve-unknown-fields: true # This is necessary to enable the experimental feature delivery-timeout - status: - description: Status represents the current state of the Broker. This data may be out of date. - type: object - properties: - address: - description: Broker is Addressable. It exposes the endpoint as an URI to get events delivered into the Broker mesh. - type: object - properties: - url: - type: string - annotations: - description: Annotations is additional Status fields for the Resource to save some additional State as well as convey more information to the user. This is roughly akin to Annotations on any k8s resource, just the reconciler conveying richer information outwards. - type: object - x-kubernetes-preserve-unknown-fields: true - conditions: - description: Conditions the latest available observations of a resource's current state. - type: array - items: - type: object - required: - - type - - status - properties: - lastTransitionTime: - description: 'LastTransitionTime is the last time the condition transitioned from one status to another. We use VolatileTime in place of metav1.Time to exclude this from creating equality.Semantic differences (all other things held constant).' - type: string - message: - description: 'A human readable message indicating details about the transition.' - type: string - reason: - description: 'The reason for the condition''s last transition.' - type: string - severity: - description: 'Severity with which to treat failures of this type of condition. When this is not specified, it defaults to Error.' - type: string - status: - description: 'Status of the condition, one of True, False, Unknown.' - type: string - type: - description: 'Type of condition.' - type: string - deadLetterSinkUri: - description: DeadLetterSinkURI is the resolved URI of the dead letter sink that will be used as a fallback when not specified by Triggers. - type: string - observedGeneration: - description: ObservedGeneration is the 'Generation' of the Service that was last processed by the controller. - type: integer - format: int64 - additionalPrinterColumns: - - name: URL - type: string - jsonPath: .status.address.url - - name: Age - type: date - jsonPath: .metadata.creationTimestamp - - name: Ready - type: string - jsonPath: ".status.conditions[?(@.type==\"Ready\")].status" - - name: Reason - type: string - jsonPath: ".status.conditions[?(@.type==\"Ready\")].reason" - names: - kind: Broker - plural: brokers - singular: broker - categories: - - all - - knative - - eventing - scope: Namespaced - ---- -# Copyright 2020 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - name: channels.messaging.knative.dev - labels: - eventing.knative.dev/release: "v1.8.6" - knative.dev/crd-install: "true" - messaging.knative.dev/subscribable: "true" - duck.knative.dev/addressable: "true" - app.kubernetes.io/version: "1.8.6" - app.kubernetes.io/name: knative-eventing -spec: - group: messaging.knative.dev - versions: - - name: v1 - served: true - storage: true - subresources: - status: {} - additionalPrinterColumns: - - name: URL - type: string - jsonPath: .status.address.url - - name: Age - type: date - jsonPath: .metadata.creationTimestamp - - name: Ready - type: string - jsonPath: ".status.conditions[?(@.type==\"Ready\")].status" - - name: Reason - type: string - jsonPath: ".status.conditions[?(@.type==\"Ready\")].reason" - schema: - openAPIV3Schema: - description: 'Channel represents a generic Channel. It is normally used when we want a Channel, but do not need a specific Channel implementation.' - type: object - properties: - spec: - description: Spec defines the desired state of the Channel. - type: object - properties: - channelTemplate: - description: ChannelTemplate specifies which Channel CRD to use to create the CRD Channel backing this Channel. This is immutable after creation. Normally this is set by the Channel defaulter, not directly by the user. - type: object - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - spec: - description: Spec defines the Spec to use for each channel created. Passed in verbatim to the Channel CRD as Spec section. - type: object - x-kubernetes-preserve-unknown-fields: true - delivery: - description: DeliverySpec contains the default delivery spec for each subscription to this Channelable. Each subscription delivery spec, if any, overrides this global delivery spec. - type: object - properties: - backoffDelay: - description: 'BackoffDelay is the delay before retrying. More information on Duration format: - https://www.iso.org/iso-8601-date-and-time-format.html - https://en.wikipedia.org/wiki/ISO_8601 For linear policy, backoff delay is backoffDelay*. For exponential policy, backoff delay is backoffDelay*2^.' - type: string - backoffPolicy: - description: BackoffPolicy is the retry backoff policy (linear, exponential). - type: string - deadLetterSink: - description: DeadLetterSink is the sink receiving event that could not be sent to a destination. - type: object - properties: - ref: - description: Ref points to an Addressable. - type: object - properties: - apiVersion: - description: API version of the referent. - type: string - kind: - description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - namespace: - description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ This is optional field, it gets defaulted to the object holding it if left out.' - type: string - uri: - description: URI can be an absolute URL(non-empty scheme and non-empty host) pointing to the target or a relative URI. Relative URIs will be resolved using the base URI retrieved from Ref. - type: string - retry: - description: Retry is the minimum number of retries the sender should attempt when sending an event before moving it to the dead letter sink. - type: integer - format: int32 - x-kubernetes-preserve-unknown-fields: true # This is necessary to enable the experimental feature delivery-timeout - subscribers: - description: This is the list of subscriptions for this subscribable. - type: array - items: - type: object - properties: - delivery: - description: DeliverySpec contains options controlling the event delivery - type: object - properties: - backoffDelay: - description: 'BackoffDelay is the delay before retrying. More information on Duration format: - https://www.iso.org/iso-8601-date-and-time-format.html - https://en.wikipedia.org/wiki/ISO_8601 For linear policy, backoff delay is backoffDelay*. For exponential policy, backoff delay is backoffDelay*2^.' - type: string - backoffPolicy: - description: BackoffPolicy is the retry backoff policy (linear, exponential). - type: string - deadLetterSink: - description: DeadLetterSink is the sink receiving event that could not be sent to a destination. - type: object - properties: - ref: - description: Ref points to an Addressable. - type: object - properties: - apiVersion: - description: API version of the referent. - type: string - kind: - description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - namespace: - description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ This is optional field, it gets defaulted to the object holding it if left out.' - type: string - uri: - description: URI can be an absolute URL(non-empty scheme and non-empty host) pointing to the target or a relative URI. Relative URIs will be resolved using the base URI retrieved from Ref. - type: string - retry: - description: Retry is the minimum number of retries the sender should attempt when sending an event before moving it to the dead letter sink. - type: integer - format: int32 - x-kubernetes-preserve-unknown-fields: true # This is necessary to enable the experimental feature - generation: - description: Generation of the origin of the subscriber with uid:UID. - type: integer - format: int64 - replyUri: - description: ReplyURI is the endpoint for the reply - type: string - subscriberUri: - description: SubscriberURI is the endpoint for the subscriber - type: string - uid: - description: UID is used to understand the origin of the subscriber. - type: string - status: - description: Status represents the current state of the Channel. This data may be out of date. - type: object - properties: - address: - type: object - properties: - url: - type: string - annotations: - description: Annotations is additional Status fields for the Resource to save some additional State as well as convey more information to the user. This is roughly akin to Annotations on any k8s resource, just the reconciler conveying richer information outwards. - type: object - x-kubernetes-preserve-unknown-fields: true - channel: - description: Channel is an KReference to the Channel CRD backing this Channel. - type: object - properties: - apiVersion: - description: API version of the referent. - type: string - kind: - description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - namespace: - description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ This is optional field, it gets defaulted to the object holding it if left out.' - type: string - conditions: - description: Conditions the latest available observations of a resource's current state. - type: array - items: - type: object - required: - - type - - status - properties: - lastTransitionTime: - description: LastTransitionTime is the last time the condition transitioned from one status to another. We use VolatileTime in place of metav1.Time to exclude this from creating equality.Semantic differences (all other things held constant). - type: string - message: - description: A human readable message indicating details about the transition. - type: string - reason: - description: The reason for the condition's last transition. - type: string - severity: - description: Severity with which to treat failures of this type of condition. When this is not specified, it defaults to Error. - type: string - status: - description: Status of the condition, one of True, False, Unknown. - type: string - type: - description: Type of condition. - type: string - deadLetterChannel: - description: DeadLetterChannel is a KReference and is set by the channel when it supports native error handling via a channel Failed messages are delivered here. - type: object - properties: - apiVersion: - description: API version of the referent. - type: string - kind: - description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - namespace: - description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ This is optional field, it gets defaulted to the object holding it if left out.' - type: string - deadLetterSinkUri: - description: DeadLetterSinkURI is the resolved URI of the dead letter sink that will be used as a fallback when not specified by Triggers. - type: string - observedGeneration: - description: ObservedGeneration is the 'Generation' of the Service that was last processed by the controller. - type: integer - format: int64 - subscribers: - description: This is the list of subscription's statuses for this channel. - type: array - items: - type: object - properties: - message: - description: A human readable message indicating details of Ready status. - type: string - observedGeneration: - description: Generation of the origin of the subscriber with uid:UID. - type: integer - format: int64 - ready: - description: Status of the subscriber. - type: string - uid: - description: UID is used to understand the origin of the subscriber. - type: string - names: - kind: Channel - plural: channels - singular: channel - categories: - - all - - knative - - messaging - - channel - shortNames: - - ch - scope: Namespaced - ---- -# Copyright 2020 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - labels: - eventing.knative.dev/release: "v1.8.6" - eventing.knative.dev/source: "true" - duck.knative.dev/source: "true" - knative.dev/crd-install: "true" - app.kubernetes.io/version: "1.8.6" - app.kubernetes.io/name: knative-eventing - name: containersources.sources.knative.dev -spec: - group: sources.knative.dev - versions: - - name: v1 - served: true - storage: true - subresources: - status: {} - schema: - openAPIV3Schema: - description: 'ContainerSource is an event source that starts a container image which generates events under certain situations and sends messages to a sink URI' - type: object - properties: - spec: - type: object - properties: - ceOverrides: - description: CloudEventOverrides defines overrides to control the output format and modifications of the event sent to the sink. - type: object - properties: - extensions: - description: Extensions specify what attribute are added or overridden on the outbound event. Each `Extensions` key-value pair are set on the event as an attribute extension independently. - type: object - x-kubernetes-preserve-unknown-fields: true - sink: - description: Sink is a reference to an object that will resolve to a uri to use as the sink. - type: object - properties: - ref: - description: Ref points to an Addressable. - type: object - properties: - apiVersion: - description: API version of the referent. - type: string - kind: - description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - namespace: - description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ This is optional field, it gets defaulted to the object holding it if left out.' - type: string - uri: - description: URI can be an absolute URL(non-empty scheme and non-empty host) pointing to the target or a relative URI. Relative URIs will be resolved using the base URI retrieved from Ref. - type: string - # WARNING: the schema tool can not parse PodTemplateSpec, stub here and redirect to Deployment documentation. - template: - type: object - x-kubernetes-preserve-unknown-fields: true - description: 'A template in the shape of `Deployment.spec.template` to be used for this ContainerSource. More info: https://kubernetes.io/docs/concepts/workloads/controllers/deployment/' - status: - type: object - properties: - annotations: - description: Annotations is additional Status fields for the Resource to save some additional State as well as convey more information to the user. This is roughly akin to Annotations on any k8s resource, just the reconciler conveying richer information outwards. - type: object - x-kubernetes-preserve-unknown-fields: true - ceAttributes: - description: CloudEventAttributes are the specific attributes that the Source uses as part of its CloudEvents. - type: array - items: - type: object - properties: - source: - description: Source is the CloudEvents source attribute. - type: string - type: - description: Type refers to the CloudEvent type attribute. - type: string - conditions: - description: Conditions the latest available observations of a resource's current state. - type: array - items: - type: object - required: - - type - - status - properties: - lastTransitionTime: - description: LastTransitionTime is the last time the condition transitioned from one status to another. We use VolatileTime in place of metav1.Time to exclude this from creating equality.Semantic differences (all other things held constant). - type: string - message: - description: A human readable message indicating details about the transition. - type: string - reason: - description: The reason for the condition's last transition. - type: string - severity: - description: Severity with which to treat failures of this type of condition. When this is not specified, it defaults to Error. - type: string - status: - description: Status of the condition, one of True, False, Unknown. - type: string - type: - description: Type of condition. - type: string - observedGeneration: - description: ObservedGeneration is the 'Generation' of the Service that was last processed by the controller. - type: integer - format: int64 - sinkUri: - description: SinkURI is the current active sink URI that has been configured for the Source. - type: string - additionalPrinterColumns: - - name: Sink - type: string - jsonPath: ".status.sinkUri" - - name: Age - type: date - jsonPath: .metadata.creationTimestamp - - name: Ready - type: string - jsonPath: ".status.conditions[?(@.type==\"Ready\")].status" - - name: Reason - type: string - jsonPath: ".status.conditions[?(@.type=='Ready')].reason" - names: - categories: - - all - - knative - - sources - kind: ContainerSource - plural: containersources - singular: containersource - scope: Namespaced - ---- -# Copyright 2020 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - name: eventtypes.eventing.knative.dev - labels: - eventing.knative.dev/release: "v1.8.6" - knative.dev/crd-install: "true" - app.kubernetes.io/version: "1.8.6" - app.kubernetes.io/name: knative-eventing -spec: - group: eventing.knative.dev - versions: - - name: v1beta1 - served: true - storage: true - subresources: - status: {} - schema: - openAPIV3Schema: - type: object - description: 'EventType represents a type of event that can be consumed from a Broker.' - properties: - spec: - description: 'Spec defines the desired state of the EventType.' - type: object - properties: - broker: - type: string - description: - description: 'Description is an optional field used to describe the EventType, in any meaningful way.' - type: string - schema: - description: 'Schema is a URI, it represents the CloudEvents schemaurl extension attribute. It may be a JSON schema, a protobuf schema, etc. It is optional.' - type: string - schemaData: - description: 'SchemaData allows the CloudEvents schema to be stored directly in the EventType. Content is dependent on the encoding. Optional attribute. The contents are not validated or manipulated by the system.' - type: string - source: - description: 'Source is a URI, it represents the CloudEvents source.' - type: string - type: - description: 'Type represents the CloudEvents type. It is authoritative.' - type: string - status: - description: 'Status represents the current state of the EventType. This data may be out of date.' - type: object - properties: - annotations: - description: 'Annotations is additional Status fields for the Resource to save some additional State as well as convey more information to the user. This is roughly akin to Annotations on any k8s resource, just the reconciler conveying richer information outwards.' - type: object - x-kubernetes-preserve-unknown-fields: true - conditions: - description: 'Conditions the latest available observations of a resource''s current state.' - type: array - items: - type: object - required: - - type - - status - properties: - lastTransitionTime: - description: 'LastTransitionTime is the last time the condition transitioned from one status to another. We use VolatileTime in place of metav1.Time to exclude this from creating equality.Semantic differences (all other things held constant).' - type: string - message: - description: 'A human readable message indicating details about the transition.' - type: string - reason: - description: 'The reason for the condition''s last transition.' - type: string - severity: - description: 'Severity with which to treat failures of this type of condition. When this is not specified, it defaults to Error.' - type: string - status: - description: 'Status of the condition, one of True, False, Unknown.' - type: string - type: - description: 'Type of condition.' - type: string - observedGeneration: - description: 'ObservedGeneration is the ''Generation'' of the Service that was last processed by the controller.' - type: integer - format: int64 - additionalPrinterColumns: - - name: Type - type: string - jsonPath: ".spec.type" - - name: Source - type: string - jsonPath: ".spec.source" - - name: Schema - type: string - jsonPath: ".spec.schema" - - name: Broker - type: string - jsonPath: ".spec.broker" - - name: Description - type: string - jsonPath: ".spec.description" - # TODO remove Status https://github.com/knative/eventing/issues/2750 - - name: Ready - type: string - jsonPath: ".status.conditions[?(@.type==\"Ready\")].status" - - name: Reason - type: string - jsonPath: ".status.conditions[?(@.type==\"Ready\")].reason" - names: - kind: EventType - plural: eventtypes - singular: eventtype - categories: - - all - - knative - - eventing - scope: Namespaced - ---- -# Copyright 2020 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - name: parallels.flows.knative.dev - labels: - eventing.knative.dev/release: "v1.8.6" - knative.dev/crd-install: "true" - duck.knative.dev/addressable: "true" - app.kubernetes.io/version: "1.8.6" - app.kubernetes.io/name: knative-eventing -spec: - group: flows.knative.dev - versions: - - name: v1 - served: true - storage: true - subresources: - status: {} - schema: - openAPIV3Schema: - description: 'Parallel defines conditional branches that will be wired in series through Channels and Subscriptions.' - type: object - properties: - spec: - description: Spec defines the desired state of the Parallel. - type: object - properties: - branches: - description: Branches is the list of Filter/Subscribers pairs. - type: array - items: - type: object - x-kubernetes-preserve-unknown-fields: true - properties: - delivery: - description: Delivery is the delivery specification for events to the subscriber This includes things like retries, DLQ, etc. - type: object - properties: - backoffDelay: - description: 'BackoffDelay is the delay before retrying. More information on Duration format: - https://www.iso.org/iso-8601-date-and-time-format.html - https://en.wikipedia.org/wiki/ISO_8601 For linear policy, backoff delay is backoffDelay*. For exponential policy, backoff delay is backoffDelay*2^.' - type: string - backoffPolicy: - description: BackoffPolicy is the retry backoff policy (linear, exponential). - type: string - deadLetterSink: - description: DeadLetterSink is the sink receiving event that could not be sent to a destination. - type: object - properties: &addressableProperties - ref: - description: Ref points to an Addressable. - type: object - properties: - apiVersion: - description: API version of the referent. - type: string - kind: - description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - namespace: - description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ This is optional field, it gets defaulted to the object holding it if left out.' - type: string - uri: - description: URI can be an absolute URL(non-empty scheme and non-empty host) pointing to the target or a relative URI. Relative URIs will be resolved using the base URI retrieved from Ref. - type: string - retry: - description: Retry is the minimum number of retries the sender should attempt when sending an event before moving it to the dead letter sink. - type: integer - format: int32 - x-kubernetes-preserve-unknown-fields: true # This is necessary to enable the experimental feature delivery-timeout - filter: - description: Filter is the expression guarding the branch - type: object - properties: - !!merge <<: *addressableProperties - reply: - description: Reply is a Reference to where the result of Subscriber of this case gets sent to. If not specified, sent the result to the Parallel Reply - type: object - properties: - !!merge <<: *addressableProperties - subscriber: - description: Subscriber receiving the event when the filter passes - type: object - properties: - !!merge <<: *addressableProperties - channelTemplate: - description: ChannelTemplate specifies which Channel CRD to use. If left unspecified, it is set to the default Channel CRD for the namespace (or cluster, in case there are no defaults for the namespace). - type: object - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - spec: - description: Spec defines the Spec to use for each channel created. Passed in verbatim to the Channel CRD as Spec section. - type: object - x-kubernetes-preserve-unknown-fields: true - reply: - description: Reply is a Reference to where the result of a case Subscriber gets sent to when the case does not have a Reply - type: object - properties: - !!merge <<: *addressableProperties - status: - description: Status represents the current state of the Parallel. This data may be out of date. - type: object - properties: - address: - type: object - properties: - url: - type: string - annotations: - description: Annotations is additional Status fields for the Resource to save some additional State as well as convey more information to the user. This is roughly akin to Annotations on any k8s resource, just the reconciler conveying richer information outwards. - type: object - x-kubernetes-preserve-unknown-fields: true - branchStatuses: - description: BranchStatuses is an array of corresponding to branch statuses. Matches the Spec.Branches array in the order. - type: array - items: - type: object - properties: - filterChannelStatus: - description: FilterChannelStatus corresponds to the filter channel status. - type: object - properties: &channelProperties - channel: - description: Channel is the reference to the underlying channel. - type: object - properties: &referentProperties - apiVersion: - description: API version of the referent. - type: string - fieldPath: - description: 'If referring to a piece of an object instead of an entire object, this string should contain a valid JSON/Go field access statement, such as desiredState.manifest.containers[2]. For example, if the object reference is to a container within a pod, this would take on a value like: "spec.containers{name}" (where "name" refers to the name of the container that triggered the event) or if no container name is specified "spec.containers[2]" (container with index 2 in this pod). This syntax is chosen only to have some well-defined way of referencing a part of an object.' - type: string - kind: - description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - namespace: - description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' - type: string - resourceVersion: - description: 'Specific resourceVersion to which this reference is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency' - type: string - uid: - description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids' - type: string - ready: - description: ReadyCondition indicates whether the Channel is ready or not. - type: object - x-kubernetes-preserve-unknown-fields: true - properties: &readyConditionProperties - message: - description: A human readable message indicating details about the transition. - type: string - reason: - description: The reason for the condition's last transition. - type: string - severity: - description: Severity with which to treat failures of this type of condition. When this is not specified, it defaults to Error. - type: string - status: - description: Status of the condition, one of True, False, Unknown. - type: string - type: - description: Type of condition. - type: string - filterSubscriptionStatus: - description: FilterSubscriptionStatus corresponds to the filter subscription status. - type: object - properties: - ready: - description: ReadyCondition indicates whether the Subscription is ready or not. - type: object - properties: - !!merge <<: *readyConditionProperties - subscription: - description: Subscription is the reference to the underlying Subscription. - type: object - properties: - !!merge <<: *referentProperties - subscriberSubscriptionStatus: - description: SubscriptionStatus corresponds to the subscriber subscription status. - type: object - properties: - ready: - description: ReadyCondition indicates whether the Subscription is ready or not. - type: object - properties: - !!merge <<: *readyConditionProperties - subscription: - description: Subscription is the reference to the underlying Subscription. - type: object - properties: - !!merge <<: *referentProperties - conditions: - description: Conditions the latest available observations of a resource's current state. - type: array - items: - type: object - properties: - !!merge <<: *readyConditionProperties - ingressChannelStatus: - description: IngressChannelStatus corresponds to the ingress channel status. - type: object - properties: - !!merge <<: *channelProperties - observedGeneration: - description: ObservedGeneration is the 'Generation' of the Service that was last processed by the controller. - type: integer - format: int64 - additionalPrinterColumns: - - name: URL - type: string - jsonPath: .status.address.url - - name: Age - type: date - jsonPath: .metadata.creationTimestamp - - name: Ready - type: string - jsonPath: ".status.conditions[?(@.type==\"Ready\")].status" - - name: Reason - type: string - jsonPath: ".status.conditions[?(@.type==\"Ready\")].reason" - names: - kind: Parallel - plural: parallels - singular: parallel - categories: - - all - - knative - - flows - scope: Namespaced - ---- -# Copyright 2020 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - labels: - eventing.knative.dev/release: "v1.8.6" - eventing.knative.dev/source: "true" - duck.knative.dev/source: "true" - knative.dev/crd-install: "true" - app.kubernetes.io/version: "1.8.6" - app.kubernetes.io/name: knative-eventing - annotations: - # TODO add schemas and descriptions - registry.knative.dev/eventTypes: | - [ - { "type": "dev.knative.sources.ping" } - ] - name: pingsources.sources.knative.dev -spec: - group: sources.knative.dev - versions: - - &version - name: v1beta2 - served: true - storage: false - subresources: - status: {} - schema: - openAPIV3Schema: - type: object - description: 'PingSource describes an event source with a fixed payload produced on a specified cron schedule.' - properties: - spec: - type: object - description: 'PingSourceSpec defines the desired state of the PingSource (from the client).' - properties: - ceOverrides: - description: 'CloudEventOverrides defines overrides to control the output format and modifications of the event sent to the sink.' - type: object - properties: - extensions: - description: 'Extensions specify what attribute are added or overridden on the outbound event. Each `Extensions` key-value pair are set on the event as an attribute extension independently.' - type: object - additionalProperties: - type: string - x-kubernetes-preserve-unknown-fields: true - contentType: - description: 'ContentType is the media type of `data` or `dataBase64`. Default is empty.' - type: string - data: - description: 'Data is data used as the body of the event posted to the sink. Default is empty. Mutually exclusive with `dataBase64`.' - type: string - dataBase64: - description: "DataBase64 is the base64-encoded string of the actual event's body posted to the sink. Default is empty. Mutually exclusive with `data`." - type: string - schedule: - description: 'Schedule is the cron schedule. Defaults to `* * * * *`.' - type: string - sink: - description: 'Sink is a reference to an object that will resolve to a uri to use as the sink.' - type: object - properties: - ref: - description: 'Ref points to an Addressable.' - type: object - properties: - apiVersion: - description: 'API version of the referent.' - type: string - kind: - description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - namespace: - description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ This is optional field, it gets defaulted to the object holding it if left out.' - type: string - uri: - description: 'URI can be an absolute URL(non-empty scheme and non-empty host) pointing to the target or a relative URI. Relative URIs will be resolved using the base URI retrieved from Ref.' - type: string - timezone: - description: 'Timezone modifies the actual time relative to the specified timezone. Defaults to the system time zone. More general information about time zones: https://www.iana.org/time-zones List of valid timezone values: https://en.wikipedia.org/wiki/List_of_tz_database_time_zones' - type: string - status: - type: object - description: 'PingSourceStatus defines the observed state of PingSource (from the controller).' - properties: - annotations: - description: 'Annotations is additional Status fields for the Resource to save some additional State as well as convey more information to the user. This is roughly akin to Annotations on any k8s resource, just the reconciler conveying richer information outwards.' - type: object - x-kubernetes-preserve-unknown-fields: true - ceAttributes: - description: 'CloudEventAttributes are the specific attributes that the Source uses as part of its CloudEvents.' - type: array - items: - type: object - properties: - source: - description: 'Source is the CloudEvents source attribute.' - type: string - type: - description: 'Type refers to the CloudEvent type attribute.' - type: string - conditions: - description: 'Conditions the latest available observations of a resource''s current state.' - type: array - items: - type: object - required: - - type - - status - properties: - lastTransitionTime: - description: 'LastTransitionTime is the last time the condition transitioned from one status to another. We use VolatileTime in place of metav1.Time to exclude this from creating equality.Semantic differences (all other things held constant).' - type: string - message: - description: 'A human readable message indicating details about the transition.' - type: string - reason: - description: 'The reason for the condition''s last transition.' - type: string - severity: - description: 'Severity with which to treat failures of this type of condition. When this is not specified, it defaults to Error.' - type: string - status: - description: 'Status of the condition, one of True, False, Unknown.' - type: string - type: - description: 'Type of condition.' - type: string - observedGeneration: - description: 'ObservedGeneration is the "Generation" of the Service that was last processed by the controller.' - type: integer - format: int64 - sinkUri: - description: 'SinkURI is the current active sink URI that has been configured for the Source.' - type: string - additionalPrinterColumns: - - name: Sink - type: string - jsonPath: .status.sinkUri - - name: Schedule - type: string - jsonPath: .spec.schedule - - name: Age - type: date - jsonPath: .metadata.creationTimestamp - - name: Ready - type: string - jsonPath: ".status.conditions[?(@.type=='Ready')].status" - - name: Reason - type: string - jsonPath: ".status.conditions[?(@.type=='Ready')].reason" - - !!merge <<: *version - name: v1 - served: true - storage: true - # v1 schema is identical to the v1beta2 schema - names: - categories: - - all - - knative - - sources - kind: PingSource - plural: pingsources - singular: pingsource - scope: Namespaced - conversion: - strategy: Webhook - webhook: - conversionReviewVersions: ["v1", "v1beta1"] - clientConfig: - service: - name: eventing-webhook - namespace: knative-eventing - ---- -# Copyright 2020 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - name: sequences.flows.knative.dev - labels: - eventing.knative.dev/release: "v1.8.6" - knative.dev/crd-install: "true" - duck.knative.dev/addressable: "true" - app.kubernetes.io/version: "1.8.6" - app.kubernetes.io/name: knative-eventing -spec: - group: flows.knative.dev - versions: - - name: v1 - served: true - storage: true - subresources: - status: {} - schema: - openAPIV3Schema: - description: 'Sequence defines a sequence of Subscribers that will be wired in series through Channels and Subscriptions.' - type: object - properties: - spec: - description: Spec defines the desired state of the Sequence. - type: object - properties: - channelTemplate: - description: ChannelTemplate specifies which Channel CRD to use. If left unspecified, it is set to the default Channel CRD for the namespace (or cluster, in case there are no defaults for the namespace). - type: object - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - spec: - description: Spec defines the Spec to use for each channel created. Passed in verbatim to the Channel CRD as Spec section. - type: object - x-kubernetes-preserve-unknown-fields: true - reply: - description: Reply is a Reference to where the result of the last Subscriber gets sent to. - type: object - properties: - ref: - description: Ref points to an Addressable. - type: object - properties: - apiVersion: - description: API version of the referent. - type: string - kind: - description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - namespace: - description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ This is optional field, it gets defaulted to the object holding it if left out.' - type: string - uri: - description: URI can be an absolute URL(non-empty scheme and non-empty host) pointing to the target or a relative URI. Relative URIs will be resolved using the base URI retrieved from Ref. - type: string - steps: - description: Steps is the list of Destinations (processors / functions) that will be called in the order provided. Each step has its own delivery options - type: array - items: - type: object - properties: - delivery: - description: Delivery is the delivery specification for events to the subscriber This includes things like retries, DLQ, etc. - type: object - properties: - backoffDelay: - description: 'BackoffDelay is the delay before retrying. More information on Duration format: - https://www.iso.org/iso-8601-date-and-time-format.html - https://en.wikipedia.org/wiki/ISO_8601 For linear policy, backoff delay is backoffDelay*. For exponential policy, backoff delay is backoffDelay*2^.' - type: string - backoffPolicy: - description: BackoffPolicy is the retry backoff policy (linear, exponential). - type: string - deadLetterSink: - description: DeadLetterSink is the sink receiving event that could not be sent to a destination. - type: object - properties: - ref: - description: Ref points to an Addressable. - type: object - properties: - apiVersion: - description: API version of the referent. - type: string - kind: - description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - namespace: - description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ This is optional field, it gets defaulted to the object holding it if left out.' - type: string - uri: - description: URI can be an absolute URL(non-empty scheme and non-empty host) pointing to the target or a relative URI. Relative URIs will be resolved using the base URI retrieved from Ref. - type: string - retry: - description: Retry is the minimum number of retries the sender should attempt when sending an event before moving it to the dead letter sink. - type: integer - format: int32 - x-kubernetes-preserve-unknown-fields: true # This is necessary to enable the experimental feature delivery-timeout - ref: - description: Ref points to an Addressable. - type: object - properties: - apiVersion: - description: API version of the referent. - type: string - kind: - description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - namespace: - description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ This is optional field, it gets defaulted to the object holding it if left out.' - type: string - uri: - description: URI can be an absolute URL(non-empty scheme and non-empty host) pointing to the target or a relative URI. Relative URIs will be resolved using the base URI retrieved from Ref. - type: string - status: - description: Status represents the current state of the Sequence. This data may be out of date. - type: object - properties: - address: - type: object - properties: - url: - type: string - annotations: - description: Annotations is additional Status fields for the Resource to save some additional State as well as convey more information to the user. This is roughly akin to Annotations on any k8s resource, just the reconciler conveying richer information outwards. - type: object - x-kubernetes-preserve-unknown-fields: true - channelStatuses: - description: ChannelStatuses is an array of corresponding Channel statuses. Matches the Spec.Steps array in the order. - type: array - items: - type: object - properties: - channel: - description: Channel is the reference to the underlying channel. - type: object - properties: - apiVersion: - description: API version of the referent. - type: string - fieldPath: - description: 'If referring to a piece of an object instead of an entire object, this string should contain a valid JSON/Go field access statement, such as desiredState.manifest.containers[2]. For example, if the object reference is to a container within a pod, this would take on a value like: "spec.containers{name}" (where "name" refers to the name of the container that triggered the event) or if no container name is specified "spec.containers[2]" (container with index 2 in this pod). This syntax is chosen only to have some well-defined way of referencing a part of an object.' - type: string - kind: - description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - namespace: - description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' - type: string - resourceVersion: - description: 'Specific resourceVersion to which this reference is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency' - type: string - uid: - description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids' - type: string - ready: - description: ReadyCondition indicates whether the Channel is ready or not. - type: object - required: - - type - - status - properties: - lastTransitionTime: - description: LastTransitionTime is the last time the condition transitioned from one status to another. We use VolatileTime in place of metav1.Time to exclude this from creating equality.Semantic differences (all other things held constant). - type: string - message: - description: A human readable message indicating details about the transition. - type: string - reason: - description: The reason for the condition's last transition. - type: string - severity: - description: Severity with which to treat failures of this type of condition. When this is not specified, it defaults to Error. - type: string - status: - description: Status of the condition, one of True, False, Unknown. - type: string - type: - description: Type of condition. - type: string - conditions: - description: Conditions the latest available observations of a resource's current state. - type: array - items: - type: object - required: - - type - - status - properties: - lastTransitionTime: - description: LastTransitionTime is the last time the condition transitioned from one status to another. We use VolatileTime in place of metav1.Time to exclude this from creating equality.Semantic differences (all other things held constant). - type: string - message: - description: A human readable message indicating details about the transition. - type: string - reason: - description: The reason for the condition's last transition. - type: string - severity: - description: Severity with which to treat failures of this type of condition. When this is not specified, it defaults to Error. - type: string - status: - description: Status of the condition, one of True, False, Unknown. - type: string - type: - description: Type of condition. - type: string - observedGeneration: - description: ObservedGeneration is the 'Generation' of the Service that was last processed by the controller. - type: integer - format: int64 - subscriptionStatuses: - description: SubscriptionStatuses is an array of corresponding Subscription statuses. Matches the Spec.Steps array in the order. - type: array - items: - type: object - properties: - ready: - description: ReadyCondition indicates whether the Subscription is ready or not. - type: object - required: - - type - - status - properties: - lastTransitionTime: - description: LastTransitionTime is the last time the condition transitioned from one status to another. We use VolatileTime in place of metav1.Time to exclude this from creating equality.Semantic differences (all other things held constant). - type: string - message: - description: A human readable message indicating details about the transition. - type: string - reason: - description: The reason for the condition's last transition. - type: string - severity: - description: Severity with which to treat failures of this type of condition. When this is not specified, it defaults to Error. - type: string - status: - description: Status of the condition, one of True, False, Unknown. - type: string - type: - description: Type of condition. - type: string - subscription: - description: Subscription is the reference to the underlying Subscription. - type: object - properties: - apiVersion: - description: API version of the referent. - type: string - fieldPath: - description: 'If referring to a piece of an object instead of an entire object, this string should contain a valid JSON/Go field access statement, such as desiredState.manifest.containers[2]. For example, if the object reference is to a container within a pod, this would take on a value like: "spec.containers{name}" (where "name" refers to the name of the container that triggered the event) or if no container name is specified "spec.containers[2]" (container with index 2 in this pod). This syntax is chosen only to have some well-defined way of referencing a part of an object.' - type: string - kind: - description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - namespace: - description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' - type: string - resourceVersion: - description: 'Specific resourceVersion to which this reference is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency' - type: string - uid: - description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids' - type: string - additionalPrinterColumns: - - name: URL - type: string - jsonPath: .status.address.url - - name: Age - type: date - jsonPath: .metadata.creationTimestamp - - name: Ready - type: string - jsonPath: ".status.conditions[?(@.type==\"Ready\")].status" - - name: Reason - type: string - jsonPath: ".status.conditions[?(@.type==\"Ready\")].reason" - names: - kind: Sequence - plural: sequences - singular: sequence - categories: - - all - - knative - - flows - scope: Namespaced - ---- -# Copyright 2020 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - labels: - eventing.knative.dev/release: "v1.8.6" - eventing.knative.dev/source: "true" - duck.knative.dev/source: "true" - duck.knative.dev/binding: "true" - knative.dev/crd-install: "true" - app.kubernetes.io/version: "1.8.6" - app.kubernetes.io/name: knative-eventing - name: sinkbindings.sources.knative.dev -spec: - group: sources.knative.dev - versions: - - name: v1 - served: true - storage: true - subresources: - status: {} - schema: - openAPIV3Schema: - description: 'SinkBinding describes a Binding that is also a Source. The `sink` (from the Source duck) is resolved to a URL and then projected into the `subject` by augmenting the runtime contract of the referenced containers to have a `K_SINK` environment variable holding the endpoint to which to send cloud events.' - type: object - properties: - spec: - type: object - properties: - ceOverrides: - description: CloudEventOverrides defines overrides to control the output format and modifications of the event sent to the sink. - type: object - properties: - extensions: - description: Extensions specify what attribute are added or overridden on the outbound event. Each `Extensions` key-value pair are set on the event as an attribute extension independently. - type: object - x-kubernetes-preserve-unknown-fields: true - sink: - description: Sink is a reference to an object that will resolve to a uri to use as the sink. - type: object - properties: - ref: - description: Ref points to an Addressable. - type: object - properties: - apiVersion: - description: API version of the referent. - type: string - kind: - description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - namespace: - description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ This is optional field, it gets defaulted to the object holding it if left out.' - type: string - uri: - description: URI can be an absolute URL(non-empty scheme and non-empty host) pointing to the target or a relative URI. Relative URIs will be resolved using the base URI retrieved from Ref. - type: string - subject: - description: Subject references the resource(s) whose "runtime contract" should be augmented by Binding implementations. - type: object - properties: - apiVersion: - description: API version of the referent. - type: string - kind: - description: Kind of the referent. - type: string - name: - description: Name of the referent. Mutually exclusive with Selector. - type: string - namespace: - description: Namespace of the referent. - type: string - selector: - description: Selector of the referents. Mutually exclusive with Name. - type: object - properties: - matchExpressions: - description: matchExpressions is a list of label selector requirements. The requirements are ANDed. - type: array - items: - type: object - properties: - key: - description: key is the label key that the selector applies to. - type: string - operator: - description: operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. - type: string - values: - description: values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. - type: array - items: - type: string - matchLabels: - description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. - type: object - x-kubernetes-preserve-unknown-fields: true - status: - type: object - properties: - annotations: - description: Annotations is additional Status fields for the Resource to save some additional State as well as convey more information to the user. This is roughly akin to Annotations on any k8s resource, just the reconciler conveying richer information outwards. - type: object - x-kubernetes-preserve-unknown-fields: true - ceAttributes: - description: CloudEventAttributes are the specific attributes that the Source uses as part of its CloudEvents. - type: array - items: - type: object - properties: - source: - description: Source is the CloudEvents source attribute. - type: string - type: - description: Type refers to the CloudEvent type attribute. - type: string - conditions: - description: Conditions the latest available observations of a resource's current state. - type: array - items: - type: object - required: - - type - - status - properties: - lastTransitionTime: - description: LastTransitionTime is the last time the condition transitioned from one status to another. We use VolatileTime in place of metav1.Time to exclude this from creating equality.Semantic differences (all other things held constant). - type: string - message: - description: A human readable message indicating details about the transition. - type: string - reason: - description: The reason for the condition's last transition. - type: string - severity: - description: Severity with which to treat failures of this type of condition. When this is not specified, it defaults to Error. - type: string - status: - description: Status of the condition, one of True, False, Unknown. - type: string - type: - description: Type of condition. - type: string - observedGeneration: - description: ObservedGeneration is the 'Generation' of the Service that was last processed by the controller. - type: integer - format: int64 - sinkUri: - description: SinkURI is the current active sink URI that has been configured for the Source. - type: string - additionalPrinterColumns: - - name: Sink - type: string - jsonPath: ".status.sinkUri" - - name: Age - type: date - jsonPath: .metadata.creationTimestamp - - name: Ready - type: string - jsonPath: ".status.conditions[?(@.type=='Ready')].status" - - name: Reason - type: string - jsonPath: ".status.conditions[?(@.type=='Ready')].reason" - names: - categories: - - all - - knative - - sources - - bindings - kind: SinkBinding - plural: sinkbindings - singular: sinkbinding - scope: Namespaced - ---- -# Copyright 2020 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - name: subscriptions.messaging.knative.dev - labels: - eventing.knative.dev/release: "v1.8.6" - knative.dev/crd-install: "true" - app.kubernetes.io/version: "1.8.6" - app.kubernetes.io/name: knative-eventing -spec: - group: messaging.knative.dev - versions: - - name: v1 - served: true - storage: true - subresources: - status: {} - schema: - openAPIV3Schema: - description: 'Subscription routes events received on a Channel to a DNS name and corresponds to the subscriptions.channels.knative.dev CRD.' - type: object - properties: - spec: - type: object - properties: - channel: - description: 'Reference to a channel that will be used to create the subscription. You can specify only the following fields of the KReference: kind, apiVersion and name. The resource pointed by this KReference must meet the contract to the ChannelableSpec duck type. If the resource does not meet this contract it will be reflected in the Subscription''s status. This field is immutable. We have no good answer on what happens to the events that are currently in the channel being consumed from and what the semantics there should be. For now, you can always delete the Subscription and recreate it to point to a different channel, giving the user more control over what semantics should be used (drain the channel first, possibly have events dropped, etc.)' - type: object - properties: - apiVersion: - description: API version of the referent. - type: string - kind: - description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - x-kubernetes-preserve-unknown-fields: true # This is necessary to enable the experimental feature - delivery: - description: Delivery configuration - type: object - properties: - backoffDelay: - description: 'BackoffDelay is the delay before retrying. More information on Duration format: - https://www.iso.org/iso-8601-date-and-time-format.html - https://en.wikipedia.org/wiki/ISO_8601 For linear policy, backoff delay is backoffDelay*. For exponential policy, backoff delay is backoffDelay*2^.' - type: string - backoffPolicy: - description: BackoffPolicy is the retry backoff policy (linear, exponential). - type: string - deadLetterSink: - description: DeadLetterSink is the sink receiving event that could not be sent to a destination. - type: object - properties: - ref: - description: Ref points to an Addressable. - type: object - properties: - apiVersion: - description: API version of the referent. - type: string - kind: - description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - namespace: - description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ This is optional field, it gets defaulted to the object holding it if left out.' - type: string - uri: - description: URI can be an absolute URL(non-empty scheme and non-empty host) pointing to the target or a relative URI. Relative URIs will be resolved using the base URI retrieved from Ref. - type: string - retry: - description: Retry is the minimum number of retries the sender should attempt when sending an event before moving it to the dead letter sink. - type: integer - format: int32 - x-kubernetes-preserve-unknown-fields: true # This is necessary to enable the experimental feature delivery-timeout - reply: - description: Reply specifies (optionally) how to handle events returned from the Subscriber target. - type: object - properties: - ref: - description: Ref points to an Addressable. - type: object - properties: - apiVersion: - description: API version of the referent. - type: string - kind: - description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - namespace: - description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ This is optional field, it gets defaulted to the object holding it if left out.' - type: string - uri: - description: URI can be an absolute URL(non-empty scheme and non-empty host) pointing to the target or a relative URI. Relative URIs will be resolved using the base URI retrieved from Ref. - type: string - subscriber: - description: Subscriber is reference to (optional) function for processing events. Events from the Channel will be delivered here and replies are sent to a Destination as specified by the Reply. - type: object - properties: - ref: - description: Ref points to an Addressable. - type: object - properties: - apiVersion: - description: API version of the referent. - type: string - kind: - description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - namespace: - description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ This is optional field, it gets defaulted to the object holding it if left out.' - type: string - x-kubernetes-preserve-unknown-fields: true # This is necessary to enable the experimental feature - uri: - description: URI can be an absolute URL(non-empty scheme and non-empty host) pointing to the target or a relative URI. Relative URIs will be resolved using the base URI retrieved from Ref. - type: string - status: - type: object - properties: - annotations: - description: Annotations is additional Status fields for the Resource to save some additional State as well as convey more information to the user. This is roughly akin to Annotations on any k8s resource, just the reconciler conveying richer information outwards. - type: object - x-kubernetes-preserve-unknown-fields: true - conditions: - description: Conditions the latest available observations of a resource's current state. - type: array - items: - type: object - required: - - type - - status - properties: - lastTransitionTime: - description: LastTransitionTime is the last time the condition transitioned from one status to another. We use VolatileTime in place of metav1.Time to exclude this from creating equality.Semantic differences (all other things held constant). - type: string - message: - description: A human readable message indicating details about the transition. - type: string - reason: - description: The reason for the condition's last transition. - type: string - severity: - description: Severity with which to treat failures of this type of condition. When this is not specified, it defaults to Error. - type: string - status: - description: Status of the condition, one of True, False, Unknown. - type: string - type: - description: Type of condition. - type: string - observedGeneration: - description: ObservedGeneration is the 'Generation' of the Service that was last processed by the controller. - type: integer - format: int64 - physicalSubscription: - description: PhysicalSubscription is the fully resolved values that this Subscription represents. - type: object - properties: - deadLetterSinkUri: - description: ReplyURI is the fully resolved URI for the spec.delivery.deadLetterSink. - type: string - replyUri: - description: ReplyURI is the fully resolved URI for the spec.reply. - type: string - subscriberUri: - description: SubscriberURI is the fully resolved URI for spec.subscriber. - type: string - additionalPrinterColumns: - - name: Age - type: date - jsonPath: .metadata.creationTimestamp - - name: Ready - type: string - jsonPath: ".status.conditions[?(@.type==\"Ready\")].status" - - name: Reason - type: string - jsonPath: ".status.conditions[?(@.type==\"Ready\")].reason" - names: - kind: Subscription - plural: subscriptions - singular: subscription - categories: - - all - - knative - - messaging - shortNames: - - sub - scope: Namespaced - ---- -# Copyright 2020 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - name: triggers.eventing.knative.dev - labels: - eventing.knative.dev/release: "v1.8.6" - knative.dev/crd-install: "true" - app.kubernetes.io/version: "1.8.6" - app.kubernetes.io/name: knative-eventing -spec: - group: eventing.knative.dev - versions: - - name: v1 - served: true - storage: true - subresources: - status: {} - additionalPrinterColumns: - - name: Broker - type: string - jsonPath: .spec.broker - - name: Subscriber_URI - type: string - jsonPath: .status.subscriberUri - - name: Age - type: date - jsonPath: .metadata.creationTimestamp - - name: Ready - type: string - jsonPath: ".status.conditions[?(@.type==\"Ready\")].status" - - name: Reason - type: string - jsonPath: ".status.conditions[?(@.type==\"Ready\")].reason" - schema: - openAPIV3Schema: - description: 'Trigger represents a request to have events delivered to a subscriber from a Broker''s event pool.' - type: object - properties: - spec: - description: Spec defines the desired state of the Trigger. - type: object - x-kubernetes-preserve-unknown-fields: true - properties: - broker: - description: Broker is the broker that this trigger receives events from. - type: string - delivery: - description: Delivery contains the delivery spec for this specific trigger. - type: object - x-kubernetes-preserve-unknown-fields: true # This is necessary to enable the experimental feature delivery-timeout - properties: - backoffDelay: - description: 'BackoffDelay is the delay before retrying. More information on Duration format: - https://www.iso.org/iso-8601-date-and-time-format.html - https://en.wikipedia.org/wiki/ISO_8601 For linear policy, backoff delay is backoffDelay*. For exponential policy, backoff delay is backoffDelay*2^.' - type: string - backoffPolicy: - description: BackoffPolicy is the retry backoff policy (linear, exponential). - type: string - deadLetterSink: - description: DeadLetterSink is the sink receiving event that could not be sent to a destination. - type: object - properties: - ref: - description: Ref points to an Addressable. - type: object - properties: - apiVersion: - description: API version of the referent. - type: string - kind: - description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - namespace: - description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ This is optional field, it gets defaulted to the object holding it if left out.' - type: string - uri: - description: URI can be an absolute URL(non-empty scheme and non-empty host) pointing to the target or a relative URI. Relative URIs will be resolved using the base URI retrieved from Ref. - type: string - retry: - description: Retry is the minimum number of retries the sender should attempt when sending an event before moving it to the dead letter sink. - type: integer - format: int32 - filter: - description: 'Filter is the filter to apply against all events from the Broker. Only events that pass this filter will be sent to the Subscriber. If not specified, will default to allowing all events. ' - type: object - properties: - attributes: - description: 'Attributes filters events by exact match on event context attributes. Each key in the map is compared with the equivalent key in the event context. An event passes the filter if all values are equal to the specified values. Nested context attributes are not supported as keys. Only string values are supported. ' - type: object - x-kubernetes-preserve-unknown-fields: true - subscriber: - description: Subscriber is the addressable that receives events from the Broker that pass the Filter. It is required. - type: object - properties: - ref: - description: Ref points to an Addressable. - type: object - properties: - apiVersion: - description: API version of the referent. - type: string - kind: - description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - namespace: - description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ This is optional field, it gets defaulted to the object holding it if left out.' - type: string - uri: - description: URI can be an absolute URL(non-empty scheme and non-empty host) pointing to the target or a relative URI. Relative URIs will be resolved using the base URI retrieved from Ref. - type: string - status: - description: Status represents the current state of the Trigger. This data may be out of date. - type: object - properties: - annotations: - description: Annotations is additional Status fields for the Resource to save some additional State as well as convey more information to the user. This is roughly akin to Annotations on any k8s resource, just the reconciler conveying richer information outwards. - type: object - x-kubernetes-preserve-unknown-fields: true - conditions: - description: Conditions the latest available observations of a resource's current state. - type: array - items: - type: object - required: - - type - - status - properties: - lastTransitionTime: - description: 'LastTransitionTime is the last time the condition transitioned from one status to another. We use VolatileTime in place of metav1.Time to exclude this from creating equality.Semantic differences (all other things held constant).' - type: string - message: - description: 'A human readable message indicating details about the transition.' - type: string - reason: - description: 'The reason for the condition''s last transition.' - type: string - severity: - description: 'Severity with which to treat failures of this type of condition. When this is not specified, it defaults to Error.' - type: string - status: - description: 'Status of the condition, one of True, False, Unknown.' - type: string - type: - description: 'Type of condition.' - type: string - deadLetterSinkUri: - description: DeadLetterSinkURI is the resolved URI of the dead letter sink for this Trigger, in case there is none this will fallback to it's Broker status DeadLetterSinkURI. - type: string - observedGeneration: - description: ObservedGeneration is the 'Generation' of the Service that was last processed by the controller. - type: integer - format: int64 - subscriberUri: - description: SubscriberURI is the resolved URI of the receiver for this Trigger. - type: string - names: - kind: Trigger - plural: triggers - singular: trigger - categories: - - all - - knative - - eventing - scope: Namespaced - ---- diff --git a/cmd/operator/kodata/knative-eventing/1.8.6/2-eventing-core.yaml b/cmd/operator/kodata/knative-eventing/1.8.6/2-eventing-core.yaml deleted file mode 100644 index faa579169b..0000000000 --- a/cmd/operator/kodata/knative-eventing/1.8.6/2-eventing-core.yaml +++ /dev/null @@ -1,4640 +0,0 @@ -# Copyright 2018 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -apiVersion: v1 -kind: Namespace -metadata: - name: knative-eventing - labels: - eventing.knative.dev/release: "v1.8.6" - app.kubernetes.io/version: "1.8.6" - app.kubernetes.io/name: knative-eventing - ---- -# Copyright 2018 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: v1 -kind: ServiceAccount -metadata: - name: eventing-controller - namespace: knative-eventing - labels: - eventing.knative.dev/release: "v1.8.6" - app.kubernetes.io/version: "1.8.6" - app.kubernetes.io/name: knative-eventing ---- -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRoleBinding -metadata: - name: eventing-controller - labels: - eventing.knative.dev/release: "v1.8.6" - app.kubernetes.io/version: "1.8.6" - app.kubernetes.io/name: knative-eventing -subjects: - - kind: ServiceAccount - name: eventing-controller - namespace: knative-eventing -roleRef: - kind: ClusterRole - name: knative-eventing-controller - apiGroup: rbac.authorization.k8s.io ---- -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRoleBinding -metadata: - name: eventing-controller-resolver - labels: - eventing.knative.dev/release: "v1.8.6" - app.kubernetes.io/version: "1.8.6" - app.kubernetes.io/name: knative-eventing -subjects: - - kind: ServiceAccount - name: eventing-controller - namespace: knative-eventing -roleRef: - kind: ClusterRole - name: addressable-resolver - apiGroup: rbac.authorization.k8s.io ---- -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRoleBinding -metadata: - name: eventing-controller-source-observer - labels: - eventing.knative.dev/release: "v1.8.6" - app.kubernetes.io/version: "1.8.6" - app.kubernetes.io/name: knative-eventing -subjects: - - kind: ServiceAccount - name: eventing-controller - namespace: knative-eventing -roleRef: - kind: ClusterRole - name: source-observer - apiGroup: rbac.authorization.k8s.io ---- -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRoleBinding -metadata: - name: eventing-controller-sources-controller - labels: - eventing.knative.dev/release: "v1.8.6" - app.kubernetes.io/version: "1.8.6" - app.kubernetes.io/name: knative-eventing -subjects: - - kind: ServiceAccount - name: eventing-controller - namespace: knative-eventing -roleRef: - kind: ClusterRole - name: knative-eventing-sources-controller - apiGroup: rbac.authorization.k8s.io ---- -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRoleBinding -metadata: - name: eventing-controller-manipulator - labels: - eventing.knative.dev/release: "v1.8.6" - app.kubernetes.io/version: "1.8.6" - app.kubernetes.io/name: knative-eventing -subjects: - - kind: ServiceAccount - name: eventing-controller - namespace: knative-eventing -roleRef: - kind: ClusterRole - name: channelable-manipulator - apiGroup: rbac.authorization.k8s.io - ---- -# Copyright 2020 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: v1 -kind: ServiceAccount -metadata: - name: pingsource-mt-adapter - namespace: knative-eventing - labels: - eventing.knative.dev/release: "v1.8.6" - app.kubernetes.io/version: "1.8.6" - app.kubernetes.io/name: knative-eventing ---- -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRoleBinding -metadata: - name: knative-eventing-pingsource-mt-adapter - labels: - eventing.knative.dev/release: "v1.8.6" - app.kubernetes.io/version: "1.8.6" - app.kubernetes.io/name: knative-eventing -subjects: - - kind: ServiceAccount - name: pingsource-mt-adapter - namespace: knative-eventing -roleRef: - kind: ClusterRole - name: knative-eventing-pingsource-mt-adapter - apiGroup: rbac.authorization.k8s.io - ---- -# Copyright 2018 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: v1 -kind: ServiceAccount -metadata: - name: eventing-webhook - namespace: knative-eventing - labels: - eventing.knative.dev/release: "v1.8.6" - app.kubernetes.io/version: "1.8.6" - app.kubernetes.io/name: knative-eventing ---- -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRoleBinding -metadata: - name: eventing-webhook - labels: - eventing.knative.dev/release: "v1.8.6" - app.kubernetes.io/version: "1.8.6" - app.kubernetes.io/name: knative-eventing -subjects: - - kind: ServiceAccount - name: eventing-webhook - namespace: knative-eventing -roleRef: - kind: ClusterRole - name: knative-eventing-webhook - apiGroup: rbac.authorization.k8s.io ---- -apiVersion: rbac.authorization.k8s.io/v1 -kind: RoleBinding -metadata: - namespace: knative-eventing - name: eventing-webhook - labels: - eventing.knative.dev/release: "v1.8.6" - app.kubernetes.io/version: "1.8.6" - app.kubernetes.io/name: knative-eventing -subjects: - - kind: ServiceAccount - name: eventing-webhook - namespace: knative-eventing -roleRef: - kind: Role - name: knative-eventing-webhook - apiGroup: rbac.authorization.k8s.io ---- -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRoleBinding -metadata: - name: eventing-webhook-resolver - labels: - eventing.knative.dev/release: "v1.8.6" - app.kubernetes.io/version: "1.8.6" - app.kubernetes.io/name: knative-eventing -subjects: - - kind: ServiceAccount - name: eventing-webhook - namespace: knative-eventing -roleRef: - kind: ClusterRole - name: addressable-resolver - apiGroup: rbac.authorization.k8s.io ---- -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRoleBinding -metadata: - name: eventing-webhook-podspecable-binding - labels: - eventing.knative.dev/release: "v1.8.6" - app.kubernetes.io/version: "1.8.6" - app.kubernetes.io/name: knative-eventing -subjects: - - kind: ServiceAccount - name: eventing-webhook - namespace: knative-eventing -roleRef: - kind: ClusterRole - name: podspecable-binding - apiGroup: rbac.authorization.k8s.io - ---- -# Copyright 2020 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: v1 -kind: ConfigMap -metadata: - name: config-br-default-channel - namespace: knative-eventing - labels: - eventing.knative.dev/release: "v1.8.6" - app.kubernetes.io/version: "1.8.6" - app.kubernetes.io/name: knative-eventing -data: - channel-template-spec: | - apiVersion: messaging.knative.dev/v1 - kind: InMemoryChannel - ---- -# Copyright 2021 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: v1 -kind: ConfigMap -metadata: - name: config-br-defaults - namespace: knative-eventing - labels: - eventing.knative.dev/release: "v1.8.6" - app.kubernetes.io/version: "1.8.6" - app.kubernetes.io/name: knative-eventing -data: - # Configures the default for any Broker that does not specify a spec.config or Broker class. - default-br-config: | - clusterDefault: - brokerClass: MTChannelBasedBroker - apiVersion: v1 - kind: ConfigMap - name: config-br-default-channel - namespace: knative-eventing - delivery: - retry: 10 - backoffPolicy: exponential - backoffDelay: PT0.2S - ---- -# Copyright 2018 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: v1 -kind: ConfigMap -metadata: - name: default-ch-webhook - namespace: knative-eventing - labels: - eventing.knative.dev/release: "v1.8.6" - app.kubernetes.io/version: "1.8.6" - app.kubernetes.io/name: knative-eventing -data: - # Configuration for defaulting channels that do not specify CRD implementations. - default-ch-config: | - clusterDefault: - apiVersion: messaging.knative.dev/v1 - kind: InMemoryChannel - namespaceDefaults: - some-namespace: - apiVersion: messaging.knative.dev/v1 - kind: InMemoryChannel - ---- -# Copyright 2020 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: v1 -kind: ConfigMap -metadata: - name: config-ping-defaults - namespace: knative-eventing - labels: - eventing.knative.dev/release: "v1.8.6" - annotations: - knative.dev/example-checksum: "9185c153" - app.kubernetes.io/version: "1.8.6" - app.kubernetes.io/name: knative-eventing -data: - _example: | - ################################ - # # - # EXAMPLE CONFIGURATION # - # # - ################################ - - # This block is not actually functional configuration, - # but serves to illustrate the available configuration - # options and document them in a way that is accessible - # to users that `kubectl edit` this config map. - # - # These sample configuration options may be copied out of - # this example block and unindented to be in the data block - # to actually change the configuration. - - # Max number of bytes allowed to be sent for message excluding any - # base64 decoding. Default is no limit set for data - data-max-size: -1 - ---- -# Copyright 2021 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: v1 -kind: ConfigMap -metadata: - name: config-features - namespace: knative-eventing - labels: - eventing.knative.dev/release: "v1.8.6" - knative.dev/config-propagation: original - knative.dev/config-category: eventing - app.kubernetes.io/version: "1.8.6" - app.kubernetes.io/name: knative-eventing -data: - # ALPHA feature: The kreference-group allows you to use the Group field in KReferences. - # For more details: https://github.com/knative/eventing/issues/5086 - kreference-group: "disabled" - # ALPHA feature: The delivery-retryafter allows you to use the RetryAfter field in DeliverySpec. - # For more details: https://github.com/knative/eventing/issues/5811 - delivery-retryafter: "disabled" - # BETA feature: The delivery-timeout allows you to use the Timeout field in DeliverySpec. - # For more details: https://github.com/knative/eventing/issues/5148 - delivery-timeout: "enabled" - # ALPHA feature: The kreference-mapping allows you to map kreference onto templated URI - # For more details: https://github.com/knative/eventing/issues/5593 - kreference-mapping: "disabled" - # BETA feature: The subscriber-strict flag force subscriptions to define a subscriber - # For more details: https://github.com/knative/eventing/issues/5756 - strict-subscriber: "enabled" - # ALPHA feature: The new-trigger-filters flag allows you to use the new `filters` field - # in Trigger objects with its rich filtering capabilities. - # For more details: https://github.com/knative/eventing/issues/5204 - new-trigger-filters: "disabled" - ---- -# Copyright 2021 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: v1 -kind: ConfigMap -metadata: - name: config-kreference-mapping - namespace: knative-eventing - labels: - eventing.knative.dev/release: "v1.8.6" - knative.dev/config-propagation: original - knative.dev/config-category: eventing - annotations: - knative.dev/example-checksum: "7375dbe1" -data: - _example: | - ################################ - # # - # EXAMPLE CONFIGURATION # - # # - ################################ - - # This block is not actually functional configuration, - # but serves to illustrate the available configuration - # options and document them in a way that is accessible - # to users that `kubectl edit` this config map. - - # this is an example of mapping from pod to addressable-pod service - # the data key must be of the form "kind.version.group" - # the data value must be a valid URL. Valid template data are: - # - Name: reference name - # - Namespace: reference namespace - # - SystemNamespace: knative namespace - # - UID: reference UID - # - # Pod.v1: https://addressable-pod.{{ .SystemNamespace }}.svc.cluster.local/{{ .Name }} - ---- -# Copyright 2018 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: v1 -kind: ConfigMap -metadata: - name: config-leader-election - namespace: knative-eventing - labels: - eventing.knative.dev/release: "v1.8.6" - app.kubernetes.io/version: "1.8.6" - app.kubernetes.io/name: knative-eventing - annotations: - knative.dev/example-checksum: "f7948630" -data: - _example: | - ################################ - # # - # EXAMPLE CONFIGURATION # - # # - ################################ - - # This block is not actually functional configuration, - # but serves to illustrate the available configuration - # options and document them in a way that is accessible - # to users that `kubectl edit` this config map. - # - # These sample configuration options may be copied out of - # this example block and unindented to be in the data block - # to actually change the configuration. - - # lease-duration is how long non-leaders will wait to try to acquire the - # lock; 15 seconds is the value used by core kubernetes controllers. - lease-duration: "15s" - - # renew-deadline is how long a leader will try to renew the lease before - # giving up; 10 seconds is the value used by core kubernetes controllers. - renew-deadline: "10s" - - # retry-period is how long the leader election client waits between tries of - # actions; 2 seconds is the value used by core kubernetes controllers. - retry-period: "2s" - - # buckets is the number of buckets used to partition key space of each - # Reconciler. If this number is M and the replica number of the controller - # is N, the N replicas will compete for the M buckets. The owner of a - # bucket will take care of the reconciling for the keys partitioned into - # that bucket. - buckets: "1" - ---- -# Copyright 2018 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: v1 -kind: ConfigMap -metadata: - name: config-logging - namespace: knative-eventing - labels: - eventing.knative.dev/release: "v1.8.6" - knative.dev/config-propagation: original - knative.dev/config-category: eventing - app.kubernetes.io/version: "1.8.6" - app.kubernetes.io/name: knative-eventing -data: - # Common configuration for all Knative codebase - zap-logger-config: | - { - "level": "info", - "development": false, - "outputPaths": ["stdout"], - "errorOutputPaths": ["stderr"], - "encoding": "json", - "encoderConfig": { - "timeKey": "ts", - "levelKey": "level", - "nameKey": "logger", - "callerKey": "caller", - "messageKey": "msg", - "stacktraceKey": "stacktrace", - "lineEnding": "", - "levelEncoder": "", - "timeEncoder": "iso8601", - "durationEncoder": "", - "callerEncoder": "" - } - } - # Log level overrides - # For all components changes are be picked up immediately. - loglevel.controller: "info" - loglevel.webhook: "info" - ---- -# Copyright 2019 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: v1 -kind: ConfigMap -metadata: - name: config-observability - namespace: knative-eventing - labels: - eventing.knative.dev/release: "v1.8.6" - knative.dev/config-propagation: original - knative.dev/config-category: eventing - app.kubernetes.io/version: "1.8.6" - app.kubernetes.io/name: knative-eventing - annotations: - knative.dev/example-checksum: "f46cf09d" -data: - _example: | - ################################ - # # - # EXAMPLE CONFIGURATION # - # # - ################################ - - # This block is not actually functional configuration, - # but serves to illustrate the available configuration - # options and document them in a way that is accessible - # to users that `kubectl edit` this config map. - # - # These sample configuration options may be copied out of - # this example block and unindented to be in the data block - # to actually change the configuration. - - # metrics.backend-destination field specifies the system metrics destination. - # It supports either prometheus (the default) or stackdriver. - # Note: Using stackdriver will incur additional charges - metrics.backend-destination: prometheus - - # metrics.request-metrics-backend-destination specifies the request metrics - # destination. If non-empty, it enables queue proxy to send request metrics. - # Currently supported values: prometheus, stackdriver. - metrics.request-metrics-backend-destination: prometheus - - # metrics.stackdriver-project-id field specifies the stackdriver project ID. This - # field is optional. When running on GCE, application default credentials will be - # used if this field is not provided. - metrics.stackdriver-project-id: "" - - # metrics.allow-stackdriver-custom-metrics indicates whether it is allowed to send metrics to - # Stackdriver using "global" resource type and custom metric type if the - # metrics are not supported by "knative_broker", "knative_trigger", and "knative_source" resource types. - # Setting this flag to "true" could cause extra Stackdriver charge. - # If metrics.backend-destination is not Stackdriver, this is ignored. - metrics.allow-stackdriver-custom-metrics: "false" - - # profiling.enable indicates whether it is allowed to retrieve runtime profiling data from - # the pods via an HTTP server in the format expected by the pprof visualization tool. When - # enabled, the Knative Eventing pods expose the profiling data on an alternate HTTP port 8008. - # The HTTP context root for profiling is then /debug/pprof/. - profiling.enable: "false" - - # sink-event-error-reporting.enable whether the adapter reports a kube event to the CRD indicating - # a failure to send a cloud event to the sink. - sink-event-error-reporting.enable: "false" - ---- -# Copyright 2022 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: v1 -kind: ConfigMap -metadata: - name: config-sugar - namespace: knative-eventing - labels: - eventing.knative.dev/release: "v1.8.6" - app.kubernetes.io/version: "1.8.6" - app.kubernetes.io/name: knative-eventing - annotations: - knative.dev/example-checksum: "62dfac6f" -data: - _example: | - ################################ - # # - # EXAMPLE CONFIGURATION # - # # - ################################ - # This block is not actually functional configuration, - # but serves to illustrate the available configuration - # options and document them in a way that is accessible - # to users that `kubectl edit` this config map. - # - # These sample configuration options may be copied out of - # this example block and unindented to be in the data block - # to actually change the configuration. - - # namespace-selector specifies a LabelSelector which - # determines which namespaces the Sugar Controller should operate upon - # Use an empty value to disable the feature (this is the default): - namespace-selector: "" - - # Use an empty object as a string to enable for all namespaces - namespace-selector: "{}" - - # trigger-selector specifies a LabelSelector which - # determines which triggers the Sugar Controller should operate upon - # Use an empty value to disable the feature (this is the default): - trigger-selector: "" - - # Use an empty object as string to enable for all triggers - trigger-selector: "{}" - ---- -# Copyright 2019 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: v1 -kind: ConfigMap -metadata: - name: config-tracing - namespace: knative-eventing - labels: - eventing.knative.dev/release: "v1.8.6" - knative.dev/config-propagation: original - knative.dev/config-category: eventing - app.kubernetes.io/version: "1.8.6" - app.kubernetes.io/name: knative-eventing - annotations: - knative.dev/example-checksum: "0492ceb0" -data: - _example: | - ################################ - # # - # EXAMPLE CONFIGURATION # - # # - ################################ - # This block is not actually functional configuration, - # but serves to illustrate the available configuration - # options and document them in a way that is accessible - # to users that `kubectl edit` this config map. - # - # These sample configuration options may be copied out of - # this example block and unindented to be in the data block - # to actually change the configuration. - # - # This may be "zipkin" or "none". the default is "none" - backend: "none" - - # URL to zipkin collector where traces are sent. - # This must be specified when backend is "zipkin" - zipkin-endpoint: "http://zipkin.istio-system.svc.cluster.local:9411/api/v2/spans" - - # Enable zipkin debug mode. This allows all spans to be sent to the server - # bypassing sampling. - debug: "false" - - # Percentage (0-1) of requests to trace - sample-rate: "0.1" - ---- -# Copyright 2018 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: apps/v1 -kind: Deployment -metadata: - name: eventing-controller - namespace: knative-eventing - labels: - eventing.knative.dev/release: "v1.8.6" - knative.dev/high-availability: "true" - app.kubernetes.io/component: eventing-controller - app.kubernetes.io/version: "1.8.6" - app.kubernetes.io/name: knative-eventing -spec: - selector: - matchLabels: - app: eventing-controller - template: - metadata: - labels: - app: eventing-controller - eventing.knative.dev/release: "v1.8.6" - app.kubernetes.io/component: eventing-controller - app.kubernetes.io/version: "1.8.6" - app.kubernetes.io/name: knative-eventing - spec: - # To avoid node becoming SPOF, spread our replicas to different nodes. - affinity: - podAntiAffinity: - preferredDuringSchedulingIgnoredDuringExecution: - - podAffinityTerm: - labelSelector: - matchLabels: - app: eventing-controller - topologyKey: kubernetes.io/hostname - weight: 100 - serviceAccountName: eventing-controller - enableServiceLinks: false - containers: - - name: eventing-controller - terminationMessagePolicy: FallbackToLogsOnError - image: gcr.io/knative-releases/knative.dev/eventing/cmd/controller@sha256:cce97ef0dba34fd42c7f73aecb107ca214bd67e5d9088a9afc7d298e2f334b65 - resources: - requests: - cpu: 100m - memory: 100Mi - env: - - name: SYSTEM_NAMESPACE - valueFrom: - fieldRef: - fieldPath: metadata.namespace - - name: CONFIG_LOGGING_NAME - value: config-logging - - name: CONFIG_OBSERVABILITY_NAME - value: config-observability - - name: METRICS_DOMAIN - value: knative.dev/eventing - # APIServerSource - - name: APISERVER_RA_IMAGE - value: gcr.io/knative-releases/knative.dev/eventing/cmd/apiserver_receive_adapter@sha256:647ccefa3e24319d37d9c79822ac48264f098160733635a1e97a96d54c44e98f - - name: POD_NAME - valueFrom: - fieldRef: - fieldPath: metadata.name - ## Adapter settings - # - name: K_LOGGING_CONFIG - # value: '' - # - name: K_LEADER_ELECTION_CONFIG - # value: '' - # - name: K_NO_SHUTDOWN_AFTER - # value: '' - ## Time in seconds the adapter will wait for the sink to respond. Default is no timeout - # - name: K_SINK_TIMEOUT - # value: '' - securityContext: - allowPrivilegeEscalation: false - readOnlyRootFilesystem: true - runAsNonRoot: true - capabilities: - drop: - - ALL - seccompProfile: - type: RuntimeDefault - livenessProbe: - httpGet: - path: /health - port: probes - scheme: HTTP - initialDelaySeconds: 20 - periodSeconds: 10 - timeoutSeconds: 5 - readinessProbe: - httpGet: - path: /readiness - port: probes - scheme: HTTP - initialDelaySeconds: 20 - periodSeconds: 10 - timeoutSeconds: 5 - ports: - - name: metrics - containerPort: 9090 - - name: profiling - containerPort: 8008 - - name: probes - containerPort: 8080 - ---- -# Copyright 2018 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: apps/v1 -kind: Deployment -metadata: - name: pingsource-mt-adapter - namespace: knative-eventing - labels: - eventing.knative.dev/release: "v1.8.6" - app.kubernetes.io/component: pingsource-mt-adapter - app.kubernetes.io/version: "1.8.6" - app.kubernetes.io/name: knative-eventing -spec: - # when set to 0 (and only 0) will be set to 1 when the first PingSource is created. - replicas: 0 - selector: - matchLabels: &labels - eventing.knative.dev/source: ping-source-controller - sources.knative.dev/role: adapter - template: - metadata: - labels: - !!merge <<: *labels - eventing.knative.dev/release: "v1.8.6" - app.kubernetes.io/component: pingsource-mt-adapter - app.kubernetes.io/version: "1.8.6" - app.kubernetes.io/name: knative-eventing - spec: - affinity: - podAntiAffinity: - preferredDuringSchedulingIgnoredDuringExecution: - - podAffinityTerm: - labelSelector: - matchLabels: *labels - topologyKey: kubernetes.io/hostname - weight: 100 - enableServiceLinks: false - containers: - - name: dispatcher - image: gcr.io/knative-releases/knative.dev/eventing/cmd/mtping@sha256:84db6de8e52de3eb9739eca29098d93d74a401292708d860eae6a4a625f811f0 - env: - - name: SYSTEM_NAMESPACE - value: '' - valueFrom: - fieldRef: - apiVersion: v1 - fieldPath: metadata.namespace - - name: NAMESPACE - value: '' - valueFrom: - fieldRef: - apiVersion: v1 - fieldPath: metadata.namespace - # DO NOT MODIFY: The values below are being filled by the ping source controller - # See 500-controller.yaml - - name: K_METRICS_CONFIG - value: '' - - name: K_LOGGING_CONFIG - value: '' - - name: K_LEADER_ELECTION_CONFIG - value: '' - - name: K_NO_SHUTDOWN_AFTER - value: '' - - name: K_SINK_TIMEOUT - value: '-1' - - name: POD_NAME - valueFrom: - fieldRef: - fieldPath: metadata.name - ports: - - containerPort: 9090 - name: metrics - protocol: TCP - resources: - requests: - cpu: 125m - memory: 64Mi - limits: - cpu: 1000m - memory: 2048Mi - securityContext: - allowPrivilegeEscalation: false - readOnlyRootFilesystem: true - runAsNonRoot: true - capabilities: - drop: - - ALL - seccompProfile: - type: RuntimeDefault - serviceAccountName: pingsource-mt-adapter - ---- -# Copyright 2021 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: autoscaling/v2 -kind: HorizontalPodAutoscaler -metadata: - name: eventing-webhook - namespace: knative-eventing - labels: - eventing.knative.dev/release: "v1.8.6" - app.kubernetes.io/component: eventing-webhook - app.kubernetes.io/version: "1.8.6" - app.kubernetes.io/name: knative-eventing -spec: - scaleTargetRef: - apiVersion: apps/v1 - kind: Deployment - name: eventing-webhook - minReplicas: 1 - maxReplicas: 5 - metrics: - - type: Resource - resource: - name: cpu - target: - type: Utilization - averageUtilization: 100 ---- -# Webhook PDB. -apiVersion: policy/v1 -kind: PodDisruptionBudget -metadata: - name: eventing-webhook - namespace: knative-eventing - labels: - eventing.knative.dev/release: "v1.8.6" - app.kubernetes.io/component: eventing-webhook - app.kubernetes.io/version: "1.8.6" - app.kubernetes.io/name: knative-eventing -spec: - minAvailable: 80% - selector: - matchLabels: - app: eventing-webhook - ---- -# Copyright 2018 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: apps/v1 -kind: Deployment -metadata: - name: eventing-webhook - namespace: knative-eventing - labels: - eventing.knative.dev/release: "v1.8.6" - app.kubernetes.io/component: eventing-webhook - app.kubernetes.io/version: "1.8.6" - app.kubernetes.io/name: knative-eventing -spec: - selector: - matchLabels: &labels - app: eventing-webhook - role: eventing-webhook - template: - metadata: - labels: - !!merge <<: *labels - eventing.knative.dev/release: "v1.8.6" - app.kubernetes.io/component: eventing-webhook - app.kubernetes.io/version: "1.8.6" - app.kubernetes.io/name: knative-eventing - spec: - # To avoid node becoming SPOF, spread our replicas to different nodes. - affinity: - podAntiAffinity: - preferredDuringSchedulingIgnoredDuringExecution: - - podAffinityTerm: - labelSelector: - matchLabels: - app: eventing-webhook - topologyKey: kubernetes.io/hostname - weight: 100 - serviceAccountName: eventing-webhook - enableServiceLinks: false - containers: - - name: eventing-webhook - terminationMessagePolicy: FallbackToLogsOnError - # This is the Go import path for the binary that is containerized - # and substituted here. - image: gcr.io/knative-releases/knative.dev/eventing/cmd/webhook@sha256:a346e2e5706fb20a00b8789f841cac04566141a148cf211a5b2af2d5f372f603 - resources: - requests: - # taken from serving. - cpu: 100m - memory: 50Mi - limits: - # taken from serving. - cpu: 200m - memory: 200Mi - env: - - name: SYSTEM_NAMESPACE - valueFrom: - fieldRef: - fieldPath: metadata.namespace - - name: CONFIG_LOGGING_NAME - value: config-logging - - name: METRICS_DOMAIN - value: knative.dev/eventing - - name: WEBHOOK_NAME - value: eventing-webhook - - name: WEBHOOK_PORT - value: "8443" - # SINK_BINDING_SELECTION_MODE specifies the NamespaceSelector and ObjectSelector - # for the sinkbinding webhook. - # If `inclusion` is selected, namespaces/objects labelled as `bindings.knative.dev/include:true` - # will be considered by the sinkbinding webhook; - # If `exclusion` is selected, namespaces/objects labelled as `bindings.knative.dev/exclude:true` - # will NOT be considered by the sinkbinding webhook. - # The default is `exclusion`. - - name: SINK_BINDING_SELECTION_MODE - value: "exclusion" - - name: POD_NAME - valueFrom: - fieldRef: - fieldPath: metadata.name - securityContext: - allowPrivilegeEscalation: false - readOnlyRootFilesystem: true - runAsNonRoot: true - capabilities: - drop: - - ALL - seccompProfile: - type: RuntimeDefault - ports: - - name: https-webhook - containerPort: 8443 - - name: metrics - containerPort: 9090 - - name: profiling - containerPort: 8008 - readinessProbe: &probe - periodSeconds: 1 - httpGet: - scheme: HTTPS - port: 8443 - httpHeaders: - - name: k-kubelet-probe - value: "webhook" - livenessProbe: - !!merge <<: *probe - initialDelaySeconds: 120 - # Our webhook should gracefully terminate by lame ducking first, set this to a sufficiently - # high value that we respect whatever value it has configured for the lame duck grace period. - terminationGracePeriodSeconds: 300 ---- -apiVersion: v1 -kind: Service -metadata: - labels: - eventing.knative.dev/release: "v1.8.6" - role: eventing-webhook - app.kubernetes.io/component: eventing-webhook - app.kubernetes.io/version: "1.8.6" - app.kubernetes.io/name: knative-eventing - name: eventing-webhook - namespace: knative-eventing -spec: - ports: - - name: https-webhook - port: 443 - targetPort: 8443 - selector: - role: eventing-webhook - ---- -# Copyright 2020 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - creationTimestamp: null - labels: - eventing.knative.dev/release: "v1.8.6" - eventing.knative.dev/source: "true" - duck.knative.dev/source: "true" - knative.dev/crd-install: "true" - app.kubernetes.io/version: "1.8.6" - app.kubernetes.io/name: knative-eventing - annotations: - # TODO add schemas and descriptions - registry.knative.dev/eventTypes: | - [ - { "type": "dev.knative.apiserver.resource.add" }, - { "type": "dev.knative.apiserver.resource.delete" }, - { "type": "dev.knative.apiserver.resource.update" }, - { "type": "dev.knative.apiserver.ref.add" }, - { "type": "dev.knative.apiserver.ref.delete" }, - { "type": "dev.knative.apiserver.ref.update" } - ] - name: apiserversources.sources.knative.dev -spec: - group: sources.knative.dev - versions: - - name: v1 - served: true - storage: true - subresources: - status: {} - schema: - openAPIV3Schema: - description: 'ApiServerSource is an event source that brings Kubernetes API server events into Knative.' - type: object - properties: - spec: - type: object - required: - - resources - properties: - ceOverrides: - description: CloudEventOverrides defines overrides to control the output format and modifications of the event sent to the sink. - type: object - properties: - extensions: - description: Extensions specify what attribute are added or overridden on the outbound event. Each `Extensions` key-value pair are set on the event as an attribute extension independently. - type: object - x-kubernetes-preserve-unknown-fields: true - mode: - description: EventMode controls the format of the event. `Reference` sends a dataref event type for the resource under watch. `Resource` send the full resource lifecycle event. Defaults to `Reference` - type: string - owner: - description: ResourceOwner is an additional filter to only track resources that are owned by a specific resource type. If ResourceOwner matches Resources[n] then Resources[n] is allowed to pass the ResourceOwner filter. - type: object - properties: - apiVersion: - description: APIVersion - the API version of the resource to watch. - type: string - kind: - description: 'Kind of the resource to watch. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - resources: - description: Resource are the resources this source will track and send related lifecycle events from the Kubernetes ApiServer, with an optional label selector to help filter. - type: array - items: - type: object - properties: - apiVersion: - description: APIVersion - the API version of the resource to watch. - type: string - kind: - description: 'Kind of the resource to watch. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - selector: - description: 'LabelSelector filters this source to objects to those resources pass the label selector. More info: http://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#label-selectors' - type: object - properties: - matchExpressions: - description: matchExpressions is a list of label selector requirements. The requirements are ANDed. - type: array - items: - type: object - properties: - key: - description: key is the label key that the selector applies to. - type: string - operator: - description: operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. - type: string - values: - description: values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. - type: array - items: - type: string - matchLabels: - description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. - type: object - x-kubernetes-preserve-unknown-fields: true - serviceAccountName: - description: ServiceAccountName is the name of the ServiceAccount to use to run this source. Defaults to default if not set. - type: string - sink: - description: Sink is a reference to an object that will resolve to a uri to use as the sink. - type: object - properties: - ref: - description: Ref points to an Addressable. - type: object - properties: - apiVersion: - description: API version of the referent. - type: string - kind: - description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - namespace: - description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ This is optional field, it gets defaulted to the object holding it if left out.' - type: string - uri: - description: URI can be an absolute URL(non-empty scheme and non-empty host) pointing to the target or a relative URI. Relative URIs will be resolved using the base URI retrieved from Ref. - type: string - status: - type: object - properties: - annotations: - description: Annotations is additional Status fields for the Resource to save some additional State as well as convey more information to the user. This is roughly akin to Annotations on any k8s resource, just the reconciler conveying richer information outwards. - type: object - x-kubernetes-preserve-unknown-fields: true - ceAttributes: - description: CloudEventAttributes are the specific attributes that the Source uses as part of its CloudEvents. - type: array - items: - type: object - properties: - source: - description: Source is the CloudEvents source attribute. - type: string - type: - description: Type refers to the CloudEvent type attribute. - type: string - conditions: - description: Conditions the latest available observations of a resource's current state. - type: array - items: - type: object - required: - - type - - status - properties: - lastTransitionTime: - description: LastTransitionTime is the last time the condition transitioned from one status to another. We use VolatileTime in place of metav1.Time to exclude this from creating equality.Semantic differences (all other things held constant). - type: string - message: - description: A human readable message indicating details about the transition. - type: string - reason: - description: The reason for the condition's last transition. - type: string - severity: - description: Severity with which to treat failures of this type of condition. When this is not specified, it defaults to Error. - type: string - status: - description: Status of the condition, one of True, False, Unknown. - type: string - type: - description: Type of condition. - type: string - observedGeneration: - description: ObservedGeneration is the 'Generation' of the Service that was last processed by the controller. - type: integer - format: int64 - sinkUri: - description: SinkURI is the current active sink URI that has been configured for the Source. - type: string - additionalPrinterColumns: - - name: Sink - type: string - jsonPath: ".status.sinkUri" - - name: Age - type: date - jsonPath: .metadata.creationTimestamp - - name: Ready - type: string - jsonPath: ".status.conditions[?(@.type==\"Ready\")].status" - - name: Reason - type: string - jsonPath: ".status.conditions[?(@.type==\"Ready\")].reason" - names: - categories: - - all - - knative - - sources - kind: ApiServerSource - plural: apiserversources - singular: apiserversource - scope: Namespaced - ---- -# Copyright 2020 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - name: brokers.eventing.knative.dev - labels: - eventing.knative.dev/release: "v1.8.6" - knative.dev/crd-install: "true" - duck.knative.dev/addressable: "true" - app.kubernetes.io/version: "1.8.6" - app.kubernetes.io/name: knative-eventing -spec: - group: eventing.knative.dev - versions: - - name: v1 - served: true - storage: true - subresources: - status: {} - schema: - openAPIV3Schema: - description: 'Broker collects a pool of events that are consumable using Triggers. Brokers provide a well-known endpoint for event delivery that senders can use with minimal knowledge of the event routing strategy. Subscribers use Triggers to request delivery of events from a Broker''s pool to a specific URL or Addressable endpoint.' - type: object - properties: - spec: - description: Spec defines the desired state of the Broker. - type: object - properties: - config: - description: Config is a KReference to the configuration that specifies configuration options for this Broker. For example, this could be a pointer to a ConfigMap. - type: object - properties: - apiVersion: - description: API version of the referent. - type: string - kind: - description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - namespace: - description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ This is optional field, it gets defaulted to the object holding it if left out.' - type: string - delivery: - description: Delivery contains the delivery spec for each trigger to this Broker. Each trigger delivery spec, if any, overrides this global delivery spec. - type: object - properties: - backoffDelay: - description: 'BackoffDelay is the delay before retrying. More information on Duration format: - https://www.iso.org/iso-8601-date-and-time-format.html - https://en.wikipedia.org/wiki/ISO_8601 For linear policy, backoff delay is backoffDelay*. For exponential policy, backoff delay is backoffDelay*2^.' - type: string - backoffPolicy: - description: BackoffPolicy is the retry backoff policy (linear, exponential). - type: string - deadLetterSink: - description: DeadLetterSink is the sink receiving event that could not be sent to a destination. - type: object - properties: - ref: - description: Ref points to an Addressable. - type: object - properties: - apiVersion: - description: API version of the referent. - type: string - kind: - description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - namespace: - description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ This is optional field, it gets defaulted to the object holding it if left out.' - type: string - uri: - description: URI can be an absolute URL(non-empty scheme and non-empty host) pointing to the target or a relative URI. Relative URIs will be resolved using the base URI retrieved from Ref. - type: string - retry: - description: Retry is the minimum number of retries the sender should attempt when sending an event before moving it to the dead letter sink. - type: integer - format: int32 - x-kubernetes-preserve-unknown-fields: true # This is necessary to enable the experimental feature delivery-timeout - status: - description: Status represents the current state of the Broker. This data may be out of date. - type: object - properties: - address: - description: Broker is Addressable. It exposes the endpoint as an URI to get events delivered into the Broker mesh. - type: object - properties: - url: - type: string - annotations: - description: Annotations is additional Status fields for the Resource to save some additional State as well as convey more information to the user. This is roughly akin to Annotations on any k8s resource, just the reconciler conveying richer information outwards. - type: object - x-kubernetes-preserve-unknown-fields: true - conditions: - description: Conditions the latest available observations of a resource's current state. - type: array - items: - type: object - required: - - type - - status - properties: - lastTransitionTime: - description: 'LastTransitionTime is the last time the condition transitioned from one status to another. We use VolatileTime in place of metav1.Time to exclude this from creating equality.Semantic differences (all other things held constant).' - type: string - message: - description: 'A human readable message indicating details about the transition.' - type: string - reason: - description: 'The reason for the condition''s last transition.' - type: string - severity: - description: 'Severity with which to treat failures of this type of condition. When this is not specified, it defaults to Error.' - type: string - status: - description: 'Status of the condition, one of True, False, Unknown.' - type: string - type: - description: 'Type of condition.' - type: string - deadLetterSinkUri: - description: DeadLetterSinkURI is the resolved URI of the dead letter sink that will be used as a fallback when not specified by Triggers. - type: string - observedGeneration: - description: ObservedGeneration is the 'Generation' of the Service that was last processed by the controller. - type: integer - format: int64 - additionalPrinterColumns: - - name: URL - type: string - jsonPath: .status.address.url - - name: Age - type: date - jsonPath: .metadata.creationTimestamp - - name: Ready - type: string - jsonPath: ".status.conditions[?(@.type==\"Ready\")].status" - - name: Reason - type: string - jsonPath: ".status.conditions[?(@.type==\"Ready\")].reason" - names: - kind: Broker - plural: brokers - singular: broker - categories: - - all - - knative - - eventing - scope: Namespaced - ---- -# Copyright 2020 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - name: channels.messaging.knative.dev - labels: - eventing.knative.dev/release: "v1.8.6" - knative.dev/crd-install: "true" - messaging.knative.dev/subscribable: "true" - duck.knative.dev/addressable: "true" - app.kubernetes.io/version: "1.8.6" - app.kubernetes.io/name: knative-eventing -spec: - group: messaging.knative.dev - versions: - - name: v1 - served: true - storage: true - subresources: - status: {} - additionalPrinterColumns: - - name: URL - type: string - jsonPath: .status.address.url - - name: Age - type: date - jsonPath: .metadata.creationTimestamp - - name: Ready - type: string - jsonPath: ".status.conditions[?(@.type==\"Ready\")].status" - - name: Reason - type: string - jsonPath: ".status.conditions[?(@.type==\"Ready\")].reason" - schema: - openAPIV3Schema: - description: 'Channel represents a generic Channel. It is normally used when we want a Channel, but do not need a specific Channel implementation.' - type: object - properties: - spec: - description: Spec defines the desired state of the Channel. - type: object - properties: - channelTemplate: - description: ChannelTemplate specifies which Channel CRD to use to create the CRD Channel backing this Channel. This is immutable after creation. Normally this is set by the Channel defaulter, not directly by the user. - type: object - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - spec: - description: Spec defines the Spec to use for each channel created. Passed in verbatim to the Channel CRD as Spec section. - type: object - x-kubernetes-preserve-unknown-fields: true - delivery: - description: DeliverySpec contains the default delivery spec for each subscription to this Channelable. Each subscription delivery spec, if any, overrides this global delivery spec. - type: object - properties: - backoffDelay: - description: 'BackoffDelay is the delay before retrying. More information on Duration format: - https://www.iso.org/iso-8601-date-and-time-format.html - https://en.wikipedia.org/wiki/ISO_8601 For linear policy, backoff delay is backoffDelay*. For exponential policy, backoff delay is backoffDelay*2^.' - type: string - backoffPolicy: - description: BackoffPolicy is the retry backoff policy (linear, exponential). - type: string - deadLetterSink: - description: DeadLetterSink is the sink receiving event that could not be sent to a destination. - type: object - properties: - ref: - description: Ref points to an Addressable. - type: object - properties: - apiVersion: - description: API version of the referent. - type: string - kind: - description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - namespace: - description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ This is optional field, it gets defaulted to the object holding it if left out.' - type: string - uri: - description: URI can be an absolute URL(non-empty scheme and non-empty host) pointing to the target or a relative URI. Relative URIs will be resolved using the base URI retrieved from Ref. - type: string - retry: - description: Retry is the minimum number of retries the sender should attempt when sending an event before moving it to the dead letter sink. - type: integer - format: int32 - x-kubernetes-preserve-unknown-fields: true # This is necessary to enable the experimental feature delivery-timeout - subscribers: - description: This is the list of subscriptions for this subscribable. - type: array - items: - type: object - properties: - delivery: - description: DeliverySpec contains options controlling the event delivery - type: object - properties: - backoffDelay: - description: 'BackoffDelay is the delay before retrying. More information on Duration format: - https://www.iso.org/iso-8601-date-and-time-format.html - https://en.wikipedia.org/wiki/ISO_8601 For linear policy, backoff delay is backoffDelay*. For exponential policy, backoff delay is backoffDelay*2^.' - type: string - backoffPolicy: - description: BackoffPolicy is the retry backoff policy (linear, exponential). - type: string - deadLetterSink: - description: DeadLetterSink is the sink receiving event that could not be sent to a destination. - type: object - properties: - ref: - description: Ref points to an Addressable. - type: object - properties: - apiVersion: - description: API version of the referent. - type: string - kind: - description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - namespace: - description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ This is optional field, it gets defaulted to the object holding it if left out.' - type: string - uri: - description: URI can be an absolute URL(non-empty scheme and non-empty host) pointing to the target or a relative URI. Relative URIs will be resolved using the base URI retrieved from Ref. - type: string - retry: - description: Retry is the minimum number of retries the sender should attempt when sending an event before moving it to the dead letter sink. - type: integer - format: int32 - x-kubernetes-preserve-unknown-fields: true # This is necessary to enable the experimental feature - generation: - description: Generation of the origin of the subscriber with uid:UID. - type: integer - format: int64 - replyUri: - description: ReplyURI is the endpoint for the reply - type: string - subscriberUri: - description: SubscriberURI is the endpoint for the subscriber - type: string - uid: - description: UID is used to understand the origin of the subscriber. - type: string - status: - description: Status represents the current state of the Channel. This data may be out of date. - type: object - properties: - address: - type: object - properties: - url: - type: string - annotations: - description: Annotations is additional Status fields for the Resource to save some additional State as well as convey more information to the user. This is roughly akin to Annotations on any k8s resource, just the reconciler conveying richer information outwards. - type: object - x-kubernetes-preserve-unknown-fields: true - channel: - description: Channel is an KReference to the Channel CRD backing this Channel. - type: object - properties: - apiVersion: - description: API version of the referent. - type: string - kind: - description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - namespace: - description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ This is optional field, it gets defaulted to the object holding it if left out.' - type: string - conditions: - description: Conditions the latest available observations of a resource's current state. - type: array - items: - type: object - required: - - type - - status - properties: - lastTransitionTime: - description: LastTransitionTime is the last time the condition transitioned from one status to another. We use VolatileTime in place of metav1.Time to exclude this from creating equality.Semantic differences (all other things held constant). - type: string - message: - description: A human readable message indicating details about the transition. - type: string - reason: - description: The reason for the condition's last transition. - type: string - severity: - description: Severity with which to treat failures of this type of condition. When this is not specified, it defaults to Error. - type: string - status: - description: Status of the condition, one of True, False, Unknown. - type: string - type: - description: Type of condition. - type: string - deadLetterChannel: - description: DeadLetterChannel is a KReference and is set by the channel when it supports native error handling via a channel Failed messages are delivered here. - type: object - properties: - apiVersion: - description: API version of the referent. - type: string - kind: - description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - namespace: - description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ This is optional field, it gets defaulted to the object holding it if left out.' - type: string - deadLetterSinkUri: - description: DeadLetterSinkURI is the resolved URI of the dead letter sink that will be used as a fallback when not specified by Triggers. - type: string - observedGeneration: - description: ObservedGeneration is the 'Generation' of the Service that was last processed by the controller. - type: integer - format: int64 - subscribers: - description: This is the list of subscription's statuses for this channel. - type: array - items: - type: object - properties: - message: - description: A human readable message indicating details of Ready status. - type: string - observedGeneration: - description: Generation of the origin of the subscriber with uid:UID. - type: integer - format: int64 - ready: - description: Status of the subscriber. - type: string - uid: - description: UID is used to understand the origin of the subscriber. - type: string - names: - kind: Channel - plural: channels - singular: channel - categories: - - all - - knative - - messaging - - channel - shortNames: - - ch - scope: Namespaced - ---- -# Copyright 2020 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - labels: - eventing.knative.dev/release: "v1.8.6" - eventing.knative.dev/source: "true" - duck.knative.dev/source: "true" - knative.dev/crd-install: "true" - app.kubernetes.io/version: "1.8.6" - app.kubernetes.io/name: knative-eventing - name: containersources.sources.knative.dev -spec: - group: sources.knative.dev - versions: - - name: v1 - served: true - storage: true - subresources: - status: {} - schema: - openAPIV3Schema: - description: 'ContainerSource is an event source that starts a container image which generates events under certain situations and sends messages to a sink URI' - type: object - properties: - spec: - type: object - properties: - ceOverrides: - description: CloudEventOverrides defines overrides to control the output format and modifications of the event sent to the sink. - type: object - properties: - extensions: - description: Extensions specify what attribute are added or overridden on the outbound event. Each `Extensions` key-value pair are set on the event as an attribute extension independently. - type: object - x-kubernetes-preserve-unknown-fields: true - sink: - description: Sink is a reference to an object that will resolve to a uri to use as the sink. - type: object - properties: - ref: - description: Ref points to an Addressable. - type: object - properties: - apiVersion: - description: API version of the referent. - type: string - kind: - description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - namespace: - description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ This is optional field, it gets defaulted to the object holding it if left out.' - type: string - uri: - description: URI can be an absolute URL(non-empty scheme and non-empty host) pointing to the target or a relative URI. Relative URIs will be resolved using the base URI retrieved from Ref. - type: string - # WARNING: the schema tool can not parse PodTemplateSpec, stub here and redirect to Deployment documentation. - template: - type: object - x-kubernetes-preserve-unknown-fields: true - description: 'A template in the shape of `Deployment.spec.template` to be used for this ContainerSource. More info: https://kubernetes.io/docs/concepts/workloads/controllers/deployment/' - status: - type: object - properties: - annotations: - description: Annotations is additional Status fields for the Resource to save some additional State as well as convey more information to the user. This is roughly akin to Annotations on any k8s resource, just the reconciler conveying richer information outwards. - type: object - x-kubernetes-preserve-unknown-fields: true - ceAttributes: - description: CloudEventAttributes are the specific attributes that the Source uses as part of its CloudEvents. - type: array - items: - type: object - properties: - source: - description: Source is the CloudEvents source attribute. - type: string - type: - description: Type refers to the CloudEvent type attribute. - type: string - conditions: - description: Conditions the latest available observations of a resource's current state. - type: array - items: - type: object - required: - - type - - status - properties: - lastTransitionTime: - description: LastTransitionTime is the last time the condition transitioned from one status to another. We use VolatileTime in place of metav1.Time to exclude this from creating equality.Semantic differences (all other things held constant). - type: string - message: - description: A human readable message indicating details about the transition. - type: string - reason: - description: The reason for the condition's last transition. - type: string - severity: - description: Severity with which to treat failures of this type of condition. When this is not specified, it defaults to Error. - type: string - status: - description: Status of the condition, one of True, False, Unknown. - type: string - type: - description: Type of condition. - type: string - observedGeneration: - description: ObservedGeneration is the 'Generation' of the Service that was last processed by the controller. - type: integer - format: int64 - sinkUri: - description: SinkURI is the current active sink URI that has been configured for the Source. - type: string - additionalPrinterColumns: - - name: Sink - type: string - jsonPath: ".status.sinkUri" - - name: Age - type: date - jsonPath: .metadata.creationTimestamp - - name: Ready - type: string - jsonPath: ".status.conditions[?(@.type==\"Ready\")].status" - - name: Reason - type: string - jsonPath: ".status.conditions[?(@.type=='Ready')].reason" - names: - categories: - - all - - knative - - sources - kind: ContainerSource - plural: containersources - singular: containersource - scope: Namespaced - ---- -# Copyright 2020 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - name: eventtypes.eventing.knative.dev - labels: - eventing.knative.dev/release: "v1.8.6" - knative.dev/crd-install: "true" - app.kubernetes.io/version: "1.8.6" - app.kubernetes.io/name: knative-eventing -spec: - group: eventing.knative.dev - versions: - - name: v1beta1 - served: true - storage: true - subresources: - status: {} - schema: - openAPIV3Schema: - type: object - description: 'EventType represents a type of event that can be consumed from a Broker.' - properties: - spec: - description: 'Spec defines the desired state of the EventType.' - type: object - properties: - broker: - type: string - description: - description: 'Description is an optional field used to describe the EventType, in any meaningful way.' - type: string - schema: - description: 'Schema is a URI, it represents the CloudEvents schemaurl extension attribute. It may be a JSON schema, a protobuf schema, etc. It is optional.' - type: string - schemaData: - description: 'SchemaData allows the CloudEvents schema to be stored directly in the EventType. Content is dependent on the encoding. Optional attribute. The contents are not validated or manipulated by the system.' - type: string - source: - description: 'Source is a URI, it represents the CloudEvents source.' - type: string - type: - description: 'Type represents the CloudEvents type. It is authoritative.' - type: string - status: - description: 'Status represents the current state of the EventType. This data may be out of date.' - type: object - properties: - annotations: - description: 'Annotations is additional Status fields for the Resource to save some additional State as well as convey more information to the user. This is roughly akin to Annotations on any k8s resource, just the reconciler conveying richer information outwards.' - type: object - x-kubernetes-preserve-unknown-fields: true - conditions: - description: 'Conditions the latest available observations of a resource''s current state.' - type: array - items: - type: object - required: - - type - - status - properties: - lastTransitionTime: - description: 'LastTransitionTime is the last time the condition transitioned from one status to another. We use VolatileTime in place of metav1.Time to exclude this from creating equality.Semantic differences (all other things held constant).' - type: string - message: - description: 'A human readable message indicating details about the transition.' - type: string - reason: - description: 'The reason for the condition''s last transition.' - type: string - severity: - description: 'Severity with which to treat failures of this type of condition. When this is not specified, it defaults to Error.' - type: string - status: - description: 'Status of the condition, one of True, False, Unknown.' - type: string - type: - description: 'Type of condition.' - type: string - observedGeneration: - description: 'ObservedGeneration is the ''Generation'' of the Service that was last processed by the controller.' - type: integer - format: int64 - additionalPrinterColumns: - - name: Type - type: string - jsonPath: ".spec.type" - - name: Source - type: string - jsonPath: ".spec.source" - - name: Schema - type: string - jsonPath: ".spec.schema" - - name: Broker - type: string - jsonPath: ".spec.broker" - - name: Description - type: string - jsonPath: ".spec.description" - # TODO remove Status https://github.com/knative/eventing/issues/2750 - - name: Ready - type: string - jsonPath: ".status.conditions[?(@.type==\"Ready\")].status" - - name: Reason - type: string - jsonPath: ".status.conditions[?(@.type==\"Ready\")].reason" - names: - kind: EventType - plural: eventtypes - singular: eventtype - categories: - - all - - knative - - eventing - scope: Namespaced - ---- -# Copyright 2020 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - name: parallels.flows.knative.dev - labels: - eventing.knative.dev/release: "v1.8.6" - knative.dev/crd-install: "true" - duck.knative.dev/addressable: "true" - app.kubernetes.io/version: "1.8.6" - app.kubernetes.io/name: knative-eventing -spec: - group: flows.knative.dev - versions: - - name: v1 - served: true - storage: true - subresources: - status: {} - schema: - openAPIV3Schema: - description: 'Parallel defines conditional branches that will be wired in series through Channels and Subscriptions.' - type: object - properties: - spec: - description: Spec defines the desired state of the Parallel. - type: object - properties: - branches: - description: Branches is the list of Filter/Subscribers pairs. - type: array - items: - type: object - x-kubernetes-preserve-unknown-fields: true - properties: - delivery: - description: Delivery is the delivery specification for events to the subscriber This includes things like retries, DLQ, etc. - type: object - properties: - backoffDelay: - description: 'BackoffDelay is the delay before retrying. More information on Duration format: - https://www.iso.org/iso-8601-date-and-time-format.html - https://en.wikipedia.org/wiki/ISO_8601 For linear policy, backoff delay is backoffDelay*. For exponential policy, backoff delay is backoffDelay*2^.' - type: string - backoffPolicy: - description: BackoffPolicy is the retry backoff policy (linear, exponential). - type: string - deadLetterSink: - description: DeadLetterSink is the sink receiving event that could not be sent to a destination. - type: object - properties: &addressableProperties - ref: - description: Ref points to an Addressable. - type: object - properties: - apiVersion: - description: API version of the referent. - type: string - kind: - description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - namespace: - description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ This is optional field, it gets defaulted to the object holding it if left out.' - type: string - uri: - description: URI can be an absolute URL(non-empty scheme and non-empty host) pointing to the target or a relative URI. Relative URIs will be resolved using the base URI retrieved from Ref. - type: string - retry: - description: Retry is the minimum number of retries the sender should attempt when sending an event before moving it to the dead letter sink. - type: integer - format: int32 - x-kubernetes-preserve-unknown-fields: true # This is necessary to enable the experimental feature delivery-timeout - filter: - description: Filter is the expression guarding the branch - type: object - properties: - !!merge <<: *addressableProperties - reply: - description: Reply is a Reference to where the result of Subscriber of this case gets sent to. If not specified, sent the result to the Parallel Reply - type: object - properties: - !!merge <<: *addressableProperties - subscriber: - description: Subscriber receiving the event when the filter passes - type: object - properties: - !!merge <<: *addressableProperties - channelTemplate: - description: ChannelTemplate specifies which Channel CRD to use. If left unspecified, it is set to the default Channel CRD for the namespace (or cluster, in case there are no defaults for the namespace). - type: object - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - spec: - description: Spec defines the Spec to use for each channel created. Passed in verbatim to the Channel CRD as Spec section. - type: object - x-kubernetes-preserve-unknown-fields: true - reply: - description: Reply is a Reference to where the result of a case Subscriber gets sent to when the case does not have a Reply - type: object - properties: - !!merge <<: *addressableProperties - status: - description: Status represents the current state of the Parallel. This data may be out of date. - type: object - properties: - address: - type: object - properties: - url: - type: string - annotations: - description: Annotations is additional Status fields for the Resource to save some additional State as well as convey more information to the user. This is roughly akin to Annotations on any k8s resource, just the reconciler conveying richer information outwards. - type: object - x-kubernetes-preserve-unknown-fields: true - branchStatuses: - description: BranchStatuses is an array of corresponding to branch statuses. Matches the Spec.Branches array in the order. - type: array - items: - type: object - properties: - filterChannelStatus: - description: FilterChannelStatus corresponds to the filter channel status. - type: object - properties: &channelProperties - channel: - description: Channel is the reference to the underlying channel. - type: object - properties: &referentProperties - apiVersion: - description: API version of the referent. - type: string - fieldPath: - description: 'If referring to a piece of an object instead of an entire object, this string should contain a valid JSON/Go field access statement, such as desiredState.manifest.containers[2]. For example, if the object reference is to a container within a pod, this would take on a value like: "spec.containers{name}" (where "name" refers to the name of the container that triggered the event) or if no container name is specified "spec.containers[2]" (container with index 2 in this pod). This syntax is chosen only to have some well-defined way of referencing a part of an object.' - type: string - kind: - description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - namespace: - description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' - type: string - resourceVersion: - description: 'Specific resourceVersion to which this reference is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency' - type: string - uid: - description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids' - type: string - ready: - description: ReadyCondition indicates whether the Channel is ready or not. - type: object - x-kubernetes-preserve-unknown-fields: true - properties: &readyConditionProperties - message: - description: A human readable message indicating details about the transition. - type: string - reason: - description: The reason for the condition's last transition. - type: string - severity: - description: Severity with which to treat failures of this type of condition. When this is not specified, it defaults to Error. - type: string - status: - description: Status of the condition, one of True, False, Unknown. - type: string - type: - description: Type of condition. - type: string - filterSubscriptionStatus: - description: FilterSubscriptionStatus corresponds to the filter subscription status. - type: object - properties: - ready: - description: ReadyCondition indicates whether the Subscription is ready or not. - type: object - properties: - !!merge <<: *readyConditionProperties - subscription: - description: Subscription is the reference to the underlying Subscription. - type: object - properties: - !!merge <<: *referentProperties - subscriberSubscriptionStatus: - description: SubscriptionStatus corresponds to the subscriber subscription status. - type: object - properties: - ready: - description: ReadyCondition indicates whether the Subscription is ready or not. - type: object - properties: - !!merge <<: *readyConditionProperties - subscription: - description: Subscription is the reference to the underlying Subscription. - type: object - properties: - !!merge <<: *referentProperties - conditions: - description: Conditions the latest available observations of a resource's current state. - type: array - items: - type: object - properties: - !!merge <<: *readyConditionProperties - ingressChannelStatus: - description: IngressChannelStatus corresponds to the ingress channel status. - type: object - properties: - !!merge <<: *channelProperties - observedGeneration: - description: ObservedGeneration is the 'Generation' of the Service that was last processed by the controller. - type: integer - format: int64 - additionalPrinterColumns: - - name: URL - type: string - jsonPath: .status.address.url - - name: Age - type: date - jsonPath: .metadata.creationTimestamp - - name: Ready - type: string - jsonPath: ".status.conditions[?(@.type==\"Ready\")].status" - - name: Reason - type: string - jsonPath: ".status.conditions[?(@.type==\"Ready\")].reason" - names: - kind: Parallel - plural: parallels - singular: parallel - categories: - - all - - knative - - flows - scope: Namespaced - ---- -# Copyright 2020 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - labels: - eventing.knative.dev/release: "v1.8.6" - eventing.knative.dev/source: "true" - duck.knative.dev/source: "true" - knative.dev/crd-install: "true" - app.kubernetes.io/version: "1.8.6" - app.kubernetes.io/name: knative-eventing - annotations: - # TODO add schemas and descriptions - registry.knative.dev/eventTypes: | - [ - { "type": "dev.knative.sources.ping" } - ] - name: pingsources.sources.knative.dev -spec: - group: sources.knative.dev - versions: - - &version - name: v1beta2 - served: true - storage: false - subresources: - status: {} - schema: - openAPIV3Schema: - type: object - description: 'PingSource describes an event source with a fixed payload produced on a specified cron schedule.' - properties: - spec: - type: object - description: 'PingSourceSpec defines the desired state of the PingSource (from the client).' - properties: - ceOverrides: - description: 'CloudEventOverrides defines overrides to control the output format and modifications of the event sent to the sink.' - type: object - properties: - extensions: - description: 'Extensions specify what attribute are added or overridden on the outbound event. Each `Extensions` key-value pair are set on the event as an attribute extension independently.' - type: object - additionalProperties: - type: string - x-kubernetes-preserve-unknown-fields: true - contentType: - description: 'ContentType is the media type of `data` or `dataBase64`. Default is empty.' - type: string - data: - description: 'Data is data used as the body of the event posted to the sink. Default is empty. Mutually exclusive with `dataBase64`.' - type: string - dataBase64: - description: "DataBase64 is the base64-encoded string of the actual event's body posted to the sink. Default is empty. Mutually exclusive with `data`." - type: string - schedule: - description: 'Schedule is the cron schedule. Defaults to `* * * * *`.' - type: string - sink: - description: 'Sink is a reference to an object that will resolve to a uri to use as the sink.' - type: object - properties: - ref: - description: 'Ref points to an Addressable.' - type: object - properties: - apiVersion: - description: 'API version of the referent.' - type: string - kind: - description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - namespace: - description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ This is optional field, it gets defaulted to the object holding it if left out.' - type: string - uri: - description: 'URI can be an absolute URL(non-empty scheme and non-empty host) pointing to the target or a relative URI. Relative URIs will be resolved using the base URI retrieved from Ref.' - type: string - timezone: - description: 'Timezone modifies the actual time relative to the specified timezone. Defaults to the system time zone. More general information about time zones: https://www.iana.org/time-zones List of valid timezone values: https://en.wikipedia.org/wiki/List_of_tz_database_time_zones' - type: string - status: - type: object - description: 'PingSourceStatus defines the observed state of PingSource (from the controller).' - properties: - annotations: - description: 'Annotations is additional Status fields for the Resource to save some additional State as well as convey more information to the user. This is roughly akin to Annotations on any k8s resource, just the reconciler conveying richer information outwards.' - type: object - x-kubernetes-preserve-unknown-fields: true - ceAttributes: - description: 'CloudEventAttributes are the specific attributes that the Source uses as part of its CloudEvents.' - type: array - items: - type: object - properties: - source: - description: 'Source is the CloudEvents source attribute.' - type: string - type: - description: 'Type refers to the CloudEvent type attribute.' - type: string - conditions: - description: 'Conditions the latest available observations of a resource''s current state.' - type: array - items: - type: object - required: - - type - - status - properties: - lastTransitionTime: - description: 'LastTransitionTime is the last time the condition transitioned from one status to another. We use VolatileTime in place of metav1.Time to exclude this from creating equality.Semantic differences (all other things held constant).' - type: string - message: - description: 'A human readable message indicating details about the transition.' - type: string - reason: - description: 'The reason for the condition''s last transition.' - type: string - severity: - description: 'Severity with which to treat failures of this type of condition. When this is not specified, it defaults to Error.' - type: string - status: - description: 'Status of the condition, one of True, False, Unknown.' - type: string - type: - description: 'Type of condition.' - type: string - observedGeneration: - description: 'ObservedGeneration is the "Generation" of the Service that was last processed by the controller.' - type: integer - format: int64 - sinkUri: - description: 'SinkURI is the current active sink URI that has been configured for the Source.' - type: string - additionalPrinterColumns: - - name: Sink - type: string - jsonPath: .status.sinkUri - - name: Schedule - type: string - jsonPath: .spec.schedule - - name: Age - type: date - jsonPath: .metadata.creationTimestamp - - name: Ready - type: string - jsonPath: ".status.conditions[?(@.type=='Ready')].status" - - name: Reason - type: string - jsonPath: ".status.conditions[?(@.type=='Ready')].reason" - - !!merge <<: *version - name: v1 - served: true - storage: true - # v1 schema is identical to the v1beta2 schema - names: - categories: - - all - - knative - - sources - kind: PingSource - plural: pingsources - singular: pingsource - scope: Namespaced - conversion: - strategy: Webhook - webhook: - conversionReviewVersions: ["v1", "v1beta1"] - clientConfig: - service: - name: eventing-webhook - namespace: knative-eventing - ---- -# Copyright 2020 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - name: sequences.flows.knative.dev - labels: - eventing.knative.dev/release: "v1.8.6" - knative.dev/crd-install: "true" - duck.knative.dev/addressable: "true" - app.kubernetes.io/version: "1.8.6" - app.kubernetes.io/name: knative-eventing -spec: - group: flows.knative.dev - versions: - - name: v1 - served: true - storage: true - subresources: - status: {} - schema: - openAPIV3Schema: - description: 'Sequence defines a sequence of Subscribers that will be wired in series through Channels and Subscriptions.' - type: object - properties: - spec: - description: Spec defines the desired state of the Sequence. - type: object - properties: - channelTemplate: - description: ChannelTemplate specifies which Channel CRD to use. If left unspecified, it is set to the default Channel CRD for the namespace (or cluster, in case there are no defaults for the namespace). - type: object - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - spec: - description: Spec defines the Spec to use for each channel created. Passed in verbatim to the Channel CRD as Spec section. - type: object - x-kubernetes-preserve-unknown-fields: true - reply: - description: Reply is a Reference to where the result of the last Subscriber gets sent to. - type: object - properties: - ref: - description: Ref points to an Addressable. - type: object - properties: - apiVersion: - description: API version of the referent. - type: string - kind: - description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - namespace: - description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ This is optional field, it gets defaulted to the object holding it if left out.' - type: string - uri: - description: URI can be an absolute URL(non-empty scheme and non-empty host) pointing to the target or a relative URI. Relative URIs will be resolved using the base URI retrieved from Ref. - type: string - steps: - description: Steps is the list of Destinations (processors / functions) that will be called in the order provided. Each step has its own delivery options - type: array - items: - type: object - properties: - delivery: - description: Delivery is the delivery specification for events to the subscriber This includes things like retries, DLQ, etc. - type: object - properties: - backoffDelay: - description: 'BackoffDelay is the delay before retrying. More information on Duration format: - https://www.iso.org/iso-8601-date-and-time-format.html - https://en.wikipedia.org/wiki/ISO_8601 For linear policy, backoff delay is backoffDelay*. For exponential policy, backoff delay is backoffDelay*2^.' - type: string - backoffPolicy: - description: BackoffPolicy is the retry backoff policy (linear, exponential). - type: string - deadLetterSink: - description: DeadLetterSink is the sink receiving event that could not be sent to a destination. - type: object - properties: - ref: - description: Ref points to an Addressable. - type: object - properties: - apiVersion: - description: API version of the referent. - type: string - kind: - description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - namespace: - description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ This is optional field, it gets defaulted to the object holding it if left out.' - type: string - uri: - description: URI can be an absolute URL(non-empty scheme and non-empty host) pointing to the target or a relative URI. Relative URIs will be resolved using the base URI retrieved from Ref. - type: string - retry: - description: Retry is the minimum number of retries the sender should attempt when sending an event before moving it to the dead letter sink. - type: integer - format: int32 - x-kubernetes-preserve-unknown-fields: true # This is necessary to enable the experimental feature delivery-timeout - ref: - description: Ref points to an Addressable. - type: object - properties: - apiVersion: - description: API version of the referent. - type: string - kind: - description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - namespace: - description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ This is optional field, it gets defaulted to the object holding it if left out.' - type: string - uri: - description: URI can be an absolute URL(non-empty scheme and non-empty host) pointing to the target or a relative URI. Relative URIs will be resolved using the base URI retrieved from Ref. - type: string - status: - description: Status represents the current state of the Sequence. This data may be out of date. - type: object - properties: - address: - type: object - properties: - url: - type: string - annotations: - description: Annotations is additional Status fields for the Resource to save some additional State as well as convey more information to the user. This is roughly akin to Annotations on any k8s resource, just the reconciler conveying richer information outwards. - type: object - x-kubernetes-preserve-unknown-fields: true - channelStatuses: - description: ChannelStatuses is an array of corresponding Channel statuses. Matches the Spec.Steps array in the order. - type: array - items: - type: object - properties: - channel: - description: Channel is the reference to the underlying channel. - type: object - properties: - apiVersion: - description: API version of the referent. - type: string - fieldPath: - description: 'If referring to a piece of an object instead of an entire object, this string should contain a valid JSON/Go field access statement, such as desiredState.manifest.containers[2]. For example, if the object reference is to a container within a pod, this would take on a value like: "spec.containers{name}" (where "name" refers to the name of the container that triggered the event) or if no container name is specified "spec.containers[2]" (container with index 2 in this pod). This syntax is chosen only to have some well-defined way of referencing a part of an object.' - type: string - kind: - description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - namespace: - description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' - type: string - resourceVersion: - description: 'Specific resourceVersion to which this reference is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency' - type: string - uid: - description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids' - type: string - ready: - description: ReadyCondition indicates whether the Channel is ready or not. - type: object - required: - - type - - status - properties: - lastTransitionTime: - description: LastTransitionTime is the last time the condition transitioned from one status to another. We use VolatileTime in place of metav1.Time to exclude this from creating equality.Semantic differences (all other things held constant). - type: string - message: - description: A human readable message indicating details about the transition. - type: string - reason: - description: The reason for the condition's last transition. - type: string - severity: - description: Severity with which to treat failures of this type of condition. When this is not specified, it defaults to Error. - type: string - status: - description: Status of the condition, one of True, False, Unknown. - type: string - type: - description: Type of condition. - type: string - conditions: - description: Conditions the latest available observations of a resource's current state. - type: array - items: - type: object - required: - - type - - status - properties: - lastTransitionTime: - description: LastTransitionTime is the last time the condition transitioned from one status to another. We use VolatileTime in place of metav1.Time to exclude this from creating equality.Semantic differences (all other things held constant). - type: string - message: - description: A human readable message indicating details about the transition. - type: string - reason: - description: The reason for the condition's last transition. - type: string - severity: - description: Severity with which to treat failures of this type of condition. When this is not specified, it defaults to Error. - type: string - status: - description: Status of the condition, one of True, False, Unknown. - type: string - type: - description: Type of condition. - type: string - observedGeneration: - description: ObservedGeneration is the 'Generation' of the Service that was last processed by the controller. - type: integer - format: int64 - subscriptionStatuses: - description: SubscriptionStatuses is an array of corresponding Subscription statuses. Matches the Spec.Steps array in the order. - type: array - items: - type: object - properties: - ready: - description: ReadyCondition indicates whether the Subscription is ready or not. - type: object - required: - - type - - status - properties: - lastTransitionTime: - description: LastTransitionTime is the last time the condition transitioned from one status to another. We use VolatileTime in place of metav1.Time to exclude this from creating equality.Semantic differences (all other things held constant). - type: string - message: - description: A human readable message indicating details about the transition. - type: string - reason: - description: The reason for the condition's last transition. - type: string - severity: - description: Severity with which to treat failures of this type of condition. When this is not specified, it defaults to Error. - type: string - status: - description: Status of the condition, one of True, False, Unknown. - type: string - type: - description: Type of condition. - type: string - subscription: - description: Subscription is the reference to the underlying Subscription. - type: object - properties: - apiVersion: - description: API version of the referent. - type: string - fieldPath: - description: 'If referring to a piece of an object instead of an entire object, this string should contain a valid JSON/Go field access statement, such as desiredState.manifest.containers[2]. For example, if the object reference is to a container within a pod, this would take on a value like: "spec.containers{name}" (where "name" refers to the name of the container that triggered the event) or if no container name is specified "spec.containers[2]" (container with index 2 in this pod). This syntax is chosen only to have some well-defined way of referencing a part of an object.' - type: string - kind: - description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - namespace: - description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' - type: string - resourceVersion: - description: 'Specific resourceVersion to which this reference is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency' - type: string - uid: - description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids' - type: string - additionalPrinterColumns: - - name: URL - type: string - jsonPath: .status.address.url - - name: Age - type: date - jsonPath: .metadata.creationTimestamp - - name: Ready - type: string - jsonPath: ".status.conditions[?(@.type==\"Ready\")].status" - - name: Reason - type: string - jsonPath: ".status.conditions[?(@.type==\"Ready\")].reason" - names: - kind: Sequence - plural: sequences - singular: sequence - categories: - - all - - knative - - flows - scope: Namespaced - ---- -# Copyright 2020 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - labels: - eventing.knative.dev/release: "v1.8.6" - eventing.knative.dev/source: "true" - duck.knative.dev/source: "true" - duck.knative.dev/binding: "true" - knative.dev/crd-install: "true" - app.kubernetes.io/version: "1.8.6" - app.kubernetes.io/name: knative-eventing - name: sinkbindings.sources.knative.dev -spec: - group: sources.knative.dev - versions: - - name: v1 - served: true - storage: true - subresources: - status: {} - schema: - openAPIV3Schema: - description: 'SinkBinding describes a Binding that is also a Source. The `sink` (from the Source duck) is resolved to a URL and then projected into the `subject` by augmenting the runtime contract of the referenced containers to have a `K_SINK` environment variable holding the endpoint to which to send cloud events.' - type: object - properties: - spec: - type: object - properties: - ceOverrides: - description: CloudEventOverrides defines overrides to control the output format and modifications of the event sent to the sink. - type: object - properties: - extensions: - description: Extensions specify what attribute are added or overridden on the outbound event. Each `Extensions` key-value pair are set on the event as an attribute extension independently. - type: object - x-kubernetes-preserve-unknown-fields: true - sink: - description: Sink is a reference to an object that will resolve to a uri to use as the sink. - type: object - properties: - ref: - description: Ref points to an Addressable. - type: object - properties: - apiVersion: - description: API version of the referent. - type: string - kind: - description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - namespace: - description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ This is optional field, it gets defaulted to the object holding it if left out.' - type: string - uri: - description: URI can be an absolute URL(non-empty scheme and non-empty host) pointing to the target or a relative URI. Relative URIs will be resolved using the base URI retrieved from Ref. - type: string - subject: - description: Subject references the resource(s) whose "runtime contract" should be augmented by Binding implementations. - type: object - properties: - apiVersion: - description: API version of the referent. - type: string - kind: - description: Kind of the referent. - type: string - name: - description: Name of the referent. Mutually exclusive with Selector. - type: string - namespace: - description: Namespace of the referent. - type: string - selector: - description: Selector of the referents. Mutually exclusive with Name. - type: object - properties: - matchExpressions: - description: matchExpressions is a list of label selector requirements. The requirements are ANDed. - type: array - items: - type: object - properties: - key: - description: key is the label key that the selector applies to. - type: string - operator: - description: operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. - type: string - values: - description: values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. - type: array - items: - type: string - matchLabels: - description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. - type: object - x-kubernetes-preserve-unknown-fields: true - status: - type: object - properties: - annotations: - description: Annotations is additional Status fields for the Resource to save some additional State as well as convey more information to the user. This is roughly akin to Annotations on any k8s resource, just the reconciler conveying richer information outwards. - type: object - x-kubernetes-preserve-unknown-fields: true - ceAttributes: - description: CloudEventAttributes are the specific attributes that the Source uses as part of its CloudEvents. - type: array - items: - type: object - properties: - source: - description: Source is the CloudEvents source attribute. - type: string - type: - description: Type refers to the CloudEvent type attribute. - type: string - conditions: - description: Conditions the latest available observations of a resource's current state. - type: array - items: - type: object - required: - - type - - status - properties: - lastTransitionTime: - description: LastTransitionTime is the last time the condition transitioned from one status to another. We use VolatileTime in place of metav1.Time to exclude this from creating equality.Semantic differences (all other things held constant). - type: string - message: - description: A human readable message indicating details about the transition. - type: string - reason: - description: The reason for the condition's last transition. - type: string - severity: - description: Severity with which to treat failures of this type of condition. When this is not specified, it defaults to Error. - type: string - status: - description: Status of the condition, one of True, False, Unknown. - type: string - type: - description: Type of condition. - type: string - observedGeneration: - description: ObservedGeneration is the 'Generation' of the Service that was last processed by the controller. - type: integer - format: int64 - sinkUri: - description: SinkURI is the current active sink URI that has been configured for the Source. - type: string - additionalPrinterColumns: - - name: Sink - type: string - jsonPath: ".status.sinkUri" - - name: Age - type: date - jsonPath: .metadata.creationTimestamp - - name: Ready - type: string - jsonPath: ".status.conditions[?(@.type=='Ready')].status" - - name: Reason - type: string - jsonPath: ".status.conditions[?(@.type=='Ready')].reason" - names: - categories: - - all - - knative - - sources - - bindings - kind: SinkBinding - plural: sinkbindings - singular: sinkbinding - scope: Namespaced - ---- -# Copyright 2020 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - name: subscriptions.messaging.knative.dev - labels: - eventing.knative.dev/release: "v1.8.6" - knative.dev/crd-install: "true" - app.kubernetes.io/version: "1.8.6" - app.kubernetes.io/name: knative-eventing -spec: - group: messaging.knative.dev - versions: - - name: v1 - served: true - storage: true - subresources: - status: {} - schema: - openAPIV3Schema: - description: 'Subscription routes events received on a Channel to a DNS name and corresponds to the subscriptions.channels.knative.dev CRD.' - type: object - properties: - spec: - type: object - properties: - channel: - description: 'Reference to a channel that will be used to create the subscription. You can specify only the following fields of the KReference: kind, apiVersion and name. The resource pointed by this KReference must meet the contract to the ChannelableSpec duck type. If the resource does not meet this contract it will be reflected in the Subscription''s status. This field is immutable. We have no good answer on what happens to the events that are currently in the channel being consumed from and what the semantics there should be. For now, you can always delete the Subscription and recreate it to point to a different channel, giving the user more control over what semantics should be used (drain the channel first, possibly have events dropped, etc.)' - type: object - properties: - apiVersion: - description: API version of the referent. - type: string - kind: - description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - x-kubernetes-preserve-unknown-fields: true # This is necessary to enable the experimental feature - delivery: - description: Delivery configuration - type: object - properties: - backoffDelay: - description: 'BackoffDelay is the delay before retrying. More information on Duration format: - https://www.iso.org/iso-8601-date-and-time-format.html - https://en.wikipedia.org/wiki/ISO_8601 For linear policy, backoff delay is backoffDelay*. For exponential policy, backoff delay is backoffDelay*2^.' - type: string - backoffPolicy: - description: BackoffPolicy is the retry backoff policy (linear, exponential). - type: string - deadLetterSink: - description: DeadLetterSink is the sink receiving event that could not be sent to a destination. - type: object - properties: - ref: - description: Ref points to an Addressable. - type: object - properties: - apiVersion: - description: API version of the referent. - type: string - kind: - description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - namespace: - description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ This is optional field, it gets defaulted to the object holding it if left out.' - type: string - uri: - description: URI can be an absolute URL(non-empty scheme and non-empty host) pointing to the target or a relative URI. Relative URIs will be resolved using the base URI retrieved from Ref. - type: string - retry: - description: Retry is the minimum number of retries the sender should attempt when sending an event before moving it to the dead letter sink. - type: integer - format: int32 - x-kubernetes-preserve-unknown-fields: true # This is necessary to enable the experimental feature delivery-timeout - reply: - description: Reply specifies (optionally) how to handle events returned from the Subscriber target. - type: object - properties: - ref: - description: Ref points to an Addressable. - type: object - properties: - apiVersion: - description: API version of the referent. - type: string - kind: - description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - namespace: - description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ This is optional field, it gets defaulted to the object holding it if left out.' - type: string - uri: - description: URI can be an absolute URL(non-empty scheme and non-empty host) pointing to the target or a relative URI. Relative URIs will be resolved using the base URI retrieved from Ref. - type: string - subscriber: - description: Subscriber is reference to (optional) function for processing events. Events from the Channel will be delivered here and replies are sent to a Destination as specified by the Reply. - type: object - properties: - ref: - description: Ref points to an Addressable. - type: object - properties: - apiVersion: - description: API version of the referent. - type: string - kind: - description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - namespace: - description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ This is optional field, it gets defaulted to the object holding it if left out.' - type: string - x-kubernetes-preserve-unknown-fields: true # This is necessary to enable the experimental feature - uri: - description: URI can be an absolute URL(non-empty scheme and non-empty host) pointing to the target or a relative URI. Relative URIs will be resolved using the base URI retrieved from Ref. - type: string - status: - type: object - properties: - annotations: - description: Annotations is additional Status fields for the Resource to save some additional State as well as convey more information to the user. This is roughly akin to Annotations on any k8s resource, just the reconciler conveying richer information outwards. - type: object - x-kubernetes-preserve-unknown-fields: true - conditions: - description: Conditions the latest available observations of a resource's current state. - type: array - items: - type: object - required: - - type - - status - properties: - lastTransitionTime: - description: LastTransitionTime is the last time the condition transitioned from one status to another. We use VolatileTime in place of metav1.Time to exclude this from creating equality.Semantic differences (all other things held constant). - type: string - message: - description: A human readable message indicating details about the transition. - type: string - reason: - description: The reason for the condition's last transition. - type: string - severity: - description: Severity with which to treat failures of this type of condition. When this is not specified, it defaults to Error. - type: string - status: - description: Status of the condition, one of True, False, Unknown. - type: string - type: - description: Type of condition. - type: string - observedGeneration: - description: ObservedGeneration is the 'Generation' of the Service that was last processed by the controller. - type: integer - format: int64 - physicalSubscription: - description: PhysicalSubscription is the fully resolved values that this Subscription represents. - type: object - properties: - deadLetterSinkUri: - description: ReplyURI is the fully resolved URI for the spec.delivery.deadLetterSink. - type: string - replyUri: - description: ReplyURI is the fully resolved URI for the spec.reply. - type: string - subscriberUri: - description: SubscriberURI is the fully resolved URI for spec.subscriber. - type: string - additionalPrinterColumns: - - name: Age - type: date - jsonPath: .metadata.creationTimestamp - - name: Ready - type: string - jsonPath: ".status.conditions[?(@.type==\"Ready\")].status" - - name: Reason - type: string - jsonPath: ".status.conditions[?(@.type==\"Ready\")].reason" - names: - kind: Subscription - plural: subscriptions - singular: subscription - categories: - - all - - knative - - messaging - shortNames: - - sub - scope: Namespaced - ---- -# Copyright 2020 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - name: triggers.eventing.knative.dev - labels: - eventing.knative.dev/release: "v1.8.6" - knative.dev/crd-install: "true" - app.kubernetes.io/version: "1.8.6" - app.kubernetes.io/name: knative-eventing -spec: - group: eventing.knative.dev - versions: - - name: v1 - served: true - storage: true - subresources: - status: {} - additionalPrinterColumns: - - name: Broker - type: string - jsonPath: .spec.broker - - name: Subscriber_URI - type: string - jsonPath: .status.subscriberUri - - name: Age - type: date - jsonPath: .metadata.creationTimestamp - - name: Ready - type: string - jsonPath: ".status.conditions[?(@.type==\"Ready\")].status" - - name: Reason - type: string - jsonPath: ".status.conditions[?(@.type==\"Ready\")].reason" - schema: - openAPIV3Schema: - description: 'Trigger represents a request to have events delivered to a subscriber from a Broker''s event pool.' - type: object - properties: - spec: - description: Spec defines the desired state of the Trigger. - type: object - x-kubernetes-preserve-unknown-fields: true - properties: - broker: - description: Broker is the broker that this trigger receives events from. - type: string - delivery: - description: Delivery contains the delivery spec for this specific trigger. - type: object - x-kubernetes-preserve-unknown-fields: true # This is necessary to enable the experimental feature delivery-timeout - properties: - backoffDelay: - description: 'BackoffDelay is the delay before retrying. More information on Duration format: - https://www.iso.org/iso-8601-date-and-time-format.html - https://en.wikipedia.org/wiki/ISO_8601 For linear policy, backoff delay is backoffDelay*. For exponential policy, backoff delay is backoffDelay*2^.' - type: string - backoffPolicy: - description: BackoffPolicy is the retry backoff policy (linear, exponential). - type: string - deadLetterSink: - description: DeadLetterSink is the sink receiving event that could not be sent to a destination. - type: object - properties: - ref: - description: Ref points to an Addressable. - type: object - properties: - apiVersion: - description: API version of the referent. - type: string - kind: - description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - namespace: - description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ This is optional field, it gets defaulted to the object holding it if left out.' - type: string - uri: - description: URI can be an absolute URL(non-empty scheme and non-empty host) pointing to the target or a relative URI. Relative URIs will be resolved using the base URI retrieved from Ref. - type: string - retry: - description: Retry is the minimum number of retries the sender should attempt when sending an event before moving it to the dead letter sink. - type: integer - format: int32 - filter: - description: 'Filter is the filter to apply against all events from the Broker. Only events that pass this filter will be sent to the Subscriber. If not specified, will default to allowing all events. ' - type: object - properties: - attributes: - description: 'Attributes filters events by exact match on event context attributes. Each key in the map is compared with the equivalent key in the event context. An event passes the filter if all values are equal to the specified values. Nested context attributes are not supported as keys. Only string values are supported. ' - type: object - x-kubernetes-preserve-unknown-fields: true - subscriber: - description: Subscriber is the addressable that receives events from the Broker that pass the Filter. It is required. - type: object - properties: - ref: - description: Ref points to an Addressable. - type: object - properties: - apiVersion: - description: API version of the referent. - type: string - kind: - description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - namespace: - description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ This is optional field, it gets defaulted to the object holding it if left out.' - type: string - uri: - description: URI can be an absolute URL(non-empty scheme and non-empty host) pointing to the target or a relative URI. Relative URIs will be resolved using the base URI retrieved from Ref. - type: string - status: - description: Status represents the current state of the Trigger. This data may be out of date. - type: object - properties: - annotations: - description: Annotations is additional Status fields for the Resource to save some additional State as well as convey more information to the user. This is roughly akin to Annotations on any k8s resource, just the reconciler conveying richer information outwards. - type: object - x-kubernetes-preserve-unknown-fields: true - conditions: - description: Conditions the latest available observations of a resource's current state. - type: array - items: - type: object - required: - - type - - status - properties: - lastTransitionTime: - description: 'LastTransitionTime is the last time the condition transitioned from one status to another. We use VolatileTime in place of metav1.Time to exclude this from creating equality.Semantic differences (all other things held constant).' - type: string - message: - description: 'A human readable message indicating details about the transition.' - type: string - reason: - description: 'The reason for the condition''s last transition.' - type: string - severity: - description: 'Severity with which to treat failures of this type of condition. When this is not specified, it defaults to Error.' - type: string - status: - description: 'Status of the condition, one of True, False, Unknown.' - type: string - type: - description: 'Type of condition.' - type: string - deadLetterSinkUri: - description: DeadLetterSinkURI is the resolved URI of the dead letter sink for this Trigger, in case there is none this will fallback to it's Broker status DeadLetterSinkURI. - type: string - observedGeneration: - description: ObservedGeneration is the 'Generation' of the Service that was last processed by the controller. - type: integer - format: int64 - subscriberUri: - description: SubscriberURI is the resolved URI of the receiver for this Trigger. - type: string - names: - kind: Trigger - plural: triggers - singular: trigger - categories: - - all - - knative - - eventing - scope: Namespaced - ---- -# Copyright 2019 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -# Use this aggregated ClusterRole when you need readonly access to "Addressables" -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRole -metadata: - name: addressable-resolver - labels: - eventing.knative.dev/release: "v1.8.6" - app.kubernetes.io/version: "1.8.6" - app.kubernetes.io/name: knative-eventing -aggregationRule: - clusterRoleSelectors: - - matchLabels: - duck.knative.dev/addressable: "true" -rules: [] # Rules are automatically filled in by the controller manager. ---- -kind: ClusterRole -apiVersion: rbac.authorization.k8s.io/v1 -metadata: - name: service-addressable-resolver - labels: - eventing.knative.dev/release: "v1.8.6" - duck.knative.dev/addressable: "true" - app.kubernetes.io/version: "1.8.6" - app.kubernetes.io/name: knative-eventing -# Do not use this role directly. These rules will be added to the "addressable-resolver" role. -rules: - - apiGroups: - - "" - resources: - - services - verbs: - - get - - list - - watch ---- -kind: ClusterRole -apiVersion: rbac.authorization.k8s.io/v1 -metadata: - name: serving-addressable-resolver - labels: - eventing.knative.dev/release: "v1.8.6" - duck.knative.dev/addressable: "true" - app.kubernetes.io/version: "1.8.6" - app.kubernetes.io/name: knative-eventing -# Do not use this role directly. These rules will be added to the "addressable-resolver" role. -rules: - - apiGroups: - - serving.knative.dev - resources: - - routes - - routes/status - - services - - services/status - verbs: - - get - - list - - watch ---- -kind: ClusterRole -apiVersion: rbac.authorization.k8s.io/v1 -metadata: - name: channel-addressable-resolver - labels: - eventing.knative.dev/release: "v1.8.6" - duck.knative.dev/addressable: "true" - app.kubernetes.io/version: "1.8.6" - app.kubernetes.io/name: knative-eventing -# Do not use this role directly. These rules will be added to the "addressable-resolver" role. -rules: - - apiGroups: - - messaging.knative.dev - resources: - - channels - - channels/status - verbs: - - get - - list - - watch - - apiGroups: - - messaging.knative.dev - resources: - - channels/finalizers - verbs: - - update ---- -kind: ClusterRole -apiVersion: rbac.authorization.k8s.io/v1 -metadata: - name: broker-addressable-resolver - labels: - eventing.knative.dev/release: "v1.8.6" - duck.knative.dev/addressable: "true" - app.kubernetes.io/version: "1.8.6" - app.kubernetes.io/name: knative-eventing -# Do not use this role directly. These rules will be added to the "addressable-resolver" role. -rules: - - apiGroups: - - eventing.knative.dev - resources: - - brokers - - brokers/status - verbs: - - get - - list - - watch ---- -kind: ClusterRole -apiVersion: rbac.authorization.k8s.io/v1 -metadata: - name: flows-addressable-resolver - labels: - eventing.knative.dev/release: "v1.8.6" - duck.knative.dev/addressable: "true" - app.kubernetes.io/version: "1.8.6" - app.kubernetes.io/name: knative-eventing -# Do not use this role directly. These rules will be added to the "addressable-resolver" role. -rules: - - apiGroups: - - flows.knative.dev - resources: - - sequences - - sequences/status - - parallels - - parallels/status - verbs: - - get - - list - - watch - ---- -# Copyright 2019 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRole -metadata: - name: eventing-broker-filter - labels: - eventing.knative.dev/release: "v1.8.6" - app.kubernetes.io/version: "1.8.6" - app.kubernetes.io/name: knative-eventing -rules: - - apiGroups: - - "" - resources: - - "configmaps" - verbs: - - "get" - - "list" - - "watch" - - apiGroups: - - "eventing.knative.dev" - resources: - - "triggers" - - "triggers/status" - verbs: - - "get" - - "list" - - "watch" ---- -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRole -metadata: - name: eventing-broker-ingress - labels: - eventing.knative.dev/release: "v1.8.6" - app.kubernetes.io/version: "1.8.6" - app.kubernetes.io/name: knative-eventing -rules: - - apiGroups: - - "" - resources: - - "configmaps" - verbs: - - "get" - - "list" - - "watch" ---- -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRole -metadata: - name: eventing-config-reader - labels: - eventing.knative.dev/release: "v1.8.6" - app.kubernetes.io/version: "1.8.6" - app.kubernetes.io/name: knative-eventing -rules: - - apiGroups: - - "" - resources: - - "configmaps" - verbs: - - "get" - - "list" - - "watch" - ---- -# Copyright 2019 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -# Use this aggregated ClusterRole when you need read and update permissions on "Channelables". -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRole -metadata: - name: channelable-manipulator - labels: - eventing.knative.dev/release: "v1.8.6" - app.kubernetes.io/version: "1.8.6" - app.kubernetes.io/name: knative-eventing -aggregationRule: - clusterRoleSelectors: - - matchLabels: - duck.knative.dev/channelable: "true" -rules: [] # Rules are automatically filled in by the controller manager. ---- -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRole -metadata: - name: meta-channelable-manipulator - labels: - eventing.knative.dev/release: "v1.8.6" - duck.knative.dev/channelable: "true" - app.kubernetes.io/version: "1.8.6" - app.kubernetes.io/name: knative-eventing -# Do not use this role directly. These rules will be added to the "channelable-manipulator" role. -rules: - - apiGroups: - - messaging.knative.dev - resources: - - channels - - channels/status - verbs: - - create - - get - - list - - watch - - update - - patch - - delete - ---- -# Copyright 2019 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -kind: ClusterRole -apiVersion: rbac.authorization.k8s.io/v1 -metadata: - name: knative-eventing-namespaced-admin - labels: - eventing.knative.dev/release: "v1.8.6" - rbac.authorization.k8s.io/aggregate-to-admin: "true" - app.kubernetes.io/version: "1.8.6" - app.kubernetes.io/name: knative-eventing -rules: - - apiGroups: ["eventing.knative.dev"] - resources: ["*"] - verbs: ["*"] ---- -kind: ClusterRole -apiVersion: rbac.authorization.k8s.io/v1 -metadata: - name: knative-messaging-namespaced-admin - labels: - eventing.knative.dev/release: "v1.8.6" - rbac.authorization.k8s.io/aggregate-to-admin: "true" - app.kubernetes.io/version: "1.8.6" - app.kubernetes.io/name: knative-eventing -rules: - - apiGroups: ["messaging.knative.dev"] - resources: ["*"] - verbs: ["*"] ---- -kind: ClusterRole -apiVersion: rbac.authorization.k8s.io/v1 -metadata: - name: knative-flows-namespaced-admin - labels: - eventing.knative.dev/release: "v1.8.6" - rbac.authorization.k8s.io/aggregate-to-admin: "true" - app.kubernetes.io/version: "1.8.6" - app.kubernetes.io/name: knative-eventing -rules: - - apiGroups: ["flows.knative.dev"] - resources: ["*"] - verbs: ["*"] ---- -kind: ClusterRole -apiVersion: rbac.authorization.k8s.io/v1 -metadata: - name: knative-sources-namespaced-admin - labels: - eventing.knative.dev/release: "v1.8.6" - rbac.authorization.k8s.io/aggregate-to-admin: "true" - app.kubernetes.io/version: "1.8.6" - app.kubernetes.io/name: knative-eventing -rules: - - apiGroups: ["sources.knative.dev"] - resources: ["*"] - verbs: ["*"] ---- -kind: ClusterRole -apiVersion: rbac.authorization.k8s.io/v1 -metadata: - name: knative-bindings-namespaced-admin - labels: - eventing.knative.dev/release: "v1.8.6" - rbac.authorization.k8s.io/aggregate-to-admin: "true" - app.kubernetes.io/version: "1.8.6" - app.kubernetes.io/name: knative-eventing -rules: - - apiGroups: ["bindings.knative.dev"] - resources: ["*"] - verbs: ["*"] ---- -kind: ClusterRole -apiVersion: rbac.authorization.k8s.io/v1 -metadata: - name: knative-eventing-namespaced-edit - labels: - rbac.authorization.k8s.io/aggregate-to-edit: "true" - eventing.knative.dev/release: "v1.8.6" - app.kubernetes.io/version: "1.8.6" - app.kubernetes.io/name: knative-eventing -rules: - - apiGroups: ["eventing.knative.dev", "messaging.knative.dev", "sources.knative.dev", "flows.knative.dev", "bindings.knative.dev"] - resources: ["*"] - verbs: ["create", "update", "patch", "delete"] ---- -kind: ClusterRole -apiVersion: rbac.authorization.k8s.io/v1 -metadata: - name: knative-eventing-namespaced-view - labels: - rbac.authorization.k8s.io/aggregate-to-view: "true" - eventing.knative.dev/release: "v1.8.6" - app.kubernetes.io/version: "1.8.6" - app.kubernetes.io/name: knative-eventing -rules: - - apiGroups: ["eventing.knative.dev", "messaging.knative.dev", "sources.knative.dev", "flows.knative.dev", "bindings.knative.dev"] - resources: ["*"] - verbs: ["get", "list", "watch"] - ---- -# Copyright 2019 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRole -metadata: - name: knative-eventing-controller - labels: - eventing.knative.dev/release: "v1.8.6" - app.kubernetes.io/version: "1.8.6" - app.kubernetes.io/name: knative-eventing -rules: - - apiGroups: - - "" - resources: - - "namespaces" - - "secrets" - - "configmaps" - - "services" - - "endpoints" - - "events" - - "serviceaccounts" - - "pods" - verbs: &everything - - "get" - - "list" - - "create" - - "update" - - "delete" - - "patch" - - "watch" - # Brokers and the namespace annotation controllers manipulate Deployments. - - apiGroups: - - "apps" - resources: - - "deployments" - verbs: *everything - # PingSource controller manipulates Deployment owner reference - - apiGroups: - - "apps" - resources: - - "deployments/finalizers" - verbs: - - "update" - # The namespace annotation controller needs to manipulate RoleBindings. - - apiGroups: - - "rbac.authorization.k8s.io" - resources: - - "rolebindings" - verbs: *everything - # Our own resources and statuses we care about. - - apiGroups: - - "eventing.knative.dev" - resources: - - "brokers" - - "brokers/status" - - "triggers" - - "triggers/status" - - "eventtypes" - - "eventtypes/status" - verbs: *everything - # Eventing resources and finalizers we care about. - - apiGroups: - - "eventing.knative.dev" - resources: - - "brokers/finalizers" - - "triggers/finalizers" - verbs: - - "update" - # Our own resources and statuses we care about. - - apiGroups: - - "messaging.knative.dev" - resources: - - "sequences" - - "sequences/status" - - "channels" - - "channels/status" - - "parallels" - - "parallels/status" - - "subscriptions" - - "subscriptions/status" - verbs: *everything - # Flow resources and statuses we care about. - - apiGroups: - - "flows.knative.dev" - resources: - - "sequences" - - "sequences/status" - - "parallels" - - "parallels/status" - verbs: *everything - # Messaging resources and finalizers we care about. - - apiGroups: - - "messaging.knative.dev" - resources: - - "sequences/finalizers" - - "parallels/finalizers" - - "channels/finalizers" - verbs: - - "update" - # Flows resources and finalizers we care about. - - apiGroups: - - "flows.knative.dev" - resources: - - "sequences/finalizers" - - "parallels/finalizers" - verbs: - - "update" - # The subscription controller needs to retrieve and watch CustomResourceDefinitions. - - apiGroups: - - "apiextensions.k8s.io" - resources: - - "customresourcedefinitions" - verbs: - - "get" - - "list" - - "watch" - # For leader election - - apiGroups: - - "coordination.k8s.io" - resources: - - "leases" - verbs: *everything - ---- -# Copyright 2020 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRole -metadata: - name: knative-eventing-pingsource-mt-adapter - labels: - eventing.knative.dev/release: "v1.8.6" - app.kubernetes.io/version: "1.8.6" - app.kubernetes.io/name: knative-eventing -rules: - - apiGroups: - - "" - resources: - - "configmaps" - verbs: - - "get" - - "list" - - "watch" - - apiGroups: - - sources.knative.dev - resources: - - pingsources - - pingsources/status - verbs: - - get - - list - - watch - - patch - - apiGroups: - - sources.knative.dev - resources: - - pingsources/finalizers - verbs: - - "patch" - - apiGroups: - - "" - resources: - - events - verbs: - - "create" - - "patch" - - apiGroups: - - coordination.k8s.io - resources: - - leases - verbs: - - get - - list - - watch - - create - - update - - patch - ---- -# Copyright 2019 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -# Use this aggregated ClusterRole when you need readonly access to "PodSpecables" -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRole -metadata: - name: podspecable-binding - labels: - eventing.knative.dev/release: "v1.8.6" - app.kubernetes.io/version: "1.8.6" - app.kubernetes.io/name: knative-eventing -aggregationRule: - clusterRoleSelectors: - - matchLabels: - duck.knative.dev/podspecable: "true" -rules: [] # Rules are automatically filled in by the controller manager. ---- -kind: ClusterRole -apiVersion: rbac.authorization.k8s.io/v1 -metadata: - name: builtin-podspecable-binding - labels: - eventing.knative.dev/release: "v1.8.6" - duck.knative.dev/podspecable: "true" - app.kubernetes.io/version: "1.8.6" - app.kubernetes.io/name: knative-eventing -# Do not use this role directly. These rules will be added to the "podspecable-binding role. -rules: - # To patch the subjects of our bindings - - apiGroups: - - "apps" - resources: - - "deployments" - - "daemonsets" - - "statefulsets" - - "replicasets" - verbs: - - "list" - - "watch" - - "patch" - - apiGroups: - - "batch" - resources: - - "jobs" - verbs: - - "list" - - "watch" - - "patch" - ---- -# Copyright 2019 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -# Use this aggregated ClusterRole when you need to read "Sources". -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRole -metadata: - name: source-observer - labels: - eventing.knative.dev/release: "v1.8.6" - app.kubernetes.io/version: "1.8.6" - app.kubernetes.io/name: knative-eventing -aggregationRule: - clusterRoleSelectors: - - matchLabels: - duck.knative.dev/source: "true" -rules: [] # Rules are automatically filled in by the controller manager. ---- -kind: ClusterRole -apiVersion: rbac.authorization.k8s.io/v1 -metadata: - name: eventing-sources-source-observer - labels: - eventing.knative.dev/release: "v1.8.6" - duck.knative.dev/source: "true" - app.kubernetes.io/version: "1.8.6" - app.kubernetes.io/name: knative-eventing -# Do not use this role directly. These rules will be added to the "source-observer" role. -rules: - - apiGroups: - - sources.knative.dev - resources: - - apiserversources - - pingsources - - sinkbindings - - containersources - verbs: - - get - - list - - watch - ---- -# Copyright 2019 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRole -metadata: - name: knative-eventing-sources-controller - labels: - eventing.knative.dev/release: "v1.8.6" - app.kubernetes.io/version: "1.8.6" - app.kubernetes.io/name: knative-eventing -rules: - - apiGroups: - - "" - resources: - - "secrets" - - "configmaps" - - "services" - verbs: &everything - - "get" - - "list" - - "create" - - "update" - - "delete" - - "patch" - - "watch" - # Deployments admin - - apiGroups: - - "apps" - resources: - - "deployments" - verbs: *everything - # Source resources and statuses we care about. - - apiGroups: - - "sources.knative.dev" - resources: - - "sinkbindings" - - "sinkbindings/status" - - "sinkbindings/finalizers" - - "apiserversources" - - "apiserversources/status" - - "apiserversources/finalizers" - - "pingsources" - - "pingsources/status" - - "pingsources/finalizers" - - "containersources" - - "containersources/status" - - "containersources/finalizers" - verbs: *everything - # Knative Services admin - - apiGroups: - - serving.knative.dev - resources: - - services - verbs: *everything - # EventTypes admin - - apiGroups: - - eventing.knative.dev - resources: - - eventtypes - verbs: *everything - # Events admin - - apiGroups: - - "" - resources: - - events - verbs: *everything - # Authorization checker - - apiGroups: - - authorization.k8s.io - resources: - - subjectaccessreviews - verbs: - - create - ---- -# Copyright 2019 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRole -metadata: - name: knative-eventing-webhook - labels: - eventing.knative.dev/release: "v1.8.6" - app.kubernetes.io/version: "1.8.6" - app.kubernetes.io/name: knative-eventing -rules: - # For watching logging configuration and getting certs. - - apiGroups: - - "" - resources: - - "configmaps" - verbs: - - "get" - - "list" - - "watch" - # For manipulating certs into secrets. - - apiGroups: - - "" - resources: - - "namespaces" - verbs: - - "get" - - "create" - - "update" - - "list" - - "watch" - - "patch" - # finalizers are needed for the owner reference of the webhook - - apiGroups: - - "" - resources: - - "namespaces/finalizers" - verbs: - - "update" - # For getting our Deployment so we can decorate with ownerref. - - apiGroups: - - "apps" - resources: - - "deployments" - verbs: - - "get" - - apiGroups: - - "apps" - resources: - - "deployments/finalizers" - verbs: - - update - # For actually registering our webhook. - - apiGroups: - - "admissionregistration.k8s.io" - resources: - - "mutatingwebhookconfigurations" - - "validatingwebhookconfigurations" - verbs: &everything - - "get" - - "list" - - "create" - - "update" - - "delete" - - "patch" - - "watch" - # For running the SinkBinding reconciler. - - apiGroups: - - "sources.knative.dev" - resources: - - "sinkbindings" - - "sinkbindings/status" - - "sinkbindings/finalizers" - verbs: *everything - # For leader election - - apiGroups: - - "coordination.k8s.io" - resources: - - "leases" - verbs: *everything - # Necessary for conversion webhook. These are copied from the serving - # TODO: Do we really need all these permissions? - - apiGroups: ["apiextensions.k8s.io"] - resources: ["customresourcedefinitions"] - verbs: ["get", "list", "create", "update", "delete", "patch", "watch"] - ---- -# Copyright 2020 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: rbac.authorization.k8s.io/v1 -kind: Role -metadata: - namespace: knative-eventing - name: knative-eventing-webhook - labels: - eventing.knative.dev/release: "v1.8.6" - app.kubernetes.io/version: "1.8.6" - app.kubernetes.io/name: knative-eventing -rules: - # For manipulating certs into secrets. - - apiGroups: - - "" - resources: - - "secrets" - verbs: - - "get" - - "create" - - "update" - - "list" - - "watch" - - "patch" - ---- -# Copyright 2018 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: admissionregistration.k8s.io/v1 -kind: ValidatingWebhookConfiguration -metadata: - name: config.webhook.eventing.knative.dev - labels: - eventing.knative.dev/release: "v1.8.6" - app.kubernetes.io/version: "1.8.6" - app.kubernetes.io/name: knative-eventing -webhooks: - - admissionReviewVersions: ["v1", "v1beta1"] - clientConfig: - service: - name: eventing-webhook - namespace: knative-eventing - sideEffects: None - failurePolicy: Ignore - name: config.webhook.eventing.knative.dev - namespaceSelector: - matchExpressions: - - key: eventing.knative.dev/release - operator: Exists - timeoutSeconds: 10 - ---- -# Copyright 2018 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: admissionregistration.k8s.io/v1 -kind: MutatingWebhookConfiguration -metadata: - name: webhook.eventing.knative.dev - labels: - eventing.knative.dev/release: "v1.8.6" - app.kubernetes.io/version: "1.8.6" - app.kubernetes.io/name: knative-eventing -webhooks: - - admissionReviewVersions: ["v1", "v1beta1"] - clientConfig: - service: - name: eventing-webhook - namespace: knative-eventing - sideEffects: None - failurePolicy: Fail - name: webhook.eventing.knative.dev - timeoutSeconds: 10 - ---- -# Copyright 2018 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: admissionregistration.k8s.io/v1 -kind: ValidatingWebhookConfiguration -metadata: - name: validation.webhook.eventing.knative.dev - labels: - eventing.knative.dev/release: "v1.8.6" - app.kubernetes.io/version: "1.8.6" - app.kubernetes.io/name: knative-eventing -webhooks: - - admissionReviewVersions: ["v1", "v1beta1"] - clientConfig: - service: - name: eventing-webhook - namespace: knative-eventing - sideEffects: None - failurePolicy: Fail - name: validation.webhook.eventing.knative.dev - timeoutSeconds: 10 - ---- -# Copyright 2018 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: v1 -kind: Secret -metadata: - name: eventing-webhook-certs - namespace: knative-eventing - labels: - eventing.knative.dev/release: "v1.8.6" - app.kubernetes.io/version: "1.8.6" - app.kubernetes.io/name: knative-eventing -# The data is populated at install time. - ---- -# Copyright 2018 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: admissionregistration.k8s.io/v1 -kind: MutatingWebhookConfiguration -metadata: - name: sinkbindings.webhook.sources.knative.dev - labels: - eventing.knative.dev/release: "v1.8.6" - app.kubernetes.io/version: "1.8.6" - app.kubernetes.io/name: knative-eventing -webhooks: - - admissionReviewVersions: ["v1", "v1beta1"] - clientConfig: - service: - name: eventing-webhook - namespace: knative-eventing - failurePolicy: Fail - sideEffects: None - name: sinkbindings.webhook.sources.knative.dev - timeoutSeconds: 10 - ---- diff --git a/cmd/operator/kodata/knative-eventing/1.8.6/3-in-memory-channel.yaml b/cmd/operator/kodata/knative-eventing/1.8.6/3-in-memory-channel.yaml deleted file mode 100644 index db2f40286b..0000000000 --- a/cmd/operator/kodata/knative-eventing/1.8.6/3-in-memory-channel.yaml +++ /dev/null @@ -1,1215 +0,0 @@ -# Copyright 2021 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: v1 -kind: ServiceAccount -metadata: - name: imc-controller - namespace: knative-eventing - labels: - eventing.knative.dev/release: "v1.8.6" - app.kubernetes.io/version: "1.8.6" - app.kubernetes.io/name: knative-eventing ---- -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRoleBinding -metadata: - name: imc-controller - labels: - eventing.knative.dev/release: "v1.8.6" - app.kubernetes.io/version: "1.8.6" - app.kubernetes.io/name: knative-eventing -subjects: - - kind: ServiceAccount - name: imc-controller - namespace: knative-eventing -roleRef: - kind: ClusterRole - name: imc-controller - apiGroup: rbac.authorization.k8s.io ---- -apiVersion: rbac.authorization.k8s.io/v1 -kind: RoleBinding -metadata: - namespace: knative-eventing - name: imc-controller - labels: - eventing.knative.dev/release: "v1.8.6" - app.kubernetes.io/version: "1.8.6" - app.kubernetes.io/name: knative-eventing -subjects: - - kind: ServiceAccount - name: imc-controller - namespace: knative-eventing -roleRef: - kind: Role - name: knative-inmemorychannel-webhook - apiGroup: rbac.authorization.k8s.io ---- -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRoleBinding -metadata: - name: imc-controller-resolver - labels: - eventing.knative.dev/release: "v1.8.6" - app.kubernetes.io/version: "1.8.6" - app.kubernetes.io/name: knative-eventing -subjects: - - kind: ServiceAccount - name: imc-controller - namespace: knative-eventing -roleRef: - kind: ClusterRole - name: addressable-resolver - apiGroup: rbac.authorization.k8s.io - ---- -# Copyright 2021 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: v1 -kind: ServiceAccount -metadata: - name: imc-dispatcher - namespace: knative-eventing - labels: - eventing.knative.dev/release: "v1.8.6" - app.kubernetes.io/version: "1.8.6" - app.kubernetes.io/name: knative-eventing ---- -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRoleBinding -metadata: - name: imc-dispatcher - labels: - eventing.knative.dev/release: "v1.8.6" - app.kubernetes.io/version: "1.8.6" - app.kubernetes.io/name: knative-eventing -subjects: - - kind: ServiceAccount - name: imc-dispatcher - namespace: knative-eventing -roleRef: - kind: ClusterRole - name: imc-dispatcher - apiGroup: rbac.authorization.k8s.io - ---- -# Copyright 2020 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: v1 -kind: ConfigMap -metadata: - name: config-imc-event-dispatcher - namespace: knative-eventing - labels: - eventing.knative.dev/release: "v1.8.6" - app.kubernetes.io/component: imc-controller - app.kubernetes.io/version: "1.8.6" - app.kubernetes.io/name: knative-eventing -data: - MaxIdleConnections: "1000" - MaxIdleConnectionsPerHost: "100" - ---- -# Copyright 2019 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: v1 -kind: ConfigMap -metadata: - name: config-observability - namespace: knative-eventing - labels: - eventing.knative.dev/release: "v1.8.6" - knative.dev/config-propagation: original - knative.dev/config-category: eventing - app.kubernetes.io/version: "1.8.6" - app.kubernetes.io/name: knative-eventing - annotations: - knative.dev/example-checksum: "f46cf09d" -data: - _example: | - ################################ - # # - # EXAMPLE CONFIGURATION # - # # - ################################ - - # This block is not actually functional configuration, - # but serves to illustrate the available configuration - # options and document them in a way that is accessible - # to users that `kubectl edit` this config map. - # - # These sample configuration options may be copied out of - # this example block and unindented to be in the data block - # to actually change the configuration. - - # metrics.backend-destination field specifies the system metrics destination. - # It supports either prometheus (the default) or stackdriver. - # Note: Using stackdriver will incur additional charges - metrics.backend-destination: prometheus - - # metrics.request-metrics-backend-destination specifies the request metrics - # destination. If non-empty, it enables queue proxy to send request metrics. - # Currently supported values: prometheus, stackdriver. - metrics.request-metrics-backend-destination: prometheus - - # metrics.stackdriver-project-id field specifies the stackdriver project ID. This - # field is optional. When running on GCE, application default credentials will be - # used if this field is not provided. - metrics.stackdriver-project-id: "" - - # metrics.allow-stackdriver-custom-metrics indicates whether it is allowed to send metrics to - # Stackdriver using "global" resource type and custom metric type if the - # metrics are not supported by "knative_broker", "knative_trigger", and "knative_source" resource types. - # Setting this flag to "true" could cause extra Stackdriver charge. - # If metrics.backend-destination is not Stackdriver, this is ignored. - metrics.allow-stackdriver-custom-metrics: "false" - - # profiling.enable indicates whether it is allowed to retrieve runtime profiling data from - # the pods via an HTTP server in the format expected by the pprof visualization tool. When - # enabled, the Knative Eventing pods expose the profiling data on an alternate HTTP port 8008. - # The HTTP context root for profiling is then /debug/pprof/. - profiling.enable: "false" - - # sink-event-error-reporting.enable whether the adapter reports a kube event to the CRD indicating - # a failure to send a cloud event to the sink. - sink-event-error-reporting.enable: "false" - ---- -# Copyright 2019 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: v1 -kind: ConfigMap -metadata: - name: config-tracing - namespace: knative-eventing - labels: - eventing.knative.dev/release: "v1.8.6" - knative.dev/config-propagation: original - knative.dev/config-category: eventing - app.kubernetes.io/version: "1.8.6" - app.kubernetes.io/name: knative-eventing - annotations: - knative.dev/example-checksum: "0492ceb0" -data: - _example: | - ################################ - # # - # EXAMPLE CONFIGURATION # - # # - ################################ - # This block is not actually functional configuration, - # but serves to illustrate the available configuration - # options and document them in a way that is accessible - # to users that `kubectl edit` this config map. - # - # These sample configuration options may be copied out of - # this example block and unindented to be in the data block - # to actually change the configuration. - # - # This may be "zipkin" or "none". the default is "none" - backend: "none" - - # URL to zipkin collector where traces are sent. - # This must be specified when backend is "zipkin" - zipkin-endpoint: "http://zipkin.istio-system.svc.cluster.local:9411/api/v2/spans" - - # Enable zipkin debug mode. This allows all spans to be sent to the server - # bypassing sampling. - debug: "false" - - # Percentage (0-1) of requests to trace - sample-rate: "0.1" - ---- -# Copyright 2019 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: apps/v1 -kind: Deployment -metadata: - name: imc-controller - namespace: knative-eventing - labels: - eventing.knative.dev/release: "v1.8.6" - knative.dev/high-availability: "true" - app.kubernetes.io/component: imc-controller - app.kubernetes.io/version: "1.8.6" - app.kubernetes.io/name: knative-eventing -spec: - selector: - matchLabels: &labels - messaging.knative.dev/channel: in-memory-channel - messaging.knative.dev/role: controller - template: - metadata: - labels: - !!merge <<: *labels - app.kubernetes.io/component: imc-controller - app.kubernetes.io/version: "1.8.6" - app.kubernetes.io/name: knative-eventing - spec: - affinity: - podAntiAffinity: - preferredDuringSchedulingIgnoredDuringExecution: - - podAffinityTerm: - labelSelector: - matchLabels: *labels - topologyKey: kubernetes.io/hostname - weight: 100 - serviceAccountName: imc-controller - enableServiceLinks: false - containers: - - name: controller - image: gcr.io/knative-releases/knative.dev/eventing/cmd/in_memory/channel_controller@sha256:4305175b9d63ac82407b9ec4359c888c668ac9d742b67ef6403e3644e59c5fff - env: - - name: WEBHOOK_NAME - value: inmemorychannel-webhook - - name: WEBHOOK_PORT - value: "8443" - - name: CONFIG_LOGGING_NAME - value: config-logging - - name: CONFIG_OBSERVABILITY_NAME - value: config-observability - - name: METRICS_DOMAIN - value: knative.dev/inmemorychannel-controller - - name: SYSTEM_NAMESPACE - valueFrom: - fieldRef: - fieldPath: metadata.namespace - - name: DISPATCHER_IMAGE - value: gcr.io/knative-releases/knative.dev/eventing/cmd/in_memory/channel_dispatcher@sha256:c022e012214395d5188f3ed0560f3766ef30dc21b71a1dd54140fb193775b39b - - name: POD_NAME - valueFrom: - fieldRef: - fieldPath: metadata.name - securityContext: - allowPrivilegeEscalation: false - readOnlyRootFilesystem: true - runAsNonRoot: true - capabilities: - drop: - - ALL - seccompProfile: - type: RuntimeDefault - ports: - - name: metrics - containerPort: 9090 - - name: profiling - containerPort: 8008 - - name: https-webhook - containerPort: 8443 - readinessProbe: &probe - periodSeconds: 1 - httpGet: - scheme: HTTPS - port: 8443 - httpHeaders: - - name: k-kubelet-probe - value: "webhook" - livenessProbe: - !!merge <<: *probe - initialDelaySeconds: 120 - # Our webhook should gracefully terminate by lame ducking first, set this to a sufficiently - # high value that we respect whatever value it has configured for the lame duck grace period. - terminationGracePeriodSeconds: 300 ---- -apiVersion: v1 -kind: Service -metadata: - labels: - app.kubernetes.io/component: imc-controller - app.kubernetes.io/version: "1.8.6" - app.kubernetes.io/name: knative-eventing - eventing.knative.dev/release: "v1.8.6" - name: inmemorychannel-webhook - namespace: knative-eventing -spec: - ports: - - name: https-webhook - port: 443 - targetPort: 8443 - - name: http-metrics - port: 9090 - targetPort: 9090 - - name: http-profiling - port: 8008 - targetPort: 8008 - selector: - messaging.knative.dev/channel: in-memory-channel - messaging.knative.dev/role: controller - ---- -# Copyright 2019 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -apiVersion: v1 -kind: Service -metadata: - name: imc-dispatcher - namespace: knative-eventing - labels: - eventing.knative.dev/release: "v1.8.6" - messaging.knative.dev/channel: in-memory-channel - messaging.knative.dev/role: dispatcher - app.kubernetes.io/component: imc-dispatcher - app.kubernetes.io/version: "1.8.6" - app.kubernetes.io/name: knative-eventing -spec: - selector: - messaging.knative.dev/channel: in-memory-channel - messaging.knative.dev/role: dispatcher - ports: - - name: http-dispatcher - port: 80 - protocol: TCP - targetPort: 8080 - - name: http-metrics - port: 9090 - targetPort: 9090 - ---- -# Copyright 2019 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: apps/v1 -kind: Deployment -metadata: - name: imc-dispatcher - namespace: knative-eventing - labels: - eventing.knative.dev/release: "v1.8.6" - knative.dev/high-availability: "true" - app.kubernetes.io/component: imc-dispatcher - app.kubernetes.io/version: "1.8.6" - app.kubernetes.io/name: knative-eventing -spec: - selector: - matchLabels: &labels - messaging.knative.dev/channel: in-memory-channel - messaging.knative.dev/role: dispatcher - template: - metadata: - labels: - !!merge <<: *labels - app.kubernetes.io/component: imc-dispatcher - app.kubernetes.io/version: "1.8.6" - app.kubernetes.io/name: knative-eventing - spec: - affinity: - podAntiAffinity: - preferredDuringSchedulingIgnoredDuringExecution: - - podAffinityTerm: - labelSelector: - matchLabels: *labels - topologyKey: kubernetes.io/hostname - weight: 100 - serviceAccountName: imc-dispatcher - enableServiceLinks: false - containers: - - name: dispatcher - image: gcr.io/knative-releases/knative.dev/eventing/cmd/in_memory/channel_dispatcher@sha256:c022e012214395d5188f3ed0560f3766ef30dc21b71a1dd54140fb193775b39b - readinessProbe: &probe - failureThreshold: 3 - httpGet: - path: /healthz - port: 8080 - scheme: HTTP - periodSeconds: 2 - successThreshold: 1 - timeoutSeconds: 1 - livenessProbe: - !!merge <<: *probe - initialDelaySeconds: 5 - env: - - name: CONFIG_LOGGING_NAME - value: config-logging - - name: CONFIG_OBSERVABILITY_NAME - value: config-observability - - name: METRICS_DOMAIN - value: knative.dev/inmemorychannel-dispatcher - - name: SYSTEM_NAMESPACE - valueFrom: - fieldRef: - fieldPath: metadata.namespace - - name: POD_NAME - valueFrom: - fieldRef: - fieldPath: metadata.name - - name: CONTAINER_NAME - value: dispatcher - - name: MAX_IDLE_CONNS - value: "1000" - - name: MAX_IDLE_CONNS_PER_HOST - value: "1000" - ports: - - containerPort: 8080 - name: http - protocol: TCP - - containerPort: 9090 - name: metrics - securityContext: - allowPrivilegeEscalation: false - readOnlyRootFilesystem: true - runAsNonRoot: true - capabilities: - drop: - - ALL - seccompProfile: - type: RuntimeDefault - ---- -# Copyright 2019 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - name: inmemorychannels.messaging.knative.dev - labels: - eventing.knative.dev/release: "v1.8.6" - knative.dev/crd-install: "true" - messaging.knative.dev/subscribable: "true" - duck.knative.dev/addressable: "true" - app.kubernetes.io/version: "1.8.6" - app.kubernetes.io/name: knative-eventing -spec: - group: messaging.knative.dev - versions: - - name: v1 - served: true - storage: true - subresources: - status: {} - schema: - openAPIV3Schema: - description: 'InMemoryChannel is a resource representing an in memory channel' - type: object - properties: - spec: - description: Spec defines the desired state of the Channel. - type: object - properties: - delivery: - description: DeliverySpec contains the default delivery spec for each subscription to this Channelable. Each subscription delivery spec, if any, overrides this global delivery spec. - type: object - properties: - backoffDelay: - description: 'BackoffDelay is the delay before retrying. More information on Duration format: - https://www.iso.org/iso-8601-date-and-time-format.html - https://en.wikipedia.org/wiki/ISO_8601 For linear policy, backoff delay is backoffDelay*. For exponential policy, backoff delay is backoffDelay*2^.' - type: string - backoffPolicy: - description: BackoffPolicy is the retry backoff policy (linear, exponential). - type: string - deadLetterSink: - description: DeadLetterSink is the sink receiving event that could not be sent to a destination. - type: object - properties: - ref: - description: Ref points to an Addressable. - type: object - properties: - apiVersion: - description: API version of the referent. - type: string - kind: - description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - namespace: - description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ This is optional field, it gets defaulted to the object holding it if left out.' - type: string - uri: - description: URI can be an absolute URL(non-empty scheme and non-empty host) pointing to the target or a relative URI. Relative URIs will be resolved using the base URI retrieved from Ref. - type: string - retry: - description: Retry is the minimum number of retries the sender should attempt when sending an event before moving it to the dead letter sink. - type: integer - format: int32 - x-kubernetes-preserve-unknown-fields: true # This is necessary to enable the experimental feature delivery-timeout - subscribers: - description: This is the list of subscriptions for this subscribable. - type: array - items: - type: object - properties: - delivery: - description: DeliverySpec contains options controlling the event delivery - type: object - properties: - backoffDelay: - description: 'BackoffDelay is the delay before retrying. More information on Duration format: - https://www.iso.org/iso-8601-date-and-time-format.html - https://en.wikipedia.org/wiki/ISO_8601 For linear policy, backoff delay is backoffDelay*. For exponential policy, backoff delay is backoffDelay*2^.' - type: string - backoffPolicy: - description: BackoffPolicy is the retry backoff policy (linear, exponential). - type: string - deadLetterSink: - description: DeadLetterSink is the sink receiving event that could not be sent to a destination. - type: object - properties: - ref: - description: Ref points to an Addressable. - type: object - properties: - apiVersion: - description: API version of the referent. - type: string - kind: - description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - namespace: - description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ This is optional field, it gets defaulted to the object holding it if left out.' - type: string - uri: - description: URI can be an absolute URL(non-empty scheme and non-empty host) pointing to the target or a relative URI. Relative URIs will be resolved using the base URI retrieved from Ref. - type: string - retry: - description: Retry is the minimum number of retries the sender should attempt when sending an event before moving it to the dead letter sink. - type: integer - format: int32 - x-kubernetes-preserve-unknown-fields: true # This is necessary to enable the experimental feature - generation: - description: Generation of the origin of the subscriber with uid:UID. - type: integer - format: int64 - replyUri: - description: ReplyURI is the endpoint for the reply - type: string - subscriberUri: - description: SubscriberURI is the endpoint for the subscriber - type: string - uid: - description: UID is used to understand the origin of the subscriber. - type: string - status: - description: Status represents the current state of the Channel. This data may be out of date. - type: object - properties: - address: - type: object - properties: - url: - type: string - annotations: - description: Annotations is additional Status fields for the Resource to save some additional State as well as convey more information to the user. This is roughly akin to Annotations on any k8s resource, just the reconciler conveying richer information outwards. - type: object - x-kubernetes-preserve-unknown-fields: true - conditions: - description: Conditions the latest available observations of a resource's current state. - type: array - items: - type: object - required: - - type - - status - properties: - lastTransitionTime: - description: LastTransitionTime is the last time the condition transitioned from one status to another. We use VolatileTime in place of metav1.Time to exclude this from creating equality.Semantic differences (all other things held constant). - type: string - message: - description: A human readable message indicating details about the transition. - type: string - reason: - description: The reason for the condition's last transition. - type: string - severity: - description: Severity with which to treat failures of this type of condition. When this is not specified, it defaults to Error. - type: string - status: - description: Status of the condition, one of True, False, Unknown. - type: string - type: - description: Type of condition. - type: string - deadLetterChannel: - description: DeadLetterChannel is a KReference and is set by the channel when it supports native error handling via a channel Failed messages are delivered here. - type: object - properties: - apiVersion: - description: API version of the referent. - type: string - kind: - description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - namespace: - description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ This is optional field, it gets defaulted to the object holding it if left out.' - type: string - deadLetterSinkUri: - description: DeadLetterSinkURI is the resolved URI of the dead letter ref if one is specified in the Spec.Delivery. - type: string - observedGeneration: - description: ObservedGeneration is the 'Generation' of the Service that was last processed by the controller. - type: integer - format: int64 - subscribers: - description: This is the list of subscription's statuses for this channel. - type: array - items: - type: object - properties: - message: - description: A human readable message indicating details of Ready status. - type: string - observedGeneration: - description: Generation of the origin of the subscriber with uid:UID. - type: integer - format: int64 - ready: - description: Status of the subscriber. - type: string - uid: - description: UID is used to understand the origin of the subscriber. - type: string - additionalPrinterColumns: - - name: URL - type: string - jsonPath: .status.address.url - - name: Age - type: date - jsonPath: .metadata.creationTimestamp - - name: Ready - type: string - jsonPath: ".status.conditions[?(@.type==\"Ready\")].status" - - name: Reason - type: string - jsonPath: ".status.conditions[?(@.type==\"Ready\")].reason" - names: - kind: InMemoryChannel - plural: inmemorychannels - singular: inmemorychannel - categories: - - all - - knative - - messaging - - channel - shortNames: - - imc - scope: Namespaced - ---- -# Copyright 2019 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRole -metadata: - name: imc-addressable-resolver - labels: - eventing.knative.dev/release: "v1.8.6" - duck.knative.dev/addressable: "true" - app.kubernetes.io/version: "1.8.6" - app.kubernetes.io/name: knative-eventing -# Do not use this role directly. These rules will be added to the "addressable-resolver" role. -rules: - - apiGroups: - - messaging.knative.dev - resources: - - inmemorychannels - - inmemorychannels/status - verbs: - - get - - list - - watch - ---- -# Copyright 2019 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRole -metadata: - name: imc-channelable-manipulator - labels: - eventing.knative.dev/release: "v1.8.6" - duck.knative.dev/channelable: "true" - app.kubernetes.io/version: "1.8.6" - app.kubernetes.io/name: knative-eventing -# Do not use this role directly. These rules will be added to the "channelable-manipulator" role. -rules: - - apiGroups: - - messaging.knative.dev - resources: - - inmemorychannels - - inmemorychannels/status - verbs: - - create - - get - - list - - watch - - update - - patch - - delete - ---- -# Copyright 2019 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRole -metadata: - name: imc-controller - labels: - eventing.knative.dev/release: "v1.8.6" - app.kubernetes.io/version: "1.8.6" - app.kubernetes.io/name: knative-eventing -rules: - - apiGroups: - - messaging.knative.dev - resources: - - inmemorychannels - - inmemorychannels/status - verbs: - - get - - list - - watch - - update - - apiGroups: - - messaging.knative.dev - resources: - - inmemorychannels/finalizers - verbs: - - update - - apiGroups: - - messaging.knative.dev - resources: - - inmemorychannels/finalizers - - inmemorychannels/status - - inmemorychannels - verbs: - - patch - - apiGroups: - - "" - resources: - - services - - serviceaccounts - verbs: &everything - - get - - list - - watch - - create - - update - - patch - - apiGroups: - - "" - resources: - - endpoints - verbs: - - get - - list - - watch - - apiGroups: - - "rbac.authorization.k8s.io" - resources: - - rolebindings - verbs: *everything - - apiGroups: - - apps - resources: - - deployments - verbs: *everything - - apiGroups: - - apps - resources: - - deployments/status - verbs: - - get - - list - - watch - - apiGroups: - - "" - resources: - - configmaps - verbs: - - get - - list - - watch - - apiGroups: - - "" - resources: - - events - verbs: - - create - - patch - - apiGroups: - - coordination.k8s.io - resources: - - leases - verbs: *everything - # For actually registering our webhook. - - apiGroups: - - "admissionregistration.k8s.io" - resources: - - "mutatingwebhookconfigurations" - - "validatingwebhookconfigurations" - verbs: &everything - - "get" - - "list" - - "create" - - "update" - - "delete" - - "patch" - - "watch" - # For manipulating certs into secrets. - - apiGroups: - - "" - resources: - - "namespaces" - verbs: - - "get" - - "create" - - "update" - - "list" - - "watch" - - "patch" - # finalizers are needed for the owner reference of the webhook - - apiGroups: - - "" - resources: - - "namespaces/finalizers" - verbs: - - "update" - ---- -# Copyright 2019 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRole -metadata: - name: imc-dispatcher - labels: - eventing.knative.dev/release: "v1.8.6" - app.kubernetes.io/version: "1.8.6" - app.kubernetes.io/name: knative-eventing -rules: - - apiGroups: - - messaging.knative.dev - resources: - - inmemorychannels - - inmemorychannels/status - verbs: - - get - - list - - watch - - apiGroups: - - "" # Core API group. - resources: - - configmaps - verbs: - - get - - list - - watch - - apiGroups: - - "" - resources: - - events - verbs: - - create - - patch - # Updates the finalizer so we can remove our handlers when channel is deleted - # Patches the status.subscribers to reflect when the subscription dataplane has been - # configured. - - apiGroups: - - messaging.knative.dev - resources: - - inmemorychannels/finalizers - - inmemorychannels/status - - inmemorychannels - verbs: - - patch - - apiGroups: - - coordination.k8s.io - resources: - - leases - verbs: - - get - - list - - watch - - create - - update - - patch - ---- -# Copyright 2020 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: rbac.authorization.k8s.io/v1 -kind: Role -metadata: - namespace: knative-eventing - name: knative-inmemorychannel-webhook - labels: - eventing.knative.dev/release: "v1.8.6" - app.kubernetes.io/version: "1.8.6" - app.kubernetes.io/name: knative-eventing -rules: - # For manipulating certs into secrets. - - apiGroups: - - "" - resources: - - "secrets" - verbs: - - "get" - - "create" - - "update" - - "list" - - "watch" - - "patch" - ---- -# Copyright 2021 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: admissionregistration.k8s.io/v1 -kind: MutatingWebhookConfiguration -metadata: - name: inmemorychannel.eventing.knative.dev - labels: - eventing.knative.dev/release: "v1.8.6" - app.kubernetes.io/version: "1.8.6" - app.kubernetes.io/name: knative-eventing -webhooks: - - admissionReviewVersions: ["v1"] - clientConfig: - service: - name: inmemorychannel-webhook - namespace: knative-eventing - sideEffects: None - failurePolicy: Fail - name: inmemorychannel.eventing.knative.dev - timeoutSeconds: 10 - ---- -# Copyright 2021 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: admissionregistration.k8s.io/v1 -kind: ValidatingWebhookConfiguration -metadata: - name: validation.inmemorychannel.eventing.knative.dev - labels: - eventing.knative.dev/release: "v1.8.6" - app.kubernetes.io/version: "1.8.6" - app.kubernetes.io/name: knative-eventing -webhooks: - - admissionReviewVersions: ["v1"] - clientConfig: - service: - name: inmemorychannel-webhook - namespace: knative-eventing - sideEffects: None - failurePolicy: Fail - name: validation.inmemorychannel.eventing.knative.dev - timeoutSeconds: 10 - ---- -# Copyright 2021 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: v1 -kind: Secret -metadata: - name: inmemorychannel-webhook-certs - namespace: knative-eventing - labels: - eventing.knative.dev/release: "v1.8.6" - app.kubernetes.io/version: "1.8.6" - app.kubernetes.io/name: knative-eventing -# The data is populated at install time. - ---- diff --git a/cmd/operator/kodata/knative-eventing/1.8.6/4-mt-channel-broker.yaml b/cmd/operator/kodata/knative-eventing/1.8.6/4-mt-channel-broker.yaml deleted file mode 100644 index 9435fd8d1c..0000000000 --- a/cmd/operator/kodata/knative-eventing/1.8.6/4-mt-channel-broker.yaml +++ /dev/null @@ -1,675 +0,0 @@ -# Copyright 2020 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRole -metadata: - name: knative-eventing-mt-channel-broker-controller - labels: - eventing.knative.dev/release: "v1.8.6" - app.kubernetes.io/version: "1.8.6" - app.kubernetes.io/name: knative-eventing -rules: - # Configs resources and status we care about. - - apiGroups: - - "" - resources: - - "namespaces/finalizers" - verbs: - - "update" - - apiGroups: - - coordination.k8s.io - resources: - - leases - verbs: - - "get" - - "list" - - "create" - - "update" - - "delete" - - "patch" - - "watch" - ---- -# Copyright 2020 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRole -metadata: - name: knative-eventing-mt-broker-filter - labels: - eventing.knative.dev/release: "v1.8.6" - app.kubernetes.io/version: "1.8.6" - app.kubernetes.io/name: knative-eventing -rules: - - apiGroups: - - eventing.knative.dev - resources: - - triggers - - triggers/status - verbs: - - get - - list - - watch - - apiGroups: - - "" - resources: - - "configmaps" - verbs: - - get - - list - - watch - ---- -# Copyright 2020 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -apiVersion: v1 -kind: ServiceAccount -metadata: - name: mt-broker-filter - namespace: knative-eventing - labels: - eventing.knative.dev/release: "v1.8.6" - app.kubernetes.io/version: "1.8.6" - app.kubernetes.io/name: knative-eventing - ---- -# Copyright 2020 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRole -metadata: - name: knative-eventing-mt-broker-ingress - labels: - eventing.knative.dev/release: "v1.8.6" - app.kubernetes.io/version: "1.8.6" - app.kubernetes.io/name: knative-eventing -rules: - - apiGroups: - - eventing.knative.dev - resources: - - brokers - verbs: - - get - - list - - watch - - apiGroups: - - "" - resources: - - "configmaps" - verbs: - - get - - list - - watch - ---- -# Copyright 2020 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -apiVersion: v1 -kind: ServiceAccount -metadata: - name: mt-broker-ingress - namespace: knative-eventing - labels: - eventing.knative.dev/release: "v1.8.6" - app.kubernetes.io/version: "1.8.6" - app.kubernetes.io/name: knative-eventing - ---- -# Copyright 2020 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRoleBinding -metadata: - name: eventing-mt-channel-broker-controller - labels: - eventing.knative.dev/release: "v1.8.6" - app.kubernetes.io/version: "1.8.6" - app.kubernetes.io/name: knative-eventing -subjects: - - kind: ServiceAccount - name: eventing-controller - namespace: knative-eventing -roleRef: - kind: ClusterRole - name: knative-eventing-mt-channel-broker-controller - apiGroup: rbac.authorization.k8s.io - ---- -# Copyright 2020 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRoleBinding -metadata: - name: knative-eventing-mt-broker-filter - labels: - eventing.knative.dev/release: "v1.8.6" - app.kubernetes.io/version: "1.8.6" - app.kubernetes.io/name: knative-eventing -subjects: - - kind: ServiceAccount - name: mt-broker-filter - namespace: knative-eventing -roleRef: - kind: ClusterRole - name: knative-eventing-mt-broker-filter - apiGroup: rbac.authorization.k8s.io - ---- -# Copyright 2020 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRoleBinding -metadata: - name: knative-eventing-mt-broker-ingress - labels: - eventing.knative.dev/release: "v1.8.6" - app.kubernetes.io/version: "1.8.6" - app.kubernetes.io/name: knative-eventing -subjects: - - kind: ServiceAccount - name: mt-broker-ingress - namespace: knative-eventing -roleRef: - kind: ClusterRole - name: knative-eventing-mt-broker-ingress - apiGroup: rbac.authorization.k8s.io - ---- -# Copyright 2020 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: apps/v1 -kind: Deployment -metadata: - name: mt-broker-filter - namespace: knative-eventing - labels: - eventing.knative.dev/release: "v1.8.6" - app.kubernetes.io/component: broker-filter - app.kubernetes.io/version: "1.8.6" - app.kubernetes.io/name: knative-eventing -spec: - selector: - matchLabels: - eventing.knative.dev/brokerRole: filter - template: - metadata: - labels: - eventing.knative.dev/brokerRole: filter - eventing.knative.dev/release: "v1.8.6" - app.kubernetes.io/component: broker-filter - app.kubernetes.io/version: "1.8.6" - app.kubernetes.io/name: knative-eventing - spec: - serviceAccountName: mt-broker-filter - enableServiceLinks: false - containers: - - name: filter - terminationMessagePolicy: FallbackToLogsOnError - image: gcr.io/knative-releases/knative.dev/eventing/cmd/broker/filter@sha256:c94ddba31eccaf60b4a7a8cdbf7413130360e6a150d91421827ca3ab27ba3881 - readinessProbe: &probe - failureThreshold: 3 - httpGet: - path: /healthz - port: 8080 - scheme: HTTP - periodSeconds: 2 - successThreshold: 1 - timeoutSeconds: 1 - livenessProbe: - !!merge <<: *probe - initialDelaySeconds: 5 - resources: - requests: - cpu: 100m - memory: 100Mi - ports: - - containerPort: 8080 - name: http - protocol: TCP - - containerPort: 9092 - name: metrics - protocol: TCP - terminationMessagePath: /dev/termination-log - env: - - name: SYSTEM_NAMESPACE - valueFrom: - fieldRef: - fieldPath: metadata.namespace - - name: NAMESPACE - valueFrom: - fieldRef: - apiVersion: v1 - fieldPath: metadata.namespace - - name: POD_NAME - valueFrom: - fieldRef: - apiVersion: v1 - fieldPath: metadata.name - - name: CONTAINER_NAME - value: filter - - name: CONFIG_LOGGING_NAME - value: config-logging - - name: CONFIG_OBSERVABILITY_NAME - value: config-observability - - name: METRICS_DOMAIN - value: knative.dev/internal/eventing - - name: FILTER_PORT - value: "8080" - securityContext: - allowPrivilegeEscalation: false - readOnlyRootFilesystem: true - runAsNonRoot: true - capabilities: - drop: - - ALL - seccompProfile: - type: RuntimeDefault ---- -apiVersion: v1 -kind: Service -metadata: - labels: - eventing.knative.dev/brokerRole: filter - eventing.knative.dev/release: "v1.8.6" - app.kubernetes.io/component: broker-filter - app.kubernetes.io/version: "1.8.6" - app.kubernetes.io/name: knative-eventing - name: broker-filter - namespace: knative-eventing -spec: - ports: - - name: http - port: 80 - protocol: TCP - targetPort: 8080 - - name: http-metrics - port: 9092 - protocol: TCP - targetPort: 9092 - selector: - eventing.knative.dev/brokerRole: filter - ---- -# Copyright 2020 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: apps/v1 -kind: Deployment -metadata: - name: mt-broker-ingress - namespace: knative-eventing - labels: - eventing.knative.dev/release: "v1.8.6" - app.kubernetes.io/component: broker-ingress - app.kubernetes.io/version: "1.8.6" - app.kubernetes.io/name: knative-eventing -spec: - selector: - matchLabels: - eventing.knative.dev/brokerRole: ingress - template: - metadata: - labels: - eventing.knative.dev/brokerRole: ingress - eventing.knative.dev/release: "v1.8.6" - app.kubernetes.io/component: broker-ingress - app.kubernetes.io/version: "1.8.6" - app.kubernetes.io/name: knative-eventing - spec: - serviceAccountName: mt-broker-ingress - enableServiceLinks: false - containers: - - name: ingress - terminationMessagePolicy: FallbackToLogsOnError - image: gcr.io/knative-releases/knative.dev/eventing/cmd/broker/ingress@sha256:3b9242dba2e736e99a64c1169b2f55bc201218e8929bf9f9e96ead1b38ca45e6 - readinessProbe: &probe - failureThreshold: 3 - httpGet: - path: /healthz - port: 8080 - scheme: HTTP - periodSeconds: 2 - successThreshold: 1 - timeoutSeconds: 1 - livenessProbe: - !!merge <<: *probe - initialDelaySeconds: 5 - resources: - requests: - cpu: 100m - memory: 100Mi - ports: - - containerPort: 8080 - name: http - protocol: TCP - - containerPort: 9092 - name: metrics - protocol: TCP - terminationMessagePath: /dev/termination-log - env: - - name: SYSTEM_NAMESPACE - valueFrom: - fieldRef: - fieldPath: metadata.namespace - - name: NAMESPACE - valueFrom: - fieldRef: - apiVersion: v1 - fieldPath: metadata.namespace - - name: POD_NAME - valueFrom: - fieldRef: - apiVersion: v1 - fieldPath: metadata.name - - name: CONTAINER_NAME - value: ingress - - name: CONFIG_LOGGING_NAME - value: config-logging - - name: CONFIG_OBSERVABILITY_NAME - value: config-observability - - name: METRICS_DOMAIN - value: knative.dev/internal/eventing - - name: INGRESS_PORT - value: "8080" - securityContext: - allowPrivilegeEscalation: false - readOnlyRootFilesystem: true - runAsNonRoot: true - capabilities: - drop: - - ALL - seccompProfile: - type: RuntimeDefault ---- -apiVersion: v1 -kind: Service -metadata: - labels: - eventing.knative.dev/brokerRole: ingress - eventing.knative.dev/release: "v1.8.6" - app.kubernetes.io/component: broker-ingress - app.kubernetes.io/version: "1.8.6" - app.kubernetes.io/name: knative-eventing - name: broker-ingress - namespace: knative-eventing -spec: - ports: - - name: http - port: 80 - protocol: TCP - targetPort: 8080 - - name: http-metrics - port: 9092 - protocol: TCP - targetPort: 9092 - selector: - eventing.knative.dev/brokerRole: ingress - ---- -# Copyright 2020 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: apps/v1 -kind: Deployment -metadata: - name: mt-broker-controller - namespace: knative-eventing - labels: - eventing.knative.dev/release: "v1.8.6" - app.kubernetes.io/component: mt-broker-controller - app.kubernetes.io/version: "1.8.6" - app.kubernetes.io/name: knative-eventing -spec: - selector: - matchLabels: - app: mt-broker-controller - template: - metadata: - labels: - app: mt-broker-controller - eventing.knative.dev/release: "v1.8.6" - app.kubernetes.io/component: broker-controller - app.kubernetes.io/version: "1.8.6" - app.kubernetes.io/name: knative-eventing - spec: - # To avoid node becoming SPOF, spread our replicas to different nodes. - affinity: - podAntiAffinity: - preferredDuringSchedulingIgnoredDuringExecution: - - podAffinityTerm: - labelSelector: - matchLabels: - app: mt-broker-controller - topologyKey: kubernetes.io/hostname - weight: 100 - serviceAccountName: eventing-controller - enableServiceLinks: false - containers: - - name: mt-broker-controller - terminationMessagePolicy: FallbackToLogsOnError - image: gcr.io/knative-releases/knative.dev/eventing/cmd/mtchannel_broker@sha256:1b24a36c336ec504a0e17069e2ccd91fcbdfc437508fe5ced9d4b464d5a66714 - resources: - requests: - cpu: 100m - memory: 100Mi - env: - - name: SYSTEM_NAMESPACE - valueFrom: - fieldRef: - fieldPath: metadata.namespace - - name: CONFIG_LOGGING_NAME - value: config-logging - - name: CONFIG_OBSERVABILITY_NAME - value: config-observability - - name: METRICS_DOMAIN - value: knative.dev/eventing - - name: POD_NAME - valueFrom: - fieldRef: - fieldPath: metadata.name - securityContext: - allowPrivilegeEscalation: false - readOnlyRootFilesystem: true - runAsNonRoot: true - capabilities: - drop: - - ALL - seccompProfile: - type: RuntimeDefault - ports: - - name: metrics - containerPort: 9090 - - name: profiling - containerPort: 8008 - ---- -# Copyright 2020 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: autoscaling/v2 -kind: HorizontalPodAutoscaler -metadata: - name: broker-ingress-hpa - namespace: knative-eventing - labels: - eventing.knative.dev/release: "v1.8.6" - app.kubernetes.io/component: broker-ingress - app.kubernetes.io/version: "1.8.6" - app.kubernetes.io/name: knative-eventing -spec: - scaleTargetRef: - apiVersion: apps/v1 - kind: Deployment - name: mt-broker-ingress - minReplicas: 1 - maxReplicas: 10 - metrics: - - type: Resource - resource: - name: cpu - target: - type: Utilization - averageUtilization: 70 ---- -apiVersion: autoscaling/v2 -kind: HorizontalPodAutoscaler -metadata: - name: broker-filter-hpa - namespace: knative-eventing - labels: - eventing.knative.dev/release: "v1.8.6" - app.kubernetes.io/component: broker-filter - app.kubernetes.io/version: "1.8.6" - app.kubernetes.io/name: knative-eventing -spec: - scaleTargetRef: - apiVersion: apps/v1 - kind: Deployment - name: mt-broker-filter - minReplicas: 1 - maxReplicas: 10 - metrics: - - type: Resource - resource: - name: cpu - target: - type: Utilization - averageUtilization: 70 - ---- diff --git a/cmd/operator/kodata/knative-eventing/1.8.6/5-eventing-post-install.yaml b/cmd/operator/kodata/knative-eventing/1.8.6/5-eventing-post-install.yaml deleted file mode 100644 index bb2089a7f9..0000000000 --- a/cmd/operator/kodata/knative-eventing/1.8.6/5-eventing-post-install.yaml +++ /dev/null @@ -1,231 +0,0 @@ -# Copyright 2020 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRole -metadata: - name: knative-eventing-post-install-job-role - labels: - app.kubernetes.io/version: "1.8.6" - app.kubernetes.io/name: knative-eventing - eventing.knative.dev/release: "v1.8.6" -rules: - # Storage version upgrader needs to be able to patch CRDs. - - apiGroups: - - "apiextensions.k8s.io" - resources: - - "customresourcedefinitions" - - "customresourcedefinitions/status" - verbs: - - "get" - - "list" - - "update" - - "patch" - - "watch" - # Our own resources we care about. - - apiGroups: - - "sources.knative.dev" - resources: - - "apiserversources" - - "apiserversources/finalizers" - - "apiserversources/status" - - "containersources" - - "containersources/finalizers" - - "containersources/status" - - "pingsources" - - "pingsources/finalizers" - - "pingsources/status" - - "sinkbindings" - - "sinkbindings/finalizers" - - "sinkbindings/status" - verbs: - - "get" - - "list" - - "create" - - "update" - - "patch" - - "watch" - - apiGroups: - - "eventing.knative.dev" - resources: - - "brokers" - - "brokers/finalizers" - - "brokers/status" - - "eventtypes" - - "eventtypes/finalizers" - - "eventtypes/status" - - "triggers" - - "triggers/finalizers" - - "triggers/status" - verbs: - - "get" - - "list" - - "create" - - "update" - - "patch" - - "watch" - - apiGroups: - - "messaging.knative.dev" - resources: - - "channels" - - "channels/finalizers" - - "channels/status" - - "inmemorychannels" - - "inmemorychannels/finalizers" - - "inmemorychannels/status" - - "subscriptions" - - "subscriptions/finalizers" - - "subscriptions/status" - verbs: - - "get" - - "list" - - "create" - - "update" - - "patch" - - "watch" - - apiGroups: - - "flows.knative.dev" - resources: - - "parallels" - - "parallels/finalizers" - - "parallels/status" - - "sequences" - - "sequences/finalizers" - - "sequences/status" - verbs: - - "get" - - "list" - - "create" - - "update" - - "patch" - - "watch" - - apiGroups: - - "" - resources: - - "namespaces" - verbs: - - "get" - - "list" - ---- -# Copyright 2020 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: v1 -kind: ServiceAccount -metadata: - name: knative-eventing-post-install-job - namespace: knative-eventing - labels: - eventing.knative.dev/release: "v1.8.6" - app.kubernetes.io/version: "1.8.6" - app.kubernetes.io/name: knative-eventing ---- -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRoleBinding -metadata: - name: knative-eventing-post-install-job-role-binding - labels: - eventing.knative.dev/release: "v1.8.6" - app.kubernetes.io/version: "1.8.6" - app.kubernetes.io/name: knative-eventing -subjects: - - kind: ServiceAccount - name: knative-eventing-post-install-job - namespace: knative-eventing -roleRef: - kind: ClusterRole - name: knative-eventing-post-install-job-role - apiGroup: rbac.authorization.k8s.io - ---- -# Copyright 2020 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: batch/v1 -kind: Job -metadata: - generateName: storage-version-migration-eventing- - namespace: knative-eventing - labels: - app: "storage-version-migration-eventing" - app.kubernetes.io/name: knative-eventing - app.kubernetes.io/component: storage-version-migration-job - app.kubernetes.io/version: "1.8.6" - eventing.knative.dev/release: "v1.8.6" -spec: - ttlSecondsAfterFinished: 600 - backoffLimit: 10 - template: - metadata: - labels: - app: "storage-version-migration-eventing" - app.kubernetes.io/name: knative-eventing - app.kubernetes.io/component: storage-version-migration-job - app.kubernetes.io/version: "1.8.6" - eventing.knative.dev/release: "v1.8.6" - annotations: - sidecar.istio.io/inject: "false" - spec: - serviceAccountName: knative-eventing-post-install-job - restartPolicy: OnFailure - containers: - - name: migrate - image: gcr.io/knative-releases/knative.dev/pkg/apiextensions/storageversion/cmd/migrate@sha256:4a5f0d24deb5c4ee96a09929c7a34284bc85a29e9c34f137f5280aab3662fb9b - args: - - "apiserversources.sources.knative.dev" - - "brokers.eventing.knative.dev" - - "channels.messaging.knative.dev" - - "containersources.sources.knative.dev" - - "eventtypes.eventing.knative.dev" - - "inmemorychannels.messaging.knative.dev" - - "parallels.flows.knative.dev" - - "pingsources.sources.knative.dev" - - "sequences.flows.knative.dev" - - "sinkbindings.sources.knative.dev" - - "subscriptions.messaging.knative.dev" - - "triggers.eventing.knative.dev" - securityContext: - allowPrivilegeEscalation: false - readOnlyRootFilesystem: true - runAsNonRoot: true - capabilities: - drop: - - ALL - seccompProfile: - type: RuntimeDefault - ---- diff --git a/cmd/operator/kodata/knative-eventing/1.8.7/1-eventing-crds.yaml b/cmd/operator/kodata/knative-eventing/1.8.7/1-eventing-crds.yaml deleted file mode 100644 index 78d451b4e7..0000000000 --- a/cmd/operator/kodata/knative-eventing/1.8.7/1-eventing-crds.yaml +++ /dev/null @@ -1,2296 +0,0 @@ -# Copyright 2020 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - creationTimestamp: null - labels: - eventing.knative.dev/release: "v1.8.7" - eventing.knative.dev/source: "true" - duck.knative.dev/source: "true" - knative.dev/crd-install: "true" - app.kubernetes.io/version: "1.8.7" - app.kubernetes.io/name: knative-eventing - annotations: - # TODO add schemas and descriptions - registry.knative.dev/eventTypes: | - [ - { "type": "dev.knative.apiserver.resource.add" }, - { "type": "dev.knative.apiserver.resource.delete" }, - { "type": "dev.knative.apiserver.resource.update" }, - { "type": "dev.knative.apiserver.ref.add" }, - { "type": "dev.knative.apiserver.ref.delete" }, - { "type": "dev.knative.apiserver.ref.update" } - ] - name: apiserversources.sources.knative.dev -spec: - group: sources.knative.dev - versions: - - name: v1 - served: true - storage: true - subresources: - status: {} - schema: - openAPIV3Schema: - description: 'ApiServerSource is an event source that brings Kubernetes API server events into Knative.' - type: object - properties: - spec: - type: object - required: - - resources - properties: - ceOverrides: - description: CloudEventOverrides defines overrides to control the output format and modifications of the event sent to the sink. - type: object - properties: - extensions: - description: Extensions specify what attribute are added or overridden on the outbound event. Each `Extensions` key-value pair are set on the event as an attribute extension independently. - type: object - x-kubernetes-preserve-unknown-fields: true - mode: - description: EventMode controls the format of the event. `Reference` sends a dataref event type for the resource under watch. `Resource` send the full resource lifecycle event. Defaults to `Reference` - type: string - owner: - description: ResourceOwner is an additional filter to only track resources that are owned by a specific resource type. If ResourceOwner matches Resources[n] then Resources[n] is allowed to pass the ResourceOwner filter. - type: object - properties: - apiVersion: - description: APIVersion - the API version of the resource to watch. - type: string - kind: - description: 'Kind of the resource to watch. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - resources: - description: Resource are the resources this source will track and send related lifecycle events from the Kubernetes ApiServer, with an optional label selector to help filter. - type: array - items: - type: object - properties: - apiVersion: - description: APIVersion - the API version of the resource to watch. - type: string - kind: - description: 'Kind of the resource to watch. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - selector: - description: 'LabelSelector filters this source to objects to those resources pass the label selector. More info: http://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#label-selectors' - type: object - properties: - matchExpressions: - description: matchExpressions is a list of label selector requirements. The requirements are ANDed. - type: array - items: - type: object - properties: - key: - description: key is the label key that the selector applies to. - type: string - operator: - description: operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. - type: string - values: - description: values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. - type: array - items: - type: string - matchLabels: - description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. - type: object - x-kubernetes-preserve-unknown-fields: true - serviceAccountName: - description: ServiceAccountName is the name of the ServiceAccount to use to run this source. Defaults to default if not set. - type: string - sink: - description: Sink is a reference to an object that will resolve to a uri to use as the sink. - type: object - properties: - ref: - description: Ref points to an Addressable. - type: object - properties: - apiVersion: - description: API version of the referent. - type: string - kind: - description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - namespace: - description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ This is optional field, it gets defaulted to the object holding it if left out.' - type: string - uri: - description: URI can be an absolute URL(non-empty scheme and non-empty host) pointing to the target or a relative URI. Relative URIs will be resolved using the base URI retrieved from Ref. - type: string - status: - type: object - properties: - annotations: - description: Annotations is additional Status fields for the Resource to save some additional State as well as convey more information to the user. This is roughly akin to Annotations on any k8s resource, just the reconciler conveying richer information outwards. - type: object - x-kubernetes-preserve-unknown-fields: true - ceAttributes: - description: CloudEventAttributes are the specific attributes that the Source uses as part of its CloudEvents. - type: array - items: - type: object - properties: - source: - description: Source is the CloudEvents source attribute. - type: string - type: - description: Type refers to the CloudEvent type attribute. - type: string - conditions: - description: Conditions the latest available observations of a resource's current state. - type: array - items: - type: object - required: - - type - - status - properties: - lastTransitionTime: - description: LastTransitionTime is the last time the condition transitioned from one status to another. We use VolatileTime in place of metav1.Time to exclude this from creating equality.Semantic differences (all other things held constant). - type: string - message: - description: A human readable message indicating details about the transition. - type: string - reason: - description: The reason for the condition's last transition. - type: string - severity: - description: Severity with which to treat failures of this type of condition. When this is not specified, it defaults to Error. - type: string - status: - description: Status of the condition, one of True, False, Unknown. - type: string - type: - description: Type of condition. - type: string - observedGeneration: - description: ObservedGeneration is the 'Generation' of the Service that was last processed by the controller. - type: integer - format: int64 - sinkUri: - description: SinkURI is the current active sink URI that has been configured for the Source. - type: string - additionalPrinterColumns: - - name: Sink - type: string - jsonPath: ".status.sinkUri" - - name: Age - type: date - jsonPath: .metadata.creationTimestamp - - name: Ready - type: string - jsonPath: ".status.conditions[?(@.type==\"Ready\")].status" - - name: Reason - type: string - jsonPath: ".status.conditions[?(@.type==\"Ready\")].reason" - names: - categories: - - all - - knative - - sources - kind: ApiServerSource - plural: apiserversources - singular: apiserversource - scope: Namespaced - ---- -# Copyright 2020 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - name: brokers.eventing.knative.dev - labels: - eventing.knative.dev/release: "v1.8.7" - knative.dev/crd-install: "true" - duck.knative.dev/addressable: "true" - app.kubernetes.io/version: "1.8.7" - app.kubernetes.io/name: knative-eventing -spec: - group: eventing.knative.dev - versions: - - name: v1 - served: true - storage: true - subresources: - status: {} - schema: - openAPIV3Schema: - description: 'Broker collects a pool of events that are consumable using Triggers. Brokers provide a well-known endpoint for event delivery that senders can use with minimal knowledge of the event routing strategy. Subscribers use Triggers to request delivery of events from a Broker''s pool to a specific URL or Addressable endpoint.' - type: object - properties: - spec: - description: Spec defines the desired state of the Broker. - type: object - properties: - config: - description: Config is a KReference to the configuration that specifies configuration options for this Broker. For example, this could be a pointer to a ConfigMap. - type: object - properties: - apiVersion: - description: API version of the referent. - type: string - kind: - description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - namespace: - description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ This is optional field, it gets defaulted to the object holding it if left out.' - type: string - delivery: - description: Delivery contains the delivery spec for each trigger to this Broker. Each trigger delivery spec, if any, overrides this global delivery spec. - type: object - properties: - backoffDelay: - description: 'BackoffDelay is the delay before retrying. More information on Duration format: - https://www.iso.org/iso-8601-date-and-time-format.html - https://en.wikipedia.org/wiki/ISO_8601 For linear policy, backoff delay is backoffDelay*. For exponential policy, backoff delay is backoffDelay*2^.' - type: string - backoffPolicy: - description: BackoffPolicy is the retry backoff policy (linear, exponential). - type: string - deadLetterSink: - description: DeadLetterSink is the sink receiving event that could not be sent to a destination. - type: object - properties: - ref: - description: Ref points to an Addressable. - type: object - properties: - apiVersion: - description: API version of the referent. - type: string - kind: - description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - namespace: - description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ This is optional field, it gets defaulted to the object holding it if left out.' - type: string - uri: - description: URI can be an absolute URL(non-empty scheme and non-empty host) pointing to the target or a relative URI. Relative URIs will be resolved using the base URI retrieved from Ref. - type: string - retry: - description: Retry is the minimum number of retries the sender should attempt when sending an event before moving it to the dead letter sink. - type: integer - format: int32 - x-kubernetes-preserve-unknown-fields: true # This is necessary to enable the experimental feature delivery-timeout - status: - description: Status represents the current state of the Broker. This data may be out of date. - type: object - properties: - address: - description: Broker is Addressable. It exposes the endpoint as an URI to get events delivered into the Broker mesh. - type: object - properties: - url: - type: string - annotations: - description: Annotations is additional Status fields for the Resource to save some additional State as well as convey more information to the user. This is roughly akin to Annotations on any k8s resource, just the reconciler conveying richer information outwards. - type: object - x-kubernetes-preserve-unknown-fields: true - conditions: - description: Conditions the latest available observations of a resource's current state. - type: array - items: - type: object - required: - - type - - status - properties: - lastTransitionTime: - description: 'LastTransitionTime is the last time the condition transitioned from one status to another. We use VolatileTime in place of metav1.Time to exclude this from creating equality.Semantic differences (all other things held constant).' - type: string - message: - description: 'A human readable message indicating details about the transition.' - type: string - reason: - description: 'The reason for the condition''s last transition.' - type: string - severity: - description: 'Severity with which to treat failures of this type of condition. When this is not specified, it defaults to Error.' - type: string - status: - description: 'Status of the condition, one of True, False, Unknown.' - type: string - type: - description: 'Type of condition.' - type: string - deadLetterSinkUri: - description: DeadLetterSinkURI is the resolved URI of the dead letter sink that will be used as a fallback when not specified by Triggers. - type: string - observedGeneration: - description: ObservedGeneration is the 'Generation' of the Service that was last processed by the controller. - type: integer - format: int64 - additionalPrinterColumns: - - name: URL - type: string - jsonPath: .status.address.url - - name: Age - type: date - jsonPath: .metadata.creationTimestamp - - name: Ready - type: string - jsonPath: ".status.conditions[?(@.type==\"Ready\")].status" - - name: Reason - type: string - jsonPath: ".status.conditions[?(@.type==\"Ready\")].reason" - names: - kind: Broker - plural: brokers - singular: broker - categories: - - all - - knative - - eventing - scope: Namespaced - ---- -# Copyright 2020 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - name: channels.messaging.knative.dev - labels: - eventing.knative.dev/release: "v1.8.7" - knative.dev/crd-install: "true" - messaging.knative.dev/subscribable: "true" - duck.knative.dev/addressable: "true" - app.kubernetes.io/version: "1.8.7" - app.kubernetes.io/name: knative-eventing -spec: - group: messaging.knative.dev - versions: - - name: v1 - served: true - storage: true - subresources: - status: {} - additionalPrinterColumns: - - name: URL - type: string - jsonPath: .status.address.url - - name: Age - type: date - jsonPath: .metadata.creationTimestamp - - name: Ready - type: string - jsonPath: ".status.conditions[?(@.type==\"Ready\")].status" - - name: Reason - type: string - jsonPath: ".status.conditions[?(@.type==\"Ready\")].reason" - schema: - openAPIV3Schema: - description: 'Channel represents a generic Channel. It is normally used when we want a Channel, but do not need a specific Channel implementation.' - type: object - properties: - spec: - description: Spec defines the desired state of the Channel. - type: object - properties: - channelTemplate: - description: ChannelTemplate specifies which Channel CRD to use to create the CRD Channel backing this Channel. This is immutable after creation. Normally this is set by the Channel defaulter, not directly by the user. - type: object - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - spec: - description: Spec defines the Spec to use for each channel created. Passed in verbatim to the Channel CRD as Spec section. - type: object - x-kubernetes-preserve-unknown-fields: true - delivery: - description: DeliverySpec contains the default delivery spec for each subscription to this Channelable. Each subscription delivery spec, if any, overrides this global delivery spec. - type: object - properties: - backoffDelay: - description: 'BackoffDelay is the delay before retrying. More information on Duration format: - https://www.iso.org/iso-8601-date-and-time-format.html - https://en.wikipedia.org/wiki/ISO_8601 For linear policy, backoff delay is backoffDelay*. For exponential policy, backoff delay is backoffDelay*2^.' - type: string - backoffPolicy: - description: BackoffPolicy is the retry backoff policy (linear, exponential). - type: string - deadLetterSink: - description: DeadLetterSink is the sink receiving event that could not be sent to a destination. - type: object - properties: - ref: - description: Ref points to an Addressable. - type: object - properties: - apiVersion: - description: API version of the referent. - type: string - kind: - description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - namespace: - description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ This is optional field, it gets defaulted to the object holding it if left out.' - type: string - uri: - description: URI can be an absolute URL(non-empty scheme and non-empty host) pointing to the target or a relative URI. Relative URIs will be resolved using the base URI retrieved from Ref. - type: string - retry: - description: Retry is the minimum number of retries the sender should attempt when sending an event before moving it to the dead letter sink. - type: integer - format: int32 - x-kubernetes-preserve-unknown-fields: true # This is necessary to enable the experimental feature delivery-timeout - subscribers: - description: This is the list of subscriptions for this subscribable. - type: array - items: - type: object - properties: - delivery: - description: DeliverySpec contains options controlling the event delivery - type: object - properties: - backoffDelay: - description: 'BackoffDelay is the delay before retrying. More information on Duration format: - https://www.iso.org/iso-8601-date-and-time-format.html - https://en.wikipedia.org/wiki/ISO_8601 For linear policy, backoff delay is backoffDelay*. For exponential policy, backoff delay is backoffDelay*2^.' - type: string - backoffPolicy: - description: BackoffPolicy is the retry backoff policy (linear, exponential). - type: string - deadLetterSink: - description: DeadLetterSink is the sink receiving event that could not be sent to a destination. - type: object - properties: - ref: - description: Ref points to an Addressable. - type: object - properties: - apiVersion: - description: API version of the referent. - type: string - kind: - description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - namespace: - description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ This is optional field, it gets defaulted to the object holding it if left out.' - type: string - uri: - description: URI can be an absolute URL(non-empty scheme and non-empty host) pointing to the target or a relative URI. Relative URIs will be resolved using the base URI retrieved from Ref. - type: string - retry: - description: Retry is the minimum number of retries the sender should attempt when sending an event before moving it to the dead letter sink. - type: integer - format: int32 - x-kubernetes-preserve-unknown-fields: true # This is necessary to enable the experimental feature - generation: - description: Generation of the origin of the subscriber with uid:UID. - type: integer - format: int64 - replyUri: - description: ReplyURI is the endpoint for the reply - type: string - subscriberUri: - description: SubscriberURI is the endpoint for the subscriber - type: string - uid: - description: UID is used to understand the origin of the subscriber. - type: string - status: - description: Status represents the current state of the Channel. This data may be out of date. - type: object - properties: - address: - type: object - properties: - url: - type: string - annotations: - description: Annotations is additional Status fields for the Resource to save some additional State as well as convey more information to the user. This is roughly akin to Annotations on any k8s resource, just the reconciler conveying richer information outwards. - type: object - x-kubernetes-preserve-unknown-fields: true - channel: - description: Channel is an KReference to the Channel CRD backing this Channel. - type: object - properties: - apiVersion: - description: API version of the referent. - type: string - kind: - description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - namespace: - description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ This is optional field, it gets defaulted to the object holding it if left out.' - type: string - conditions: - description: Conditions the latest available observations of a resource's current state. - type: array - items: - type: object - required: - - type - - status - properties: - lastTransitionTime: - description: LastTransitionTime is the last time the condition transitioned from one status to another. We use VolatileTime in place of metav1.Time to exclude this from creating equality.Semantic differences (all other things held constant). - type: string - message: - description: A human readable message indicating details about the transition. - type: string - reason: - description: The reason for the condition's last transition. - type: string - severity: - description: Severity with which to treat failures of this type of condition. When this is not specified, it defaults to Error. - type: string - status: - description: Status of the condition, one of True, False, Unknown. - type: string - type: - description: Type of condition. - type: string - deadLetterChannel: - description: DeadLetterChannel is a KReference and is set by the channel when it supports native error handling via a channel Failed messages are delivered here. - type: object - properties: - apiVersion: - description: API version of the referent. - type: string - kind: - description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - namespace: - description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ This is optional field, it gets defaulted to the object holding it if left out.' - type: string - deadLetterSinkUri: - description: DeadLetterSinkURI is the resolved URI of the dead letter sink that will be used as a fallback when not specified by Triggers. - type: string - observedGeneration: - description: ObservedGeneration is the 'Generation' of the Service that was last processed by the controller. - type: integer - format: int64 - subscribers: - description: This is the list of subscription's statuses for this channel. - type: array - items: - type: object - properties: - message: - description: A human readable message indicating details of Ready status. - type: string - observedGeneration: - description: Generation of the origin of the subscriber with uid:UID. - type: integer - format: int64 - ready: - description: Status of the subscriber. - type: string - uid: - description: UID is used to understand the origin of the subscriber. - type: string - names: - kind: Channel - plural: channels - singular: channel - categories: - - all - - knative - - messaging - - channel - shortNames: - - ch - scope: Namespaced - ---- -# Copyright 2020 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - labels: - eventing.knative.dev/release: "v1.8.7" - eventing.knative.dev/source: "true" - duck.knative.dev/source: "true" - knative.dev/crd-install: "true" - app.kubernetes.io/version: "1.8.7" - app.kubernetes.io/name: knative-eventing - name: containersources.sources.knative.dev -spec: - group: sources.knative.dev - versions: - - name: v1 - served: true - storage: true - subresources: - status: {} - schema: - openAPIV3Schema: - description: 'ContainerSource is an event source that starts a container image which generates events under certain situations and sends messages to a sink URI' - type: object - properties: - spec: - type: object - properties: - ceOverrides: - description: CloudEventOverrides defines overrides to control the output format and modifications of the event sent to the sink. - type: object - properties: - extensions: - description: Extensions specify what attribute are added or overridden on the outbound event. Each `Extensions` key-value pair are set on the event as an attribute extension independently. - type: object - x-kubernetes-preserve-unknown-fields: true - sink: - description: Sink is a reference to an object that will resolve to a uri to use as the sink. - type: object - properties: - ref: - description: Ref points to an Addressable. - type: object - properties: - apiVersion: - description: API version of the referent. - type: string - kind: - description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - namespace: - description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ This is optional field, it gets defaulted to the object holding it if left out.' - type: string - uri: - description: URI can be an absolute URL(non-empty scheme and non-empty host) pointing to the target or a relative URI. Relative URIs will be resolved using the base URI retrieved from Ref. - type: string - # WARNING: the schema tool can not parse PodTemplateSpec, stub here and redirect to Deployment documentation. - template: - type: object - x-kubernetes-preserve-unknown-fields: true - description: 'A template in the shape of `Deployment.spec.template` to be used for this ContainerSource. More info: https://kubernetes.io/docs/concepts/workloads/controllers/deployment/' - status: - type: object - properties: - annotations: - description: Annotations is additional Status fields for the Resource to save some additional State as well as convey more information to the user. This is roughly akin to Annotations on any k8s resource, just the reconciler conveying richer information outwards. - type: object - x-kubernetes-preserve-unknown-fields: true - ceAttributes: - description: CloudEventAttributes are the specific attributes that the Source uses as part of its CloudEvents. - type: array - items: - type: object - properties: - source: - description: Source is the CloudEvents source attribute. - type: string - type: - description: Type refers to the CloudEvent type attribute. - type: string - conditions: - description: Conditions the latest available observations of a resource's current state. - type: array - items: - type: object - required: - - type - - status - properties: - lastTransitionTime: - description: LastTransitionTime is the last time the condition transitioned from one status to another. We use VolatileTime in place of metav1.Time to exclude this from creating equality.Semantic differences (all other things held constant). - type: string - message: - description: A human readable message indicating details about the transition. - type: string - reason: - description: The reason for the condition's last transition. - type: string - severity: - description: Severity with which to treat failures of this type of condition. When this is not specified, it defaults to Error. - type: string - status: - description: Status of the condition, one of True, False, Unknown. - type: string - type: - description: Type of condition. - type: string - observedGeneration: - description: ObservedGeneration is the 'Generation' of the Service that was last processed by the controller. - type: integer - format: int64 - sinkUri: - description: SinkURI is the current active sink URI that has been configured for the Source. - type: string - additionalPrinterColumns: - - name: Sink - type: string - jsonPath: ".status.sinkUri" - - name: Age - type: date - jsonPath: .metadata.creationTimestamp - - name: Ready - type: string - jsonPath: ".status.conditions[?(@.type==\"Ready\")].status" - - name: Reason - type: string - jsonPath: ".status.conditions[?(@.type=='Ready')].reason" - names: - categories: - - all - - knative - - sources - kind: ContainerSource - plural: containersources - singular: containersource - scope: Namespaced - ---- -# Copyright 2020 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - name: eventtypes.eventing.knative.dev - labels: - eventing.knative.dev/release: "v1.8.7" - knative.dev/crd-install: "true" - app.kubernetes.io/version: "1.8.7" - app.kubernetes.io/name: knative-eventing -spec: - group: eventing.knative.dev - versions: - - name: v1beta1 - served: true - storage: true - subresources: - status: {} - schema: - openAPIV3Schema: - type: object - description: 'EventType represents a type of event that can be consumed from a Broker.' - properties: - spec: - description: 'Spec defines the desired state of the EventType.' - type: object - properties: - broker: - type: string - description: - description: 'Description is an optional field used to describe the EventType, in any meaningful way.' - type: string - schema: - description: 'Schema is a URI, it represents the CloudEvents schemaurl extension attribute. It may be a JSON schema, a protobuf schema, etc. It is optional.' - type: string - schemaData: - description: 'SchemaData allows the CloudEvents schema to be stored directly in the EventType. Content is dependent on the encoding. Optional attribute. The contents are not validated or manipulated by the system.' - type: string - source: - description: 'Source is a URI, it represents the CloudEvents source.' - type: string - type: - description: 'Type represents the CloudEvents type. It is authoritative.' - type: string - status: - description: 'Status represents the current state of the EventType. This data may be out of date.' - type: object - properties: - annotations: - description: 'Annotations is additional Status fields for the Resource to save some additional State as well as convey more information to the user. This is roughly akin to Annotations on any k8s resource, just the reconciler conveying richer information outwards.' - type: object - x-kubernetes-preserve-unknown-fields: true - conditions: - description: 'Conditions the latest available observations of a resource''s current state.' - type: array - items: - type: object - required: - - type - - status - properties: - lastTransitionTime: - description: 'LastTransitionTime is the last time the condition transitioned from one status to another. We use VolatileTime in place of metav1.Time to exclude this from creating equality.Semantic differences (all other things held constant).' - type: string - message: - description: 'A human readable message indicating details about the transition.' - type: string - reason: - description: 'The reason for the condition''s last transition.' - type: string - severity: - description: 'Severity with which to treat failures of this type of condition. When this is not specified, it defaults to Error.' - type: string - status: - description: 'Status of the condition, one of True, False, Unknown.' - type: string - type: - description: 'Type of condition.' - type: string - observedGeneration: - description: 'ObservedGeneration is the ''Generation'' of the Service that was last processed by the controller.' - type: integer - format: int64 - additionalPrinterColumns: - - name: Type - type: string - jsonPath: ".spec.type" - - name: Source - type: string - jsonPath: ".spec.source" - - name: Schema - type: string - jsonPath: ".spec.schema" - - name: Broker - type: string - jsonPath: ".spec.broker" - - name: Description - type: string - jsonPath: ".spec.description" - # TODO remove Status https://github.com/knative/eventing/issues/2750 - - name: Ready - type: string - jsonPath: ".status.conditions[?(@.type==\"Ready\")].status" - - name: Reason - type: string - jsonPath: ".status.conditions[?(@.type==\"Ready\")].reason" - names: - kind: EventType - plural: eventtypes - singular: eventtype - categories: - - all - - knative - - eventing - scope: Namespaced - ---- -# Copyright 2020 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - name: parallels.flows.knative.dev - labels: - eventing.knative.dev/release: "v1.8.7" - knative.dev/crd-install: "true" - duck.knative.dev/addressable: "true" - app.kubernetes.io/version: "1.8.7" - app.kubernetes.io/name: knative-eventing -spec: - group: flows.knative.dev - versions: - - name: v1 - served: true - storage: true - subresources: - status: {} - schema: - openAPIV3Schema: - description: 'Parallel defines conditional branches that will be wired in series through Channels and Subscriptions.' - type: object - properties: - spec: - description: Spec defines the desired state of the Parallel. - type: object - properties: - branches: - description: Branches is the list of Filter/Subscribers pairs. - type: array - items: - type: object - x-kubernetes-preserve-unknown-fields: true - properties: - delivery: - description: Delivery is the delivery specification for events to the subscriber This includes things like retries, DLQ, etc. - type: object - properties: - backoffDelay: - description: 'BackoffDelay is the delay before retrying. More information on Duration format: - https://www.iso.org/iso-8601-date-and-time-format.html - https://en.wikipedia.org/wiki/ISO_8601 For linear policy, backoff delay is backoffDelay*. For exponential policy, backoff delay is backoffDelay*2^.' - type: string - backoffPolicy: - description: BackoffPolicy is the retry backoff policy (linear, exponential). - type: string - deadLetterSink: - description: DeadLetterSink is the sink receiving event that could not be sent to a destination. - type: object - properties: &addressableProperties - ref: - description: Ref points to an Addressable. - type: object - properties: - apiVersion: - description: API version of the referent. - type: string - kind: - description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - namespace: - description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ This is optional field, it gets defaulted to the object holding it if left out.' - type: string - uri: - description: URI can be an absolute URL(non-empty scheme and non-empty host) pointing to the target or a relative URI. Relative URIs will be resolved using the base URI retrieved from Ref. - type: string - retry: - description: Retry is the minimum number of retries the sender should attempt when sending an event before moving it to the dead letter sink. - type: integer - format: int32 - x-kubernetes-preserve-unknown-fields: true # This is necessary to enable the experimental feature delivery-timeout - filter: - description: Filter is the expression guarding the branch - type: object - properties: - !!merge <<: *addressableProperties - reply: - description: Reply is a Reference to where the result of Subscriber of this case gets sent to. If not specified, sent the result to the Parallel Reply - type: object - properties: - !!merge <<: *addressableProperties - subscriber: - description: Subscriber receiving the event when the filter passes - type: object - properties: - !!merge <<: *addressableProperties - channelTemplate: - description: ChannelTemplate specifies which Channel CRD to use. If left unspecified, it is set to the default Channel CRD for the namespace (or cluster, in case there are no defaults for the namespace). - type: object - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - spec: - description: Spec defines the Spec to use for each channel created. Passed in verbatim to the Channel CRD as Spec section. - type: object - x-kubernetes-preserve-unknown-fields: true - reply: - description: Reply is a Reference to where the result of a case Subscriber gets sent to when the case does not have a Reply - type: object - properties: - !!merge <<: *addressableProperties - status: - description: Status represents the current state of the Parallel. This data may be out of date. - type: object - properties: - address: - type: object - properties: - url: - type: string - annotations: - description: Annotations is additional Status fields for the Resource to save some additional State as well as convey more information to the user. This is roughly akin to Annotations on any k8s resource, just the reconciler conveying richer information outwards. - type: object - x-kubernetes-preserve-unknown-fields: true - branchStatuses: - description: BranchStatuses is an array of corresponding to branch statuses. Matches the Spec.Branches array in the order. - type: array - items: - type: object - properties: - filterChannelStatus: - description: FilterChannelStatus corresponds to the filter channel status. - type: object - properties: &channelProperties - channel: - description: Channel is the reference to the underlying channel. - type: object - properties: &referentProperties - apiVersion: - description: API version of the referent. - type: string - fieldPath: - description: 'If referring to a piece of an object instead of an entire object, this string should contain a valid JSON/Go field access statement, such as desiredState.manifest.containers[2]. For example, if the object reference is to a container within a pod, this would take on a value like: "spec.containers{name}" (where "name" refers to the name of the container that triggered the event) or if no container name is specified "spec.containers[2]" (container with index 2 in this pod). This syntax is chosen only to have some well-defined way of referencing a part of an object.' - type: string - kind: - description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - namespace: - description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' - type: string - resourceVersion: - description: 'Specific resourceVersion to which this reference is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency' - type: string - uid: - description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids' - type: string - ready: - description: ReadyCondition indicates whether the Channel is ready or not. - type: object - x-kubernetes-preserve-unknown-fields: true - properties: &readyConditionProperties - message: - description: A human readable message indicating details about the transition. - type: string - reason: - description: The reason for the condition's last transition. - type: string - severity: - description: Severity with which to treat failures of this type of condition. When this is not specified, it defaults to Error. - type: string - status: - description: Status of the condition, one of True, False, Unknown. - type: string - type: - description: Type of condition. - type: string - filterSubscriptionStatus: - description: FilterSubscriptionStatus corresponds to the filter subscription status. - type: object - properties: - ready: - description: ReadyCondition indicates whether the Subscription is ready or not. - type: object - properties: - !!merge <<: *readyConditionProperties - subscription: - description: Subscription is the reference to the underlying Subscription. - type: object - properties: - !!merge <<: *referentProperties - subscriberSubscriptionStatus: - description: SubscriptionStatus corresponds to the subscriber subscription status. - type: object - properties: - ready: - description: ReadyCondition indicates whether the Subscription is ready or not. - type: object - properties: - !!merge <<: *readyConditionProperties - subscription: - description: Subscription is the reference to the underlying Subscription. - type: object - properties: - !!merge <<: *referentProperties - conditions: - description: Conditions the latest available observations of a resource's current state. - type: array - items: - type: object - properties: - !!merge <<: *readyConditionProperties - ingressChannelStatus: - description: IngressChannelStatus corresponds to the ingress channel status. - type: object - properties: - !!merge <<: *channelProperties - observedGeneration: - description: ObservedGeneration is the 'Generation' of the Service that was last processed by the controller. - type: integer - format: int64 - additionalPrinterColumns: - - name: URL - type: string - jsonPath: .status.address.url - - name: Age - type: date - jsonPath: .metadata.creationTimestamp - - name: Ready - type: string - jsonPath: ".status.conditions[?(@.type==\"Ready\")].status" - - name: Reason - type: string - jsonPath: ".status.conditions[?(@.type==\"Ready\")].reason" - names: - kind: Parallel - plural: parallels - singular: parallel - categories: - - all - - knative - - flows - scope: Namespaced - ---- -# Copyright 2020 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - labels: - eventing.knative.dev/release: "v1.8.7" - eventing.knative.dev/source: "true" - duck.knative.dev/source: "true" - knative.dev/crd-install: "true" - app.kubernetes.io/version: "1.8.7" - app.kubernetes.io/name: knative-eventing - annotations: - # TODO add schemas and descriptions - registry.knative.dev/eventTypes: | - [ - { "type": "dev.knative.sources.ping" } - ] - name: pingsources.sources.knative.dev -spec: - group: sources.knative.dev - versions: - - &version - name: v1beta2 - served: true - storage: false - subresources: - status: {} - schema: - openAPIV3Schema: - type: object - description: 'PingSource describes an event source with a fixed payload produced on a specified cron schedule.' - properties: - spec: - type: object - description: 'PingSourceSpec defines the desired state of the PingSource (from the client).' - properties: - ceOverrides: - description: 'CloudEventOverrides defines overrides to control the output format and modifications of the event sent to the sink.' - type: object - properties: - extensions: - description: 'Extensions specify what attribute are added or overridden on the outbound event. Each `Extensions` key-value pair are set on the event as an attribute extension independently.' - type: object - additionalProperties: - type: string - x-kubernetes-preserve-unknown-fields: true - contentType: - description: 'ContentType is the media type of `data` or `dataBase64`. Default is empty.' - type: string - data: - description: 'Data is data used as the body of the event posted to the sink. Default is empty. Mutually exclusive with `dataBase64`.' - type: string - dataBase64: - description: "DataBase64 is the base64-encoded string of the actual event's body posted to the sink. Default is empty. Mutually exclusive with `data`." - type: string - schedule: - description: 'Schedule is the cron schedule. Defaults to `* * * * *`.' - type: string - sink: - description: 'Sink is a reference to an object that will resolve to a uri to use as the sink.' - type: object - properties: - ref: - description: 'Ref points to an Addressable.' - type: object - properties: - apiVersion: - description: 'API version of the referent.' - type: string - kind: - description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - namespace: - description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ This is optional field, it gets defaulted to the object holding it if left out.' - type: string - uri: - description: 'URI can be an absolute URL(non-empty scheme and non-empty host) pointing to the target or a relative URI. Relative URIs will be resolved using the base URI retrieved from Ref.' - type: string - timezone: - description: 'Timezone modifies the actual time relative to the specified timezone. Defaults to the system time zone. More general information about time zones: https://www.iana.org/time-zones List of valid timezone values: https://en.wikipedia.org/wiki/List_of_tz_database_time_zones' - type: string - status: - type: object - description: 'PingSourceStatus defines the observed state of PingSource (from the controller).' - properties: - annotations: - description: 'Annotations is additional Status fields for the Resource to save some additional State as well as convey more information to the user. This is roughly akin to Annotations on any k8s resource, just the reconciler conveying richer information outwards.' - type: object - x-kubernetes-preserve-unknown-fields: true - ceAttributes: - description: 'CloudEventAttributes are the specific attributes that the Source uses as part of its CloudEvents.' - type: array - items: - type: object - properties: - source: - description: 'Source is the CloudEvents source attribute.' - type: string - type: - description: 'Type refers to the CloudEvent type attribute.' - type: string - conditions: - description: 'Conditions the latest available observations of a resource''s current state.' - type: array - items: - type: object - required: - - type - - status - properties: - lastTransitionTime: - description: 'LastTransitionTime is the last time the condition transitioned from one status to another. We use VolatileTime in place of metav1.Time to exclude this from creating equality.Semantic differences (all other things held constant).' - type: string - message: - description: 'A human readable message indicating details about the transition.' - type: string - reason: - description: 'The reason for the condition''s last transition.' - type: string - severity: - description: 'Severity with which to treat failures of this type of condition. When this is not specified, it defaults to Error.' - type: string - status: - description: 'Status of the condition, one of True, False, Unknown.' - type: string - type: - description: 'Type of condition.' - type: string - observedGeneration: - description: 'ObservedGeneration is the "Generation" of the Service that was last processed by the controller.' - type: integer - format: int64 - sinkUri: - description: 'SinkURI is the current active sink URI that has been configured for the Source.' - type: string - additionalPrinterColumns: - - name: Sink - type: string - jsonPath: .status.sinkUri - - name: Schedule - type: string - jsonPath: .spec.schedule - - name: Age - type: date - jsonPath: .metadata.creationTimestamp - - name: Ready - type: string - jsonPath: ".status.conditions[?(@.type=='Ready')].status" - - name: Reason - type: string - jsonPath: ".status.conditions[?(@.type=='Ready')].reason" - - !!merge <<: *version - name: v1 - served: true - storage: true - # v1 schema is identical to the v1beta2 schema - names: - categories: - - all - - knative - - sources - kind: PingSource - plural: pingsources - singular: pingsource - scope: Namespaced - conversion: - strategy: Webhook - webhook: - conversionReviewVersions: ["v1", "v1beta1"] - clientConfig: - service: - name: eventing-webhook - namespace: knative-eventing - ---- -# Copyright 2020 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - name: sequences.flows.knative.dev - labels: - eventing.knative.dev/release: "v1.8.7" - knative.dev/crd-install: "true" - duck.knative.dev/addressable: "true" - app.kubernetes.io/version: "1.8.7" - app.kubernetes.io/name: knative-eventing -spec: - group: flows.knative.dev - versions: - - name: v1 - served: true - storage: true - subresources: - status: {} - schema: - openAPIV3Schema: - description: 'Sequence defines a sequence of Subscribers that will be wired in series through Channels and Subscriptions.' - type: object - properties: - spec: - description: Spec defines the desired state of the Sequence. - type: object - properties: - channelTemplate: - description: ChannelTemplate specifies which Channel CRD to use. If left unspecified, it is set to the default Channel CRD for the namespace (or cluster, in case there are no defaults for the namespace). - type: object - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - spec: - description: Spec defines the Spec to use for each channel created. Passed in verbatim to the Channel CRD as Spec section. - type: object - x-kubernetes-preserve-unknown-fields: true - reply: - description: Reply is a Reference to where the result of the last Subscriber gets sent to. - type: object - properties: - ref: - description: Ref points to an Addressable. - type: object - properties: - apiVersion: - description: API version of the referent. - type: string - kind: - description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - namespace: - description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ This is optional field, it gets defaulted to the object holding it if left out.' - type: string - uri: - description: URI can be an absolute URL(non-empty scheme and non-empty host) pointing to the target or a relative URI. Relative URIs will be resolved using the base URI retrieved from Ref. - type: string - steps: - description: Steps is the list of Destinations (processors / functions) that will be called in the order provided. Each step has its own delivery options - type: array - items: - type: object - properties: - delivery: - description: Delivery is the delivery specification for events to the subscriber This includes things like retries, DLQ, etc. - type: object - properties: - backoffDelay: - description: 'BackoffDelay is the delay before retrying. More information on Duration format: - https://www.iso.org/iso-8601-date-and-time-format.html - https://en.wikipedia.org/wiki/ISO_8601 For linear policy, backoff delay is backoffDelay*. For exponential policy, backoff delay is backoffDelay*2^.' - type: string - backoffPolicy: - description: BackoffPolicy is the retry backoff policy (linear, exponential). - type: string - deadLetterSink: - description: DeadLetterSink is the sink receiving event that could not be sent to a destination. - type: object - properties: - ref: - description: Ref points to an Addressable. - type: object - properties: - apiVersion: - description: API version of the referent. - type: string - kind: - description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - namespace: - description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ This is optional field, it gets defaulted to the object holding it if left out.' - type: string - uri: - description: URI can be an absolute URL(non-empty scheme and non-empty host) pointing to the target or a relative URI. Relative URIs will be resolved using the base URI retrieved from Ref. - type: string - retry: - description: Retry is the minimum number of retries the sender should attempt when sending an event before moving it to the dead letter sink. - type: integer - format: int32 - x-kubernetes-preserve-unknown-fields: true # This is necessary to enable the experimental feature delivery-timeout - ref: - description: Ref points to an Addressable. - type: object - properties: - apiVersion: - description: API version of the referent. - type: string - kind: - description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - namespace: - description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ This is optional field, it gets defaulted to the object holding it if left out.' - type: string - uri: - description: URI can be an absolute URL(non-empty scheme and non-empty host) pointing to the target or a relative URI. Relative URIs will be resolved using the base URI retrieved from Ref. - type: string - status: - description: Status represents the current state of the Sequence. This data may be out of date. - type: object - properties: - address: - type: object - properties: - url: - type: string - annotations: - description: Annotations is additional Status fields for the Resource to save some additional State as well as convey more information to the user. This is roughly akin to Annotations on any k8s resource, just the reconciler conveying richer information outwards. - type: object - x-kubernetes-preserve-unknown-fields: true - channelStatuses: - description: ChannelStatuses is an array of corresponding Channel statuses. Matches the Spec.Steps array in the order. - type: array - items: - type: object - properties: - channel: - description: Channel is the reference to the underlying channel. - type: object - properties: - apiVersion: - description: API version of the referent. - type: string - fieldPath: - description: 'If referring to a piece of an object instead of an entire object, this string should contain a valid JSON/Go field access statement, such as desiredState.manifest.containers[2]. For example, if the object reference is to a container within a pod, this would take on a value like: "spec.containers{name}" (where "name" refers to the name of the container that triggered the event) or if no container name is specified "spec.containers[2]" (container with index 2 in this pod). This syntax is chosen only to have some well-defined way of referencing a part of an object.' - type: string - kind: - description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - namespace: - description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' - type: string - resourceVersion: - description: 'Specific resourceVersion to which this reference is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency' - type: string - uid: - description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids' - type: string - ready: - description: ReadyCondition indicates whether the Channel is ready or not. - type: object - required: - - type - - status - properties: - lastTransitionTime: - description: LastTransitionTime is the last time the condition transitioned from one status to another. We use VolatileTime in place of metav1.Time to exclude this from creating equality.Semantic differences (all other things held constant). - type: string - message: - description: A human readable message indicating details about the transition. - type: string - reason: - description: The reason for the condition's last transition. - type: string - severity: - description: Severity with which to treat failures of this type of condition. When this is not specified, it defaults to Error. - type: string - status: - description: Status of the condition, one of True, False, Unknown. - type: string - type: - description: Type of condition. - type: string - conditions: - description: Conditions the latest available observations of a resource's current state. - type: array - items: - type: object - required: - - type - - status - properties: - lastTransitionTime: - description: LastTransitionTime is the last time the condition transitioned from one status to another. We use VolatileTime in place of metav1.Time to exclude this from creating equality.Semantic differences (all other things held constant). - type: string - message: - description: A human readable message indicating details about the transition. - type: string - reason: - description: The reason for the condition's last transition. - type: string - severity: - description: Severity with which to treat failures of this type of condition. When this is not specified, it defaults to Error. - type: string - status: - description: Status of the condition, one of True, False, Unknown. - type: string - type: - description: Type of condition. - type: string - observedGeneration: - description: ObservedGeneration is the 'Generation' of the Service that was last processed by the controller. - type: integer - format: int64 - subscriptionStatuses: - description: SubscriptionStatuses is an array of corresponding Subscription statuses. Matches the Spec.Steps array in the order. - type: array - items: - type: object - properties: - ready: - description: ReadyCondition indicates whether the Subscription is ready or not. - type: object - required: - - type - - status - properties: - lastTransitionTime: - description: LastTransitionTime is the last time the condition transitioned from one status to another. We use VolatileTime in place of metav1.Time to exclude this from creating equality.Semantic differences (all other things held constant). - type: string - message: - description: A human readable message indicating details about the transition. - type: string - reason: - description: The reason for the condition's last transition. - type: string - severity: - description: Severity with which to treat failures of this type of condition. When this is not specified, it defaults to Error. - type: string - status: - description: Status of the condition, one of True, False, Unknown. - type: string - type: - description: Type of condition. - type: string - subscription: - description: Subscription is the reference to the underlying Subscription. - type: object - properties: - apiVersion: - description: API version of the referent. - type: string - fieldPath: - description: 'If referring to a piece of an object instead of an entire object, this string should contain a valid JSON/Go field access statement, such as desiredState.manifest.containers[2]. For example, if the object reference is to a container within a pod, this would take on a value like: "spec.containers{name}" (where "name" refers to the name of the container that triggered the event) or if no container name is specified "spec.containers[2]" (container with index 2 in this pod). This syntax is chosen only to have some well-defined way of referencing a part of an object.' - type: string - kind: - description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - namespace: - description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' - type: string - resourceVersion: - description: 'Specific resourceVersion to which this reference is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency' - type: string - uid: - description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids' - type: string - additionalPrinterColumns: - - name: URL - type: string - jsonPath: .status.address.url - - name: Age - type: date - jsonPath: .metadata.creationTimestamp - - name: Ready - type: string - jsonPath: ".status.conditions[?(@.type==\"Ready\")].status" - - name: Reason - type: string - jsonPath: ".status.conditions[?(@.type==\"Ready\")].reason" - names: - kind: Sequence - plural: sequences - singular: sequence - categories: - - all - - knative - - flows - scope: Namespaced - ---- -# Copyright 2020 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - labels: - eventing.knative.dev/release: "v1.8.7" - eventing.knative.dev/source: "true" - duck.knative.dev/source: "true" - duck.knative.dev/binding: "true" - knative.dev/crd-install: "true" - app.kubernetes.io/version: "1.8.7" - app.kubernetes.io/name: knative-eventing - name: sinkbindings.sources.knative.dev -spec: - group: sources.knative.dev - versions: - - name: v1 - served: true - storage: true - subresources: - status: {} - schema: - openAPIV3Schema: - description: 'SinkBinding describes a Binding that is also a Source. The `sink` (from the Source duck) is resolved to a URL and then projected into the `subject` by augmenting the runtime contract of the referenced containers to have a `K_SINK` environment variable holding the endpoint to which to send cloud events.' - type: object - properties: - spec: - type: object - properties: - ceOverrides: - description: CloudEventOverrides defines overrides to control the output format and modifications of the event sent to the sink. - type: object - properties: - extensions: - description: Extensions specify what attribute are added or overridden on the outbound event. Each `Extensions` key-value pair are set on the event as an attribute extension independently. - type: object - x-kubernetes-preserve-unknown-fields: true - sink: - description: Sink is a reference to an object that will resolve to a uri to use as the sink. - type: object - properties: - ref: - description: Ref points to an Addressable. - type: object - properties: - apiVersion: - description: API version of the referent. - type: string - kind: - description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - namespace: - description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ This is optional field, it gets defaulted to the object holding it if left out.' - type: string - uri: - description: URI can be an absolute URL(non-empty scheme and non-empty host) pointing to the target or a relative URI. Relative URIs will be resolved using the base URI retrieved from Ref. - type: string - subject: - description: Subject references the resource(s) whose "runtime contract" should be augmented by Binding implementations. - type: object - properties: - apiVersion: - description: API version of the referent. - type: string - kind: - description: Kind of the referent. - type: string - name: - description: Name of the referent. Mutually exclusive with Selector. - type: string - namespace: - description: Namespace of the referent. - type: string - selector: - description: Selector of the referents. Mutually exclusive with Name. - type: object - properties: - matchExpressions: - description: matchExpressions is a list of label selector requirements. The requirements are ANDed. - type: array - items: - type: object - properties: - key: - description: key is the label key that the selector applies to. - type: string - operator: - description: operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. - type: string - values: - description: values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. - type: array - items: - type: string - matchLabels: - description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. - type: object - x-kubernetes-preserve-unknown-fields: true - status: - type: object - properties: - annotations: - description: Annotations is additional Status fields for the Resource to save some additional State as well as convey more information to the user. This is roughly akin to Annotations on any k8s resource, just the reconciler conveying richer information outwards. - type: object - x-kubernetes-preserve-unknown-fields: true - ceAttributes: - description: CloudEventAttributes are the specific attributes that the Source uses as part of its CloudEvents. - type: array - items: - type: object - properties: - source: - description: Source is the CloudEvents source attribute. - type: string - type: - description: Type refers to the CloudEvent type attribute. - type: string - conditions: - description: Conditions the latest available observations of a resource's current state. - type: array - items: - type: object - required: - - type - - status - properties: - lastTransitionTime: - description: LastTransitionTime is the last time the condition transitioned from one status to another. We use VolatileTime in place of metav1.Time to exclude this from creating equality.Semantic differences (all other things held constant). - type: string - message: - description: A human readable message indicating details about the transition. - type: string - reason: - description: The reason for the condition's last transition. - type: string - severity: - description: Severity with which to treat failures of this type of condition. When this is not specified, it defaults to Error. - type: string - status: - description: Status of the condition, one of True, False, Unknown. - type: string - type: - description: Type of condition. - type: string - observedGeneration: - description: ObservedGeneration is the 'Generation' of the Service that was last processed by the controller. - type: integer - format: int64 - sinkUri: - description: SinkURI is the current active sink URI that has been configured for the Source. - type: string - additionalPrinterColumns: - - name: Sink - type: string - jsonPath: ".status.sinkUri" - - name: Age - type: date - jsonPath: .metadata.creationTimestamp - - name: Ready - type: string - jsonPath: ".status.conditions[?(@.type=='Ready')].status" - - name: Reason - type: string - jsonPath: ".status.conditions[?(@.type=='Ready')].reason" - names: - categories: - - all - - knative - - sources - - bindings - kind: SinkBinding - plural: sinkbindings - singular: sinkbinding - scope: Namespaced - ---- -# Copyright 2020 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - name: subscriptions.messaging.knative.dev - labels: - eventing.knative.dev/release: "v1.8.7" - knative.dev/crd-install: "true" - app.kubernetes.io/version: "1.8.7" - app.kubernetes.io/name: knative-eventing -spec: - group: messaging.knative.dev - versions: - - name: v1 - served: true - storage: true - subresources: - status: {} - schema: - openAPIV3Schema: - description: 'Subscription routes events received on a Channel to a DNS name and corresponds to the subscriptions.channels.knative.dev CRD.' - type: object - properties: - spec: - type: object - properties: - channel: - description: 'Reference to a channel that will be used to create the subscription. You can specify only the following fields of the KReference: kind, apiVersion and name. The resource pointed by this KReference must meet the contract to the ChannelableSpec duck type. If the resource does not meet this contract it will be reflected in the Subscription''s status. This field is immutable. We have no good answer on what happens to the events that are currently in the channel being consumed from and what the semantics there should be. For now, you can always delete the Subscription and recreate it to point to a different channel, giving the user more control over what semantics should be used (drain the channel first, possibly have events dropped, etc.)' - type: object - properties: - apiVersion: - description: API version of the referent. - type: string - kind: - description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - x-kubernetes-preserve-unknown-fields: true # This is necessary to enable the experimental feature - delivery: - description: Delivery configuration - type: object - properties: - backoffDelay: - description: 'BackoffDelay is the delay before retrying. More information on Duration format: - https://www.iso.org/iso-8601-date-and-time-format.html - https://en.wikipedia.org/wiki/ISO_8601 For linear policy, backoff delay is backoffDelay*. For exponential policy, backoff delay is backoffDelay*2^.' - type: string - backoffPolicy: - description: BackoffPolicy is the retry backoff policy (linear, exponential). - type: string - deadLetterSink: - description: DeadLetterSink is the sink receiving event that could not be sent to a destination. - type: object - properties: - ref: - description: Ref points to an Addressable. - type: object - properties: - apiVersion: - description: API version of the referent. - type: string - kind: - description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - namespace: - description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ This is optional field, it gets defaulted to the object holding it if left out.' - type: string - uri: - description: URI can be an absolute URL(non-empty scheme and non-empty host) pointing to the target or a relative URI. Relative URIs will be resolved using the base URI retrieved from Ref. - type: string - retry: - description: Retry is the minimum number of retries the sender should attempt when sending an event before moving it to the dead letter sink. - type: integer - format: int32 - x-kubernetes-preserve-unknown-fields: true # This is necessary to enable the experimental feature delivery-timeout - reply: - description: Reply specifies (optionally) how to handle events returned from the Subscriber target. - type: object - properties: - ref: - description: Ref points to an Addressable. - type: object - properties: - apiVersion: - description: API version of the referent. - type: string - kind: - description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - namespace: - description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ This is optional field, it gets defaulted to the object holding it if left out.' - type: string - uri: - description: URI can be an absolute URL(non-empty scheme and non-empty host) pointing to the target or a relative URI. Relative URIs will be resolved using the base URI retrieved from Ref. - type: string - subscriber: - description: Subscriber is reference to (optional) function for processing events. Events from the Channel will be delivered here and replies are sent to a Destination as specified by the Reply. - type: object - properties: - ref: - description: Ref points to an Addressable. - type: object - properties: - apiVersion: - description: API version of the referent. - type: string - kind: - description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - namespace: - description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ This is optional field, it gets defaulted to the object holding it if left out.' - type: string - x-kubernetes-preserve-unknown-fields: true # This is necessary to enable the experimental feature - uri: - description: URI can be an absolute URL(non-empty scheme and non-empty host) pointing to the target or a relative URI. Relative URIs will be resolved using the base URI retrieved from Ref. - type: string - status: - type: object - properties: - annotations: - description: Annotations is additional Status fields for the Resource to save some additional State as well as convey more information to the user. This is roughly akin to Annotations on any k8s resource, just the reconciler conveying richer information outwards. - type: object - x-kubernetes-preserve-unknown-fields: true - conditions: - description: Conditions the latest available observations of a resource's current state. - type: array - items: - type: object - required: - - type - - status - properties: - lastTransitionTime: - description: LastTransitionTime is the last time the condition transitioned from one status to another. We use VolatileTime in place of metav1.Time to exclude this from creating equality.Semantic differences (all other things held constant). - type: string - message: - description: A human readable message indicating details about the transition. - type: string - reason: - description: The reason for the condition's last transition. - type: string - severity: - description: Severity with which to treat failures of this type of condition. When this is not specified, it defaults to Error. - type: string - status: - description: Status of the condition, one of True, False, Unknown. - type: string - type: - description: Type of condition. - type: string - observedGeneration: - description: ObservedGeneration is the 'Generation' of the Service that was last processed by the controller. - type: integer - format: int64 - physicalSubscription: - description: PhysicalSubscription is the fully resolved values that this Subscription represents. - type: object - properties: - deadLetterSinkUri: - description: ReplyURI is the fully resolved URI for the spec.delivery.deadLetterSink. - type: string - replyUri: - description: ReplyURI is the fully resolved URI for the spec.reply. - type: string - subscriberUri: - description: SubscriberURI is the fully resolved URI for spec.subscriber. - type: string - additionalPrinterColumns: - - name: Age - type: date - jsonPath: .metadata.creationTimestamp - - name: Ready - type: string - jsonPath: ".status.conditions[?(@.type==\"Ready\")].status" - - name: Reason - type: string - jsonPath: ".status.conditions[?(@.type==\"Ready\")].reason" - names: - kind: Subscription - plural: subscriptions - singular: subscription - categories: - - all - - knative - - messaging - shortNames: - - sub - scope: Namespaced - ---- -# Copyright 2020 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - name: triggers.eventing.knative.dev - labels: - eventing.knative.dev/release: "v1.8.7" - knative.dev/crd-install: "true" - app.kubernetes.io/version: "1.8.7" - app.kubernetes.io/name: knative-eventing -spec: - group: eventing.knative.dev - versions: - - name: v1 - served: true - storage: true - subresources: - status: {} - additionalPrinterColumns: - - name: Broker - type: string - jsonPath: .spec.broker - - name: Subscriber_URI - type: string - jsonPath: .status.subscriberUri - - name: Age - type: date - jsonPath: .metadata.creationTimestamp - - name: Ready - type: string - jsonPath: ".status.conditions[?(@.type==\"Ready\")].status" - - name: Reason - type: string - jsonPath: ".status.conditions[?(@.type==\"Ready\")].reason" - schema: - openAPIV3Schema: - description: 'Trigger represents a request to have events delivered to a subscriber from a Broker''s event pool.' - type: object - properties: - spec: - description: Spec defines the desired state of the Trigger. - type: object - x-kubernetes-preserve-unknown-fields: true - properties: - broker: - description: Broker is the broker that this trigger receives events from. - type: string - delivery: - description: Delivery contains the delivery spec for this specific trigger. - type: object - x-kubernetes-preserve-unknown-fields: true # This is necessary to enable the experimental feature delivery-timeout - properties: - backoffDelay: - description: 'BackoffDelay is the delay before retrying. More information on Duration format: - https://www.iso.org/iso-8601-date-and-time-format.html - https://en.wikipedia.org/wiki/ISO_8601 For linear policy, backoff delay is backoffDelay*. For exponential policy, backoff delay is backoffDelay*2^.' - type: string - backoffPolicy: - description: BackoffPolicy is the retry backoff policy (linear, exponential). - type: string - deadLetterSink: - description: DeadLetterSink is the sink receiving event that could not be sent to a destination. - type: object - properties: - ref: - description: Ref points to an Addressable. - type: object - properties: - apiVersion: - description: API version of the referent. - type: string - kind: - description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - namespace: - description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ This is optional field, it gets defaulted to the object holding it if left out.' - type: string - uri: - description: URI can be an absolute URL(non-empty scheme and non-empty host) pointing to the target or a relative URI. Relative URIs will be resolved using the base URI retrieved from Ref. - type: string - retry: - description: Retry is the minimum number of retries the sender should attempt when sending an event before moving it to the dead letter sink. - type: integer - format: int32 - filter: - description: 'Filter is the filter to apply against all events from the Broker. Only events that pass this filter will be sent to the Subscriber. If not specified, will default to allowing all events. ' - type: object - properties: - attributes: - description: 'Attributes filters events by exact match on event context attributes. Each key in the map is compared with the equivalent key in the event context. An event passes the filter if all values are equal to the specified values. Nested context attributes are not supported as keys. Only string values are supported. ' - type: object - x-kubernetes-preserve-unknown-fields: true - subscriber: - description: Subscriber is the addressable that receives events from the Broker that pass the Filter. It is required. - type: object - properties: - ref: - description: Ref points to an Addressable. - type: object - properties: - apiVersion: - description: API version of the referent. - type: string - kind: - description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - namespace: - description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ This is optional field, it gets defaulted to the object holding it if left out.' - type: string - uri: - description: URI can be an absolute URL(non-empty scheme and non-empty host) pointing to the target or a relative URI. Relative URIs will be resolved using the base URI retrieved from Ref. - type: string - status: - description: Status represents the current state of the Trigger. This data may be out of date. - type: object - properties: - annotations: - description: Annotations is additional Status fields for the Resource to save some additional State as well as convey more information to the user. This is roughly akin to Annotations on any k8s resource, just the reconciler conveying richer information outwards. - type: object - x-kubernetes-preserve-unknown-fields: true - conditions: - description: Conditions the latest available observations of a resource's current state. - type: array - items: - type: object - required: - - type - - status - properties: - lastTransitionTime: - description: 'LastTransitionTime is the last time the condition transitioned from one status to another. We use VolatileTime in place of metav1.Time to exclude this from creating equality.Semantic differences (all other things held constant).' - type: string - message: - description: 'A human readable message indicating details about the transition.' - type: string - reason: - description: 'The reason for the condition''s last transition.' - type: string - severity: - description: 'Severity with which to treat failures of this type of condition. When this is not specified, it defaults to Error.' - type: string - status: - description: 'Status of the condition, one of True, False, Unknown.' - type: string - type: - description: 'Type of condition.' - type: string - deadLetterSinkUri: - description: DeadLetterSinkURI is the resolved URI of the dead letter sink for this Trigger, in case there is none this will fallback to it's Broker status DeadLetterSinkURI. - type: string - observedGeneration: - description: ObservedGeneration is the 'Generation' of the Service that was last processed by the controller. - type: integer - format: int64 - subscriberUri: - description: SubscriberURI is the resolved URI of the receiver for this Trigger. - type: string - names: - kind: Trigger - plural: triggers - singular: trigger - categories: - - all - - knative - - eventing - scope: Namespaced - ---- diff --git a/cmd/operator/kodata/knative-eventing/1.8.7/2-eventing-core.yaml b/cmd/operator/kodata/knative-eventing/1.8.7/2-eventing-core.yaml deleted file mode 100644 index 37cc061937..0000000000 --- a/cmd/operator/kodata/knative-eventing/1.8.7/2-eventing-core.yaml +++ /dev/null @@ -1,4640 +0,0 @@ -# Copyright 2018 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -apiVersion: v1 -kind: Namespace -metadata: - name: knative-eventing - labels: - eventing.knative.dev/release: "v1.8.7" - app.kubernetes.io/version: "1.8.7" - app.kubernetes.io/name: knative-eventing - ---- -# Copyright 2018 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: v1 -kind: ServiceAccount -metadata: - name: eventing-controller - namespace: knative-eventing - labels: - eventing.knative.dev/release: "v1.8.7" - app.kubernetes.io/version: "1.8.7" - app.kubernetes.io/name: knative-eventing ---- -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRoleBinding -metadata: - name: eventing-controller - labels: - eventing.knative.dev/release: "v1.8.7" - app.kubernetes.io/version: "1.8.7" - app.kubernetes.io/name: knative-eventing -subjects: - - kind: ServiceAccount - name: eventing-controller - namespace: knative-eventing -roleRef: - kind: ClusterRole - name: knative-eventing-controller - apiGroup: rbac.authorization.k8s.io ---- -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRoleBinding -metadata: - name: eventing-controller-resolver - labels: - eventing.knative.dev/release: "v1.8.7" - app.kubernetes.io/version: "1.8.7" - app.kubernetes.io/name: knative-eventing -subjects: - - kind: ServiceAccount - name: eventing-controller - namespace: knative-eventing -roleRef: - kind: ClusterRole - name: addressable-resolver - apiGroup: rbac.authorization.k8s.io ---- -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRoleBinding -metadata: - name: eventing-controller-source-observer - labels: - eventing.knative.dev/release: "v1.8.7" - app.kubernetes.io/version: "1.8.7" - app.kubernetes.io/name: knative-eventing -subjects: - - kind: ServiceAccount - name: eventing-controller - namespace: knative-eventing -roleRef: - kind: ClusterRole - name: source-observer - apiGroup: rbac.authorization.k8s.io ---- -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRoleBinding -metadata: - name: eventing-controller-sources-controller - labels: - eventing.knative.dev/release: "v1.8.7" - app.kubernetes.io/version: "1.8.7" - app.kubernetes.io/name: knative-eventing -subjects: - - kind: ServiceAccount - name: eventing-controller - namespace: knative-eventing -roleRef: - kind: ClusterRole - name: knative-eventing-sources-controller - apiGroup: rbac.authorization.k8s.io ---- -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRoleBinding -metadata: - name: eventing-controller-manipulator - labels: - eventing.knative.dev/release: "v1.8.7" - app.kubernetes.io/version: "1.8.7" - app.kubernetes.io/name: knative-eventing -subjects: - - kind: ServiceAccount - name: eventing-controller - namespace: knative-eventing -roleRef: - kind: ClusterRole - name: channelable-manipulator - apiGroup: rbac.authorization.k8s.io - ---- -# Copyright 2020 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: v1 -kind: ServiceAccount -metadata: - name: pingsource-mt-adapter - namespace: knative-eventing - labels: - eventing.knative.dev/release: "v1.8.7" - app.kubernetes.io/version: "1.8.7" - app.kubernetes.io/name: knative-eventing ---- -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRoleBinding -metadata: - name: knative-eventing-pingsource-mt-adapter - labels: - eventing.knative.dev/release: "v1.8.7" - app.kubernetes.io/version: "1.8.7" - app.kubernetes.io/name: knative-eventing -subjects: - - kind: ServiceAccount - name: pingsource-mt-adapter - namespace: knative-eventing -roleRef: - kind: ClusterRole - name: knative-eventing-pingsource-mt-adapter - apiGroup: rbac.authorization.k8s.io - ---- -# Copyright 2018 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: v1 -kind: ServiceAccount -metadata: - name: eventing-webhook - namespace: knative-eventing - labels: - eventing.knative.dev/release: "v1.8.7" - app.kubernetes.io/version: "1.8.7" - app.kubernetes.io/name: knative-eventing ---- -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRoleBinding -metadata: - name: eventing-webhook - labels: - eventing.knative.dev/release: "v1.8.7" - app.kubernetes.io/version: "1.8.7" - app.kubernetes.io/name: knative-eventing -subjects: - - kind: ServiceAccount - name: eventing-webhook - namespace: knative-eventing -roleRef: - kind: ClusterRole - name: knative-eventing-webhook - apiGroup: rbac.authorization.k8s.io ---- -apiVersion: rbac.authorization.k8s.io/v1 -kind: RoleBinding -metadata: - namespace: knative-eventing - name: eventing-webhook - labels: - eventing.knative.dev/release: "v1.8.7" - app.kubernetes.io/version: "1.8.7" - app.kubernetes.io/name: knative-eventing -subjects: - - kind: ServiceAccount - name: eventing-webhook - namespace: knative-eventing -roleRef: - kind: Role - name: knative-eventing-webhook - apiGroup: rbac.authorization.k8s.io ---- -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRoleBinding -metadata: - name: eventing-webhook-resolver - labels: - eventing.knative.dev/release: "v1.8.7" - app.kubernetes.io/version: "1.8.7" - app.kubernetes.io/name: knative-eventing -subjects: - - kind: ServiceAccount - name: eventing-webhook - namespace: knative-eventing -roleRef: - kind: ClusterRole - name: addressable-resolver - apiGroup: rbac.authorization.k8s.io ---- -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRoleBinding -metadata: - name: eventing-webhook-podspecable-binding - labels: - eventing.knative.dev/release: "v1.8.7" - app.kubernetes.io/version: "1.8.7" - app.kubernetes.io/name: knative-eventing -subjects: - - kind: ServiceAccount - name: eventing-webhook - namespace: knative-eventing -roleRef: - kind: ClusterRole - name: podspecable-binding - apiGroup: rbac.authorization.k8s.io - ---- -# Copyright 2020 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: v1 -kind: ConfigMap -metadata: - name: config-br-default-channel - namespace: knative-eventing - labels: - eventing.knative.dev/release: "v1.8.7" - app.kubernetes.io/version: "1.8.7" - app.kubernetes.io/name: knative-eventing -data: - channel-template-spec: | - apiVersion: messaging.knative.dev/v1 - kind: InMemoryChannel - ---- -# Copyright 2021 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: v1 -kind: ConfigMap -metadata: - name: config-br-defaults - namespace: knative-eventing - labels: - eventing.knative.dev/release: "v1.8.7" - app.kubernetes.io/version: "1.8.7" - app.kubernetes.io/name: knative-eventing -data: - # Configures the default for any Broker that does not specify a spec.config or Broker class. - default-br-config: | - clusterDefault: - brokerClass: MTChannelBasedBroker - apiVersion: v1 - kind: ConfigMap - name: config-br-default-channel - namespace: knative-eventing - delivery: - retry: 10 - backoffPolicy: exponential - backoffDelay: PT0.2S - ---- -# Copyright 2018 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: v1 -kind: ConfigMap -metadata: - name: default-ch-webhook - namespace: knative-eventing - labels: - eventing.knative.dev/release: "v1.8.7" - app.kubernetes.io/version: "1.8.7" - app.kubernetes.io/name: knative-eventing -data: - # Configuration for defaulting channels that do not specify CRD implementations. - default-ch-config: | - clusterDefault: - apiVersion: messaging.knative.dev/v1 - kind: InMemoryChannel - namespaceDefaults: - some-namespace: - apiVersion: messaging.knative.dev/v1 - kind: InMemoryChannel - ---- -# Copyright 2020 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: v1 -kind: ConfigMap -metadata: - name: config-ping-defaults - namespace: knative-eventing - labels: - eventing.knative.dev/release: "v1.8.7" - annotations: - knative.dev/example-checksum: "9185c153" - app.kubernetes.io/version: "1.8.7" - app.kubernetes.io/name: knative-eventing -data: - _example: | - ################################ - # # - # EXAMPLE CONFIGURATION # - # # - ################################ - - # This block is not actually functional configuration, - # but serves to illustrate the available configuration - # options and document them in a way that is accessible - # to users that `kubectl edit` this config map. - # - # These sample configuration options may be copied out of - # this example block and unindented to be in the data block - # to actually change the configuration. - - # Max number of bytes allowed to be sent for message excluding any - # base64 decoding. Default is no limit set for data - data-max-size: -1 - ---- -# Copyright 2021 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: v1 -kind: ConfigMap -metadata: - name: config-features - namespace: knative-eventing - labels: - eventing.knative.dev/release: "v1.8.7" - knative.dev/config-propagation: original - knative.dev/config-category: eventing - app.kubernetes.io/version: "1.8.7" - app.kubernetes.io/name: knative-eventing -data: - # ALPHA feature: The kreference-group allows you to use the Group field in KReferences. - # For more details: https://github.com/knative/eventing/issues/5086 - kreference-group: "disabled" - # ALPHA feature: The delivery-retryafter allows you to use the RetryAfter field in DeliverySpec. - # For more details: https://github.com/knative/eventing/issues/5811 - delivery-retryafter: "disabled" - # BETA feature: The delivery-timeout allows you to use the Timeout field in DeliverySpec. - # For more details: https://github.com/knative/eventing/issues/5148 - delivery-timeout: "enabled" - # ALPHA feature: The kreference-mapping allows you to map kreference onto templated URI - # For more details: https://github.com/knative/eventing/issues/5593 - kreference-mapping: "disabled" - # BETA feature: The subscriber-strict flag force subscriptions to define a subscriber - # For more details: https://github.com/knative/eventing/issues/5756 - strict-subscriber: "enabled" - # ALPHA feature: The new-trigger-filters flag allows you to use the new `filters` field - # in Trigger objects with its rich filtering capabilities. - # For more details: https://github.com/knative/eventing/issues/5204 - new-trigger-filters: "disabled" - ---- -# Copyright 2021 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: v1 -kind: ConfigMap -metadata: - name: config-kreference-mapping - namespace: knative-eventing - labels: - eventing.knative.dev/release: "v1.8.7" - knative.dev/config-propagation: original - knative.dev/config-category: eventing - annotations: - knative.dev/example-checksum: "7375dbe1" -data: - _example: | - ################################ - # # - # EXAMPLE CONFIGURATION # - # # - ################################ - - # This block is not actually functional configuration, - # but serves to illustrate the available configuration - # options and document them in a way that is accessible - # to users that `kubectl edit` this config map. - - # this is an example of mapping from pod to addressable-pod service - # the data key must be of the form "kind.version.group" - # the data value must be a valid URL. Valid template data are: - # - Name: reference name - # - Namespace: reference namespace - # - SystemNamespace: knative namespace - # - UID: reference UID - # - # Pod.v1: https://addressable-pod.{{ .SystemNamespace }}.svc.cluster.local/{{ .Name }} - ---- -# Copyright 2018 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: v1 -kind: ConfigMap -metadata: - name: config-leader-election - namespace: knative-eventing - labels: - eventing.knative.dev/release: "v1.8.7" - app.kubernetes.io/version: "1.8.7" - app.kubernetes.io/name: knative-eventing - annotations: - knative.dev/example-checksum: "f7948630" -data: - _example: | - ################################ - # # - # EXAMPLE CONFIGURATION # - # # - ################################ - - # This block is not actually functional configuration, - # but serves to illustrate the available configuration - # options and document them in a way that is accessible - # to users that `kubectl edit` this config map. - # - # These sample configuration options may be copied out of - # this example block and unindented to be in the data block - # to actually change the configuration. - - # lease-duration is how long non-leaders will wait to try to acquire the - # lock; 15 seconds is the value used by core kubernetes controllers. - lease-duration: "15s" - - # renew-deadline is how long a leader will try to renew the lease before - # giving up; 10 seconds is the value used by core kubernetes controllers. - renew-deadline: "10s" - - # retry-period is how long the leader election client waits between tries of - # actions; 2 seconds is the value used by core kubernetes controllers. - retry-period: "2s" - - # buckets is the number of buckets used to partition key space of each - # Reconciler. If this number is M and the replica number of the controller - # is N, the N replicas will compete for the M buckets. The owner of a - # bucket will take care of the reconciling for the keys partitioned into - # that bucket. - buckets: "1" - ---- -# Copyright 2018 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: v1 -kind: ConfigMap -metadata: - name: config-logging - namespace: knative-eventing - labels: - eventing.knative.dev/release: "v1.8.7" - knative.dev/config-propagation: original - knative.dev/config-category: eventing - app.kubernetes.io/version: "1.8.7" - app.kubernetes.io/name: knative-eventing -data: - # Common configuration for all Knative codebase - zap-logger-config: | - { - "level": "info", - "development": false, - "outputPaths": ["stdout"], - "errorOutputPaths": ["stderr"], - "encoding": "json", - "encoderConfig": { - "timeKey": "ts", - "levelKey": "level", - "nameKey": "logger", - "callerKey": "caller", - "messageKey": "msg", - "stacktraceKey": "stacktrace", - "lineEnding": "", - "levelEncoder": "", - "timeEncoder": "iso8601", - "durationEncoder": "", - "callerEncoder": "" - } - } - # Log level overrides - # For all components changes are be picked up immediately. - loglevel.controller: "info" - loglevel.webhook: "info" - ---- -# Copyright 2019 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: v1 -kind: ConfigMap -metadata: - name: config-observability - namespace: knative-eventing - labels: - eventing.knative.dev/release: "v1.8.7" - knative.dev/config-propagation: original - knative.dev/config-category: eventing - app.kubernetes.io/version: "1.8.7" - app.kubernetes.io/name: knative-eventing - annotations: - knative.dev/example-checksum: "f46cf09d" -data: - _example: | - ################################ - # # - # EXAMPLE CONFIGURATION # - # # - ################################ - - # This block is not actually functional configuration, - # but serves to illustrate the available configuration - # options and document them in a way that is accessible - # to users that `kubectl edit` this config map. - # - # These sample configuration options may be copied out of - # this example block and unindented to be in the data block - # to actually change the configuration. - - # metrics.backend-destination field specifies the system metrics destination. - # It supports either prometheus (the default) or stackdriver. - # Note: Using stackdriver will incur additional charges - metrics.backend-destination: prometheus - - # metrics.request-metrics-backend-destination specifies the request metrics - # destination. If non-empty, it enables queue proxy to send request metrics. - # Currently supported values: prometheus, stackdriver. - metrics.request-metrics-backend-destination: prometheus - - # metrics.stackdriver-project-id field specifies the stackdriver project ID. This - # field is optional. When running on GCE, application default credentials will be - # used if this field is not provided. - metrics.stackdriver-project-id: "" - - # metrics.allow-stackdriver-custom-metrics indicates whether it is allowed to send metrics to - # Stackdriver using "global" resource type and custom metric type if the - # metrics are not supported by "knative_broker", "knative_trigger", and "knative_source" resource types. - # Setting this flag to "true" could cause extra Stackdriver charge. - # If metrics.backend-destination is not Stackdriver, this is ignored. - metrics.allow-stackdriver-custom-metrics: "false" - - # profiling.enable indicates whether it is allowed to retrieve runtime profiling data from - # the pods via an HTTP server in the format expected by the pprof visualization tool. When - # enabled, the Knative Eventing pods expose the profiling data on an alternate HTTP port 8008. - # The HTTP context root for profiling is then /debug/pprof/. - profiling.enable: "false" - - # sink-event-error-reporting.enable whether the adapter reports a kube event to the CRD indicating - # a failure to send a cloud event to the sink. - sink-event-error-reporting.enable: "false" - ---- -# Copyright 2022 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: v1 -kind: ConfigMap -metadata: - name: config-sugar - namespace: knative-eventing - labels: - eventing.knative.dev/release: "v1.8.7" - app.kubernetes.io/version: "1.8.7" - app.kubernetes.io/name: knative-eventing - annotations: - knative.dev/example-checksum: "62dfac6f" -data: - _example: | - ################################ - # # - # EXAMPLE CONFIGURATION # - # # - ################################ - # This block is not actually functional configuration, - # but serves to illustrate the available configuration - # options and document them in a way that is accessible - # to users that `kubectl edit` this config map. - # - # These sample configuration options may be copied out of - # this example block and unindented to be in the data block - # to actually change the configuration. - - # namespace-selector specifies a LabelSelector which - # determines which namespaces the Sugar Controller should operate upon - # Use an empty value to disable the feature (this is the default): - namespace-selector: "" - - # Use an empty object as a string to enable for all namespaces - namespace-selector: "{}" - - # trigger-selector specifies a LabelSelector which - # determines which triggers the Sugar Controller should operate upon - # Use an empty value to disable the feature (this is the default): - trigger-selector: "" - - # Use an empty object as string to enable for all triggers - trigger-selector: "{}" - ---- -# Copyright 2019 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: v1 -kind: ConfigMap -metadata: - name: config-tracing - namespace: knative-eventing - labels: - eventing.knative.dev/release: "v1.8.7" - knative.dev/config-propagation: original - knative.dev/config-category: eventing - app.kubernetes.io/version: "1.8.7" - app.kubernetes.io/name: knative-eventing - annotations: - knative.dev/example-checksum: "0492ceb0" -data: - _example: | - ################################ - # # - # EXAMPLE CONFIGURATION # - # # - ################################ - # This block is not actually functional configuration, - # but serves to illustrate the available configuration - # options and document them in a way that is accessible - # to users that `kubectl edit` this config map. - # - # These sample configuration options may be copied out of - # this example block and unindented to be in the data block - # to actually change the configuration. - # - # This may be "zipkin" or "none". the default is "none" - backend: "none" - - # URL to zipkin collector where traces are sent. - # This must be specified when backend is "zipkin" - zipkin-endpoint: "http://zipkin.istio-system.svc.cluster.local:9411/api/v2/spans" - - # Enable zipkin debug mode. This allows all spans to be sent to the server - # bypassing sampling. - debug: "false" - - # Percentage (0-1) of requests to trace - sample-rate: "0.1" - ---- -# Copyright 2018 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: apps/v1 -kind: Deployment -metadata: - name: eventing-controller - namespace: knative-eventing - labels: - eventing.knative.dev/release: "v1.8.7" - knative.dev/high-availability: "true" - app.kubernetes.io/component: eventing-controller - app.kubernetes.io/version: "1.8.7" - app.kubernetes.io/name: knative-eventing -spec: - selector: - matchLabels: - app: eventing-controller - template: - metadata: - labels: - app: eventing-controller - eventing.knative.dev/release: "v1.8.7" - app.kubernetes.io/component: eventing-controller - app.kubernetes.io/version: "1.8.7" - app.kubernetes.io/name: knative-eventing - spec: - # To avoid node becoming SPOF, spread our replicas to different nodes. - affinity: - podAntiAffinity: - preferredDuringSchedulingIgnoredDuringExecution: - - podAffinityTerm: - labelSelector: - matchLabels: - app: eventing-controller - topologyKey: kubernetes.io/hostname - weight: 100 - serviceAccountName: eventing-controller - enableServiceLinks: false - containers: - - name: eventing-controller - terminationMessagePolicy: FallbackToLogsOnError - image: gcr.io/knative-releases/knative.dev/eventing/cmd/controller@sha256:76669fc90a466187859ca47222efedbfb9214fe0814c0075c6187dde824a4940 - resources: - requests: - cpu: 100m - memory: 100Mi - env: - - name: SYSTEM_NAMESPACE - valueFrom: - fieldRef: - fieldPath: metadata.namespace - - name: CONFIG_LOGGING_NAME - value: config-logging - - name: CONFIG_OBSERVABILITY_NAME - value: config-observability - - name: METRICS_DOMAIN - value: knative.dev/eventing - # APIServerSource - - name: APISERVER_RA_IMAGE - value: gcr.io/knative-releases/knative.dev/eventing/cmd/apiserver_receive_adapter@sha256:df7c6c7690982cadbf953de0d5d897d2acc759ba11f18a5cbc45751f112a0dd6 - - name: POD_NAME - valueFrom: - fieldRef: - fieldPath: metadata.name - ## Adapter settings - # - name: K_LOGGING_CONFIG - # value: '' - # - name: K_LEADER_ELECTION_CONFIG - # value: '' - # - name: K_NO_SHUTDOWN_AFTER - # value: '' - ## Time in seconds the adapter will wait for the sink to respond. Default is no timeout - # - name: K_SINK_TIMEOUT - # value: '' - securityContext: - allowPrivilegeEscalation: false - readOnlyRootFilesystem: true - runAsNonRoot: true - capabilities: - drop: - - ALL - seccompProfile: - type: RuntimeDefault - livenessProbe: - httpGet: - path: /health - port: probes - scheme: HTTP - initialDelaySeconds: 20 - periodSeconds: 10 - timeoutSeconds: 5 - readinessProbe: - httpGet: - path: /readiness - port: probes - scheme: HTTP - initialDelaySeconds: 20 - periodSeconds: 10 - timeoutSeconds: 5 - ports: - - name: metrics - containerPort: 9090 - - name: profiling - containerPort: 8008 - - name: probes - containerPort: 8080 - ---- -# Copyright 2018 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: apps/v1 -kind: Deployment -metadata: - name: pingsource-mt-adapter - namespace: knative-eventing - labels: - eventing.knative.dev/release: "v1.8.7" - app.kubernetes.io/component: pingsource-mt-adapter - app.kubernetes.io/version: "1.8.7" - app.kubernetes.io/name: knative-eventing -spec: - # when set to 0 (and only 0) will be set to 1 when the first PingSource is created. - replicas: 0 - selector: - matchLabels: &labels - eventing.knative.dev/source: ping-source-controller - sources.knative.dev/role: adapter - template: - metadata: - labels: - !!merge <<: *labels - eventing.knative.dev/release: "v1.8.7" - app.kubernetes.io/component: pingsource-mt-adapter - app.kubernetes.io/version: "1.8.7" - app.kubernetes.io/name: knative-eventing - spec: - affinity: - podAntiAffinity: - preferredDuringSchedulingIgnoredDuringExecution: - - podAffinityTerm: - labelSelector: - matchLabels: *labels - topologyKey: kubernetes.io/hostname - weight: 100 - enableServiceLinks: false - containers: - - name: dispatcher - image: gcr.io/knative-releases/knative.dev/eventing/cmd/mtping@sha256:9671bcff9dc7ee87e6bf07d905e5c056916e10f59d7c386da06aea4645556ce2 - env: - - name: SYSTEM_NAMESPACE - value: '' - valueFrom: - fieldRef: - apiVersion: v1 - fieldPath: metadata.namespace - - name: NAMESPACE - value: '' - valueFrom: - fieldRef: - apiVersion: v1 - fieldPath: metadata.namespace - # DO NOT MODIFY: The values below are being filled by the ping source controller - # See 500-controller.yaml - - name: K_METRICS_CONFIG - value: '' - - name: K_LOGGING_CONFIG - value: '' - - name: K_LEADER_ELECTION_CONFIG - value: '' - - name: K_NO_SHUTDOWN_AFTER - value: '' - - name: K_SINK_TIMEOUT - value: '-1' - - name: POD_NAME - valueFrom: - fieldRef: - fieldPath: metadata.name - ports: - - containerPort: 9090 - name: metrics - protocol: TCP - resources: - requests: - cpu: 125m - memory: 64Mi - limits: - cpu: 1000m - memory: 2048Mi - securityContext: - allowPrivilegeEscalation: false - readOnlyRootFilesystem: true - runAsNonRoot: true - capabilities: - drop: - - ALL - seccompProfile: - type: RuntimeDefault - serviceAccountName: pingsource-mt-adapter - ---- -# Copyright 2021 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: autoscaling/v2 -kind: HorizontalPodAutoscaler -metadata: - name: eventing-webhook - namespace: knative-eventing - labels: - eventing.knative.dev/release: "v1.8.7" - app.kubernetes.io/component: eventing-webhook - app.kubernetes.io/version: "1.8.7" - app.kubernetes.io/name: knative-eventing -spec: - scaleTargetRef: - apiVersion: apps/v1 - kind: Deployment - name: eventing-webhook - minReplicas: 1 - maxReplicas: 5 - metrics: - - type: Resource - resource: - name: cpu - target: - type: Utilization - averageUtilization: 100 ---- -# Webhook PDB. -apiVersion: policy/v1 -kind: PodDisruptionBudget -metadata: - name: eventing-webhook - namespace: knative-eventing - labels: - eventing.knative.dev/release: "v1.8.7" - app.kubernetes.io/component: eventing-webhook - app.kubernetes.io/version: "1.8.7" - app.kubernetes.io/name: knative-eventing -spec: - minAvailable: 80% - selector: - matchLabels: - app: eventing-webhook - ---- -# Copyright 2018 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: apps/v1 -kind: Deployment -metadata: - name: eventing-webhook - namespace: knative-eventing - labels: - eventing.knative.dev/release: "v1.8.7" - app.kubernetes.io/component: eventing-webhook - app.kubernetes.io/version: "1.8.7" - app.kubernetes.io/name: knative-eventing -spec: - selector: - matchLabels: &labels - app: eventing-webhook - role: eventing-webhook - template: - metadata: - labels: - !!merge <<: *labels - eventing.knative.dev/release: "v1.8.7" - app.kubernetes.io/component: eventing-webhook - app.kubernetes.io/version: "1.8.7" - app.kubernetes.io/name: knative-eventing - spec: - # To avoid node becoming SPOF, spread our replicas to different nodes. - affinity: - podAntiAffinity: - preferredDuringSchedulingIgnoredDuringExecution: - - podAffinityTerm: - labelSelector: - matchLabels: - app: eventing-webhook - topologyKey: kubernetes.io/hostname - weight: 100 - serviceAccountName: eventing-webhook - enableServiceLinks: false - containers: - - name: eventing-webhook - terminationMessagePolicy: FallbackToLogsOnError - # This is the Go import path for the binary that is containerized - # and substituted here. - image: gcr.io/knative-releases/knative.dev/eventing/cmd/webhook@sha256:3675f9254938cecf5e24af746f51e004c2ecbecba06872defa217f659e38c3a2 - resources: - requests: - # taken from serving. - cpu: 100m - memory: 50Mi - limits: - # taken from serving. - cpu: 200m - memory: 200Mi - env: - - name: SYSTEM_NAMESPACE - valueFrom: - fieldRef: - fieldPath: metadata.namespace - - name: CONFIG_LOGGING_NAME - value: config-logging - - name: METRICS_DOMAIN - value: knative.dev/eventing - - name: WEBHOOK_NAME - value: eventing-webhook - - name: WEBHOOK_PORT - value: "8443" - # SINK_BINDING_SELECTION_MODE specifies the NamespaceSelector and ObjectSelector - # for the sinkbinding webhook. - # If `inclusion` is selected, namespaces/objects labelled as `bindings.knative.dev/include:true` - # will be considered by the sinkbinding webhook; - # If `exclusion` is selected, namespaces/objects labelled as `bindings.knative.dev/exclude:true` - # will NOT be considered by the sinkbinding webhook. - # The default is `exclusion`. - - name: SINK_BINDING_SELECTION_MODE - value: "exclusion" - - name: POD_NAME - valueFrom: - fieldRef: - fieldPath: metadata.name - securityContext: - allowPrivilegeEscalation: false - readOnlyRootFilesystem: true - runAsNonRoot: true - capabilities: - drop: - - ALL - seccompProfile: - type: RuntimeDefault - ports: - - name: https-webhook - containerPort: 8443 - - name: metrics - containerPort: 9090 - - name: profiling - containerPort: 8008 - readinessProbe: &probe - periodSeconds: 1 - httpGet: - scheme: HTTPS - port: 8443 - httpHeaders: - - name: k-kubelet-probe - value: "webhook" - livenessProbe: - !!merge <<: *probe - initialDelaySeconds: 120 - # Our webhook should gracefully terminate by lame ducking first, set this to a sufficiently - # high value that we respect whatever value it has configured for the lame duck grace period. - terminationGracePeriodSeconds: 300 ---- -apiVersion: v1 -kind: Service -metadata: - labels: - eventing.knative.dev/release: "v1.8.7" - role: eventing-webhook - app.kubernetes.io/component: eventing-webhook - app.kubernetes.io/version: "1.8.7" - app.kubernetes.io/name: knative-eventing - name: eventing-webhook - namespace: knative-eventing -spec: - ports: - - name: https-webhook - port: 443 - targetPort: 8443 - selector: - role: eventing-webhook - ---- -# Copyright 2020 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - creationTimestamp: null - labels: - eventing.knative.dev/release: "v1.8.7" - eventing.knative.dev/source: "true" - duck.knative.dev/source: "true" - knative.dev/crd-install: "true" - app.kubernetes.io/version: "1.8.7" - app.kubernetes.io/name: knative-eventing - annotations: - # TODO add schemas and descriptions - registry.knative.dev/eventTypes: | - [ - { "type": "dev.knative.apiserver.resource.add" }, - { "type": "dev.knative.apiserver.resource.delete" }, - { "type": "dev.knative.apiserver.resource.update" }, - { "type": "dev.knative.apiserver.ref.add" }, - { "type": "dev.knative.apiserver.ref.delete" }, - { "type": "dev.knative.apiserver.ref.update" } - ] - name: apiserversources.sources.knative.dev -spec: - group: sources.knative.dev - versions: - - name: v1 - served: true - storage: true - subresources: - status: {} - schema: - openAPIV3Schema: - description: 'ApiServerSource is an event source that brings Kubernetes API server events into Knative.' - type: object - properties: - spec: - type: object - required: - - resources - properties: - ceOverrides: - description: CloudEventOverrides defines overrides to control the output format and modifications of the event sent to the sink. - type: object - properties: - extensions: - description: Extensions specify what attribute are added or overridden on the outbound event. Each `Extensions` key-value pair are set on the event as an attribute extension independently. - type: object - x-kubernetes-preserve-unknown-fields: true - mode: - description: EventMode controls the format of the event. `Reference` sends a dataref event type for the resource under watch. `Resource` send the full resource lifecycle event. Defaults to `Reference` - type: string - owner: - description: ResourceOwner is an additional filter to only track resources that are owned by a specific resource type. If ResourceOwner matches Resources[n] then Resources[n] is allowed to pass the ResourceOwner filter. - type: object - properties: - apiVersion: - description: APIVersion - the API version of the resource to watch. - type: string - kind: - description: 'Kind of the resource to watch. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - resources: - description: Resource are the resources this source will track and send related lifecycle events from the Kubernetes ApiServer, with an optional label selector to help filter. - type: array - items: - type: object - properties: - apiVersion: - description: APIVersion - the API version of the resource to watch. - type: string - kind: - description: 'Kind of the resource to watch. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - selector: - description: 'LabelSelector filters this source to objects to those resources pass the label selector. More info: http://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#label-selectors' - type: object - properties: - matchExpressions: - description: matchExpressions is a list of label selector requirements. The requirements are ANDed. - type: array - items: - type: object - properties: - key: - description: key is the label key that the selector applies to. - type: string - operator: - description: operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. - type: string - values: - description: values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. - type: array - items: - type: string - matchLabels: - description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. - type: object - x-kubernetes-preserve-unknown-fields: true - serviceAccountName: - description: ServiceAccountName is the name of the ServiceAccount to use to run this source. Defaults to default if not set. - type: string - sink: - description: Sink is a reference to an object that will resolve to a uri to use as the sink. - type: object - properties: - ref: - description: Ref points to an Addressable. - type: object - properties: - apiVersion: - description: API version of the referent. - type: string - kind: - description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - namespace: - description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ This is optional field, it gets defaulted to the object holding it if left out.' - type: string - uri: - description: URI can be an absolute URL(non-empty scheme and non-empty host) pointing to the target or a relative URI. Relative URIs will be resolved using the base URI retrieved from Ref. - type: string - status: - type: object - properties: - annotations: - description: Annotations is additional Status fields for the Resource to save some additional State as well as convey more information to the user. This is roughly akin to Annotations on any k8s resource, just the reconciler conveying richer information outwards. - type: object - x-kubernetes-preserve-unknown-fields: true - ceAttributes: - description: CloudEventAttributes are the specific attributes that the Source uses as part of its CloudEvents. - type: array - items: - type: object - properties: - source: - description: Source is the CloudEvents source attribute. - type: string - type: - description: Type refers to the CloudEvent type attribute. - type: string - conditions: - description: Conditions the latest available observations of a resource's current state. - type: array - items: - type: object - required: - - type - - status - properties: - lastTransitionTime: - description: LastTransitionTime is the last time the condition transitioned from one status to another. We use VolatileTime in place of metav1.Time to exclude this from creating equality.Semantic differences (all other things held constant). - type: string - message: - description: A human readable message indicating details about the transition. - type: string - reason: - description: The reason for the condition's last transition. - type: string - severity: - description: Severity with which to treat failures of this type of condition. When this is not specified, it defaults to Error. - type: string - status: - description: Status of the condition, one of True, False, Unknown. - type: string - type: - description: Type of condition. - type: string - observedGeneration: - description: ObservedGeneration is the 'Generation' of the Service that was last processed by the controller. - type: integer - format: int64 - sinkUri: - description: SinkURI is the current active sink URI that has been configured for the Source. - type: string - additionalPrinterColumns: - - name: Sink - type: string - jsonPath: ".status.sinkUri" - - name: Age - type: date - jsonPath: .metadata.creationTimestamp - - name: Ready - type: string - jsonPath: ".status.conditions[?(@.type==\"Ready\")].status" - - name: Reason - type: string - jsonPath: ".status.conditions[?(@.type==\"Ready\")].reason" - names: - categories: - - all - - knative - - sources - kind: ApiServerSource - plural: apiserversources - singular: apiserversource - scope: Namespaced - ---- -# Copyright 2020 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - name: brokers.eventing.knative.dev - labels: - eventing.knative.dev/release: "v1.8.7" - knative.dev/crd-install: "true" - duck.knative.dev/addressable: "true" - app.kubernetes.io/version: "1.8.7" - app.kubernetes.io/name: knative-eventing -spec: - group: eventing.knative.dev - versions: - - name: v1 - served: true - storage: true - subresources: - status: {} - schema: - openAPIV3Schema: - description: 'Broker collects a pool of events that are consumable using Triggers. Brokers provide a well-known endpoint for event delivery that senders can use with minimal knowledge of the event routing strategy. Subscribers use Triggers to request delivery of events from a Broker''s pool to a specific URL or Addressable endpoint.' - type: object - properties: - spec: - description: Spec defines the desired state of the Broker. - type: object - properties: - config: - description: Config is a KReference to the configuration that specifies configuration options for this Broker. For example, this could be a pointer to a ConfigMap. - type: object - properties: - apiVersion: - description: API version of the referent. - type: string - kind: - description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - namespace: - description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ This is optional field, it gets defaulted to the object holding it if left out.' - type: string - delivery: - description: Delivery contains the delivery spec for each trigger to this Broker. Each trigger delivery spec, if any, overrides this global delivery spec. - type: object - properties: - backoffDelay: - description: 'BackoffDelay is the delay before retrying. More information on Duration format: - https://www.iso.org/iso-8601-date-and-time-format.html - https://en.wikipedia.org/wiki/ISO_8601 For linear policy, backoff delay is backoffDelay*. For exponential policy, backoff delay is backoffDelay*2^.' - type: string - backoffPolicy: - description: BackoffPolicy is the retry backoff policy (linear, exponential). - type: string - deadLetterSink: - description: DeadLetterSink is the sink receiving event that could not be sent to a destination. - type: object - properties: - ref: - description: Ref points to an Addressable. - type: object - properties: - apiVersion: - description: API version of the referent. - type: string - kind: - description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - namespace: - description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ This is optional field, it gets defaulted to the object holding it if left out.' - type: string - uri: - description: URI can be an absolute URL(non-empty scheme and non-empty host) pointing to the target or a relative URI. Relative URIs will be resolved using the base URI retrieved from Ref. - type: string - retry: - description: Retry is the minimum number of retries the sender should attempt when sending an event before moving it to the dead letter sink. - type: integer - format: int32 - x-kubernetes-preserve-unknown-fields: true # This is necessary to enable the experimental feature delivery-timeout - status: - description: Status represents the current state of the Broker. This data may be out of date. - type: object - properties: - address: - description: Broker is Addressable. It exposes the endpoint as an URI to get events delivered into the Broker mesh. - type: object - properties: - url: - type: string - annotations: - description: Annotations is additional Status fields for the Resource to save some additional State as well as convey more information to the user. This is roughly akin to Annotations on any k8s resource, just the reconciler conveying richer information outwards. - type: object - x-kubernetes-preserve-unknown-fields: true - conditions: - description: Conditions the latest available observations of a resource's current state. - type: array - items: - type: object - required: - - type - - status - properties: - lastTransitionTime: - description: 'LastTransitionTime is the last time the condition transitioned from one status to another. We use VolatileTime in place of metav1.Time to exclude this from creating equality.Semantic differences (all other things held constant).' - type: string - message: - description: 'A human readable message indicating details about the transition.' - type: string - reason: - description: 'The reason for the condition''s last transition.' - type: string - severity: - description: 'Severity with which to treat failures of this type of condition. When this is not specified, it defaults to Error.' - type: string - status: - description: 'Status of the condition, one of True, False, Unknown.' - type: string - type: - description: 'Type of condition.' - type: string - deadLetterSinkUri: - description: DeadLetterSinkURI is the resolved URI of the dead letter sink that will be used as a fallback when not specified by Triggers. - type: string - observedGeneration: - description: ObservedGeneration is the 'Generation' of the Service that was last processed by the controller. - type: integer - format: int64 - additionalPrinterColumns: - - name: URL - type: string - jsonPath: .status.address.url - - name: Age - type: date - jsonPath: .metadata.creationTimestamp - - name: Ready - type: string - jsonPath: ".status.conditions[?(@.type==\"Ready\")].status" - - name: Reason - type: string - jsonPath: ".status.conditions[?(@.type==\"Ready\")].reason" - names: - kind: Broker - plural: brokers - singular: broker - categories: - - all - - knative - - eventing - scope: Namespaced - ---- -# Copyright 2020 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - name: channels.messaging.knative.dev - labels: - eventing.knative.dev/release: "v1.8.7" - knative.dev/crd-install: "true" - messaging.knative.dev/subscribable: "true" - duck.knative.dev/addressable: "true" - app.kubernetes.io/version: "1.8.7" - app.kubernetes.io/name: knative-eventing -spec: - group: messaging.knative.dev - versions: - - name: v1 - served: true - storage: true - subresources: - status: {} - additionalPrinterColumns: - - name: URL - type: string - jsonPath: .status.address.url - - name: Age - type: date - jsonPath: .metadata.creationTimestamp - - name: Ready - type: string - jsonPath: ".status.conditions[?(@.type==\"Ready\")].status" - - name: Reason - type: string - jsonPath: ".status.conditions[?(@.type==\"Ready\")].reason" - schema: - openAPIV3Schema: - description: 'Channel represents a generic Channel. It is normally used when we want a Channel, but do not need a specific Channel implementation.' - type: object - properties: - spec: - description: Spec defines the desired state of the Channel. - type: object - properties: - channelTemplate: - description: ChannelTemplate specifies which Channel CRD to use to create the CRD Channel backing this Channel. This is immutable after creation. Normally this is set by the Channel defaulter, not directly by the user. - type: object - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - spec: - description: Spec defines the Spec to use for each channel created. Passed in verbatim to the Channel CRD as Spec section. - type: object - x-kubernetes-preserve-unknown-fields: true - delivery: - description: DeliverySpec contains the default delivery spec for each subscription to this Channelable. Each subscription delivery spec, if any, overrides this global delivery spec. - type: object - properties: - backoffDelay: - description: 'BackoffDelay is the delay before retrying. More information on Duration format: - https://www.iso.org/iso-8601-date-and-time-format.html - https://en.wikipedia.org/wiki/ISO_8601 For linear policy, backoff delay is backoffDelay*. For exponential policy, backoff delay is backoffDelay*2^.' - type: string - backoffPolicy: - description: BackoffPolicy is the retry backoff policy (linear, exponential). - type: string - deadLetterSink: - description: DeadLetterSink is the sink receiving event that could not be sent to a destination. - type: object - properties: - ref: - description: Ref points to an Addressable. - type: object - properties: - apiVersion: - description: API version of the referent. - type: string - kind: - description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - namespace: - description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ This is optional field, it gets defaulted to the object holding it if left out.' - type: string - uri: - description: URI can be an absolute URL(non-empty scheme and non-empty host) pointing to the target or a relative URI. Relative URIs will be resolved using the base URI retrieved from Ref. - type: string - retry: - description: Retry is the minimum number of retries the sender should attempt when sending an event before moving it to the dead letter sink. - type: integer - format: int32 - x-kubernetes-preserve-unknown-fields: true # This is necessary to enable the experimental feature delivery-timeout - subscribers: - description: This is the list of subscriptions for this subscribable. - type: array - items: - type: object - properties: - delivery: - description: DeliverySpec contains options controlling the event delivery - type: object - properties: - backoffDelay: - description: 'BackoffDelay is the delay before retrying. More information on Duration format: - https://www.iso.org/iso-8601-date-and-time-format.html - https://en.wikipedia.org/wiki/ISO_8601 For linear policy, backoff delay is backoffDelay*. For exponential policy, backoff delay is backoffDelay*2^.' - type: string - backoffPolicy: - description: BackoffPolicy is the retry backoff policy (linear, exponential). - type: string - deadLetterSink: - description: DeadLetterSink is the sink receiving event that could not be sent to a destination. - type: object - properties: - ref: - description: Ref points to an Addressable. - type: object - properties: - apiVersion: - description: API version of the referent. - type: string - kind: - description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - namespace: - description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ This is optional field, it gets defaulted to the object holding it if left out.' - type: string - uri: - description: URI can be an absolute URL(non-empty scheme and non-empty host) pointing to the target or a relative URI. Relative URIs will be resolved using the base URI retrieved from Ref. - type: string - retry: - description: Retry is the minimum number of retries the sender should attempt when sending an event before moving it to the dead letter sink. - type: integer - format: int32 - x-kubernetes-preserve-unknown-fields: true # This is necessary to enable the experimental feature - generation: - description: Generation of the origin of the subscriber with uid:UID. - type: integer - format: int64 - replyUri: - description: ReplyURI is the endpoint for the reply - type: string - subscriberUri: - description: SubscriberURI is the endpoint for the subscriber - type: string - uid: - description: UID is used to understand the origin of the subscriber. - type: string - status: - description: Status represents the current state of the Channel. This data may be out of date. - type: object - properties: - address: - type: object - properties: - url: - type: string - annotations: - description: Annotations is additional Status fields for the Resource to save some additional State as well as convey more information to the user. This is roughly akin to Annotations on any k8s resource, just the reconciler conveying richer information outwards. - type: object - x-kubernetes-preserve-unknown-fields: true - channel: - description: Channel is an KReference to the Channel CRD backing this Channel. - type: object - properties: - apiVersion: - description: API version of the referent. - type: string - kind: - description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - namespace: - description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ This is optional field, it gets defaulted to the object holding it if left out.' - type: string - conditions: - description: Conditions the latest available observations of a resource's current state. - type: array - items: - type: object - required: - - type - - status - properties: - lastTransitionTime: - description: LastTransitionTime is the last time the condition transitioned from one status to another. We use VolatileTime in place of metav1.Time to exclude this from creating equality.Semantic differences (all other things held constant). - type: string - message: - description: A human readable message indicating details about the transition. - type: string - reason: - description: The reason for the condition's last transition. - type: string - severity: - description: Severity with which to treat failures of this type of condition. When this is not specified, it defaults to Error. - type: string - status: - description: Status of the condition, one of True, False, Unknown. - type: string - type: - description: Type of condition. - type: string - deadLetterChannel: - description: DeadLetterChannel is a KReference and is set by the channel when it supports native error handling via a channel Failed messages are delivered here. - type: object - properties: - apiVersion: - description: API version of the referent. - type: string - kind: - description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - namespace: - description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ This is optional field, it gets defaulted to the object holding it if left out.' - type: string - deadLetterSinkUri: - description: DeadLetterSinkURI is the resolved URI of the dead letter sink that will be used as a fallback when not specified by Triggers. - type: string - observedGeneration: - description: ObservedGeneration is the 'Generation' of the Service that was last processed by the controller. - type: integer - format: int64 - subscribers: - description: This is the list of subscription's statuses for this channel. - type: array - items: - type: object - properties: - message: - description: A human readable message indicating details of Ready status. - type: string - observedGeneration: - description: Generation of the origin of the subscriber with uid:UID. - type: integer - format: int64 - ready: - description: Status of the subscriber. - type: string - uid: - description: UID is used to understand the origin of the subscriber. - type: string - names: - kind: Channel - plural: channels - singular: channel - categories: - - all - - knative - - messaging - - channel - shortNames: - - ch - scope: Namespaced - ---- -# Copyright 2020 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - labels: - eventing.knative.dev/release: "v1.8.7" - eventing.knative.dev/source: "true" - duck.knative.dev/source: "true" - knative.dev/crd-install: "true" - app.kubernetes.io/version: "1.8.7" - app.kubernetes.io/name: knative-eventing - name: containersources.sources.knative.dev -spec: - group: sources.knative.dev - versions: - - name: v1 - served: true - storage: true - subresources: - status: {} - schema: - openAPIV3Schema: - description: 'ContainerSource is an event source that starts a container image which generates events under certain situations and sends messages to a sink URI' - type: object - properties: - spec: - type: object - properties: - ceOverrides: - description: CloudEventOverrides defines overrides to control the output format and modifications of the event sent to the sink. - type: object - properties: - extensions: - description: Extensions specify what attribute are added or overridden on the outbound event. Each `Extensions` key-value pair are set on the event as an attribute extension independently. - type: object - x-kubernetes-preserve-unknown-fields: true - sink: - description: Sink is a reference to an object that will resolve to a uri to use as the sink. - type: object - properties: - ref: - description: Ref points to an Addressable. - type: object - properties: - apiVersion: - description: API version of the referent. - type: string - kind: - description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - namespace: - description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ This is optional field, it gets defaulted to the object holding it if left out.' - type: string - uri: - description: URI can be an absolute URL(non-empty scheme and non-empty host) pointing to the target or a relative URI. Relative URIs will be resolved using the base URI retrieved from Ref. - type: string - # WARNING: the schema tool can not parse PodTemplateSpec, stub here and redirect to Deployment documentation. - template: - type: object - x-kubernetes-preserve-unknown-fields: true - description: 'A template in the shape of `Deployment.spec.template` to be used for this ContainerSource. More info: https://kubernetes.io/docs/concepts/workloads/controllers/deployment/' - status: - type: object - properties: - annotations: - description: Annotations is additional Status fields for the Resource to save some additional State as well as convey more information to the user. This is roughly akin to Annotations on any k8s resource, just the reconciler conveying richer information outwards. - type: object - x-kubernetes-preserve-unknown-fields: true - ceAttributes: - description: CloudEventAttributes are the specific attributes that the Source uses as part of its CloudEvents. - type: array - items: - type: object - properties: - source: - description: Source is the CloudEvents source attribute. - type: string - type: - description: Type refers to the CloudEvent type attribute. - type: string - conditions: - description: Conditions the latest available observations of a resource's current state. - type: array - items: - type: object - required: - - type - - status - properties: - lastTransitionTime: - description: LastTransitionTime is the last time the condition transitioned from one status to another. We use VolatileTime in place of metav1.Time to exclude this from creating equality.Semantic differences (all other things held constant). - type: string - message: - description: A human readable message indicating details about the transition. - type: string - reason: - description: The reason for the condition's last transition. - type: string - severity: - description: Severity with which to treat failures of this type of condition. When this is not specified, it defaults to Error. - type: string - status: - description: Status of the condition, one of True, False, Unknown. - type: string - type: - description: Type of condition. - type: string - observedGeneration: - description: ObservedGeneration is the 'Generation' of the Service that was last processed by the controller. - type: integer - format: int64 - sinkUri: - description: SinkURI is the current active sink URI that has been configured for the Source. - type: string - additionalPrinterColumns: - - name: Sink - type: string - jsonPath: ".status.sinkUri" - - name: Age - type: date - jsonPath: .metadata.creationTimestamp - - name: Ready - type: string - jsonPath: ".status.conditions[?(@.type==\"Ready\")].status" - - name: Reason - type: string - jsonPath: ".status.conditions[?(@.type=='Ready')].reason" - names: - categories: - - all - - knative - - sources - kind: ContainerSource - plural: containersources - singular: containersource - scope: Namespaced - ---- -# Copyright 2020 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - name: eventtypes.eventing.knative.dev - labels: - eventing.knative.dev/release: "v1.8.7" - knative.dev/crd-install: "true" - app.kubernetes.io/version: "1.8.7" - app.kubernetes.io/name: knative-eventing -spec: - group: eventing.knative.dev - versions: - - name: v1beta1 - served: true - storage: true - subresources: - status: {} - schema: - openAPIV3Schema: - type: object - description: 'EventType represents a type of event that can be consumed from a Broker.' - properties: - spec: - description: 'Spec defines the desired state of the EventType.' - type: object - properties: - broker: - type: string - description: - description: 'Description is an optional field used to describe the EventType, in any meaningful way.' - type: string - schema: - description: 'Schema is a URI, it represents the CloudEvents schemaurl extension attribute. It may be a JSON schema, a protobuf schema, etc. It is optional.' - type: string - schemaData: - description: 'SchemaData allows the CloudEvents schema to be stored directly in the EventType. Content is dependent on the encoding. Optional attribute. The contents are not validated or manipulated by the system.' - type: string - source: - description: 'Source is a URI, it represents the CloudEvents source.' - type: string - type: - description: 'Type represents the CloudEvents type. It is authoritative.' - type: string - status: - description: 'Status represents the current state of the EventType. This data may be out of date.' - type: object - properties: - annotations: - description: 'Annotations is additional Status fields for the Resource to save some additional State as well as convey more information to the user. This is roughly akin to Annotations on any k8s resource, just the reconciler conveying richer information outwards.' - type: object - x-kubernetes-preserve-unknown-fields: true - conditions: - description: 'Conditions the latest available observations of a resource''s current state.' - type: array - items: - type: object - required: - - type - - status - properties: - lastTransitionTime: - description: 'LastTransitionTime is the last time the condition transitioned from one status to another. We use VolatileTime in place of metav1.Time to exclude this from creating equality.Semantic differences (all other things held constant).' - type: string - message: - description: 'A human readable message indicating details about the transition.' - type: string - reason: - description: 'The reason for the condition''s last transition.' - type: string - severity: - description: 'Severity with which to treat failures of this type of condition. When this is not specified, it defaults to Error.' - type: string - status: - description: 'Status of the condition, one of True, False, Unknown.' - type: string - type: - description: 'Type of condition.' - type: string - observedGeneration: - description: 'ObservedGeneration is the ''Generation'' of the Service that was last processed by the controller.' - type: integer - format: int64 - additionalPrinterColumns: - - name: Type - type: string - jsonPath: ".spec.type" - - name: Source - type: string - jsonPath: ".spec.source" - - name: Schema - type: string - jsonPath: ".spec.schema" - - name: Broker - type: string - jsonPath: ".spec.broker" - - name: Description - type: string - jsonPath: ".spec.description" - # TODO remove Status https://github.com/knative/eventing/issues/2750 - - name: Ready - type: string - jsonPath: ".status.conditions[?(@.type==\"Ready\")].status" - - name: Reason - type: string - jsonPath: ".status.conditions[?(@.type==\"Ready\")].reason" - names: - kind: EventType - plural: eventtypes - singular: eventtype - categories: - - all - - knative - - eventing - scope: Namespaced - ---- -# Copyright 2020 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - name: parallels.flows.knative.dev - labels: - eventing.knative.dev/release: "v1.8.7" - knative.dev/crd-install: "true" - duck.knative.dev/addressable: "true" - app.kubernetes.io/version: "1.8.7" - app.kubernetes.io/name: knative-eventing -spec: - group: flows.knative.dev - versions: - - name: v1 - served: true - storage: true - subresources: - status: {} - schema: - openAPIV3Schema: - description: 'Parallel defines conditional branches that will be wired in series through Channels and Subscriptions.' - type: object - properties: - spec: - description: Spec defines the desired state of the Parallel. - type: object - properties: - branches: - description: Branches is the list of Filter/Subscribers pairs. - type: array - items: - type: object - x-kubernetes-preserve-unknown-fields: true - properties: - delivery: - description: Delivery is the delivery specification for events to the subscriber This includes things like retries, DLQ, etc. - type: object - properties: - backoffDelay: - description: 'BackoffDelay is the delay before retrying. More information on Duration format: - https://www.iso.org/iso-8601-date-and-time-format.html - https://en.wikipedia.org/wiki/ISO_8601 For linear policy, backoff delay is backoffDelay*. For exponential policy, backoff delay is backoffDelay*2^.' - type: string - backoffPolicy: - description: BackoffPolicy is the retry backoff policy (linear, exponential). - type: string - deadLetterSink: - description: DeadLetterSink is the sink receiving event that could not be sent to a destination. - type: object - properties: &addressableProperties - ref: - description: Ref points to an Addressable. - type: object - properties: - apiVersion: - description: API version of the referent. - type: string - kind: - description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - namespace: - description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ This is optional field, it gets defaulted to the object holding it if left out.' - type: string - uri: - description: URI can be an absolute URL(non-empty scheme and non-empty host) pointing to the target or a relative URI. Relative URIs will be resolved using the base URI retrieved from Ref. - type: string - retry: - description: Retry is the minimum number of retries the sender should attempt when sending an event before moving it to the dead letter sink. - type: integer - format: int32 - x-kubernetes-preserve-unknown-fields: true # This is necessary to enable the experimental feature delivery-timeout - filter: - description: Filter is the expression guarding the branch - type: object - properties: - !!merge <<: *addressableProperties - reply: - description: Reply is a Reference to where the result of Subscriber of this case gets sent to. If not specified, sent the result to the Parallel Reply - type: object - properties: - !!merge <<: *addressableProperties - subscriber: - description: Subscriber receiving the event when the filter passes - type: object - properties: - !!merge <<: *addressableProperties - channelTemplate: - description: ChannelTemplate specifies which Channel CRD to use. If left unspecified, it is set to the default Channel CRD for the namespace (or cluster, in case there are no defaults for the namespace). - type: object - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - spec: - description: Spec defines the Spec to use for each channel created. Passed in verbatim to the Channel CRD as Spec section. - type: object - x-kubernetes-preserve-unknown-fields: true - reply: - description: Reply is a Reference to where the result of a case Subscriber gets sent to when the case does not have a Reply - type: object - properties: - !!merge <<: *addressableProperties - status: - description: Status represents the current state of the Parallel. This data may be out of date. - type: object - properties: - address: - type: object - properties: - url: - type: string - annotations: - description: Annotations is additional Status fields for the Resource to save some additional State as well as convey more information to the user. This is roughly akin to Annotations on any k8s resource, just the reconciler conveying richer information outwards. - type: object - x-kubernetes-preserve-unknown-fields: true - branchStatuses: - description: BranchStatuses is an array of corresponding to branch statuses. Matches the Spec.Branches array in the order. - type: array - items: - type: object - properties: - filterChannelStatus: - description: FilterChannelStatus corresponds to the filter channel status. - type: object - properties: &channelProperties - channel: - description: Channel is the reference to the underlying channel. - type: object - properties: &referentProperties - apiVersion: - description: API version of the referent. - type: string - fieldPath: - description: 'If referring to a piece of an object instead of an entire object, this string should contain a valid JSON/Go field access statement, such as desiredState.manifest.containers[2]. For example, if the object reference is to a container within a pod, this would take on a value like: "spec.containers{name}" (where "name" refers to the name of the container that triggered the event) or if no container name is specified "spec.containers[2]" (container with index 2 in this pod). This syntax is chosen only to have some well-defined way of referencing a part of an object.' - type: string - kind: - description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - namespace: - description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' - type: string - resourceVersion: - description: 'Specific resourceVersion to which this reference is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency' - type: string - uid: - description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids' - type: string - ready: - description: ReadyCondition indicates whether the Channel is ready or not. - type: object - x-kubernetes-preserve-unknown-fields: true - properties: &readyConditionProperties - message: - description: A human readable message indicating details about the transition. - type: string - reason: - description: The reason for the condition's last transition. - type: string - severity: - description: Severity with which to treat failures of this type of condition. When this is not specified, it defaults to Error. - type: string - status: - description: Status of the condition, one of True, False, Unknown. - type: string - type: - description: Type of condition. - type: string - filterSubscriptionStatus: - description: FilterSubscriptionStatus corresponds to the filter subscription status. - type: object - properties: - ready: - description: ReadyCondition indicates whether the Subscription is ready or not. - type: object - properties: - !!merge <<: *readyConditionProperties - subscription: - description: Subscription is the reference to the underlying Subscription. - type: object - properties: - !!merge <<: *referentProperties - subscriberSubscriptionStatus: - description: SubscriptionStatus corresponds to the subscriber subscription status. - type: object - properties: - ready: - description: ReadyCondition indicates whether the Subscription is ready or not. - type: object - properties: - !!merge <<: *readyConditionProperties - subscription: - description: Subscription is the reference to the underlying Subscription. - type: object - properties: - !!merge <<: *referentProperties - conditions: - description: Conditions the latest available observations of a resource's current state. - type: array - items: - type: object - properties: - !!merge <<: *readyConditionProperties - ingressChannelStatus: - description: IngressChannelStatus corresponds to the ingress channel status. - type: object - properties: - !!merge <<: *channelProperties - observedGeneration: - description: ObservedGeneration is the 'Generation' of the Service that was last processed by the controller. - type: integer - format: int64 - additionalPrinterColumns: - - name: URL - type: string - jsonPath: .status.address.url - - name: Age - type: date - jsonPath: .metadata.creationTimestamp - - name: Ready - type: string - jsonPath: ".status.conditions[?(@.type==\"Ready\")].status" - - name: Reason - type: string - jsonPath: ".status.conditions[?(@.type==\"Ready\")].reason" - names: - kind: Parallel - plural: parallels - singular: parallel - categories: - - all - - knative - - flows - scope: Namespaced - ---- -# Copyright 2020 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - labels: - eventing.knative.dev/release: "v1.8.7" - eventing.knative.dev/source: "true" - duck.knative.dev/source: "true" - knative.dev/crd-install: "true" - app.kubernetes.io/version: "1.8.7" - app.kubernetes.io/name: knative-eventing - annotations: - # TODO add schemas and descriptions - registry.knative.dev/eventTypes: | - [ - { "type": "dev.knative.sources.ping" } - ] - name: pingsources.sources.knative.dev -spec: - group: sources.knative.dev - versions: - - &version - name: v1beta2 - served: true - storage: false - subresources: - status: {} - schema: - openAPIV3Schema: - type: object - description: 'PingSource describes an event source with a fixed payload produced on a specified cron schedule.' - properties: - spec: - type: object - description: 'PingSourceSpec defines the desired state of the PingSource (from the client).' - properties: - ceOverrides: - description: 'CloudEventOverrides defines overrides to control the output format and modifications of the event sent to the sink.' - type: object - properties: - extensions: - description: 'Extensions specify what attribute are added or overridden on the outbound event. Each `Extensions` key-value pair are set on the event as an attribute extension independently.' - type: object - additionalProperties: - type: string - x-kubernetes-preserve-unknown-fields: true - contentType: - description: 'ContentType is the media type of `data` or `dataBase64`. Default is empty.' - type: string - data: - description: 'Data is data used as the body of the event posted to the sink. Default is empty. Mutually exclusive with `dataBase64`.' - type: string - dataBase64: - description: "DataBase64 is the base64-encoded string of the actual event's body posted to the sink. Default is empty. Mutually exclusive with `data`." - type: string - schedule: - description: 'Schedule is the cron schedule. Defaults to `* * * * *`.' - type: string - sink: - description: 'Sink is a reference to an object that will resolve to a uri to use as the sink.' - type: object - properties: - ref: - description: 'Ref points to an Addressable.' - type: object - properties: - apiVersion: - description: 'API version of the referent.' - type: string - kind: - description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - namespace: - description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ This is optional field, it gets defaulted to the object holding it if left out.' - type: string - uri: - description: 'URI can be an absolute URL(non-empty scheme and non-empty host) pointing to the target or a relative URI. Relative URIs will be resolved using the base URI retrieved from Ref.' - type: string - timezone: - description: 'Timezone modifies the actual time relative to the specified timezone. Defaults to the system time zone. More general information about time zones: https://www.iana.org/time-zones List of valid timezone values: https://en.wikipedia.org/wiki/List_of_tz_database_time_zones' - type: string - status: - type: object - description: 'PingSourceStatus defines the observed state of PingSource (from the controller).' - properties: - annotations: - description: 'Annotations is additional Status fields for the Resource to save some additional State as well as convey more information to the user. This is roughly akin to Annotations on any k8s resource, just the reconciler conveying richer information outwards.' - type: object - x-kubernetes-preserve-unknown-fields: true - ceAttributes: - description: 'CloudEventAttributes are the specific attributes that the Source uses as part of its CloudEvents.' - type: array - items: - type: object - properties: - source: - description: 'Source is the CloudEvents source attribute.' - type: string - type: - description: 'Type refers to the CloudEvent type attribute.' - type: string - conditions: - description: 'Conditions the latest available observations of a resource''s current state.' - type: array - items: - type: object - required: - - type - - status - properties: - lastTransitionTime: - description: 'LastTransitionTime is the last time the condition transitioned from one status to another. We use VolatileTime in place of metav1.Time to exclude this from creating equality.Semantic differences (all other things held constant).' - type: string - message: - description: 'A human readable message indicating details about the transition.' - type: string - reason: - description: 'The reason for the condition''s last transition.' - type: string - severity: - description: 'Severity with which to treat failures of this type of condition. When this is not specified, it defaults to Error.' - type: string - status: - description: 'Status of the condition, one of True, False, Unknown.' - type: string - type: - description: 'Type of condition.' - type: string - observedGeneration: - description: 'ObservedGeneration is the "Generation" of the Service that was last processed by the controller.' - type: integer - format: int64 - sinkUri: - description: 'SinkURI is the current active sink URI that has been configured for the Source.' - type: string - additionalPrinterColumns: - - name: Sink - type: string - jsonPath: .status.sinkUri - - name: Schedule - type: string - jsonPath: .spec.schedule - - name: Age - type: date - jsonPath: .metadata.creationTimestamp - - name: Ready - type: string - jsonPath: ".status.conditions[?(@.type=='Ready')].status" - - name: Reason - type: string - jsonPath: ".status.conditions[?(@.type=='Ready')].reason" - - !!merge <<: *version - name: v1 - served: true - storage: true - # v1 schema is identical to the v1beta2 schema - names: - categories: - - all - - knative - - sources - kind: PingSource - plural: pingsources - singular: pingsource - scope: Namespaced - conversion: - strategy: Webhook - webhook: - conversionReviewVersions: ["v1", "v1beta1"] - clientConfig: - service: - name: eventing-webhook - namespace: knative-eventing - ---- -# Copyright 2020 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - name: sequences.flows.knative.dev - labels: - eventing.knative.dev/release: "v1.8.7" - knative.dev/crd-install: "true" - duck.knative.dev/addressable: "true" - app.kubernetes.io/version: "1.8.7" - app.kubernetes.io/name: knative-eventing -spec: - group: flows.knative.dev - versions: - - name: v1 - served: true - storage: true - subresources: - status: {} - schema: - openAPIV3Schema: - description: 'Sequence defines a sequence of Subscribers that will be wired in series through Channels and Subscriptions.' - type: object - properties: - spec: - description: Spec defines the desired state of the Sequence. - type: object - properties: - channelTemplate: - description: ChannelTemplate specifies which Channel CRD to use. If left unspecified, it is set to the default Channel CRD for the namespace (or cluster, in case there are no defaults for the namespace). - type: object - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - spec: - description: Spec defines the Spec to use for each channel created. Passed in verbatim to the Channel CRD as Spec section. - type: object - x-kubernetes-preserve-unknown-fields: true - reply: - description: Reply is a Reference to where the result of the last Subscriber gets sent to. - type: object - properties: - ref: - description: Ref points to an Addressable. - type: object - properties: - apiVersion: - description: API version of the referent. - type: string - kind: - description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - namespace: - description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ This is optional field, it gets defaulted to the object holding it if left out.' - type: string - uri: - description: URI can be an absolute URL(non-empty scheme and non-empty host) pointing to the target or a relative URI. Relative URIs will be resolved using the base URI retrieved from Ref. - type: string - steps: - description: Steps is the list of Destinations (processors / functions) that will be called in the order provided. Each step has its own delivery options - type: array - items: - type: object - properties: - delivery: - description: Delivery is the delivery specification for events to the subscriber This includes things like retries, DLQ, etc. - type: object - properties: - backoffDelay: - description: 'BackoffDelay is the delay before retrying. More information on Duration format: - https://www.iso.org/iso-8601-date-and-time-format.html - https://en.wikipedia.org/wiki/ISO_8601 For linear policy, backoff delay is backoffDelay*. For exponential policy, backoff delay is backoffDelay*2^.' - type: string - backoffPolicy: - description: BackoffPolicy is the retry backoff policy (linear, exponential). - type: string - deadLetterSink: - description: DeadLetterSink is the sink receiving event that could not be sent to a destination. - type: object - properties: - ref: - description: Ref points to an Addressable. - type: object - properties: - apiVersion: - description: API version of the referent. - type: string - kind: - description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - namespace: - description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ This is optional field, it gets defaulted to the object holding it if left out.' - type: string - uri: - description: URI can be an absolute URL(non-empty scheme and non-empty host) pointing to the target or a relative URI. Relative URIs will be resolved using the base URI retrieved from Ref. - type: string - retry: - description: Retry is the minimum number of retries the sender should attempt when sending an event before moving it to the dead letter sink. - type: integer - format: int32 - x-kubernetes-preserve-unknown-fields: true # This is necessary to enable the experimental feature delivery-timeout - ref: - description: Ref points to an Addressable. - type: object - properties: - apiVersion: - description: API version of the referent. - type: string - kind: - description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - namespace: - description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ This is optional field, it gets defaulted to the object holding it if left out.' - type: string - uri: - description: URI can be an absolute URL(non-empty scheme and non-empty host) pointing to the target or a relative URI. Relative URIs will be resolved using the base URI retrieved from Ref. - type: string - status: - description: Status represents the current state of the Sequence. This data may be out of date. - type: object - properties: - address: - type: object - properties: - url: - type: string - annotations: - description: Annotations is additional Status fields for the Resource to save some additional State as well as convey more information to the user. This is roughly akin to Annotations on any k8s resource, just the reconciler conveying richer information outwards. - type: object - x-kubernetes-preserve-unknown-fields: true - channelStatuses: - description: ChannelStatuses is an array of corresponding Channel statuses. Matches the Spec.Steps array in the order. - type: array - items: - type: object - properties: - channel: - description: Channel is the reference to the underlying channel. - type: object - properties: - apiVersion: - description: API version of the referent. - type: string - fieldPath: - description: 'If referring to a piece of an object instead of an entire object, this string should contain a valid JSON/Go field access statement, such as desiredState.manifest.containers[2]. For example, if the object reference is to a container within a pod, this would take on a value like: "spec.containers{name}" (where "name" refers to the name of the container that triggered the event) or if no container name is specified "spec.containers[2]" (container with index 2 in this pod). This syntax is chosen only to have some well-defined way of referencing a part of an object.' - type: string - kind: - description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - namespace: - description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' - type: string - resourceVersion: - description: 'Specific resourceVersion to which this reference is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency' - type: string - uid: - description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids' - type: string - ready: - description: ReadyCondition indicates whether the Channel is ready or not. - type: object - required: - - type - - status - properties: - lastTransitionTime: - description: LastTransitionTime is the last time the condition transitioned from one status to another. We use VolatileTime in place of metav1.Time to exclude this from creating equality.Semantic differences (all other things held constant). - type: string - message: - description: A human readable message indicating details about the transition. - type: string - reason: - description: The reason for the condition's last transition. - type: string - severity: - description: Severity with which to treat failures of this type of condition. When this is not specified, it defaults to Error. - type: string - status: - description: Status of the condition, one of True, False, Unknown. - type: string - type: - description: Type of condition. - type: string - conditions: - description: Conditions the latest available observations of a resource's current state. - type: array - items: - type: object - required: - - type - - status - properties: - lastTransitionTime: - description: LastTransitionTime is the last time the condition transitioned from one status to another. We use VolatileTime in place of metav1.Time to exclude this from creating equality.Semantic differences (all other things held constant). - type: string - message: - description: A human readable message indicating details about the transition. - type: string - reason: - description: The reason for the condition's last transition. - type: string - severity: - description: Severity with which to treat failures of this type of condition. When this is not specified, it defaults to Error. - type: string - status: - description: Status of the condition, one of True, False, Unknown. - type: string - type: - description: Type of condition. - type: string - observedGeneration: - description: ObservedGeneration is the 'Generation' of the Service that was last processed by the controller. - type: integer - format: int64 - subscriptionStatuses: - description: SubscriptionStatuses is an array of corresponding Subscription statuses. Matches the Spec.Steps array in the order. - type: array - items: - type: object - properties: - ready: - description: ReadyCondition indicates whether the Subscription is ready or not. - type: object - required: - - type - - status - properties: - lastTransitionTime: - description: LastTransitionTime is the last time the condition transitioned from one status to another. We use VolatileTime in place of metav1.Time to exclude this from creating equality.Semantic differences (all other things held constant). - type: string - message: - description: A human readable message indicating details about the transition. - type: string - reason: - description: The reason for the condition's last transition. - type: string - severity: - description: Severity with which to treat failures of this type of condition. When this is not specified, it defaults to Error. - type: string - status: - description: Status of the condition, one of True, False, Unknown. - type: string - type: - description: Type of condition. - type: string - subscription: - description: Subscription is the reference to the underlying Subscription. - type: object - properties: - apiVersion: - description: API version of the referent. - type: string - fieldPath: - description: 'If referring to a piece of an object instead of an entire object, this string should contain a valid JSON/Go field access statement, such as desiredState.manifest.containers[2]. For example, if the object reference is to a container within a pod, this would take on a value like: "spec.containers{name}" (where "name" refers to the name of the container that triggered the event) or if no container name is specified "spec.containers[2]" (container with index 2 in this pod). This syntax is chosen only to have some well-defined way of referencing a part of an object.' - type: string - kind: - description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - namespace: - description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' - type: string - resourceVersion: - description: 'Specific resourceVersion to which this reference is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency' - type: string - uid: - description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids' - type: string - additionalPrinterColumns: - - name: URL - type: string - jsonPath: .status.address.url - - name: Age - type: date - jsonPath: .metadata.creationTimestamp - - name: Ready - type: string - jsonPath: ".status.conditions[?(@.type==\"Ready\")].status" - - name: Reason - type: string - jsonPath: ".status.conditions[?(@.type==\"Ready\")].reason" - names: - kind: Sequence - plural: sequences - singular: sequence - categories: - - all - - knative - - flows - scope: Namespaced - ---- -# Copyright 2020 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - labels: - eventing.knative.dev/release: "v1.8.7" - eventing.knative.dev/source: "true" - duck.knative.dev/source: "true" - duck.knative.dev/binding: "true" - knative.dev/crd-install: "true" - app.kubernetes.io/version: "1.8.7" - app.kubernetes.io/name: knative-eventing - name: sinkbindings.sources.knative.dev -spec: - group: sources.knative.dev - versions: - - name: v1 - served: true - storage: true - subresources: - status: {} - schema: - openAPIV3Schema: - description: 'SinkBinding describes a Binding that is also a Source. The `sink` (from the Source duck) is resolved to a URL and then projected into the `subject` by augmenting the runtime contract of the referenced containers to have a `K_SINK` environment variable holding the endpoint to which to send cloud events.' - type: object - properties: - spec: - type: object - properties: - ceOverrides: - description: CloudEventOverrides defines overrides to control the output format and modifications of the event sent to the sink. - type: object - properties: - extensions: - description: Extensions specify what attribute are added or overridden on the outbound event. Each `Extensions` key-value pair are set on the event as an attribute extension independently. - type: object - x-kubernetes-preserve-unknown-fields: true - sink: - description: Sink is a reference to an object that will resolve to a uri to use as the sink. - type: object - properties: - ref: - description: Ref points to an Addressable. - type: object - properties: - apiVersion: - description: API version of the referent. - type: string - kind: - description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - namespace: - description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ This is optional field, it gets defaulted to the object holding it if left out.' - type: string - uri: - description: URI can be an absolute URL(non-empty scheme and non-empty host) pointing to the target or a relative URI. Relative URIs will be resolved using the base URI retrieved from Ref. - type: string - subject: - description: Subject references the resource(s) whose "runtime contract" should be augmented by Binding implementations. - type: object - properties: - apiVersion: - description: API version of the referent. - type: string - kind: - description: Kind of the referent. - type: string - name: - description: Name of the referent. Mutually exclusive with Selector. - type: string - namespace: - description: Namespace of the referent. - type: string - selector: - description: Selector of the referents. Mutually exclusive with Name. - type: object - properties: - matchExpressions: - description: matchExpressions is a list of label selector requirements. The requirements are ANDed. - type: array - items: - type: object - properties: - key: - description: key is the label key that the selector applies to. - type: string - operator: - description: operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. - type: string - values: - description: values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. - type: array - items: - type: string - matchLabels: - description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. - type: object - x-kubernetes-preserve-unknown-fields: true - status: - type: object - properties: - annotations: - description: Annotations is additional Status fields for the Resource to save some additional State as well as convey more information to the user. This is roughly akin to Annotations on any k8s resource, just the reconciler conveying richer information outwards. - type: object - x-kubernetes-preserve-unknown-fields: true - ceAttributes: - description: CloudEventAttributes are the specific attributes that the Source uses as part of its CloudEvents. - type: array - items: - type: object - properties: - source: - description: Source is the CloudEvents source attribute. - type: string - type: - description: Type refers to the CloudEvent type attribute. - type: string - conditions: - description: Conditions the latest available observations of a resource's current state. - type: array - items: - type: object - required: - - type - - status - properties: - lastTransitionTime: - description: LastTransitionTime is the last time the condition transitioned from one status to another. We use VolatileTime in place of metav1.Time to exclude this from creating equality.Semantic differences (all other things held constant). - type: string - message: - description: A human readable message indicating details about the transition. - type: string - reason: - description: The reason for the condition's last transition. - type: string - severity: - description: Severity with which to treat failures of this type of condition. When this is not specified, it defaults to Error. - type: string - status: - description: Status of the condition, one of True, False, Unknown. - type: string - type: - description: Type of condition. - type: string - observedGeneration: - description: ObservedGeneration is the 'Generation' of the Service that was last processed by the controller. - type: integer - format: int64 - sinkUri: - description: SinkURI is the current active sink URI that has been configured for the Source. - type: string - additionalPrinterColumns: - - name: Sink - type: string - jsonPath: ".status.sinkUri" - - name: Age - type: date - jsonPath: .metadata.creationTimestamp - - name: Ready - type: string - jsonPath: ".status.conditions[?(@.type=='Ready')].status" - - name: Reason - type: string - jsonPath: ".status.conditions[?(@.type=='Ready')].reason" - names: - categories: - - all - - knative - - sources - - bindings - kind: SinkBinding - plural: sinkbindings - singular: sinkbinding - scope: Namespaced - ---- -# Copyright 2020 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - name: subscriptions.messaging.knative.dev - labels: - eventing.knative.dev/release: "v1.8.7" - knative.dev/crd-install: "true" - app.kubernetes.io/version: "1.8.7" - app.kubernetes.io/name: knative-eventing -spec: - group: messaging.knative.dev - versions: - - name: v1 - served: true - storage: true - subresources: - status: {} - schema: - openAPIV3Schema: - description: 'Subscription routes events received on a Channel to a DNS name and corresponds to the subscriptions.channels.knative.dev CRD.' - type: object - properties: - spec: - type: object - properties: - channel: - description: 'Reference to a channel that will be used to create the subscription. You can specify only the following fields of the KReference: kind, apiVersion and name. The resource pointed by this KReference must meet the contract to the ChannelableSpec duck type. If the resource does not meet this contract it will be reflected in the Subscription''s status. This field is immutable. We have no good answer on what happens to the events that are currently in the channel being consumed from and what the semantics there should be. For now, you can always delete the Subscription and recreate it to point to a different channel, giving the user more control over what semantics should be used (drain the channel first, possibly have events dropped, etc.)' - type: object - properties: - apiVersion: - description: API version of the referent. - type: string - kind: - description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - x-kubernetes-preserve-unknown-fields: true # This is necessary to enable the experimental feature - delivery: - description: Delivery configuration - type: object - properties: - backoffDelay: - description: 'BackoffDelay is the delay before retrying. More information on Duration format: - https://www.iso.org/iso-8601-date-and-time-format.html - https://en.wikipedia.org/wiki/ISO_8601 For linear policy, backoff delay is backoffDelay*. For exponential policy, backoff delay is backoffDelay*2^.' - type: string - backoffPolicy: - description: BackoffPolicy is the retry backoff policy (linear, exponential). - type: string - deadLetterSink: - description: DeadLetterSink is the sink receiving event that could not be sent to a destination. - type: object - properties: - ref: - description: Ref points to an Addressable. - type: object - properties: - apiVersion: - description: API version of the referent. - type: string - kind: - description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - namespace: - description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ This is optional field, it gets defaulted to the object holding it if left out.' - type: string - uri: - description: URI can be an absolute URL(non-empty scheme and non-empty host) pointing to the target or a relative URI. Relative URIs will be resolved using the base URI retrieved from Ref. - type: string - retry: - description: Retry is the minimum number of retries the sender should attempt when sending an event before moving it to the dead letter sink. - type: integer - format: int32 - x-kubernetes-preserve-unknown-fields: true # This is necessary to enable the experimental feature delivery-timeout - reply: - description: Reply specifies (optionally) how to handle events returned from the Subscriber target. - type: object - properties: - ref: - description: Ref points to an Addressable. - type: object - properties: - apiVersion: - description: API version of the referent. - type: string - kind: - description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - namespace: - description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ This is optional field, it gets defaulted to the object holding it if left out.' - type: string - uri: - description: URI can be an absolute URL(non-empty scheme and non-empty host) pointing to the target or a relative URI. Relative URIs will be resolved using the base URI retrieved from Ref. - type: string - subscriber: - description: Subscriber is reference to (optional) function for processing events. Events from the Channel will be delivered here and replies are sent to a Destination as specified by the Reply. - type: object - properties: - ref: - description: Ref points to an Addressable. - type: object - properties: - apiVersion: - description: API version of the referent. - type: string - kind: - description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - namespace: - description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ This is optional field, it gets defaulted to the object holding it if left out.' - type: string - x-kubernetes-preserve-unknown-fields: true # This is necessary to enable the experimental feature - uri: - description: URI can be an absolute URL(non-empty scheme and non-empty host) pointing to the target or a relative URI. Relative URIs will be resolved using the base URI retrieved from Ref. - type: string - status: - type: object - properties: - annotations: - description: Annotations is additional Status fields for the Resource to save some additional State as well as convey more information to the user. This is roughly akin to Annotations on any k8s resource, just the reconciler conveying richer information outwards. - type: object - x-kubernetes-preserve-unknown-fields: true - conditions: - description: Conditions the latest available observations of a resource's current state. - type: array - items: - type: object - required: - - type - - status - properties: - lastTransitionTime: - description: LastTransitionTime is the last time the condition transitioned from one status to another. We use VolatileTime in place of metav1.Time to exclude this from creating equality.Semantic differences (all other things held constant). - type: string - message: - description: A human readable message indicating details about the transition. - type: string - reason: - description: The reason for the condition's last transition. - type: string - severity: - description: Severity with which to treat failures of this type of condition. When this is not specified, it defaults to Error. - type: string - status: - description: Status of the condition, one of True, False, Unknown. - type: string - type: - description: Type of condition. - type: string - observedGeneration: - description: ObservedGeneration is the 'Generation' of the Service that was last processed by the controller. - type: integer - format: int64 - physicalSubscription: - description: PhysicalSubscription is the fully resolved values that this Subscription represents. - type: object - properties: - deadLetterSinkUri: - description: ReplyURI is the fully resolved URI for the spec.delivery.deadLetterSink. - type: string - replyUri: - description: ReplyURI is the fully resolved URI for the spec.reply. - type: string - subscriberUri: - description: SubscriberURI is the fully resolved URI for spec.subscriber. - type: string - additionalPrinterColumns: - - name: Age - type: date - jsonPath: .metadata.creationTimestamp - - name: Ready - type: string - jsonPath: ".status.conditions[?(@.type==\"Ready\")].status" - - name: Reason - type: string - jsonPath: ".status.conditions[?(@.type==\"Ready\")].reason" - names: - kind: Subscription - plural: subscriptions - singular: subscription - categories: - - all - - knative - - messaging - shortNames: - - sub - scope: Namespaced - ---- -# Copyright 2020 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - name: triggers.eventing.knative.dev - labels: - eventing.knative.dev/release: "v1.8.7" - knative.dev/crd-install: "true" - app.kubernetes.io/version: "1.8.7" - app.kubernetes.io/name: knative-eventing -spec: - group: eventing.knative.dev - versions: - - name: v1 - served: true - storage: true - subresources: - status: {} - additionalPrinterColumns: - - name: Broker - type: string - jsonPath: .spec.broker - - name: Subscriber_URI - type: string - jsonPath: .status.subscriberUri - - name: Age - type: date - jsonPath: .metadata.creationTimestamp - - name: Ready - type: string - jsonPath: ".status.conditions[?(@.type==\"Ready\")].status" - - name: Reason - type: string - jsonPath: ".status.conditions[?(@.type==\"Ready\")].reason" - schema: - openAPIV3Schema: - description: 'Trigger represents a request to have events delivered to a subscriber from a Broker''s event pool.' - type: object - properties: - spec: - description: Spec defines the desired state of the Trigger. - type: object - x-kubernetes-preserve-unknown-fields: true - properties: - broker: - description: Broker is the broker that this trigger receives events from. - type: string - delivery: - description: Delivery contains the delivery spec for this specific trigger. - type: object - x-kubernetes-preserve-unknown-fields: true # This is necessary to enable the experimental feature delivery-timeout - properties: - backoffDelay: - description: 'BackoffDelay is the delay before retrying. More information on Duration format: - https://www.iso.org/iso-8601-date-and-time-format.html - https://en.wikipedia.org/wiki/ISO_8601 For linear policy, backoff delay is backoffDelay*. For exponential policy, backoff delay is backoffDelay*2^.' - type: string - backoffPolicy: - description: BackoffPolicy is the retry backoff policy (linear, exponential). - type: string - deadLetterSink: - description: DeadLetterSink is the sink receiving event that could not be sent to a destination. - type: object - properties: - ref: - description: Ref points to an Addressable. - type: object - properties: - apiVersion: - description: API version of the referent. - type: string - kind: - description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - namespace: - description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ This is optional field, it gets defaulted to the object holding it if left out.' - type: string - uri: - description: URI can be an absolute URL(non-empty scheme and non-empty host) pointing to the target or a relative URI. Relative URIs will be resolved using the base URI retrieved from Ref. - type: string - retry: - description: Retry is the minimum number of retries the sender should attempt when sending an event before moving it to the dead letter sink. - type: integer - format: int32 - filter: - description: 'Filter is the filter to apply against all events from the Broker. Only events that pass this filter will be sent to the Subscriber. If not specified, will default to allowing all events. ' - type: object - properties: - attributes: - description: 'Attributes filters events by exact match on event context attributes. Each key in the map is compared with the equivalent key in the event context. An event passes the filter if all values are equal to the specified values. Nested context attributes are not supported as keys. Only string values are supported. ' - type: object - x-kubernetes-preserve-unknown-fields: true - subscriber: - description: Subscriber is the addressable that receives events from the Broker that pass the Filter. It is required. - type: object - properties: - ref: - description: Ref points to an Addressable. - type: object - properties: - apiVersion: - description: API version of the referent. - type: string - kind: - description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - namespace: - description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ This is optional field, it gets defaulted to the object holding it if left out.' - type: string - uri: - description: URI can be an absolute URL(non-empty scheme and non-empty host) pointing to the target or a relative URI. Relative URIs will be resolved using the base URI retrieved from Ref. - type: string - status: - description: Status represents the current state of the Trigger. This data may be out of date. - type: object - properties: - annotations: - description: Annotations is additional Status fields for the Resource to save some additional State as well as convey more information to the user. This is roughly akin to Annotations on any k8s resource, just the reconciler conveying richer information outwards. - type: object - x-kubernetes-preserve-unknown-fields: true - conditions: - description: Conditions the latest available observations of a resource's current state. - type: array - items: - type: object - required: - - type - - status - properties: - lastTransitionTime: - description: 'LastTransitionTime is the last time the condition transitioned from one status to another. We use VolatileTime in place of metav1.Time to exclude this from creating equality.Semantic differences (all other things held constant).' - type: string - message: - description: 'A human readable message indicating details about the transition.' - type: string - reason: - description: 'The reason for the condition''s last transition.' - type: string - severity: - description: 'Severity with which to treat failures of this type of condition. When this is not specified, it defaults to Error.' - type: string - status: - description: 'Status of the condition, one of True, False, Unknown.' - type: string - type: - description: 'Type of condition.' - type: string - deadLetterSinkUri: - description: DeadLetterSinkURI is the resolved URI of the dead letter sink for this Trigger, in case there is none this will fallback to it's Broker status DeadLetterSinkURI. - type: string - observedGeneration: - description: ObservedGeneration is the 'Generation' of the Service that was last processed by the controller. - type: integer - format: int64 - subscriberUri: - description: SubscriberURI is the resolved URI of the receiver for this Trigger. - type: string - names: - kind: Trigger - plural: triggers - singular: trigger - categories: - - all - - knative - - eventing - scope: Namespaced - ---- -# Copyright 2019 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -# Use this aggregated ClusterRole when you need readonly access to "Addressables" -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRole -metadata: - name: addressable-resolver - labels: - eventing.knative.dev/release: "v1.8.7" - app.kubernetes.io/version: "1.8.7" - app.kubernetes.io/name: knative-eventing -aggregationRule: - clusterRoleSelectors: - - matchLabels: - duck.knative.dev/addressable: "true" -rules: [] # Rules are automatically filled in by the controller manager. ---- -kind: ClusterRole -apiVersion: rbac.authorization.k8s.io/v1 -metadata: - name: service-addressable-resolver - labels: - eventing.knative.dev/release: "v1.8.7" - duck.knative.dev/addressable: "true" - app.kubernetes.io/version: "1.8.7" - app.kubernetes.io/name: knative-eventing -# Do not use this role directly. These rules will be added to the "addressable-resolver" role. -rules: - - apiGroups: - - "" - resources: - - services - verbs: - - get - - list - - watch ---- -kind: ClusterRole -apiVersion: rbac.authorization.k8s.io/v1 -metadata: - name: serving-addressable-resolver - labels: - eventing.knative.dev/release: "v1.8.7" - duck.knative.dev/addressable: "true" - app.kubernetes.io/version: "1.8.7" - app.kubernetes.io/name: knative-eventing -# Do not use this role directly. These rules will be added to the "addressable-resolver" role. -rules: - - apiGroups: - - serving.knative.dev - resources: - - routes - - routes/status - - services - - services/status - verbs: - - get - - list - - watch ---- -kind: ClusterRole -apiVersion: rbac.authorization.k8s.io/v1 -metadata: - name: channel-addressable-resolver - labels: - eventing.knative.dev/release: "v1.8.7" - duck.knative.dev/addressable: "true" - app.kubernetes.io/version: "1.8.7" - app.kubernetes.io/name: knative-eventing -# Do not use this role directly. These rules will be added to the "addressable-resolver" role. -rules: - - apiGroups: - - messaging.knative.dev - resources: - - channels - - channels/status - verbs: - - get - - list - - watch - - apiGroups: - - messaging.knative.dev - resources: - - channels/finalizers - verbs: - - update ---- -kind: ClusterRole -apiVersion: rbac.authorization.k8s.io/v1 -metadata: - name: broker-addressable-resolver - labels: - eventing.knative.dev/release: "v1.8.7" - duck.knative.dev/addressable: "true" - app.kubernetes.io/version: "1.8.7" - app.kubernetes.io/name: knative-eventing -# Do not use this role directly. These rules will be added to the "addressable-resolver" role. -rules: - - apiGroups: - - eventing.knative.dev - resources: - - brokers - - brokers/status - verbs: - - get - - list - - watch ---- -kind: ClusterRole -apiVersion: rbac.authorization.k8s.io/v1 -metadata: - name: flows-addressable-resolver - labels: - eventing.knative.dev/release: "v1.8.7" - duck.knative.dev/addressable: "true" - app.kubernetes.io/version: "1.8.7" - app.kubernetes.io/name: knative-eventing -# Do not use this role directly. These rules will be added to the "addressable-resolver" role. -rules: - - apiGroups: - - flows.knative.dev - resources: - - sequences - - sequences/status - - parallels - - parallels/status - verbs: - - get - - list - - watch - ---- -# Copyright 2019 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRole -metadata: - name: eventing-broker-filter - labels: - eventing.knative.dev/release: "v1.8.7" - app.kubernetes.io/version: "1.8.7" - app.kubernetes.io/name: knative-eventing -rules: - - apiGroups: - - "" - resources: - - "configmaps" - verbs: - - "get" - - "list" - - "watch" - - apiGroups: - - "eventing.knative.dev" - resources: - - "triggers" - - "triggers/status" - verbs: - - "get" - - "list" - - "watch" ---- -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRole -metadata: - name: eventing-broker-ingress - labels: - eventing.knative.dev/release: "v1.8.7" - app.kubernetes.io/version: "1.8.7" - app.kubernetes.io/name: knative-eventing -rules: - - apiGroups: - - "" - resources: - - "configmaps" - verbs: - - "get" - - "list" - - "watch" ---- -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRole -metadata: - name: eventing-config-reader - labels: - eventing.knative.dev/release: "v1.8.7" - app.kubernetes.io/version: "1.8.7" - app.kubernetes.io/name: knative-eventing -rules: - - apiGroups: - - "" - resources: - - "configmaps" - verbs: - - "get" - - "list" - - "watch" - ---- -# Copyright 2019 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -# Use this aggregated ClusterRole when you need read and update permissions on "Channelables". -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRole -metadata: - name: channelable-manipulator - labels: - eventing.knative.dev/release: "v1.8.7" - app.kubernetes.io/version: "1.8.7" - app.kubernetes.io/name: knative-eventing -aggregationRule: - clusterRoleSelectors: - - matchLabels: - duck.knative.dev/channelable: "true" -rules: [] # Rules are automatically filled in by the controller manager. ---- -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRole -metadata: - name: meta-channelable-manipulator - labels: - eventing.knative.dev/release: "v1.8.7" - duck.knative.dev/channelable: "true" - app.kubernetes.io/version: "1.8.7" - app.kubernetes.io/name: knative-eventing -# Do not use this role directly. These rules will be added to the "channelable-manipulator" role. -rules: - - apiGroups: - - messaging.knative.dev - resources: - - channels - - channels/status - verbs: - - create - - get - - list - - watch - - update - - patch - - delete - ---- -# Copyright 2019 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -kind: ClusterRole -apiVersion: rbac.authorization.k8s.io/v1 -metadata: - name: knative-eventing-namespaced-admin - labels: - eventing.knative.dev/release: "v1.8.7" - rbac.authorization.k8s.io/aggregate-to-admin: "true" - app.kubernetes.io/version: "1.8.7" - app.kubernetes.io/name: knative-eventing -rules: - - apiGroups: ["eventing.knative.dev"] - resources: ["*"] - verbs: ["*"] ---- -kind: ClusterRole -apiVersion: rbac.authorization.k8s.io/v1 -metadata: - name: knative-messaging-namespaced-admin - labels: - eventing.knative.dev/release: "v1.8.7" - rbac.authorization.k8s.io/aggregate-to-admin: "true" - app.kubernetes.io/version: "1.8.7" - app.kubernetes.io/name: knative-eventing -rules: - - apiGroups: ["messaging.knative.dev"] - resources: ["*"] - verbs: ["*"] ---- -kind: ClusterRole -apiVersion: rbac.authorization.k8s.io/v1 -metadata: - name: knative-flows-namespaced-admin - labels: - eventing.knative.dev/release: "v1.8.7" - rbac.authorization.k8s.io/aggregate-to-admin: "true" - app.kubernetes.io/version: "1.8.7" - app.kubernetes.io/name: knative-eventing -rules: - - apiGroups: ["flows.knative.dev"] - resources: ["*"] - verbs: ["*"] ---- -kind: ClusterRole -apiVersion: rbac.authorization.k8s.io/v1 -metadata: - name: knative-sources-namespaced-admin - labels: - eventing.knative.dev/release: "v1.8.7" - rbac.authorization.k8s.io/aggregate-to-admin: "true" - app.kubernetes.io/version: "1.8.7" - app.kubernetes.io/name: knative-eventing -rules: - - apiGroups: ["sources.knative.dev"] - resources: ["*"] - verbs: ["*"] ---- -kind: ClusterRole -apiVersion: rbac.authorization.k8s.io/v1 -metadata: - name: knative-bindings-namespaced-admin - labels: - eventing.knative.dev/release: "v1.8.7" - rbac.authorization.k8s.io/aggregate-to-admin: "true" - app.kubernetes.io/version: "1.8.7" - app.kubernetes.io/name: knative-eventing -rules: - - apiGroups: ["bindings.knative.dev"] - resources: ["*"] - verbs: ["*"] ---- -kind: ClusterRole -apiVersion: rbac.authorization.k8s.io/v1 -metadata: - name: knative-eventing-namespaced-edit - labels: - rbac.authorization.k8s.io/aggregate-to-edit: "true" - eventing.knative.dev/release: "v1.8.7" - app.kubernetes.io/version: "1.8.7" - app.kubernetes.io/name: knative-eventing -rules: - - apiGroups: ["eventing.knative.dev", "messaging.knative.dev", "sources.knative.dev", "flows.knative.dev", "bindings.knative.dev"] - resources: ["*"] - verbs: ["create", "update", "patch", "delete"] ---- -kind: ClusterRole -apiVersion: rbac.authorization.k8s.io/v1 -metadata: - name: knative-eventing-namespaced-view - labels: - rbac.authorization.k8s.io/aggregate-to-view: "true" - eventing.knative.dev/release: "v1.8.7" - app.kubernetes.io/version: "1.8.7" - app.kubernetes.io/name: knative-eventing -rules: - - apiGroups: ["eventing.knative.dev", "messaging.knative.dev", "sources.knative.dev", "flows.knative.dev", "bindings.knative.dev"] - resources: ["*"] - verbs: ["get", "list", "watch"] - ---- -# Copyright 2019 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRole -metadata: - name: knative-eventing-controller - labels: - eventing.knative.dev/release: "v1.8.7" - app.kubernetes.io/version: "1.8.7" - app.kubernetes.io/name: knative-eventing -rules: - - apiGroups: - - "" - resources: - - "namespaces" - - "secrets" - - "configmaps" - - "services" - - "endpoints" - - "events" - - "serviceaccounts" - - "pods" - verbs: &everything - - "get" - - "list" - - "create" - - "update" - - "delete" - - "patch" - - "watch" - # Brokers and the namespace annotation controllers manipulate Deployments. - - apiGroups: - - "apps" - resources: - - "deployments" - verbs: *everything - # PingSource controller manipulates Deployment owner reference - - apiGroups: - - "apps" - resources: - - "deployments/finalizers" - verbs: - - "update" - # The namespace annotation controller needs to manipulate RoleBindings. - - apiGroups: - - "rbac.authorization.k8s.io" - resources: - - "rolebindings" - verbs: *everything - # Our own resources and statuses we care about. - - apiGroups: - - "eventing.knative.dev" - resources: - - "brokers" - - "brokers/status" - - "triggers" - - "triggers/status" - - "eventtypes" - - "eventtypes/status" - verbs: *everything - # Eventing resources and finalizers we care about. - - apiGroups: - - "eventing.knative.dev" - resources: - - "brokers/finalizers" - - "triggers/finalizers" - verbs: - - "update" - # Our own resources and statuses we care about. - - apiGroups: - - "messaging.knative.dev" - resources: - - "sequences" - - "sequences/status" - - "channels" - - "channels/status" - - "parallels" - - "parallels/status" - - "subscriptions" - - "subscriptions/status" - verbs: *everything - # Flow resources and statuses we care about. - - apiGroups: - - "flows.knative.dev" - resources: - - "sequences" - - "sequences/status" - - "parallels" - - "parallels/status" - verbs: *everything - # Messaging resources and finalizers we care about. - - apiGroups: - - "messaging.knative.dev" - resources: - - "sequences/finalizers" - - "parallels/finalizers" - - "channels/finalizers" - verbs: - - "update" - # Flows resources and finalizers we care about. - - apiGroups: - - "flows.knative.dev" - resources: - - "sequences/finalizers" - - "parallels/finalizers" - verbs: - - "update" - # The subscription controller needs to retrieve and watch CustomResourceDefinitions. - - apiGroups: - - "apiextensions.k8s.io" - resources: - - "customresourcedefinitions" - verbs: - - "get" - - "list" - - "watch" - # For leader election - - apiGroups: - - "coordination.k8s.io" - resources: - - "leases" - verbs: *everything - ---- -# Copyright 2020 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRole -metadata: - name: knative-eventing-pingsource-mt-adapter - labels: - eventing.knative.dev/release: "v1.8.7" - app.kubernetes.io/version: "1.8.7" - app.kubernetes.io/name: knative-eventing -rules: - - apiGroups: - - "" - resources: - - "configmaps" - verbs: - - "get" - - "list" - - "watch" - - apiGroups: - - sources.knative.dev - resources: - - pingsources - - pingsources/status - verbs: - - get - - list - - watch - - patch - - apiGroups: - - sources.knative.dev - resources: - - pingsources/finalizers - verbs: - - "patch" - - apiGroups: - - "" - resources: - - events - verbs: - - "create" - - "patch" - - apiGroups: - - coordination.k8s.io - resources: - - leases - verbs: - - get - - list - - watch - - create - - update - - patch - ---- -# Copyright 2019 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -# Use this aggregated ClusterRole when you need readonly access to "PodSpecables" -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRole -metadata: - name: podspecable-binding - labels: - eventing.knative.dev/release: "v1.8.7" - app.kubernetes.io/version: "1.8.7" - app.kubernetes.io/name: knative-eventing -aggregationRule: - clusterRoleSelectors: - - matchLabels: - duck.knative.dev/podspecable: "true" -rules: [] # Rules are automatically filled in by the controller manager. ---- -kind: ClusterRole -apiVersion: rbac.authorization.k8s.io/v1 -metadata: - name: builtin-podspecable-binding - labels: - eventing.knative.dev/release: "v1.8.7" - duck.knative.dev/podspecable: "true" - app.kubernetes.io/version: "1.8.7" - app.kubernetes.io/name: knative-eventing -# Do not use this role directly. These rules will be added to the "podspecable-binding role. -rules: - # To patch the subjects of our bindings - - apiGroups: - - "apps" - resources: - - "deployments" - - "daemonsets" - - "statefulsets" - - "replicasets" - verbs: - - "list" - - "watch" - - "patch" - - apiGroups: - - "batch" - resources: - - "jobs" - verbs: - - "list" - - "watch" - - "patch" - ---- -# Copyright 2019 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -# Use this aggregated ClusterRole when you need to read "Sources". -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRole -metadata: - name: source-observer - labels: - eventing.knative.dev/release: "v1.8.7" - app.kubernetes.io/version: "1.8.7" - app.kubernetes.io/name: knative-eventing -aggregationRule: - clusterRoleSelectors: - - matchLabels: - duck.knative.dev/source: "true" -rules: [] # Rules are automatically filled in by the controller manager. ---- -kind: ClusterRole -apiVersion: rbac.authorization.k8s.io/v1 -metadata: - name: eventing-sources-source-observer - labels: - eventing.knative.dev/release: "v1.8.7" - duck.knative.dev/source: "true" - app.kubernetes.io/version: "1.8.7" - app.kubernetes.io/name: knative-eventing -# Do not use this role directly. These rules will be added to the "source-observer" role. -rules: - - apiGroups: - - sources.knative.dev - resources: - - apiserversources - - pingsources - - sinkbindings - - containersources - verbs: - - get - - list - - watch - ---- -# Copyright 2019 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRole -metadata: - name: knative-eventing-sources-controller - labels: - eventing.knative.dev/release: "v1.8.7" - app.kubernetes.io/version: "1.8.7" - app.kubernetes.io/name: knative-eventing -rules: - - apiGroups: - - "" - resources: - - "secrets" - - "configmaps" - - "services" - verbs: &everything - - "get" - - "list" - - "create" - - "update" - - "delete" - - "patch" - - "watch" - # Deployments admin - - apiGroups: - - "apps" - resources: - - "deployments" - verbs: *everything - # Source resources and statuses we care about. - - apiGroups: - - "sources.knative.dev" - resources: - - "sinkbindings" - - "sinkbindings/status" - - "sinkbindings/finalizers" - - "apiserversources" - - "apiserversources/status" - - "apiserversources/finalizers" - - "pingsources" - - "pingsources/status" - - "pingsources/finalizers" - - "containersources" - - "containersources/status" - - "containersources/finalizers" - verbs: *everything - # Knative Services admin - - apiGroups: - - serving.knative.dev - resources: - - services - verbs: *everything - # EventTypes admin - - apiGroups: - - eventing.knative.dev - resources: - - eventtypes - verbs: *everything - # Events admin - - apiGroups: - - "" - resources: - - events - verbs: *everything - # Authorization checker - - apiGroups: - - authorization.k8s.io - resources: - - subjectaccessreviews - verbs: - - create - ---- -# Copyright 2019 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRole -metadata: - name: knative-eventing-webhook - labels: - eventing.knative.dev/release: "v1.8.7" - app.kubernetes.io/version: "1.8.7" - app.kubernetes.io/name: knative-eventing -rules: - # For watching logging configuration and getting certs. - - apiGroups: - - "" - resources: - - "configmaps" - verbs: - - "get" - - "list" - - "watch" - # For manipulating certs into secrets. - - apiGroups: - - "" - resources: - - "namespaces" - verbs: - - "get" - - "create" - - "update" - - "list" - - "watch" - - "patch" - # finalizers are needed for the owner reference of the webhook - - apiGroups: - - "" - resources: - - "namespaces/finalizers" - verbs: - - "update" - # For getting our Deployment so we can decorate with ownerref. - - apiGroups: - - "apps" - resources: - - "deployments" - verbs: - - "get" - - apiGroups: - - "apps" - resources: - - "deployments/finalizers" - verbs: - - update - # For actually registering our webhook. - - apiGroups: - - "admissionregistration.k8s.io" - resources: - - "mutatingwebhookconfigurations" - - "validatingwebhookconfigurations" - verbs: &everything - - "get" - - "list" - - "create" - - "update" - - "delete" - - "patch" - - "watch" - # For running the SinkBinding reconciler. - - apiGroups: - - "sources.knative.dev" - resources: - - "sinkbindings" - - "sinkbindings/status" - - "sinkbindings/finalizers" - verbs: *everything - # For leader election - - apiGroups: - - "coordination.k8s.io" - resources: - - "leases" - verbs: *everything - # Necessary for conversion webhook. These are copied from the serving - # TODO: Do we really need all these permissions? - - apiGroups: ["apiextensions.k8s.io"] - resources: ["customresourcedefinitions"] - verbs: ["get", "list", "create", "update", "delete", "patch", "watch"] - ---- -# Copyright 2020 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: rbac.authorization.k8s.io/v1 -kind: Role -metadata: - namespace: knative-eventing - name: knative-eventing-webhook - labels: - eventing.knative.dev/release: "v1.8.7" - app.kubernetes.io/version: "1.8.7" - app.kubernetes.io/name: knative-eventing -rules: - # For manipulating certs into secrets. - - apiGroups: - - "" - resources: - - "secrets" - verbs: - - "get" - - "create" - - "update" - - "list" - - "watch" - - "patch" - ---- -# Copyright 2018 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: admissionregistration.k8s.io/v1 -kind: ValidatingWebhookConfiguration -metadata: - name: config.webhook.eventing.knative.dev - labels: - eventing.knative.dev/release: "v1.8.7" - app.kubernetes.io/version: "1.8.7" - app.kubernetes.io/name: knative-eventing -webhooks: - - admissionReviewVersions: ["v1", "v1beta1"] - clientConfig: - service: - name: eventing-webhook - namespace: knative-eventing - sideEffects: None - failurePolicy: Ignore - name: config.webhook.eventing.knative.dev - namespaceSelector: - matchExpressions: - - key: eventing.knative.dev/release - operator: Exists - timeoutSeconds: 10 - ---- -# Copyright 2018 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: admissionregistration.k8s.io/v1 -kind: MutatingWebhookConfiguration -metadata: - name: webhook.eventing.knative.dev - labels: - eventing.knative.dev/release: "v1.8.7" - app.kubernetes.io/version: "1.8.7" - app.kubernetes.io/name: knative-eventing -webhooks: - - admissionReviewVersions: ["v1", "v1beta1"] - clientConfig: - service: - name: eventing-webhook - namespace: knative-eventing - sideEffects: None - failurePolicy: Fail - name: webhook.eventing.knative.dev - timeoutSeconds: 10 - ---- -# Copyright 2018 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: admissionregistration.k8s.io/v1 -kind: ValidatingWebhookConfiguration -metadata: - name: validation.webhook.eventing.knative.dev - labels: - eventing.knative.dev/release: "v1.8.7" - app.kubernetes.io/version: "1.8.7" - app.kubernetes.io/name: knative-eventing -webhooks: - - admissionReviewVersions: ["v1", "v1beta1"] - clientConfig: - service: - name: eventing-webhook - namespace: knative-eventing - sideEffects: None - failurePolicy: Fail - name: validation.webhook.eventing.knative.dev - timeoutSeconds: 10 - ---- -# Copyright 2018 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: v1 -kind: Secret -metadata: - name: eventing-webhook-certs - namespace: knative-eventing - labels: - eventing.knative.dev/release: "v1.8.7" - app.kubernetes.io/version: "1.8.7" - app.kubernetes.io/name: knative-eventing -# The data is populated at install time. - ---- -# Copyright 2018 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: admissionregistration.k8s.io/v1 -kind: MutatingWebhookConfiguration -metadata: - name: sinkbindings.webhook.sources.knative.dev - labels: - eventing.knative.dev/release: "v1.8.7" - app.kubernetes.io/version: "1.8.7" - app.kubernetes.io/name: knative-eventing -webhooks: - - admissionReviewVersions: ["v1", "v1beta1"] - clientConfig: - service: - name: eventing-webhook - namespace: knative-eventing - failurePolicy: Fail - sideEffects: None - name: sinkbindings.webhook.sources.knative.dev - timeoutSeconds: 10 - ---- diff --git a/cmd/operator/kodata/knative-eventing/1.8.7/3-in-memory-channel.yaml b/cmd/operator/kodata/knative-eventing/1.8.7/3-in-memory-channel.yaml deleted file mode 100644 index 15bff99c10..0000000000 --- a/cmd/operator/kodata/knative-eventing/1.8.7/3-in-memory-channel.yaml +++ /dev/null @@ -1,1215 +0,0 @@ -# Copyright 2021 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: v1 -kind: ServiceAccount -metadata: - name: imc-controller - namespace: knative-eventing - labels: - eventing.knative.dev/release: "v1.8.7" - app.kubernetes.io/version: "1.8.7" - app.kubernetes.io/name: knative-eventing ---- -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRoleBinding -metadata: - name: imc-controller - labels: - eventing.knative.dev/release: "v1.8.7" - app.kubernetes.io/version: "1.8.7" - app.kubernetes.io/name: knative-eventing -subjects: - - kind: ServiceAccount - name: imc-controller - namespace: knative-eventing -roleRef: - kind: ClusterRole - name: imc-controller - apiGroup: rbac.authorization.k8s.io ---- -apiVersion: rbac.authorization.k8s.io/v1 -kind: RoleBinding -metadata: - namespace: knative-eventing - name: imc-controller - labels: - eventing.knative.dev/release: "v1.8.7" - app.kubernetes.io/version: "1.8.7" - app.kubernetes.io/name: knative-eventing -subjects: - - kind: ServiceAccount - name: imc-controller - namespace: knative-eventing -roleRef: - kind: Role - name: knative-inmemorychannel-webhook - apiGroup: rbac.authorization.k8s.io ---- -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRoleBinding -metadata: - name: imc-controller-resolver - labels: - eventing.knative.dev/release: "v1.8.7" - app.kubernetes.io/version: "1.8.7" - app.kubernetes.io/name: knative-eventing -subjects: - - kind: ServiceAccount - name: imc-controller - namespace: knative-eventing -roleRef: - kind: ClusterRole - name: addressable-resolver - apiGroup: rbac.authorization.k8s.io - ---- -# Copyright 2021 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: v1 -kind: ServiceAccount -metadata: - name: imc-dispatcher - namespace: knative-eventing - labels: - eventing.knative.dev/release: "v1.8.7" - app.kubernetes.io/version: "1.8.7" - app.kubernetes.io/name: knative-eventing ---- -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRoleBinding -metadata: - name: imc-dispatcher - labels: - eventing.knative.dev/release: "v1.8.7" - app.kubernetes.io/version: "1.8.7" - app.kubernetes.io/name: knative-eventing -subjects: - - kind: ServiceAccount - name: imc-dispatcher - namespace: knative-eventing -roleRef: - kind: ClusterRole - name: imc-dispatcher - apiGroup: rbac.authorization.k8s.io - ---- -# Copyright 2020 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: v1 -kind: ConfigMap -metadata: - name: config-imc-event-dispatcher - namespace: knative-eventing - labels: - eventing.knative.dev/release: "v1.8.7" - app.kubernetes.io/component: imc-controller - app.kubernetes.io/version: "1.8.7" - app.kubernetes.io/name: knative-eventing -data: - MaxIdleConnections: "1000" - MaxIdleConnectionsPerHost: "100" - ---- -# Copyright 2019 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: v1 -kind: ConfigMap -metadata: - name: config-observability - namespace: knative-eventing - labels: - eventing.knative.dev/release: "v1.8.7" - knative.dev/config-propagation: original - knative.dev/config-category: eventing - app.kubernetes.io/version: "1.8.7" - app.kubernetes.io/name: knative-eventing - annotations: - knative.dev/example-checksum: "f46cf09d" -data: - _example: | - ################################ - # # - # EXAMPLE CONFIGURATION # - # # - ################################ - - # This block is not actually functional configuration, - # but serves to illustrate the available configuration - # options and document them in a way that is accessible - # to users that `kubectl edit` this config map. - # - # These sample configuration options may be copied out of - # this example block and unindented to be in the data block - # to actually change the configuration. - - # metrics.backend-destination field specifies the system metrics destination. - # It supports either prometheus (the default) or stackdriver. - # Note: Using stackdriver will incur additional charges - metrics.backend-destination: prometheus - - # metrics.request-metrics-backend-destination specifies the request metrics - # destination. If non-empty, it enables queue proxy to send request metrics. - # Currently supported values: prometheus, stackdriver. - metrics.request-metrics-backend-destination: prometheus - - # metrics.stackdriver-project-id field specifies the stackdriver project ID. This - # field is optional. When running on GCE, application default credentials will be - # used if this field is not provided. - metrics.stackdriver-project-id: "" - - # metrics.allow-stackdriver-custom-metrics indicates whether it is allowed to send metrics to - # Stackdriver using "global" resource type and custom metric type if the - # metrics are not supported by "knative_broker", "knative_trigger", and "knative_source" resource types. - # Setting this flag to "true" could cause extra Stackdriver charge. - # If metrics.backend-destination is not Stackdriver, this is ignored. - metrics.allow-stackdriver-custom-metrics: "false" - - # profiling.enable indicates whether it is allowed to retrieve runtime profiling data from - # the pods via an HTTP server in the format expected by the pprof visualization tool. When - # enabled, the Knative Eventing pods expose the profiling data on an alternate HTTP port 8008. - # The HTTP context root for profiling is then /debug/pprof/. - profiling.enable: "false" - - # sink-event-error-reporting.enable whether the adapter reports a kube event to the CRD indicating - # a failure to send a cloud event to the sink. - sink-event-error-reporting.enable: "false" - ---- -# Copyright 2019 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: v1 -kind: ConfigMap -metadata: - name: config-tracing - namespace: knative-eventing - labels: - eventing.knative.dev/release: "v1.8.7" - knative.dev/config-propagation: original - knative.dev/config-category: eventing - app.kubernetes.io/version: "1.8.7" - app.kubernetes.io/name: knative-eventing - annotations: - knative.dev/example-checksum: "0492ceb0" -data: - _example: | - ################################ - # # - # EXAMPLE CONFIGURATION # - # # - ################################ - # This block is not actually functional configuration, - # but serves to illustrate the available configuration - # options and document them in a way that is accessible - # to users that `kubectl edit` this config map. - # - # These sample configuration options may be copied out of - # this example block and unindented to be in the data block - # to actually change the configuration. - # - # This may be "zipkin" or "none". the default is "none" - backend: "none" - - # URL to zipkin collector where traces are sent. - # This must be specified when backend is "zipkin" - zipkin-endpoint: "http://zipkin.istio-system.svc.cluster.local:9411/api/v2/spans" - - # Enable zipkin debug mode. This allows all spans to be sent to the server - # bypassing sampling. - debug: "false" - - # Percentage (0-1) of requests to trace - sample-rate: "0.1" - ---- -# Copyright 2019 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: apps/v1 -kind: Deployment -metadata: - name: imc-controller - namespace: knative-eventing - labels: - eventing.knative.dev/release: "v1.8.7" - knative.dev/high-availability: "true" - app.kubernetes.io/component: imc-controller - app.kubernetes.io/version: "1.8.7" - app.kubernetes.io/name: knative-eventing -spec: - selector: - matchLabels: &labels - messaging.knative.dev/channel: in-memory-channel - messaging.knative.dev/role: controller - template: - metadata: - labels: - !!merge <<: *labels - app.kubernetes.io/component: imc-controller - app.kubernetes.io/version: "1.8.7" - app.kubernetes.io/name: knative-eventing - spec: - affinity: - podAntiAffinity: - preferredDuringSchedulingIgnoredDuringExecution: - - podAffinityTerm: - labelSelector: - matchLabels: *labels - topologyKey: kubernetes.io/hostname - weight: 100 - serviceAccountName: imc-controller - enableServiceLinks: false - containers: - - name: controller - image: gcr.io/knative-releases/knative.dev/eventing/cmd/in_memory/channel_controller@sha256:21dafea17f000b9491182c66deb7682252864f19b50b847aaa7c40186e9f4c58 - env: - - name: WEBHOOK_NAME - value: inmemorychannel-webhook - - name: WEBHOOK_PORT - value: "8443" - - name: CONFIG_LOGGING_NAME - value: config-logging - - name: CONFIG_OBSERVABILITY_NAME - value: config-observability - - name: METRICS_DOMAIN - value: knative.dev/inmemorychannel-controller - - name: SYSTEM_NAMESPACE - valueFrom: - fieldRef: - fieldPath: metadata.namespace - - name: DISPATCHER_IMAGE - value: gcr.io/knative-releases/knative.dev/eventing/cmd/in_memory/channel_dispatcher@sha256:bb07181df9a2014564aec5973d1277042659455f9382528e7f67b86e8127fe7c - - name: POD_NAME - valueFrom: - fieldRef: - fieldPath: metadata.name - securityContext: - allowPrivilegeEscalation: false - readOnlyRootFilesystem: true - runAsNonRoot: true - capabilities: - drop: - - ALL - seccompProfile: - type: RuntimeDefault - ports: - - name: metrics - containerPort: 9090 - - name: profiling - containerPort: 8008 - - name: https-webhook - containerPort: 8443 - readinessProbe: &probe - periodSeconds: 1 - httpGet: - scheme: HTTPS - port: 8443 - httpHeaders: - - name: k-kubelet-probe - value: "webhook" - livenessProbe: - !!merge <<: *probe - initialDelaySeconds: 120 - # Our webhook should gracefully terminate by lame ducking first, set this to a sufficiently - # high value that we respect whatever value it has configured for the lame duck grace period. - terminationGracePeriodSeconds: 300 ---- -apiVersion: v1 -kind: Service -metadata: - labels: - app.kubernetes.io/component: imc-controller - app.kubernetes.io/version: "1.8.7" - app.kubernetes.io/name: knative-eventing - eventing.knative.dev/release: "v1.8.7" - name: inmemorychannel-webhook - namespace: knative-eventing -spec: - ports: - - name: https-webhook - port: 443 - targetPort: 8443 - - name: http-metrics - port: 9090 - targetPort: 9090 - - name: http-profiling - port: 8008 - targetPort: 8008 - selector: - messaging.knative.dev/channel: in-memory-channel - messaging.knative.dev/role: controller - ---- -# Copyright 2019 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -apiVersion: v1 -kind: Service -metadata: - name: imc-dispatcher - namespace: knative-eventing - labels: - eventing.knative.dev/release: "v1.8.7" - messaging.knative.dev/channel: in-memory-channel - messaging.knative.dev/role: dispatcher - app.kubernetes.io/component: imc-dispatcher - app.kubernetes.io/version: "1.8.7" - app.kubernetes.io/name: knative-eventing -spec: - selector: - messaging.knative.dev/channel: in-memory-channel - messaging.knative.dev/role: dispatcher - ports: - - name: http-dispatcher - port: 80 - protocol: TCP - targetPort: 8080 - - name: http-metrics - port: 9090 - targetPort: 9090 - ---- -# Copyright 2019 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: apps/v1 -kind: Deployment -metadata: - name: imc-dispatcher - namespace: knative-eventing - labels: - eventing.knative.dev/release: "v1.8.7" - knative.dev/high-availability: "true" - app.kubernetes.io/component: imc-dispatcher - app.kubernetes.io/version: "1.8.7" - app.kubernetes.io/name: knative-eventing -spec: - selector: - matchLabels: &labels - messaging.knative.dev/channel: in-memory-channel - messaging.knative.dev/role: dispatcher - template: - metadata: - labels: - !!merge <<: *labels - app.kubernetes.io/component: imc-dispatcher - app.kubernetes.io/version: "1.8.7" - app.kubernetes.io/name: knative-eventing - spec: - affinity: - podAntiAffinity: - preferredDuringSchedulingIgnoredDuringExecution: - - podAffinityTerm: - labelSelector: - matchLabels: *labels - topologyKey: kubernetes.io/hostname - weight: 100 - serviceAccountName: imc-dispatcher - enableServiceLinks: false - containers: - - name: dispatcher - image: gcr.io/knative-releases/knative.dev/eventing/cmd/in_memory/channel_dispatcher@sha256:bb07181df9a2014564aec5973d1277042659455f9382528e7f67b86e8127fe7c - readinessProbe: &probe - failureThreshold: 3 - httpGet: - path: /healthz - port: 8080 - scheme: HTTP - periodSeconds: 2 - successThreshold: 1 - timeoutSeconds: 1 - livenessProbe: - !!merge <<: *probe - initialDelaySeconds: 5 - env: - - name: CONFIG_LOGGING_NAME - value: config-logging - - name: CONFIG_OBSERVABILITY_NAME - value: config-observability - - name: METRICS_DOMAIN - value: knative.dev/inmemorychannel-dispatcher - - name: SYSTEM_NAMESPACE - valueFrom: - fieldRef: - fieldPath: metadata.namespace - - name: POD_NAME - valueFrom: - fieldRef: - fieldPath: metadata.name - - name: CONTAINER_NAME - value: dispatcher - - name: MAX_IDLE_CONNS - value: "1000" - - name: MAX_IDLE_CONNS_PER_HOST - value: "1000" - ports: - - containerPort: 8080 - name: http - protocol: TCP - - containerPort: 9090 - name: metrics - securityContext: - allowPrivilegeEscalation: false - readOnlyRootFilesystem: true - runAsNonRoot: true - capabilities: - drop: - - ALL - seccompProfile: - type: RuntimeDefault - ---- -# Copyright 2019 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - name: inmemorychannels.messaging.knative.dev - labels: - eventing.knative.dev/release: "v1.8.7" - knative.dev/crd-install: "true" - messaging.knative.dev/subscribable: "true" - duck.knative.dev/addressable: "true" - app.kubernetes.io/version: "1.8.7" - app.kubernetes.io/name: knative-eventing -spec: - group: messaging.knative.dev - versions: - - name: v1 - served: true - storage: true - subresources: - status: {} - schema: - openAPIV3Schema: - description: 'InMemoryChannel is a resource representing an in memory channel' - type: object - properties: - spec: - description: Spec defines the desired state of the Channel. - type: object - properties: - delivery: - description: DeliverySpec contains the default delivery spec for each subscription to this Channelable. Each subscription delivery spec, if any, overrides this global delivery spec. - type: object - properties: - backoffDelay: - description: 'BackoffDelay is the delay before retrying. More information on Duration format: - https://www.iso.org/iso-8601-date-and-time-format.html - https://en.wikipedia.org/wiki/ISO_8601 For linear policy, backoff delay is backoffDelay*. For exponential policy, backoff delay is backoffDelay*2^.' - type: string - backoffPolicy: - description: BackoffPolicy is the retry backoff policy (linear, exponential). - type: string - deadLetterSink: - description: DeadLetterSink is the sink receiving event that could not be sent to a destination. - type: object - properties: - ref: - description: Ref points to an Addressable. - type: object - properties: - apiVersion: - description: API version of the referent. - type: string - kind: - description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - namespace: - description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ This is optional field, it gets defaulted to the object holding it if left out.' - type: string - uri: - description: URI can be an absolute URL(non-empty scheme and non-empty host) pointing to the target or a relative URI. Relative URIs will be resolved using the base URI retrieved from Ref. - type: string - retry: - description: Retry is the minimum number of retries the sender should attempt when sending an event before moving it to the dead letter sink. - type: integer - format: int32 - x-kubernetes-preserve-unknown-fields: true # This is necessary to enable the experimental feature delivery-timeout - subscribers: - description: This is the list of subscriptions for this subscribable. - type: array - items: - type: object - properties: - delivery: - description: DeliverySpec contains options controlling the event delivery - type: object - properties: - backoffDelay: - description: 'BackoffDelay is the delay before retrying. More information on Duration format: - https://www.iso.org/iso-8601-date-and-time-format.html - https://en.wikipedia.org/wiki/ISO_8601 For linear policy, backoff delay is backoffDelay*. For exponential policy, backoff delay is backoffDelay*2^.' - type: string - backoffPolicy: - description: BackoffPolicy is the retry backoff policy (linear, exponential). - type: string - deadLetterSink: - description: DeadLetterSink is the sink receiving event that could not be sent to a destination. - type: object - properties: - ref: - description: Ref points to an Addressable. - type: object - properties: - apiVersion: - description: API version of the referent. - type: string - kind: - description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - namespace: - description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ This is optional field, it gets defaulted to the object holding it if left out.' - type: string - uri: - description: URI can be an absolute URL(non-empty scheme and non-empty host) pointing to the target or a relative URI. Relative URIs will be resolved using the base URI retrieved from Ref. - type: string - retry: - description: Retry is the minimum number of retries the sender should attempt when sending an event before moving it to the dead letter sink. - type: integer - format: int32 - x-kubernetes-preserve-unknown-fields: true # This is necessary to enable the experimental feature - generation: - description: Generation of the origin of the subscriber with uid:UID. - type: integer - format: int64 - replyUri: - description: ReplyURI is the endpoint for the reply - type: string - subscriberUri: - description: SubscriberURI is the endpoint for the subscriber - type: string - uid: - description: UID is used to understand the origin of the subscriber. - type: string - status: - description: Status represents the current state of the Channel. This data may be out of date. - type: object - properties: - address: - type: object - properties: - url: - type: string - annotations: - description: Annotations is additional Status fields for the Resource to save some additional State as well as convey more information to the user. This is roughly akin to Annotations on any k8s resource, just the reconciler conveying richer information outwards. - type: object - x-kubernetes-preserve-unknown-fields: true - conditions: - description: Conditions the latest available observations of a resource's current state. - type: array - items: - type: object - required: - - type - - status - properties: - lastTransitionTime: - description: LastTransitionTime is the last time the condition transitioned from one status to another. We use VolatileTime in place of metav1.Time to exclude this from creating equality.Semantic differences (all other things held constant). - type: string - message: - description: A human readable message indicating details about the transition. - type: string - reason: - description: The reason for the condition's last transition. - type: string - severity: - description: Severity with which to treat failures of this type of condition. When this is not specified, it defaults to Error. - type: string - status: - description: Status of the condition, one of True, False, Unknown. - type: string - type: - description: Type of condition. - type: string - deadLetterChannel: - description: DeadLetterChannel is a KReference and is set by the channel when it supports native error handling via a channel Failed messages are delivered here. - type: object - properties: - apiVersion: - description: API version of the referent. - type: string - kind: - description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - namespace: - description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ This is optional field, it gets defaulted to the object holding it if left out.' - type: string - deadLetterSinkUri: - description: DeadLetterSinkURI is the resolved URI of the dead letter ref if one is specified in the Spec.Delivery. - type: string - observedGeneration: - description: ObservedGeneration is the 'Generation' of the Service that was last processed by the controller. - type: integer - format: int64 - subscribers: - description: This is the list of subscription's statuses for this channel. - type: array - items: - type: object - properties: - message: - description: A human readable message indicating details of Ready status. - type: string - observedGeneration: - description: Generation of the origin of the subscriber with uid:UID. - type: integer - format: int64 - ready: - description: Status of the subscriber. - type: string - uid: - description: UID is used to understand the origin of the subscriber. - type: string - additionalPrinterColumns: - - name: URL - type: string - jsonPath: .status.address.url - - name: Age - type: date - jsonPath: .metadata.creationTimestamp - - name: Ready - type: string - jsonPath: ".status.conditions[?(@.type==\"Ready\")].status" - - name: Reason - type: string - jsonPath: ".status.conditions[?(@.type==\"Ready\")].reason" - names: - kind: InMemoryChannel - plural: inmemorychannels - singular: inmemorychannel - categories: - - all - - knative - - messaging - - channel - shortNames: - - imc - scope: Namespaced - ---- -# Copyright 2019 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRole -metadata: - name: imc-addressable-resolver - labels: - eventing.knative.dev/release: "v1.8.7" - duck.knative.dev/addressable: "true" - app.kubernetes.io/version: "1.8.7" - app.kubernetes.io/name: knative-eventing -# Do not use this role directly. These rules will be added to the "addressable-resolver" role. -rules: - - apiGroups: - - messaging.knative.dev - resources: - - inmemorychannels - - inmemorychannels/status - verbs: - - get - - list - - watch - ---- -# Copyright 2019 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRole -metadata: - name: imc-channelable-manipulator - labels: - eventing.knative.dev/release: "v1.8.7" - duck.knative.dev/channelable: "true" - app.kubernetes.io/version: "1.8.7" - app.kubernetes.io/name: knative-eventing -# Do not use this role directly. These rules will be added to the "channelable-manipulator" role. -rules: - - apiGroups: - - messaging.knative.dev - resources: - - inmemorychannels - - inmemorychannels/status - verbs: - - create - - get - - list - - watch - - update - - patch - - delete - ---- -# Copyright 2019 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRole -metadata: - name: imc-controller - labels: - eventing.knative.dev/release: "v1.8.7" - app.kubernetes.io/version: "1.8.7" - app.kubernetes.io/name: knative-eventing -rules: - - apiGroups: - - messaging.knative.dev - resources: - - inmemorychannels - - inmemorychannels/status - verbs: - - get - - list - - watch - - update - - apiGroups: - - messaging.knative.dev - resources: - - inmemorychannels/finalizers - verbs: - - update - - apiGroups: - - messaging.knative.dev - resources: - - inmemorychannels/finalizers - - inmemorychannels/status - - inmemorychannels - verbs: - - patch - - apiGroups: - - "" - resources: - - services - - serviceaccounts - verbs: &everything - - get - - list - - watch - - create - - update - - patch - - apiGroups: - - "" - resources: - - endpoints - verbs: - - get - - list - - watch - - apiGroups: - - "rbac.authorization.k8s.io" - resources: - - rolebindings - verbs: *everything - - apiGroups: - - apps - resources: - - deployments - verbs: *everything - - apiGroups: - - apps - resources: - - deployments/status - verbs: - - get - - list - - watch - - apiGroups: - - "" - resources: - - configmaps - verbs: - - get - - list - - watch - - apiGroups: - - "" - resources: - - events - verbs: - - create - - patch - - apiGroups: - - coordination.k8s.io - resources: - - leases - verbs: *everything - # For actually registering our webhook. - - apiGroups: - - "admissionregistration.k8s.io" - resources: - - "mutatingwebhookconfigurations" - - "validatingwebhookconfigurations" - verbs: &everything - - "get" - - "list" - - "create" - - "update" - - "delete" - - "patch" - - "watch" - # For manipulating certs into secrets. - - apiGroups: - - "" - resources: - - "namespaces" - verbs: - - "get" - - "create" - - "update" - - "list" - - "watch" - - "patch" - # finalizers are needed for the owner reference of the webhook - - apiGroups: - - "" - resources: - - "namespaces/finalizers" - verbs: - - "update" - ---- -# Copyright 2019 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRole -metadata: - name: imc-dispatcher - labels: - eventing.knative.dev/release: "v1.8.7" - app.kubernetes.io/version: "1.8.7" - app.kubernetes.io/name: knative-eventing -rules: - - apiGroups: - - messaging.knative.dev - resources: - - inmemorychannels - - inmemorychannels/status - verbs: - - get - - list - - watch - - apiGroups: - - "" # Core API group. - resources: - - configmaps - verbs: - - get - - list - - watch - - apiGroups: - - "" - resources: - - events - verbs: - - create - - patch - # Updates the finalizer so we can remove our handlers when channel is deleted - # Patches the status.subscribers to reflect when the subscription dataplane has been - # configured. - - apiGroups: - - messaging.knative.dev - resources: - - inmemorychannels/finalizers - - inmemorychannels/status - - inmemorychannels - verbs: - - patch - - apiGroups: - - coordination.k8s.io - resources: - - leases - verbs: - - get - - list - - watch - - create - - update - - patch - ---- -# Copyright 2020 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: rbac.authorization.k8s.io/v1 -kind: Role -metadata: - namespace: knative-eventing - name: knative-inmemorychannel-webhook - labels: - eventing.knative.dev/release: "v1.8.7" - app.kubernetes.io/version: "1.8.7" - app.kubernetes.io/name: knative-eventing -rules: - # For manipulating certs into secrets. - - apiGroups: - - "" - resources: - - "secrets" - verbs: - - "get" - - "create" - - "update" - - "list" - - "watch" - - "patch" - ---- -# Copyright 2021 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: admissionregistration.k8s.io/v1 -kind: MutatingWebhookConfiguration -metadata: - name: inmemorychannel.eventing.knative.dev - labels: - eventing.knative.dev/release: "v1.8.7" - app.kubernetes.io/version: "1.8.7" - app.kubernetes.io/name: knative-eventing -webhooks: - - admissionReviewVersions: ["v1"] - clientConfig: - service: - name: inmemorychannel-webhook - namespace: knative-eventing - sideEffects: None - failurePolicy: Fail - name: inmemorychannel.eventing.knative.dev - timeoutSeconds: 10 - ---- -# Copyright 2021 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: admissionregistration.k8s.io/v1 -kind: ValidatingWebhookConfiguration -metadata: - name: validation.inmemorychannel.eventing.knative.dev - labels: - eventing.knative.dev/release: "v1.8.7" - app.kubernetes.io/version: "1.8.7" - app.kubernetes.io/name: knative-eventing -webhooks: - - admissionReviewVersions: ["v1"] - clientConfig: - service: - name: inmemorychannel-webhook - namespace: knative-eventing - sideEffects: None - failurePolicy: Fail - name: validation.inmemorychannel.eventing.knative.dev - timeoutSeconds: 10 - ---- -# Copyright 2021 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: v1 -kind: Secret -metadata: - name: inmemorychannel-webhook-certs - namespace: knative-eventing - labels: - eventing.knative.dev/release: "v1.8.7" - app.kubernetes.io/version: "1.8.7" - app.kubernetes.io/name: knative-eventing -# The data is populated at install time. - ---- diff --git a/cmd/operator/kodata/knative-eventing/1.8.7/4-mt-channel-broker.yaml b/cmd/operator/kodata/knative-eventing/1.8.7/4-mt-channel-broker.yaml deleted file mode 100644 index f32dff70eb..0000000000 --- a/cmd/operator/kodata/knative-eventing/1.8.7/4-mt-channel-broker.yaml +++ /dev/null @@ -1,675 +0,0 @@ -# Copyright 2020 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRole -metadata: - name: knative-eventing-mt-channel-broker-controller - labels: - eventing.knative.dev/release: "v1.8.7" - app.kubernetes.io/version: "1.8.7" - app.kubernetes.io/name: knative-eventing -rules: - # Configs resources and status we care about. - - apiGroups: - - "" - resources: - - "namespaces/finalizers" - verbs: - - "update" - - apiGroups: - - coordination.k8s.io - resources: - - leases - verbs: - - "get" - - "list" - - "create" - - "update" - - "delete" - - "patch" - - "watch" - ---- -# Copyright 2020 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRole -metadata: - name: knative-eventing-mt-broker-filter - labels: - eventing.knative.dev/release: "v1.8.7" - app.kubernetes.io/version: "1.8.7" - app.kubernetes.io/name: knative-eventing -rules: - - apiGroups: - - eventing.knative.dev - resources: - - triggers - - triggers/status - verbs: - - get - - list - - watch - - apiGroups: - - "" - resources: - - "configmaps" - verbs: - - get - - list - - watch - ---- -# Copyright 2020 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -apiVersion: v1 -kind: ServiceAccount -metadata: - name: mt-broker-filter - namespace: knative-eventing - labels: - eventing.knative.dev/release: "v1.8.7" - app.kubernetes.io/version: "1.8.7" - app.kubernetes.io/name: knative-eventing - ---- -# Copyright 2020 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRole -metadata: - name: knative-eventing-mt-broker-ingress - labels: - eventing.knative.dev/release: "v1.8.7" - app.kubernetes.io/version: "1.8.7" - app.kubernetes.io/name: knative-eventing -rules: - - apiGroups: - - eventing.knative.dev - resources: - - brokers - verbs: - - get - - list - - watch - - apiGroups: - - "" - resources: - - "configmaps" - verbs: - - get - - list - - watch - ---- -# Copyright 2020 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -apiVersion: v1 -kind: ServiceAccount -metadata: - name: mt-broker-ingress - namespace: knative-eventing - labels: - eventing.knative.dev/release: "v1.8.7" - app.kubernetes.io/version: "1.8.7" - app.kubernetes.io/name: knative-eventing - ---- -# Copyright 2020 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRoleBinding -metadata: - name: eventing-mt-channel-broker-controller - labels: - eventing.knative.dev/release: "v1.8.7" - app.kubernetes.io/version: "1.8.7" - app.kubernetes.io/name: knative-eventing -subjects: - - kind: ServiceAccount - name: eventing-controller - namespace: knative-eventing -roleRef: - kind: ClusterRole - name: knative-eventing-mt-channel-broker-controller - apiGroup: rbac.authorization.k8s.io - ---- -# Copyright 2020 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRoleBinding -metadata: - name: knative-eventing-mt-broker-filter - labels: - eventing.knative.dev/release: "v1.8.7" - app.kubernetes.io/version: "1.8.7" - app.kubernetes.io/name: knative-eventing -subjects: - - kind: ServiceAccount - name: mt-broker-filter - namespace: knative-eventing -roleRef: - kind: ClusterRole - name: knative-eventing-mt-broker-filter - apiGroup: rbac.authorization.k8s.io - ---- -# Copyright 2020 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRoleBinding -metadata: - name: knative-eventing-mt-broker-ingress - labels: - eventing.knative.dev/release: "v1.8.7" - app.kubernetes.io/version: "1.8.7" - app.kubernetes.io/name: knative-eventing -subjects: - - kind: ServiceAccount - name: mt-broker-ingress - namespace: knative-eventing -roleRef: - kind: ClusterRole - name: knative-eventing-mt-broker-ingress - apiGroup: rbac.authorization.k8s.io - ---- -# Copyright 2020 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: apps/v1 -kind: Deployment -metadata: - name: mt-broker-filter - namespace: knative-eventing - labels: - eventing.knative.dev/release: "v1.8.7" - app.kubernetes.io/component: broker-filter - app.kubernetes.io/version: "1.8.7" - app.kubernetes.io/name: knative-eventing -spec: - selector: - matchLabels: - eventing.knative.dev/brokerRole: filter - template: - metadata: - labels: - eventing.knative.dev/brokerRole: filter - eventing.knative.dev/release: "v1.8.7" - app.kubernetes.io/component: broker-filter - app.kubernetes.io/version: "1.8.7" - app.kubernetes.io/name: knative-eventing - spec: - serviceAccountName: mt-broker-filter - enableServiceLinks: false - containers: - - name: filter - terminationMessagePolicy: FallbackToLogsOnError - image: gcr.io/knative-releases/knative.dev/eventing/cmd/broker/filter@sha256:132cca8bc3feff5198295d761ff0b7096e0fd2e3e001d79781be29018402fb8c - readinessProbe: &probe - failureThreshold: 3 - httpGet: - path: /healthz - port: 8080 - scheme: HTTP - periodSeconds: 2 - successThreshold: 1 - timeoutSeconds: 1 - livenessProbe: - !!merge <<: *probe - initialDelaySeconds: 5 - resources: - requests: - cpu: 100m - memory: 100Mi - ports: - - containerPort: 8080 - name: http - protocol: TCP - - containerPort: 9092 - name: metrics - protocol: TCP - terminationMessagePath: /dev/termination-log - env: - - name: SYSTEM_NAMESPACE - valueFrom: - fieldRef: - fieldPath: metadata.namespace - - name: NAMESPACE - valueFrom: - fieldRef: - apiVersion: v1 - fieldPath: metadata.namespace - - name: POD_NAME - valueFrom: - fieldRef: - apiVersion: v1 - fieldPath: metadata.name - - name: CONTAINER_NAME - value: filter - - name: CONFIG_LOGGING_NAME - value: config-logging - - name: CONFIG_OBSERVABILITY_NAME - value: config-observability - - name: METRICS_DOMAIN - value: knative.dev/internal/eventing - - name: FILTER_PORT - value: "8080" - securityContext: - allowPrivilegeEscalation: false - readOnlyRootFilesystem: true - runAsNonRoot: true - capabilities: - drop: - - ALL - seccompProfile: - type: RuntimeDefault ---- -apiVersion: v1 -kind: Service -metadata: - labels: - eventing.knative.dev/brokerRole: filter - eventing.knative.dev/release: "v1.8.7" - app.kubernetes.io/component: broker-filter - app.kubernetes.io/version: "1.8.7" - app.kubernetes.io/name: knative-eventing - name: broker-filter - namespace: knative-eventing -spec: - ports: - - name: http - port: 80 - protocol: TCP - targetPort: 8080 - - name: http-metrics - port: 9092 - protocol: TCP - targetPort: 9092 - selector: - eventing.knative.dev/brokerRole: filter - ---- -# Copyright 2020 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: apps/v1 -kind: Deployment -metadata: - name: mt-broker-ingress - namespace: knative-eventing - labels: - eventing.knative.dev/release: "v1.8.7" - app.kubernetes.io/component: broker-ingress - app.kubernetes.io/version: "1.8.7" - app.kubernetes.io/name: knative-eventing -spec: - selector: - matchLabels: - eventing.knative.dev/brokerRole: ingress - template: - metadata: - labels: - eventing.knative.dev/brokerRole: ingress - eventing.knative.dev/release: "v1.8.7" - app.kubernetes.io/component: broker-ingress - app.kubernetes.io/version: "1.8.7" - app.kubernetes.io/name: knative-eventing - spec: - serviceAccountName: mt-broker-ingress - enableServiceLinks: false - containers: - - name: ingress - terminationMessagePolicy: FallbackToLogsOnError - image: gcr.io/knative-releases/knative.dev/eventing/cmd/broker/ingress@sha256:62627993c2cd69a1344a24ecf0c3da02d1b5daa3cc2e7c2f3167c71db272247a - readinessProbe: &probe - failureThreshold: 3 - httpGet: - path: /healthz - port: 8080 - scheme: HTTP - periodSeconds: 2 - successThreshold: 1 - timeoutSeconds: 1 - livenessProbe: - !!merge <<: *probe - initialDelaySeconds: 5 - resources: - requests: - cpu: 100m - memory: 100Mi - ports: - - containerPort: 8080 - name: http - protocol: TCP - - containerPort: 9092 - name: metrics - protocol: TCP - terminationMessagePath: /dev/termination-log - env: - - name: SYSTEM_NAMESPACE - valueFrom: - fieldRef: - fieldPath: metadata.namespace - - name: NAMESPACE - valueFrom: - fieldRef: - apiVersion: v1 - fieldPath: metadata.namespace - - name: POD_NAME - valueFrom: - fieldRef: - apiVersion: v1 - fieldPath: metadata.name - - name: CONTAINER_NAME - value: ingress - - name: CONFIG_LOGGING_NAME - value: config-logging - - name: CONFIG_OBSERVABILITY_NAME - value: config-observability - - name: METRICS_DOMAIN - value: knative.dev/internal/eventing - - name: INGRESS_PORT - value: "8080" - securityContext: - allowPrivilegeEscalation: false - readOnlyRootFilesystem: true - runAsNonRoot: true - capabilities: - drop: - - ALL - seccompProfile: - type: RuntimeDefault ---- -apiVersion: v1 -kind: Service -metadata: - labels: - eventing.knative.dev/brokerRole: ingress - eventing.knative.dev/release: "v1.8.7" - app.kubernetes.io/component: broker-ingress - app.kubernetes.io/version: "1.8.7" - app.kubernetes.io/name: knative-eventing - name: broker-ingress - namespace: knative-eventing -spec: - ports: - - name: http - port: 80 - protocol: TCP - targetPort: 8080 - - name: http-metrics - port: 9092 - protocol: TCP - targetPort: 9092 - selector: - eventing.knative.dev/brokerRole: ingress - ---- -# Copyright 2020 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: apps/v1 -kind: Deployment -metadata: - name: mt-broker-controller - namespace: knative-eventing - labels: - eventing.knative.dev/release: "v1.8.7" - app.kubernetes.io/component: mt-broker-controller - app.kubernetes.io/version: "1.8.7" - app.kubernetes.io/name: knative-eventing -spec: - selector: - matchLabels: - app: mt-broker-controller - template: - metadata: - labels: - app: mt-broker-controller - eventing.knative.dev/release: "v1.8.7" - app.kubernetes.io/component: broker-controller - app.kubernetes.io/version: "1.8.7" - app.kubernetes.io/name: knative-eventing - spec: - # To avoid node becoming SPOF, spread our replicas to different nodes. - affinity: - podAntiAffinity: - preferredDuringSchedulingIgnoredDuringExecution: - - podAffinityTerm: - labelSelector: - matchLabels: - app: mt-broker-controller - topologyKey: kubernetes.io/hostname - weight: 100 - serviceAccountName: eventing-controller - enableServiceLinks: false - containers: - - name: mt-broker-controller - terminationMessagePolicy: FallbackToLogsOnError - image: gcr.io/knative-releases/knative.dev/eventing/cmd/mtchannel_broker@sha256:f72fab858cbdaecd0438d3981a9b925711c7a13f7a80ef58bcc2af791aa9cebf - resources: - requests: - cpu: 100m - memory: 100Mi - env: - - name: SYSTEM_NAMESPACE - valueFrom: - fieldRef: - fieldPath: metadata.namespace - - name: CONFIG_LOGGING_NAME - value: config-logging - - name: CONFIG_OBSERVABILITY_NAME - value: config-observability - - name: METRICS_DOMAIN - value: knative.dev/eventing - - name: POD_NAME - valueFrom: - fieldRef: - fieldPath: metadata.name - securityContext: - allowPrivilegeEscalation: false - readOnlyRootFilesystem: true - runAsNonRoot: true - capabilities: - drop: - - ALL - seccompProfile: - type: RuntimeDefault - ports: - - name: metrics - containerPort: 9090 - - name: profiling - containerPort: 8008 - ---- -# Copyright 2020 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: autoscaling/v2 -kind: HorizontalPodAutoscaler -metadata: - name: broker-ingress-hpa - namespace: knative-eventing - labels: - eventing.knative.dev/release: "v1.8.7" - app.kubernetes.io/component: broker-ingress - app.kubernetes.io/version: "1.8.7" - app.kubernetes.io/name: knative-eventing -spec: - scaleTargetRef: - apiVersion: apps/v1 - kind: Deployment - name: mt-broker-ingress - minReplicas: 1 - maxReplicas: 10 - metrics: - - type: Resource - resource: - name: cpu - target: - type: Utilization - averageUtilization: 70 ---- -apiVersion: autoscaling/v2 -kind: HorizontalPodAutoscaler -metadata: - name: broker-filter-hpa - namespace: knative-eventing - labels: - eventing.knative.dev/release: "v1.8.7" - app.kubernetes.io/component: broker-filter - app.kubernetes.io/version: "1.8.7" - app.kubernetes.io/name: knative-eventing -spec: - scaleTargetRef: - apiVersion: apps/v1 - kind: Deployment - name: mt-broker-filter - minReplicas: 1 - maxReplicas: 10 - metrics: - - type: Resource - resource: - name: cpu - target: - type: Utilization - averageUtilization: 70 - ---- diff --git a/cmd/operator/kodata/knative-eventing/1.8.7/5-eventing-post-install.yaml b/cmd/operator/kodata/knative-eventing/1.8.7/5-eventing-post-install.yaml deleted file mode 100644 index 24683b36ac..0000000000 --- a/cmd/operator/kodata/knative-eventing/1.8.7/5-eventing-post-install.yaml +++ /dev/null @@ -1,231 +0,0 @@ -# Copyright 2020 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRole -metadata: - name: knative-eventing-post-install-job-role - labels: - app.kubernetes.io/version: "1.8.7" - app.kubernetes.io/name: knative-eventing - eventing.knative.dev/release: "v1.8.7" -rules: - # Storage version upgrader needs to be able to patch CRDs. - - apiGroups: - - "apiextensions.k8s.io" - resources: - - "customresourcedefinitions" - - "customresourcedefinitions/status" - verbs: - - "get" - - "list" - - "update" - - "patch" - - "watch" - # Our own resources we care about. - - apiGroups: - - "sources.knative.dev" - resources: - - "apiserversources" - - "apiserversources/finalizers" - - "apiserversources/status" - - "containersources" - - "containersources/finalizers" - - "containersources/status" - - "pingsources" - - "pingsources/finalizers" - - "pingsources/status" - - "sinkbindings" - - "sinkbindings/finalizers" - - "sinkbindings/status" - verbs: - - "get" - - "list" - - "create" - - "update" - - "patch" - - "watch" - - apiGroups: - - "eventing.knative.dev" - resources: - - "brokers" - - "brokers/finalizers" - - "brokers/status" - - "eventtypes" - - "eventtypes/finalizers" - - "eventtypes/status" - - "triggers" - - "triggers/finalizers" - - "triggers/status" - verbs: - - "get" - - "list" - - "create" - - "update" - - "patch" - - "watch" - - apiGroups: - - "messaging.knative.dev" - resources: - - "channels" - - "channels/finalizers" - - "channels/status" - - "inmemorychannels" - - "inmemorychannels/finalizers" - - "inmemorychannels/status" - - "subscriptions" - - "subscriptions/finalizers" - - "subscriptions/status" - verbs: - - "get" - - "list" - - "create" - - "update" - - "patch" - - "watch" - - apiGroups: - - "flows.knative.dev" - resources: - - "parallels" - - "parallels/finalizers" - - "parallels/status" - - "sequences" - - "sequences/finalizers" - - "sequences/status" - verbs: - - "get" - - "list" - - "create" - - "update" - - "patch" - - "watch" - - apiGroups: - - "" - resources: - - "namespaces" - verbs: - - "get" - - "list" - ---- -# Copyright 2020 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: v1 -kind: ServiceAccount -metadata: - name: knative-eventing-post-install-job - namespace: knative-eventing - labels: - eventing.knative.dev/release: "v1.8.7" - app.kubernetes.io/version: "1.8.7" - app.kubernetes.io/name: knative-eventing ---- -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRoleBinding -metadata: - name: knative-eventing-post-install-job-role-binding - labels: - eventing.knative.dev/release: "v1.8.7" - app.kubernetes.io/version: "1.8.7" - app.kubernetes.io/name: knative-eventing -subjects: - - kind: ServiceAccount - name: knative-eventing-post-install-job - namespace: knative-eventing -roleRef: - kind: ClusterRole - name: knative-eventing-post-install-job-role - apiGroup: rbac.authorization.k8s.io - ---- -# Copyright 2020 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: batch/v1 -kind: Job -metadata: - generateName: storage-version-migration-eventing- - namespace: knative-eventing - labels: - app: "storage-version-migration-eventing" - app.kubernetes.io/name: knative-eventing - app.kubernetes.io/component: storage-version-migration-job - app.kubernetes.io/version: "1.8.7" - eventing.knative.dev/release: "v1.8.7" -spec: - ttlSecondsAfterFinished: 600 - backoffLimit: 10 - template: - metadata: - labels: - app: "storage-version-migration-eventing" - app.kubernetes.io/name: knative-eventing - app.kubernetes.io/component: storage-version-migration-job - app.kubernetes.io/version: "1.8.7" - eventing.knative.dev/release: "v1.8.7" - annotations: - sidecar.istio.io/inject: "false" - spec: - serviceAccountName: knative-eventing-post-install-job - restartPolicy: OnFailure - containers: - - name: migrate - image: gcr.io/knative-releases/knative.dev/pkg/apiextensions/storageversion/cmd/migrate@sha256:aba43d4bd2aeb16f1ddaf152eac17859b9d3021d6b84ed72b5a4101f4ec7831d - args: - - "apiserversources.sources.knative.dev" - - "brokers.eventing.knative.dev" - - "channels.messaging.knative.dev" - - "containersources.sources.knative.dev" - - "eventtypes.eventing.knative.dev" - - "inmemorychannels.messaging.knative.dev" - - "parallels.flows.knative.dev" - - "pingsources.sources.knative.dev" - - "sequences.flows.knative.dev" - - "sinkbindings.sources.knative.dev" - - "subscriptions.messaging.knative.dev" - - "triggers.eventing.knative.dev" - securityContext: - allowPrivilegeEscalation: false - readOnlyRootFilesystem: true - runAsNonRoot: true - capabilities: - drop: - - ALL - seccompProfile: - type: RuntimeDefault - ---- diff --git a/cmd/operator/kodata/knative-eventing/1.8.8/1-eventing-crds.yaml b/cmd/operator/kodata/knative-eventing/1.8.8/1-eventing-crds.yaml deleted file mode 100644 index e722ec4939..0000000000 --- a/cmd/operator/kodata/knative-eventing/1.8.8/1-eventing-crds.yaml +++ /dev/null @@ -1,2296 +0,0 @@ -# Copyright 2020 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - creationTimestamp: null - labels: - eventing.knative.dev/release: "v1.8.8" - eventing.knative.dev/source: "true" - duck.knative.dev/source: "true" - knative.dev/crd-install: "true" - app.kubernetes.io/version: "1.8.8" - app.kubernetes.io/name: knative-eventing - annotations: - # TODO add schemas and descriptions - registry.knative.dev/eventTypes: | - [ - { "type": "dev.knative.apiserver.resource.add" }, - { "type": "dev.knative.apiserver.resource.delete" }, - { "type": "dev.knative.apiserver.resource.update" }, - { "type": "dev.knative.apiserver.ref.add" }, - { "type": "dev.knative.apiserver.ref.delete" }, - { "type": "dev.knative.apiserver.ref.update" } - ] - name: apiserversources.sources.knative.dev -spec: - group: sources.knative.dev - versions: - - name: v1 - served: true - storage: true - subresources: - status: {} - schema: - openAPIV3Schema: - description: 'ApiServerSource is an event source that brings Kubernetes API server events into Knative.' - type: object - properties: - spec: - type: object - required: - - resources - properties: - ceOverrides: - description: CloudEventOverrides defines overrides to control the output format and modifications of the event sent to the sink. - type: object - properties: - extensions: - description: Extensions specify what attribute are added or overridden on the outbound event. Each `Extensions` key-value pair are set on the event as an attribute extension independently. - type: object - x-kubernetes-preserve-unknown-fields: true - mode: - description: EventMode controls the format of the event. `Reference` sends a dataref event type for the resource under watch. `Resource` send the full resource lifecycle event. Defaults to `Reference` - type: string - owner: - description: ResourceOwner is an additional filter to only track resources that are owned by a specific resource type. If ResourceOwner matches Resources[n] then Resources[n] is allowed to pass the ResourceOwner filter. - type: object - properties: - apiVersion: - description: APIVersion - the API version of the resource to watch. - type: string - kind: - description: 'Kind of the resource to watch. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - resources: - description: Resource are the resources this source will track and send related lifecycle events from the Kubernetes ApiServer, with an optional label selector to help filter. - type: array - items: - type: object - properties: - apiVersion: - description: APIVersion - the API version of the resource to watch. - type: string - kind: - description: 'Kind of the resource to watch. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - selector: - description: 'LabelSelector filters this source to objects to those resources pass the label selector. More info: http://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#label-selectors' - type: object - properties: - matchExpressions: - description: matchExpressions is a list of label selector requirements. The requirements are ANDed. - type: array - items: - type: object - properties: - key: - description: key is the label key that the selector applies to. - type: string - operator: - description: operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. - type: string - values: - description: values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. - type: array - items: - type: string - matchLabels: - description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. - type: object - x-kubernetes-preserve-unknown-fields: true - serviceAccountName: - description: ServiceAccountName is the name of the ServiceAccount to use to run this source. Defaults to default if not set. - type: string - sink: - description: Sink is a reference to an object that will resolve to a uri to use as the sink. - type: object - properties: - ref: - description: Ref points to an Addressable. - type: object - properties: - apiVersion: - description: API version of the referent. - type: string - kind: - description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - namespace: - description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ This is optional field, it gets defaulted to the object holding it if left out.' - type: string - uri: - description: URI can be an absolute URL(non-empty scheme and non-empty host) pointing to the target or a relative URI. Relative URIs will be resolved using the base URI retrieved from Ref. - type: string - status: - type: object - properties: - annotations: - description: Annotations is additional Status fields for the Resource to save some additional State as well as convey more information to the user. This is roughly akin to Annotations on any k8s resource, just the reconciler conveying richer information outwards. - type: object - x-kubernetes-preserve-unknown-fields: true - ceAttributes: - description: CloudEventAttributes are the specific attributes that the Source uses as part of its CloudEvents. - type: array - items: - type: object - properties: - source: - description: Source is the CloudEvents source attribute. - type: string - type: - description: Type refers to the CloudEvent type attribute. - type: string - conditions: - description: Conditions the latest available observations of a resource's current state. - type: array - items: - type: object - required: - - type - - status - properties: - lastTransitionTime: - description: LastTransitionTime is the last time the condition transitioned from one status to another. We use VolatileTime in place of metav1.Time to exclude this from creating equality.Semantic differences (all other things held constant). - type: string - message: - description: A human readable message indicating details about the transition. - type: string - reason: - description: The reason for the condition's last transition. - type: string - severity: - description: Severity with which to treat failures of this type of condition. When this is not specified, it defaults to Error. - type: string - status: - description: Status of the condition, one of True, False, Unknown. - type: string - type: - description: Type of condition. - type: string - observedGeneration: - description: ObservedGeneration is the 'Generation' of the Service that was last processed by the controller. - type: integer - format: int64 - sinkUri: - description: SinkURI is the current active sink URI that has been configured for the Source. - type: string - additionalPrinterColumns: - - name: Sink - type: string - jsonPath: ".status.sinkUri" - - name: Age - type: date - jsonPath: .metadata.creationTimestamp - - name: Ready - type: string - jsonPath: ".status.conditions[?(@.type==\"Ready\")].status" - - name: Reason - type: string - jsonPath: ".status.conditions[?(@.type==\"Ready\")].reason" - names: - categories: - - all - - knative - - sources - kind: ApiServerSource - plural: apiserversources - singular: apiserversource - scope: Namespaced - ---- -# Copyright 2020 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - name: brokers.eventing.knative.dev - labels: - eventing.knative.dev/release: "v1.8.8" - knative.dev/crd-install: "true" - duck.knative.dev/addressable: "true" - app.kubernetes.io/version: "1.8.8" - app.kubernetes.io/name: knative-eventing -spec: - group: eventing.knative.dev - versions: - - name: v1 - served: true - storage: true - subresources: - status: {} - schema: - openAPIV3Schema: - description: 'Broker collects a pool of events that are consumable using Triggers. Brokers provide a well-known endpoint for event delivery that senders can use with minimal knowledge of the event routing strategy. Subscribers use Triggers to request delivery of events from a Broker''s pool to a specific URL or Addressable endpoint.' - type: object - properties: - spec: - description: Spec defines the desired state of the Broker. - type: object - properties: - config: - description: Config is a KReference to the configuration that specifies configuration options for this Broker. For example, this could be a pointer to a ConfigMap. - type: object - properties: - apiVersion: - description: API version of the referent. - type: string - kind: - description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - namespace: - description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ This is optional field, it gets defaulted to the object holding it if left out.' - type: string - delivery: - description: Delivery contains the delivery spec for each trigger to this Broker. Each trigger delivery spec, if any, overrides this global delivery spec. - type: object - properties: - backoffDelay: - description: 'BackoffDelay is the delay before retrying. More information on Duration format: - https://www.iso.org/iso-8601-date-and-time-format.html - https://en.wikipedia.org/wiki/ISO_8601 For linear policy, backoff delay is backoffDelay*. For exponential policy, backoff delay is backoffDelay*2^.' - type: string - backoffPolicy: - description: BackoffPolicy is the retry backoff policy (linear, exponential). - type: string - deadLetterSink: - description: DeadLetterSink is the sink receiving event that could not be sent to a destination. - type: object - properties: - ref: - description: Ref points to an Addressable. - type: object - properties: - apiVersion: - description: API version of the referent. - type: string - kind: - description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - namespace: - description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ This is optional field, it gets defaulted to the object holding it if left out.' - type: string - uri: - description: URI can be an absolute URL(non-empty scheme and non-empty host) pointing to the target or a relative URI. Relative URIs will be resolved using the base URI retrieved from Ref. - type: string - retry: - description: Retry is the minimum number of retries the sender should attempt when sending an event before moving it to the dead letter sink. - type: integer - format: int32 - x-kubernetes-preserve-unknown-fields: true # This is necessary to enable the experimental feature delivery-timeout - status: - description: Status represents the current state of the Broker. This data may be out of date. - type: object - properties: - address: - description: Broker is Addressable. It exposes the endpoint as an URI to get events delivered into the Broker mesh. - type: object - properties: - url: - type: string - annotations: - description: Annotations is additional Status fields for the Resource to save some additional State as well as convey more information to the user. This is roughly akin to Annotations on any k8s resource, just the reconciler conveying richer information outwards. - type: object - x-kubernetes-preserve-unknown-fields: true - conditions: - description: Conditions the latest available observations of a resource's current state. - type: array - items: - type: object - required: - - type - - status - properties: - lastTransitionTime: - description: 'LastTransitionTime is the last time the condition transitioned from one status to another. We use VolatileTime in place of metav1.Time to exclude this from creating equality.Semantic differences (all other things held constant).' - type: string - message: - description: 'A human readable message indicating details about the transition.' - type: string - reason: - description: 'The reason for the condition''s last transition.' - type: string - severity: - description: 'Severity with which to treat failures of this type of condition. When this is not specified, it defaults to Error.' - type: string - status: - description: 'Status of the condition, one of True, False, Unknown.' - type: string - type: - description: 'Type of condition.' - type: string - deadLetterSinkUri: - description: DeadLetterSinkURI is the resolved URI of the dead letter sink that will be used as a fallback when not specified by Triggers. - type: string - observedGeneration: - description: ObservedGeneration is the 'Generation' of the Service that was last processed by the controller. - type: integer - format: int64 - additionalPrinterColumns: - - name: URL - type: string - jsonPath: .status.address.url - - name: Age - type: date - jsonPath: .metadata.creationTimestamp - - name: Ready - type: string - jsonPath: ".status.conditions[?(@.type==\"Ready\")].status" - - name: Reason - type: string - jsonPath: ".status.conditions[?(@.type==\"Ready\")].reason" - names: - kind: Broker - plural: brokers - singular: broker - categories: - - all - - knative - - eventing - scope: Namespaced - ---- -# Copyright 2020 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - name: channels.messaging.knative.dev - labels: - eventing.knative.dev/release: "v1.8.8" - knative.dev/crd-install: "true" - messaging.knative.dev/subscribable: "true" - duck.knative.dev/addressable: "true" - app.kubernetes.io/version: "1.8.8" - app.kubernetes.io/name: knative-eventing -spec: - group: messaging.knative.dev - versions: - - name: v1 - served: true - storage: true - subresources: - status: {} - additionalPrinterColumns: - - name: URL - type: string - jsonPath: .status.address.url - - name: Age - type: date - jsonPath: .metadata.creationTimestamp - - name: Ready - type: string - jsonPath: ".status.conditions[?(@.type==\"Ready\")].status" - - name: Reason - type: string - jsonPath: ".status.conditions[?(@.type==\"Ready\")].reason" - schema: - openAPIV3Schema: - description: 'Channel represents a generic Channel. It is normally used when we want a Channel, but do not need a specific Channel implementation.' - type: object - properties: - spec: - description: Spec defines the desired state of the Channel. - type: object - properties: - channelTemplate: - description: ChannelTemplate specifies which Channel CRD to use to create the CRD Channel backing this Channel. This is immutable after creation. Normally this is set by the Channel defaulter, not directly by the user. - type: object - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - spec: - description: Spec defines the Spec to use for each channel created. Passed in verbatim to the Channel CRD as Spec section. - type: object - x-kubernetes-preserve-unknown-fields: true - delivery: - description: DeliverySpec contains the default delivery spec for each subscription to this Channelable. Each subscription delivery spec, if any, overrides this global delivery spec. - type: object - properties: - backoffDelay: - description: 'BackoffDelay is the delay before retrying. More information on Duration format: - https://www.iso.org/iso-8601-date-and-time-format.html - https://en.wikipedia.org/wiki/ISO_8601 For linear policy, backoff delay is backoffDelay*. For exponential policy, backoff delay is backoffDelay*2^.' - type: string - backoffPolicy: - description: BackoffPolicy is the retry backoff policy (linear, exponential). - type: string - deadLetterSink: - description: DeadLetterSink is the sink receiving event that could not be sent to a destination. - type: object - properties: - ref: - description: Ref points to an Addressable. - type: object - properties: - apiVersion: - description: API version of the referent. - type: string - kind: - description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - namespace: - description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ This is optional field, it gets defaulted to the object holding it if left out.' - type: string - uri: - description: URI can be an absolute URL(non-empty scheme and non-empty host) pointing to the target or a relative URI. Relative URIs will be resolved using the base URI retrieved from Ref. - type: string - retry: - description: Retry is the minimum number of retries the sender should attempt when sending an event before moving it to the dead letter sink. - type: integer - format: int32 - x-kubernetes-preserve-unknown-fields: true # This is necessary to enable the experimental feature delivery-timeout - subscribers: - description: This is the list of subscriptions for this subscribable. - type: array - items: - type: object - properties: - delivery: - description: DeliverySpec contains options controlling the event delivery - type: object - properties: - backoffDelay: - description: 'BackoffDelay is the delay before retrying. More information on Duration format: - https://www.iso.org/iso-8601-date-and-time-format.html - https://en.wikipedia.org/wiki/ISO_8601 For linear policy, backoff delay is backoffDelay*. For exponential policy, backoff delay is backoffDelay*2^.' - type: string - backoffPolicy: - description: BackoffPolicy is the retry backoff policy (linear, exponential). - type: string - deadLetterSink: - description: DeadLetterSink is the sink receiving event that could not be sent to a destination. - type: object - properties: - ref: - description: Ref points to an Addressable. - type: object - properties: - apiVersion: - description: API version of the referent. - type: string - kind: - description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - namespace: - description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ This is optional field, it gets defaulted to the object holding it if left out.' - type: string - uri: - description: URI can be an absolute URL(non-empty scheme and non-empty host) pointing to the target or a relative URI. Relative URIs will be resolved using the base URI retrieved from Ref. - type: string - retry: - description: Retry is the minimum number of retries the sender should attempt when sending an event before moving it to the dead letter sink. - type: integer - format: int32 - x-kubernetes-preserve-unknown-fields: true # This is necessary to enable the experimental feature - generation: - description: Generation of the origin of the subscriber with uid:UID. - type: integer - format: int64 - replyUri: - description: ReplyURI is the endpoint for the reply - type: string - subscriberUri: - description: SubscriberURI is the endpoint for the subscriber - type: string - uid: - description: UID is used to understand the origin of the subscriber. - type: string - status: - description: Status represents the current state of the Channel. This data may be out of date. - type: object - properties: - address: - type: object - properties: - url: - type: string - annotations: - description: Annotations is additional Status fields for the Resource to save some additional State as well as convey more information to the user. This is roughly akin to Annotations on any k8s resource, just the reconciler conveying richer information outwards. - type: object - x-kubernetes-preserve-unknown-fields: true - channel: - description: Channel is an KReference to the Channel CRD backing this Channel. - type: object - properties: - apiVersion: - description: API version of the referent. - type: string - kind: - description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - namespace: - description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ This is optional field, it gets defaulted to the object holding it if left out.' - type: string - conditions: - description: Conditions the latest available observations of a resource's current state. - type: array - items: - type: object - required: - - type - - status - properties: - lastTransitionTime: - description: LastTransitionTime is the last time the condition transitioned from one status to another. We use VolatileTime in place of metav1.Time to exclude this from creating equality.Semantic differences (all other things held constant). - type: string - message: - description: A human readable message indicating details about the transition. - type: string - reason: - description: The reason for the condition's last transition. - type: string - severity: - description: Severity with which to treat failures of this type of condition. When this is not specified, it defaults to Error. - type: string - status: - description: Status of the condition, one of True, False, Unknown. - type: string - type: - description: Type of condition. - type: string - deadLetterChannel: - description: DeadLetterChannel is a KReference and is set by the channel when it supports native error handling via a channel Failed messages are delivered here. - type: object - properties: - apiVersion: - description: API version of the referent. - type: string - kind: - description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - namespace: - description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ This is optional field, it gets defaulted to the object holding it if left out.' - type: string - deadLetterSinkUri: - description: DeadLetterSinkURI is the resolved URI of the dead letter sink that will be used as a fallback when not specified by Triggers. - type: string - observedGeneration: - description: ObservedGeneration is the 'Generation' of the Service that was last processed by the controller. - type: integer - format: int64 - subscribers: - description: This is the list of subscription's statuses for this channel. - type: array - items: - type: object - properties: - message: - description: A human readable message indicating details of Ready status. - type: string - observedGeneration: - description: Generation of the origin of the subscriber with uid:UID. - type: integer - format: int64 - ready: - description: Status of the subscriber. - type: string - uid: - description: UID is used to understand the origin of the subscriber. - type: string - names: - kind: Channel - plural: channels - singular: channel - categories: - - all - - knative - - messaging - - channel - shortNames: - - ch - scope: Namespaced - ---- -# Copyright 2020 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - labels: - eventing.knative.dev/release: "v1.8.8" - eventing.knative.dev/source: "true" - duck.knative.dev/source: "true" - knative.dev/crd-install: "true" - app.kubernetes.io/version: "1.8.8" - app.kubernetes.io/name: knative-eventing - name: containersources.sources.knative.dev -spec: - group: sources.knative.dev - versions: - - name: v1 - served: true - storage: true - subresources: - status: {} - schema: - openAPIV3Schema: - description: 'ContainerSource is an event source that starts a container image which generates events under certain situations and sends messages to a sink URI' - type: object - properties: - spec: - type: object - properties: - ceOverrides: - description: CloudEventOverrides defines overrides to control the output format and modifications of the event sent to the sink. - type: object - properties: - extensions: - description: Extensions specify what attribute are added or overridden on the outbound event. Each `Extensions` key-value pair are set on the event as an attribute extension independently. - type: object - x-kubernetes-preserve-unknown-fields: true - sink: - description: Sink is a reference to an object that will resolve to a uri to use as the sink. - type: object - properties: - ref: - description: Ref points to an Addressable. - type: object - properties: - apiVersion: - description: API version of the referent. - type: string - kind: - description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - namespace: - description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ This is optional field, it gets defaulted to the object holding it if left out.' - type: string - uri: - description: URI can be an absolute URL(non-empty scheme and non-empty host) pointing to the target or a relative URI. Relative URIs will be resolved using the base URI retrieved from Ref. - type: string - # WARNING: the schema tool can not parse PodTemplateSpec, stub here and redirect to Deployment documentation. - template: - type: object - x-kubernetes-preserve-unknown-fields: true - description: 'A template in the shape of `Deployment.spec.template` to be used for this ContainerSource. More info: https://kubernetes.io/docs/concepts/workloads/controllers/deployment/' - status: - type: object - properties: - annotations: - description: Annotations is additional Status fields for the Resource to save some additional State as well as convey more information to the user. This is roughly akin to Annotations on any k8s resource, just the reconciler conveying richer information outwards. - type: object - x-kubernetes-preserve-unknown-fields: true - ceAttributes: - description: CloudEventAttributes are the specific attributes that the Source uses as part of its CloudEvents. - type: array - items: - type: object - properties: - source: - description: Source is the CloudEvents source attribute. - type: string - type: - description: Type refers to the CloudEvent type attribute. - type: string - conditions: - description: Conditions the latest available observations of a resource's current state. - type: array - items: - type: object - required: - - type - - status - properties: - lastTransitionTime: - description: LastTransitionTime is the last time the condition transitioned from one status to another. We use VolatileTime in place of metav1.Time to exclude this from creating equality.Semantic differences (all other things held constant). - type: string - message: - description: A human readable message indicating details about the transition. - type: string - reason: - description: The reason for the condition's last transition. - type: string - severity: - description: Severity with which to treat failures of this type of condition. When this is not specified, it defaults to Error. - type: string - status: - description: Status of the condition, one of True, False, Unknown. - type: string - type: - description: Type of condition. - type: string - observedGeneration: - description: ObservedGeneration is the 'Generation' of the Service that was last processed by the controller. - type: integer - format: int64 - sinkUri: - description: SinkURI is the current active sink URI that has been configured for the Source. - type: string - additionalPrinterColumns: - - name: Sink - type: string - jsonPath: ".status.sinkUri" - - name: Age - type: date - jsonPath: .metadata.creationTimestamp - - name: Ready - type: string - jsonPath: ".status.conditions[?(@.type==\"Ready\")].status" - - name: Reason - type: string - jsonPath: ".status.conditions[?(@.type=='Ready')].reason" - names: - categories: - - all - - knative - - sources - kind: ContainerSource - plural: containersources - singular: containersource - scope: Namespaced - ---- -# Copyright 2020 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - name: eventtypes.eventing.knative.dev - labels: - eventing.knative.dev/release: "v1.8.8" - knative.dev/crd-install: "true" - app.kubernetes.io/version: "1.8.8" - app.kubernetes.io/name: knative-eventing -spec: - group: eventing.knative.dev - versions: - - name: v1beta1 - served: true - storage: true - subresources: - status: {} - schema: - openAPIV3Schema: - type: object - description: 'EventType represents a type of event that can be consumed from a Broker.' - properties: - spec: - description: 'Spec defines the desired state of the EventType.' - type: object - properties: - broker: - type: string - description: - description: 'Description is an optional field used to describe the EventType, in any meaningful way.' - type: string - schema: - description: 'Schema is a URI, it represents the CloudEvents schemaurl extension attribute. It may be a JSON schema, a protobuf schema, etc. It is optional.' - type: string - schemaData: - description: 'SchemaData allows the CloudEvents schema to be stored directly in the EventType. Content is dependent on the encoding. Optional attribute. The contents are not validated or manipulated by the system.' - type: string - source: - description: 'Source is a URI, it represents the CloudEvents source.' - type: string - type: - description: 'Type represents the CloudEvents type. It is authoritative.' - type: string - status: - description: 'Status represents the current state of the EventType. This data may be out of date.' - type: object - properties: - annotations: - description: 'Annotations is additional Status fields for the Resource to save some additional State as well as convey more information to the user. This is roughly akin to Annotations on any k8s resource, just the reconciler conveying richer information outwards.' - type: object - x-kubernetes-preserve-unknown-fields: true - conditions: - description: 'Conditions the latest available observations of a resource''s current state.' - type: array - items: - type: object - required: - - type - - status - properties: - lastTransitionTime: - description: 'LastTransitionTime is the last time the condition transitioned from one status to another. We use VolatileTime in place of metav1.Time to exclude this from creating equality.Semantic differences (all other things held constant).' - type: string - message: - description: 'A human readable message indicating details about the transition.' - type: string - reason: - description: 'The reason for the condition''s last transition.' - type: string - severity: - description: 'Severity with which to treat failures of this type of condition. When this is not specified, it defaults to Error.' - type: string - status: - description: 'Status of the condition, one of True, False, Unknown.' - type: string - type: - description: 'Type of condition.' - type: string - observedGeneration: - description: 'ObservedGeneration is the ''Generation'' of the Service that was last processed by the controller.' - type: integer - format: int64 - additionalPrinterColumns: - - name: Type - type: string - jsonPath: ".spec.type" - - name: Source - type: string - jsonPath: ".spec.source" - - name: Schema - type: string - jsonPath: ".spec.schema" - - name: Broker - type: string - jsonPath: ".spec.broker" - - name: Description - type: string - jsonPath: ".spec.description" - # TODO remove Status https://github.com/knative/eventing/issues/2750 - - name: Ready - type: string - jsonPath: ".status.conditions[?(@.type==\"Ready\")].status" - - name: Reason - type: string - jsonPath: ".status.conditions[?(@.type==\"Ready\")].reason" - names: - kind: EventType - plural: eventtypes - singular: eventtype - categories: - - all - - knative - - eventing - scope: Namespaced - ---- -# Copyright 2020 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - name: parallels.flows.knative.dev - labels: - eventing.knative.dev/release: "v1.8.8" - knative.dev/crd-install: "true" - duck.knative.dev/addressable: "true" - app.kubernetes.io/version: "1.8.8" - app.kubernetes.io/name: knative-eventing -spec: - group: flows.knative.dev - versions: - - name: v1 - served: true - storage: true - subresources: - status: {} - schema: - openAPIV3Schema: - description: 'Parallel defines conditional branches that will be wired in series through Channels and Subscriptions.' - type: object - properties: - spec: - description: Spec defines the desired state of the Parallel. - type: object - properties: - branches: - description: Branches is the list of Filter/Subscribers pairs. - type: array - items: - type: object - x-kubernetes-preserve-unknown-fields: true - properties: - delivery: - description: Delivery is the delivery specification for events to the subscriber This includes things like retries, DLQ, etc. - type: object - properties: - backoffDelay: - description: 'BackoffDelay is the delay before retrying. More information on Duration format: - https://www.iso.org/iso-8601-date-and-time-format.html - https://en.wikipedia.org/wiki/ISO_8601 For linear policy, backoff delay is backoffDelay*. For exponential policy, backoff delay is backoffDelay*2^.' - type: string - backoffPolicy: - description: BackoffPolicy is the retry backoff policy (linear, exponential). - type: string - deadLetterSink: - description: DeadLetterSink is the sink receiving event that could not be sent to a destination. - type: object - properties: &addressableProperties - ref: - description: Ref points to an Addressable. - type: object - properties: - apiVersion: - description: API version of the referent. - type: string - kind: - description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - namespace: - description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ This is optional field, it gets defaulted to the object holding it if left out.' - type: string - uri: - description: URI can be an absolute URL(non-empty scheme and non-empty host) pointing to the target or a relative URI. Relative URIs will be resolved using the base URI retrieved from Ref. - type: string - retry: - description: Retry is the minimum number of retries the sender should attempt when sending an event before moving it to the dead letter sink. - type: integer - format: int32 - x-kubernetes-preserve-unknown-fields: true # This is necessary to enable the experimental feature delivery-timeout - filter: - description: Filter is the expression guarding the branch - type: object - properties: - !!merge <<: *addressableProperties - reply: - description: Reply is a Reference to where the result of Subscriber of this case gets sent to. If not specified, sent the result to the Parallel Reply - type: object - properties: - !!merge <<: *addressableProperties - subscriber: - description: Subscriber receiving the event when the filter passes - type: object - properties: - !!merge <<: *addressableProperties - channelTemplate: - description: ChannelTemplate specifies which Channel CRD to use. If left unspecified, it is set to the default Channel CRD for the namespace (or cluster, in case there are no defaults for the namespace). - type: object - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - spec: - description: Spec defines the Spec to use for each channel created. Passed in verbatim to the Channel CRD as Spec section. - type: object - x-kubernetes-preserve-unknown-fields: true - reply: - description: Reply is a Reference to where the result of a case Subscriber gets sent to when the case does not have a Reply - type: object - properties: - !!merge <<: *addressableProperties - status: - description: Status represents the current state of the Parallel. This data may be out of date. - type: object - properties: - address: - type: object - properties: - url: - type: string - annotations: - description: Annotations is additional Status fields for the Resource to save some additional State as well as convey more information to the user. This is roughly akin to Annotations on any k8s resource, just the reconciler conveying richer information outwards. - type: object - x-kubernetes-preserve-unknown-fields: true - branchStatuses: - description: BranchStatuses is an array of corresponding to branch statuses. Matches the Spec.Branches array in the order. - type: array - items: - type: object - properties: - filterChannelStatus: - description: FilterChannelStatus corresponds to the filter channel status. - type: object - properties: &channelProperties - channel: - description: Channel is the reference to the underlying channel. - type: object - properties: &referentProperties - apiVersion: - description: API version of the referent. - type: string - fieldPath: - description: 'If referring to a piece of an object instead of an entire object, this string should contain a valid JSON/Go field access statement, such as desiredState.manifest.containers[2]. For example, if the object reference is to a container within a pod, this would take on a value like: "spec.containers{name}" (where "name" refers to the name of the container that triggered the event) or if no container name is specified "spec.containers[2]" (container with index 2 in this pod). This syntax is chosen only to have some well-defined way of referencing a part of an object.' - type: string - kind: - description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - namespace: - description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' - type: string - resourceVersion: - description: 'Specific resourceVersion to which this reference is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency' - type: string - uid: - description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids' - type: string - ready: - description: ReadyCondition indicates whether the Channel is ready or not. - type: object - x-kubernetes-preserve-unknown-fields: true - properties: &readyConditionProperties - message: - description: A human readable message indicating details about the transition. - type: string - reason: - description: The reason for the condition's last transition. - type: string - severity: - description: Severity with which to treat failures of this type of condition. When this is not specified, it defaults to Error. - type: string - status: - description: Status of the condition, one of True, False, Unknown. - type: string - type: - description: Type of condition. - type: string - filterSubscriptionStatus: - description: FilterSubscriptionStatus corresponds to the filter subscription status. - type: object - properties: - ready: - description: ReadyCondition indicates whether the Subscription is ready or not. - type: object - properties: - !!merge <<: *readyConditionProperties - subscription: - description: Subscription is the reference to the underlying Subscription. - type: object - properties: - !!merge <<: *referentProperties - subscriberSubscriptionStatus: - description: SubscriptionStatus corresponds to the subscriber subscription status. - type: object - properties: - ready: - description: ReadyCondition indicates whether the Subscription is ready or not. - type: object - properties: - !!merge <<: *readyConditionProperties - subscription: - description: Subscription is the reference to the underlying Subscription. - type: object - properties: - !!merge <<: *referentProperties - conditions: - description: Conditions the latest available observations of a resource's current state. - type: array - items: - type: object - properties: - !!merge <<: *readyConditionProperties - ingressChannelStatus: - description: IngressChannelStatus corresponds to the ingress channel status. - type: object - properties: - !!merge <<: *channelProperties - observedGeneration: - description: ObservedGeneration is the 'Generation' of the Service that was last processed by the controller. - type: integer - format: int64 - additionalPrinterColumns: - - name: URL - type: string - jsonPath: .status.address.url - - name: Age - type: date - jsonPath: .metadata.creationTimestamp - - name: Ready - type: string - jsonPath: ".status.conditions[?(@.type==\"Ready\")].status" - - name: Reason - type: string - jsonPath: ".status.conditions[?(@.type==\"Ready\")].reason" - names: - kind: Parallel - plural: parallels - singular: parallel - categories: - - all - - knative - - flows - scope: Namespaced - ---- -# Copyright 2020 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - labels: - eventing.knative.dev/release: "v1.8.8" - eventing.knative.dev/source: "true" - duck.knative.dev/source: "true" - knative.dev/crd-install: "true" - app.kubernetes.io/version: "1.8.8" - app.kubernetes.io/name: knative-eventing - annotations: - # TODO add schemas and descriptions - registry.knative.dev/eventTypes: | - [ - { "type": "dev.knative.sources.ping" } - ] - name: pingsources.sources.knative.dev -spec: - group: sources.knative.dev - versions: - - &version - name: v1beta2 - served: true - storage: false - subresources: - status: {} - schema: - openAPIV3Schema: - type: object - description: 'PingSource describes an event source with a fixed payload produced on a specified cron schedule.' - properties: - spec: - type: object - description: 'PingSourceSpec defines the desired state of the PingSource (from the client).' - properties: - ceOverrides: - description: 'CloudEventOverrides defines overrides to control the output format and modifications of the event sent to the sink.' - type: object - properties: - extensions: - description: 'Extensions specify what attribute are added or overridden on the outbound event. Each `Extensions` key-value pair are set on the event as an attribute extension independently.' - type: object - additionalProperties: - type: string - x-kubernetes-preserve-unknown-fields: true - contentType: - description: 'ContentType is the media type of `data` or `dataBase64`. Default is empty.' - type: string - data: - description: 'Data is data used as the body of the event posted to the sink. Default is empty. Mutually exclusive with `dataBase64`.' - type: string - dataBase64: - description: "DataBase64 is the base64-encoded string of the actual event's body posted to the sink. Default is empty. Mutually exclusive with `data`." - type: string - schedule: - description: 'Schedule is the cron schedule. Defaults to `* * * * *`.' - type: string - sink: - description: 'Sink is a reference to an object that will resolve to a uri to use as the sink.' - type: object - properties: - ref: - description: 'Ref points to an Addressable.' - type: object - properties: - apiVersion: - description: 'API version of the referent.' - type: string - kind: - description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - namespace: - description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ This is optional field, it gets defaulted to the object holding it if left out.' - type: string - uri: - description: 'URI can be an absolute URL(non-empty scheme and non-empty host) pointing to the target or a relative URI. Relative URIs will be resolved using the base URI retrieved from Ref.' - type: string - timezone: - description: 'Timezone modifies the actual time relative to the specified timezone. Defaults to the system time zone. More general information about time zones: https://www.iana.org/time-zones List of valid timezone values: https://en.wikipedia.org/wiki/List_of_tz_database_time_zones' - type: string - status: - type: object - description: 'PingSourceStatus defines the observed state of PingSource (from the controller).' - properties: - annotations: - description: 'Annotations is additional Status fields for the Resource to save some additional State as well as convey more information to the user. This is roughly akin to Annotations on any k8s resource, just the reconciler conveying richer information outwards.' - type: object - x-kubernetes-preserve-unknown-fields: true - ceAttributes: - description: 'CloudEventAttributes are the specific attributes that the Source uses as part of its CloudEvents.' - type: array - items: - type: object - properties: - source: - description: 'Source is the CloudEvents source attribute.' - type: string - type: - description: 'Type refers to the CloudEvent type attribute.' - type: string - conditions: - description: 'Conditions the latest available observations of a resource''s current state.' - type: array - items: - type: object - required: - - type - - status - properties: - lastTransitionTime: - description: 'LastTransitionTime is the last time the condition transitioned from one status to another. We use VolatileTime in place of metav1.Time to exclude this from creating equality.Semantic differences (all other things held constant).' - type: string - message: - description: 'A human readable message indicating details about the transition.' - type: string - reason: - description: 'The reason for the condition''s last transition.' - type: string - severity: - description: 'Severity with which to treat failures of this type of condition. When this is not specified, it defaults to Error.' - type: string - status: - description: 'Status of the condition, one of True, False, Unknown.' - type: string - type: - description: 'Type of condition.' - type: string - observedGeneration: - description: 'ObservedGeneration is the "Generation" of the Service that was last processed by the controller.' - type: integer - format: int64 - sinkUri: - description: 'SinkURI is the current active sink URI that has been configured for the Source.' - type: string - additionalPrinterColumns: - - name: Sink - type: string - jsonPath: .status.sinkUri - - name: Schedule - type: string - jsonPath: .spec.schedule - - name: Age - type: date - jsonPath: .metadata.creationTimestamp - - name: Ready - type: string - jsonPath: ".status.conditions[?(@.type=='Ready')].status" - - name: Reason - type: string - jsonPath: ".status.conditions[?(@.type=='Ready')].reason" - - !!merge <<: *version - name: v1 - served: true - storage: true - # v1 schema is identical to the v1beta2 schema - names: - categories: - - all - - knative - - sources - kind: PingSource - plural: pingsources - singular: pingsource - scope: Namespaced - conversion: - strategy: Webhook - webhook: - conversionReviewVersions: ["v1", "v1beta1"] - clientConfig: - service: - name: eventing-webhook - namespace: knative-eventing - ---- -# Copyright 2020 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - name: sequences.flows.knative.dev - labels: - eventing.knative.dev/release: "v1.8.8" - knative.dev/crd-install: "true" - duck.knative.dev/addressable: "true" - app.kubernetes.io/version: "1.8.8" - app.kubernetes.io/name: knative-eventing -spec: - group: flows.knative.dev - versions: - - name: v1 - served: true - storage: true - subresources: - status: {} - schema: - openAPIV3Schema: - description: 'Sequence defines a sequence of Subscribers that will be wired in series through Channels and Subscriptions.' - type: object - properties: - spec: - description: Spec defines the desired state of the Sequence. - type: object - properties: - channelTemplate: - description: ChannelTemplate specifies which Channel CRD to use. If left unspecified, it is set to the default Channel CRD for the namespace (or cluster, in case there are no defaults for the namespace). - type: object - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - spec: - description: Spec defines the Spec to use for each channel created. Passed in verbatim to the Channel CRD as Spec section. - type: object - x-kubernetes-preserve-unknown-fields: true - reply: - description: Reply is a Reference to where the result of the last Subscriber gets sent to. - type: object - properties: - ref: - description: Ref points to an Addressable. - type: object - properties: - apiVersion: - description: API version of the referent. - type: string - kind: - description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - namespace: - description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ This is optional field, it gets defaulted to the object holding it if left out.' - type: string - uri: - description: URI can be an absolute URL(non-empty scheme and non-empty host) pointing to the target or a relative URI. Relative URIs will be resolved using the base URI retrieved from Ref. - type: string - steps: - description: Steps is the list of Destinations (processors / functions) that will be called in the order provided. Each step has its own delivery options - type: array - items: - type: object - properties: - delivery: - description: Delivery is the delivery specification for events to the subscriber This includes things like retries, DLQ, etc. - type: object - properties: - backoffDelay: - description: 'BackoffDelay is the delay before retrying. More information on Duration format: - https://www.iso.org/iso-8601-date-and-time-format.html - https://en.wikipedia.org/wiki/ISO_8601 For linear policy, backoff delay is backoffDelay*. For exponential policy, backoff delay is backoffDelay*2^.' - type: string - backoffPolicy: - description: BackoffPolicy is the retry backoff policy (linear, exponential). - type: string - deadLetterSink: - description: DeadLetterSink is the sink receiving event that could not be sent to a destination. - type: object - properties: - ref: - description: Ref points to an Addressable. - type: object - properties: - apiVersion: - description: API version of the referent. - type: string - kind: - description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - namespace: - description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ This is optional field, it gets defaulted to the object holding it if left out.' - type: string - uri: - description: URI can be an absolute URL(non-empty scheme and non-empty host) pointing to the target or a relative URI. Relative URIs will be resolved using the base URI retrieved from Ref. - type: string - retry: - description: Retry is the minimum number of retries the sender should attempt when sending an event before moving it to the dead letter sink. - type: integer - format: int32 - x-kubernetes-preserve-unknown-fields: true # This is necessary to enable the experimental feature delivery-timeout - ref: - description: Ref points to an Addressable. - type: object - properties: - apiVersion: - description: API version of the referent. - type: string - kind: - description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - namespace: - description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ This is optional field, it gets defaulted to the object holding it if left out.' - type: string - uri: - description: URI can be an absolute URL(non-empty scheme and non-empty host) pointing to the target or a relative URI. Relative URIs will be resolved using the base URI retrieved from Ref. - type: string - status: - description: Status represents the current state of the Sequence. This data may be out of date. - type: object - properties: - address: - type: object - properties: - url: - type: string - annotations: - description: Annotations is additional Status fields for the Resource to save some additional State as well as convey more information to the user. This is roughly akin to Annotations on any k8s resource, just the reconciler conveying richer information outwards. - type: object - x-kubernetes-preserve-unknown-fields: true - channelStatuses: - description: ChannelStatuses is an array of corresponding Channel statuses. Matches the Spec.Steps array in the order. - type: array - items: - type: object - properties: - channel: - description: Channel is the reference to the underlying channel. - type: object - properties: - apiVersion: - description: API version of the referent. - type: string - fieldPath: - description: 'If referring to a piece of an object instead of an entire object, this string should contain a valid JSON/Go field access statement, such as desiredState.manifest.containers[2]. For example, if the object reference is to a container within a pod, this would take on a value like: "spec.containers{name}" (where "name" refers to the name of the container that triggered the event) or if no container name is specified "spec.containers[2]" (container with index 2 in this pod). This syntax is chosen only to have some well-defined way of referencing a part of an object.' - type: string - kind: - description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - namespace: - description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' - type: string - resourceVersion: - description: 'Specific resourceVersion to which this reference is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency' - type: string - uid: - description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids' - type: string - ready: - description: ReadyCondition indicates whether the Channel is ready or not. - type: object - required: - - type - - status - properties: - lastTransitionTime: - description: LastTransitionTime is the last time the condition transitioned from one status to another. We use VolatileTime in place of metav1.Time to exclude this from creating equality.Semantic differences (all other things held constant). - type: string - message: - description: A human readable message indicating details about the transition. - type: string - reason: - description: The reason for the condition's last transition. - type: string - severity: - description: Severity with which to treat failures of this type of condition. When this is not specified, it defaults to Error. - type: string - status: - description: Status of the condition, one of True, False, Unknown. - type: string - type: - description: Type of condition. - type: string - conditions: - description: Conditions the latest available observations of a resource's current state. - type: array - items: - type: object - required: - - type - - status - properties: - lastTransitionTime: - description: LastTransitionTime is the last time the condition transitioned from one status to another. We use VolatileTime in place of metav1.Time to exclude this from creating equality.Semantic differences (all other things held constant). - type: string - message: - description: A human readable message indicating details about the transition. - type: string - reason: - description: The reason for the condition's last transition. - type: string - severity: - description: Severity with which to treat failures of this type of condition. When this is not specified, it defaults to Error. - type: string - status: - description: Status of the condition, one of True, False, Unknown. - type: string - type: - description: Type of condition. - type: string - observedGeneration: - description: ObservedGeneration is the 'Generation' of the Service that was last processed by the controller. - type: integer - format: int64 - subscriptionStatuses: - description: SubscriptionStatuses is an array of corresponding Subscription statuses. Matches the Spec.Steps array in the order. - type: array - items: - type: object - properties: - ready: - description: ReadyCondition indicates whether the Subscription is ready or not. - type: object - required: - - type - - status - properties: - lastTransitionTime: - description: LastTransitionTime is the last time the condition transitioned from one status to another. We use VolatileTime in place of metav1.Time to exclude this from creating equality.Semantic differences (all other things held constant). - type: string - message: - description: A human readable message indicating details about the transition. - type: string - reason: - description: The reason for the condition's last transition. - type: string - severity: - description: Severity with which to treat failures of this type of condition. When this is not specified, it defaults to Error. - type: string - status: - description: Status of the condition, one of True, False, Unknown. - type: string - type: - description: Type of condition. - type: string - subscription: - description: Subscription is the reference to the underlying Subscription. - type: object - properties: - apiVersion: - description: API version of the referent. - type: string - fieldPath: - description: 'If referring to a piece of an object instead of an entire object, this string should contain a valid JSON/Go field access statement, such as desiredState.manifest.containers[2]. For example, if the object reference is to a container within a pod, this would take on a value like: "spec.containers{name}" (where "name" refers to the name of the container that triggered the event) or if no container name is specified "spec.containers[2]" (container with index 2 in this pod). This syntax is chosen only to have some well-defined way of referencing a part of an object.' - type: string - kind: - description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - namespace: - description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' - type: string - resourceVersion: - description: 'Specific resourceVersion to which this reference is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency' - type: string - uid: - description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids' - type: string - additionalPrinterColumns: - - name: URL - type: string - jsonPath: .status.address.url - - name: Age - type: date - jsonPath: .metadata.creationTimestamp - - name: Ready - type: string - jsonPath: ".status.conditions[?(@.type==\"Ready\")].status" - - name: Reason - type: string - jsonPath: ".status.conditions[?(@.type==\"Ready\")].reason" - names: - kind: Sequence - plural: sequences - singular: sequence - categories: - - all - - knative - - flows - scope: Namespaced - ---- -# Copyright 2020 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - labels: - eventing.knative.dev/release: "v1.8.8" - eventing.knative.dev/source: "true" - duck.knative.dev/source: "true" - duck.knative.dev/binding: "true" - knative.dev/crd-install: "true" - app.kubernetes.io/version: "1.8.8" - app.kubernetes.io/name: knative-eventing - name: sinkbindings.sources.knative.dev -spec: - group: sources.knative.dev - versions: - - name: v1 - served: true - storage: true - subresources: - status: {} - schema: - openAPIV3Schema: - description: 'SinkBinding describes a Binding that is also a Source. The `sink` (from the Source duck) is resolved to a URL and then projected into the `subject` by augmenting the runtime contract of the referenced containers to have a `K_SINK` environment variable holding the endpoint to which to send cloud events.' - type: object - properties: - spec: - type: object - properties: - ceOverrides: - description: CloudEventOverrides defines overrides to control the output format and modifications of the event sent to the sink. - type: object - properties: - extensions: - description: Extensions specify what attribute are added or overridden on the outbound event. Each `Extensions` key-value pair are set on the event as an attribute extension independently. - type: object - x-kubernetes-preserve-unknown-fields: true - sink: - description: Sink is a reference to an object that will resolve to a uri to use as the sink. - type: object - properties: - ref: - description: Ref points to an Addressable. - type: object - properties: - apiVersion: - description: API version of the referent. - type: string - kind: - description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - namespace: - description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ This is optional field, it gets defaulted to the object holding it if left out.' - type: string - uri: - description: URI can be an absolute URL(non-empty scheme and non-empty host) pointing to the target or a relative URI. Relative URIs will be resolved using the base URI retrieved from Ref. - type: string - subject: - description: Subject references the resource(s) whose "runtime contract" should be augmented by Binding implementations. - type: object - properties: - apiVersion: - description: API version of the referent. - type: string - kind: - description: Kind of the referent. - type: string - name: - description: Name of the referent. Mutually exclusive with Selector. - type: string - namespace: - description: Namespace of the referent. - type: string - selector: - description: Selector of the referents. Mutually exclusive with Name. - type: object - properties: - matchExpressions: - description: matchExpressions is a list of label selector requirements. The requirements are ANDed. - type: array - items: - type: object - properties: - key: - description: key is the label key that the selector applies to. - type: string - operator: - description: operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. - type: string - values: - description: values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. - type: array - items: - type: string - matchLabels: - description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. - type: object - x-kubernetes-preserve-unknown-fields: true - status: - type: object - properties: - annotations: - description: Annotations is additional Status fields for the Resource to save some additional State as well as convey more information to the user. This is roughly akin to Annotations on any k8s resource, just the reconciler conveying richer information outwards. - type: object - x-kubernetes-preserve-unknown-fields: true - ceAttributes: - description: CloudEventAttributes are the specific attributes that the Source uses as part of its CloudEvents. - type: array - items: - type: object - properties: - source: - description: Source is the CloudEvents source attribute. - type: string - type: - description: Type refers to the CloudEvent type attribute. - type: string - conditions: - description: Conditions the latest available observations of a resource's current state. - type: array - items: - type: object - required: - - type - - status - properties: - lastTransitionTime: - description: LastTransitionTime is the last time the condition transitioned from one status to another. We use VolatileTime in place of metav1.Time to exclude this from creating equality.Semantic differences (all other things held constant). - type: string - message: - description: A human readable message indicating details about the transition. - type: string - reason: - description: The reason for the condition's last transition. - type: string - severity: - description: Severity with which to treat failures of this type of condition. When this is not specified, it defaults to Error. - type: string - status: - description: Status of the condition, one of True, False, Unknown. - type: string - type: - description: Type of condition. - type: string - observedGeneration: - description: ObservedGeneration is the 'Generation' of the Service that was last processed by the controller. - type: integer - format: int64 - sinkUri: - description: SinkURI is the current active sink URI that has been configured for the Source. - type: string - additionalPrinterColumns: - - name: Sink - type: string - jsonPath: ".status.sinkUri" - - name: Age - type: date - jsonPath: .metadata.creationTimestamp - - name: Ready - type: string - jsonPath: ".status.conditions[?(@.type=='Ready')].status" - - name: Reason - type: string - jsonPath: ".status.conditions[?(@.type=='Ready')].reason" - names: - categories: - - all - - knative - - sources - - bindings - kind: SinkBinding - plural: sinkbindings - singular: sinkbinding - scope: Namespaced - ---- -# Copyright 2020 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - name: subscriptions.messaging.knative.dev - labels: - eventing.knative.dev/release: "v1.8.8" - knative.dev/crd-install: "true" - app.kubernetes.io/version: "1.8.8" - app.kubernetes.io/name: knative-eventing -spec: - group: messaging.knative.dev - versions: - - name: v1 - served: true - storage: true - subresources: - status: {} - schema: - openAPIV3Schema: - description: 'Subscription routes events received on a Channel to a DNS name and corresponds to the subscriptions.channels.knative.dev CRD.' - type: object - properties: - spec: - type: object - properties: - channel: - description: 'Reference to a channel that will be used to create the subscription. You can specify only the following fields of the KReference: kind, apiVersion and name. The resource pointed by this KReference must meet the contract to the ChannelableSpec duck type. If the resource does not meet this contract it will be reflected in the Subscription''s status. This field is immutable. We have no good answer on what happens to the events that are currently in the channel being consumed from and what the semantics there should be. For now, you can always delete the Subscription and recreate it to point to a different channel, giving the user more control over what semantics should be used (drain the channel first, possibly have events dropped, etc.)' - type: object - properties: - apiVersion: - description: API version of the referent. - type: string - kind: - description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - x-kubernetes-preserve-unknown-fields: true # This is necessary to enable the experimental feature - delivery: - description: Delivery configuration - type: object - properties: - backoffDelay: - description: 'BackoffDelay is the delay before retrying. More information on Duration format: - https://www.iso.org/iso-8601-date-and-time-format.html - https://en.wikipedia.org/wiki/ISO_8601 For linear policy, backoff delay is backoffDelay*. For exponential policy, backoff delay is backoffDelay*2^.' - type: string - backoffPolicy: - description: BackoffPolicy is the retry backoff policy (linear, exponential). - type: string - deadLetterSink: - description: DeadLetterSink is the sink receiving event that could not be sent to a destination. - type: object - properties: - ref: - description: Ref points to an Addressable. - type: object - properties: - apiVersion: - description: API version of the referent. - type: string - kind: - description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - namespace: - description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ This is optional field, it gets defaulted to the object holding it if left out.' - type: string - uri: - description: URI can be an absolute URL(non-empty scheme and non-empty host) pointing to the target or a relative URI. Relative URIs will be resolved using the base URI retrieved from Ref. - type: string - retry: - description: Retry is the minimum number of retries the sender should attempt when sending an event before moving it to the dead letter sink. - type: integer - format: int32 - x-kubernetes-preserve-unknown-fields: true # This is necessary to enable the experimental feature delivery-timeout - reply: - description: Reply specifies (optionally) how to handle events returned from the Subscriber target. - type: object - properties: - ref: - description: Ref points to an Addressable. - type: object - properties: - apiVersion: - description: API version of the referent. - type: string - kind: - description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - namespace: - description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ This is optional field, it gets defaulted to the object holding it if left out.' - type: string - uri: - description: URI can be an absolute URL(non-empty scheme and non-empty host) pointing to the target or a relative URI. Relative URIs will be resolved using the base URI retrieved from Ref. - type: string - subscriber: - description: Subscriber is reference to (optional) function for processing events. Events from the Channel will be delivered here and replies are sent to a Destination as specified by the Reply. - type: object - properties: - ref: - description: Ref points to an Addressable. - type: object - properties: - apiVersion: - description: API version of the referent. - type: string - kind: - description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - namespace: - description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ This is optional field, it gets defaulted to the object holding it if left out.' - type: string - x-kubernetes-preserve-unknown-fields: true # This is necessary to enable the experimental feature - uri: - description: URI can be an absolute URL(non-empty scheme and non-empty host) pointing to the target or a relative URI. Relative URIs will be resolved using the base URI retrieved from Ref. - type: string - status: - type: object - properties: - annotations: - description: Annotations is additional Status fields for the Resource to save some additional State as well as convey more information to the user. This is roughly akin to Annotations on any k8s resource, just the reconciler conveying richer information outwards. - type: object - x-kubernetes-preserve-unknown-fields: true - conditions: - description: Conditions the latest available observations of a resource's current state. - type: array - items: - type: object - required: - - type - - status - properties: - lastTransitionTime: - description: LastTransitionTime is the last time the condition transitioned from one status to another. We use VolatileTime in place of metav1.Time to exclude this from creating equality.Semantic differences (all other things held constant). - type: string - message: - description: A human readable message indicating details about the transition. - type: string - reason: - description: The reason for the condition's last transition. - type: string - severity: - description: Severity with which to treat failures of this type of condition. When this is not specified, it defaults to Error. - type: string - status: - description: Status of the condition, one of True, False, Unknown. - type: string - type: - description: Type of condition. - type: string - observedGeneration: - description: ObservedGeneration is the 'Generation' of the Service that was last processed by the controller. - type: integer - format: int64 - physicalSubscription: - description: PhysicalSubscription is the fully resolved values that this Subscription represents. - type: object - properties: - deadLetterSinkUri: - description: ReplyURI is the fully resolved URI for the spec.delivery.deadLetterSink. - type: string - replyUri: - description: ReplyURI is the fully resolved URI for the spec.reply. - type: string - subscriberUri: - description: SubscriberURI is the fully resolved URI for spec.subscriber. - type: string - additionalPrinterColumns: - - name: Age - type: date - jsonPath: .metadata.creationTimestamp - - name: Ready - type: string - jsonPath: ".status.conditions[?(@.type==\"Ready\")].status" - - name: Reason - type: string - jsonPath: ".status.conditions[?(@.type==\"Ready\")].reason" - names: - kind: Subscription - plural: subscriptions - singular: subscription - categories: - - all - - knative - - messaging - shortNames: - - sub - scope: Namespaced - ---- -# Copyright 2020 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - name: triggers.eventing.knative.dev - labels: - eventing.knative.dev/release: "v1.8.8" - knative.dev/crd-install: "true" - app.kubernetes.io/version: "1.8.8" - app.kubernetes.io/name: knative-eventing -spec: - group: eventing.knative.dev - versions: - - name: v1 - served: true - storage: true - subresources: - status: {} - additionalPrinterColumns: - - name: Broker - type: string - jsonPath: .spec.broker - - name: Subscriber_URI - type: string - jsonPath: .status.subscriberUri - - name: Age - type: date - jsonPath: .metadata.creationTimestamp - - name: Ready - type: string - jsonPath: ".status.conditions[?(@.type==\"Ready\")].status" - - name: Reason - type: string - jsonPath: ".status.conditions[?(@.type==\"Ready\")].reason" - schema: - openAPIV3Schema: - description: 'Trigger represents a request to have events delivered to a subscriber from a Broker''s event pool.' - type: object - properties: - spec: - description: Spec defines the desired state of the Trigger. - type: object - x-kubernetes-preserve-unknown-fields: true - properties: - broker: - description: Broker is the broker that this trigger receives events from. - type: string - delivery: - description: Delivery contains the delivery spec for this specific trigger. - type: object - x-kubernetes-preserve-unknown-fields: true # This is necessary to enable the experimental feature delivery-timeout - properties: - backoffDelay: - description: 'BackoffDelay is the delay before retrying. More information on Duration format: - https://www.iso.org/iso-8601-date-and-time-format.html - https://en.wikipedia.org/wiki/ISO_8601 For linear policy, backoff delay is backoffDelay*. For exponential policy, backoff delay is backoffDelay*2^.' - type: string - backoffPolicy: - description: BackoffPolicy is the retry backoff policy (linear, exponential). - type: string - deadLetterSink: - description: DeadLetterSink is the sink receiving event that could not be sent to a destination. - type: object - properties: - ref: - description: Ref points to an Addressable. - type: object - properties: - apiVersion: - description: API version of the referent. - type: string - kind: - description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - namespace: - description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ This is optional field, it gets defaulted to the object holding it if left out.' - type: string - uri: - description: URI can be an absolute URL(non-empty scheme and non-empty host) pointing to the target or a relative URI. Relative URIs will be resolved using the base URI retrieved from Ref. - type: string - retry: - description: Retry is the minimum number of retries the sender should attempt when sending an event before moving it to the dead letter sink. - type: integer - format: int32 - filter: - description: 'Filter is the filter to apply against all events from the Broker. Only events that pass this filter will be sent to the Subscriber. If not specified, will default to allowing all events. ' - type: object - properties: - attributes: - description: 'Attributes filters events by exact match on event context attributes. Each key in the map is compared with the equivalent key in the event context. An event passes the filter if all values are equal to the specified values. Nested context attributes are not supported as keys. Only string values are supported. ' - type: object - x-kubernetes-preserve-unknown-fields: true - subscriber: - description: Subscriber is the addressable that receives events from the Broker that pass the Filter. It is required. - type: object - properties: - ref: - description: Ref points to an Addressable. - type: object - properties: - apiVersion: - description: API version of the referent. - type: string - kind: - description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - namespace: - description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ This is optional field, it gets defaulted to the object holding it if left out.' - type: string - uri: - description: URI can be an absolute URL(non-empty scheme and non-empty host) pointing to the target or a relative URI. Relative URIs will be resolved using the base URI retrieved from Ref. - type: string - status: - description: Status represents the current state of the Trigger. This data may be out of date. - type: object - properties: - annotations: - description: Annotations is additional Status fields for the Resource to save some additional State as well as convey more information to the user. This is roughly akin to Annotations on any k8s resource, just the reconciler conveying richer information outwards. - type: object - x-kubernetes-preserve-unknown-fields: true - conditions: - description: Conditions the latest available observations of a resource's current state. - type: array - items: - type: object - required: - - type - - status - properties: - lastTransitionTime: - description: 'LastTransitionTime is the last time the condition transitioned from one status to another. We use VolatileTime in place of metav1.Time to exclude this from creating equality.Semantic differences (all other things held constant).' - type: string - message: - description: 'A human readable message indicating details about the transition.' - type: string - reason: - description: 'The reason for the condition''s last transition.' - type: string - severity: - description: 'Severity with which to treat failures of this type of condition. When this is not specified, it defaults to Error.' - type: string - status: - description: 'Status of the condition, one of True, False, Unknown.' - type: string - type: - description: 'Type of condition.' - type: string - deadLetterSinkUri: - description: DeadLetterSinkURI is the resolved URI of the dead letter sink for this Trigger, in case there is none this will fallback to it's Broker status DeadLetterSinkURI. - type: string - observedGeneration: - description: ObservedGeneration is the 'Generation' of the Service that was last processed by the controller. - type: integer - format: int64 - subscriberUri: - description: SubscriberURI is the resolved URI of the receiver for this Trigger. - type: string - names: - kind: Trigger - plural: triggers - singular: trigger - categories: - - all - - knative - - eventing - scope: Namespaced - ---- diff --git a/cmd/operator/kodata/knative-eventing/1.8.8/2-eventing-core.yaml b/cmd/operator/kodata/knative-eventing/1.8.8/2-eventing-core.yaml deleted file mode 100644 index b8797dc385..0000000000 --- a/cmd/operator/kodata/knative-eventing/1.8.8/2-eventing-core.yaml +++ /dev/null @@ -1,4640 +0,0 @@ -# Copyright 2018 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -apiVersion: v1 -kind: Namespace -metadata: - name: knative-eventing - labels: - eventing.knative.dev/release: "v1.8.8" - app.kubernetes.io/version: "1.8.8" - app.kubernetes.io/name: knative-eventing - ---- -# Copyright 2018 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: v1 -kind: ServiceAccount -metadata: - name: eventing-controller - namespace: knative-eventing - labels: - eventing.knative.dev/release: "v1.8.8" - app.kubernetes.io/version: "1.8.8" - app.kubernetes.io/name: knative-eventing ---- -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRoleBinding -metadata: - name: eventing-controller - labels: - eventing.knative.dev/release: "v1.8.8" - app.kubernetes.io/version: "1.8.8" - app.kubernetes.io/name: knative-eventing -subjects: - - kind: ServiceAccount - name: eventing-controller - namespace: knative-eventing -roleRef: - kind: ClusterRole - name: knative-eventing-controller - apiGroup: rbac.authorization.k8s.io ---- -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRoleBinding -metadata: - name: eventing-controller-resolver - labels: - eventing.knative.dev/release: "v1.8.8" - app.kubernetes.io/version: "1.8.8" - app.kubernetes.io/name: knative-eventing -subjects: - - kind: ServiceAccount - name: eventing-controller - namespace: knative-eventing -roleRef: - kind: ClusterRole - name: addressable-resolver - apiGroup: rbac.authorization.k8s.io ---- -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRoleBinding -metadata: - name: eventing-controller-source-observer - labels: - eventing.knative.dev/release: "v1.8.8" - app.kubernetes.io/version: "1.8.8" - app.kubernetes.io/name: knative-eventing -subjects: - - kind: ServiceAccount - name: eventing-controller - namespace: knative-eventing -roleRef: - kind: ClusterRole - name: source-observer - apiGroup: rbac.authorization.k8s.io ---- -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRoleBinding -metadata: - name: eventing-controller-sources-controller - labels: - eventing.knative.dev/release: "v1.8.8" - app.kubernetes.io/version: "1.8.8" - app.kubernetes.io/name: knative-eventing -subjects: - - kind: ServiceAccount - name: eventing-controller - namespace: knative-eventing -roleRef: - kind: ClusterRole - name: knative-eventing-sources-controller - apiGroup: rbac.authorization.k8s.io ---- -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRoleBinding -metadata: - name: eventing-controller-manipulator - labels: - eventing.knative.dev/release: "v1.8.8" - app.kubernetes.io/version: "1.8.8" - app.kubernetes.io/name: knative-eventing -subjects: - - kind: ServiceAccount - name: eventing-controller - namespace: knative-eventing -roleRef: - kind: ClusterRole - name: channelable-manipulator - apiGroup: rbac.authorization.k8s.io - ---- -# Copyright 2020 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: v1 -kind: ServiceAccount -metadata: - name: pingsource-mt-adapter - namespace: knative-eventing - labels: - eventing.knative.dev/release: "v1.8.8" - app.kubernetes.io/version: "1.8.8" - app.kubernetes.io/name: knative-eventing ---- -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRoleBinding -metadata: - name: knative-eventing-pingsource-mt-adapter - labels: - eventing.knative.dev/release: "v1.8.8" - app.kubernetes.io/version: "1.8.8" - app.kubernetes.io/name: knative-eventing -subjects: - - kind: ServiceAccount - name: pingsource-mt-adapter - namespace: knative-eventing -roleRef: - kind: ClusterRole - name: knative-eventing-pingsource-mt-adapter - apiGroup: rbac.authorization.k8s.io - ---- -# Copyright 2018 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: v1 -kind: ServiceAccount -metadata: - name: eventing-webhook - namespace: knative-eventing - labels: - eventing.knative.dev/release: "v1.8.8" - app.kubernetes.io/version: "1.8.8" - app.kubernetes.io/name: knative-eventing ---- -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRoleBinding -metadata: - name: eventing-webhook - labels: - eventing.knative.dev/release: "v1.8.8" - app.kubernetes.io/version: "1.8.8" - app.kubernetes.io/name: knative-eventing -subjects: - - kind: ServiceAccount - name: eventing-webhook - namespace: knative-eventing -roleRef: - kind: ClusterRole - name: knative-eventing-webhook - apiGroup: rbac.authorization.k8s.io ---- -apiVersion: rbac.authorization.k8s.io/v1 -kind: RoleBinding -metadata: - namespace: knative-eventing - name: eventing-webhook - labels: - eventing.knative.dev/release: "v1.8.8" - app.kubernetes.io/version: "1.8.8" - app.kubernetes.io/name: knative-eventing -subjects: - - kind: ServiceAccount - name: eventing-webhook - namespace: knative-eventing -roleRef: - kind: Role - name: knative-eventing-webhook - apiGroup: rbac.authorization.k8s.io ---- -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRoleBinding -metadata: - name: eventing-webhook-resolver - labels: - eventing.knative.dev/release: "v1.8.8" - app.kubernetes.io/version: "1.8.8" - app.kubernetes.io/name: knative-eventing -subjects: - - kind: ServiceAccount - name: eventing-webhook - namespace: knative-eventing -roleRef: - kind: ClusterRole - name: addressable-resolver - apiGroup: rbac.authorization.k8s.io ---- -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRoleBinding -metadata: - name: eventing-webhook-podspecable-binding - labels: - eventing.knative.dev/release: "v1.8.8" - app.kubernetes.io/version: "1.8.8" - app.kubernetes.io/name: knative-eventing -subjects: - - kind: ServiceAccount - name: eventing-webhook - namespace: knative-eventing -roleRef: - kind: ClusterRole - name: podspecable-binding - apiGroup: rbac.authorization.k8s.io - ---- -# Copyright 2020 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: v1 -kind: ConfigMap -metadata: - name: config-br-default-channel - namespace: knative-eventing - labels: - eventing.knative.dev/release: "v1.8.8" - app.kubernetes.io/version: "1.8.8" - app.kubernetes.io/name: knative-eventing -data: - channel-template-spec: | - apiVersion: messaging.knative.dev/v1 - kind: InMemoryChannel - ---- -# Copyright 2021 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: v1 -kind: ConfigMap -metadata: - name: config-br-defaults - namespace: knative-eventing - labels: - eventing.knative.dev/release: "v1.8.8" - app.kubernetes.io/version: "1.8.8" - app.kubernetes.io/name: knative-eventing -data: - # Configures the default for any Broker that does not specify a spec.config or Broker class. - default-br-config: | - clusterDefault: - brokerClass: MTChannelBasedBroker - apiVersion: v1 - kind: ConfigMap - name: config-br-default-channel - namespace: knative-eventing - delivery: - retry: 10 - backoffPolicy: exponential - backoffDelay: PT0.2S - ---- -# Copyright 2018 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: v1 -kind: ConfigMap -metadata: - name: default-ch-webhook - namespace: knative-eventing - labels: - eventing.knative.dev/release: "v1.8.8" - app.kubernetes.io/version: "1.8.8" - app.kubernetes.io/name: knative-eventing -data: - # Configuration for defaulting channels that do not specify CRD implementations. - default-ch-config: | - clusterDefault: - apiVersion: messaging.knative.dev/v1 - kind: InMemoryChannel - namespaceDefaults: - some-namespace: - apiVersion: messaging.knative.dev/v1 - kind: InMemoryChannel - ---- -# Copyright 2020 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: v1 -kind: ConfigMap -metadata: - name: config-ping-defaults - namespace: knative-eventing - labels: - eventing.knative.dev/release: "v1.8.8" - annotations: - knative.dev/example-checksum: "9185c153" - app.kubernetes.io/version: "1.8.8" - app.kubernetes.io/name: knative-eventing -data: - _example: | - ################################ - # # - # EXAMPLE CONFIGURATION # - # # - ################################ - - # This block is not actually functional configuration, - # but serves to illustrate the available configuration - # options and document them in a way that is accessible - # to users that `kubectl edit` this config map. - # - # These sample configuration options may be copied out of - # this example block and unindented to be in the data block - # to actually change the configuration. - - # Max number of bytes allowed to be sent for message excluding any - # base64 decoding. Default is no limit set for data - data-max-size: -1 - ---- -# Copyright 2021 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: v1 -kind: ConfigMap -metadata: - name: config-features - namespace: knative-eventing - labels: - eventing.knative.dev/release: "v1.8.8" - knative.dev/config-propagation: original - knative.dev/config-category: eventing - app.kubernetes.io/version: "1.8.8" - app.kubernetes.io/name: knative-eventing -data: - # ALPHA feature: The kreference-group allows you to use the Group field in KReferences. - # For more details: https://github.com/knative/eventing/issues/5086 - kreference-group: "disabled" - # ALPHA feature: The delivery-retryafter allows you to use the RetryAfter field in DeliverySpec. - # For more details: https://github.com/knative/eventing/issues/5811 - delivery-retryafter: "disabled" - # BETA feature: The delivery-timeout allows you to use the Timeout field in DeliverySpec. - # For more details: https://github.com/knative/eventing/issues/5148 - delivery-timeout: "enabled" - # ALPHA feature: The kreference-mapping allows you to map kreference onto templated URI - # For more details: https://github.com/knative/eventing/issues/5593 - kreference-mapping: "disabled" - # BETA feature: The subscriber-strict flag force subscriptions to define a subscriber - # For more details: https://github.com/knative/eventing/issues/5756 - strict-subscriber: "enabled" - # ALPHA feature: The new-trigger-filters flag allows you to use the new `filters` field - # in Trigger objects with its rich filtering capabilities. - # For more details: https://github.com/knative/eventing/issues/5204 - new-trigger-filters: "disabled" - ---- -# Copyright 2021 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: v1 -kind: ConfigMap -metadata: - name: config-kreference-mapping - namespace: knative-eventing - labels: - eventing.knative.dev/release: "v1.8.8" - knative.dev/config-propagation: original - knative.dev/config-category: eventing - annotations: - knative.dev/example-checksum: "7375dbe1" -data: - _example: | - ################################ - # # - # EXAMPLE CONFIGURATION # - # # - ################################ - - # This block is not actually functional configuration, - # but serves to illustrate the available configuration - # options and document them in a way that is accessible - # to users that `kubectl edit` this config map. - - # this is an example of mapping from pod to addressable-pod service - # the data key must be of the form "kind.version.group" - # the data value must be a valid URL. Valid template data are: - # - Name: reference name - # - Namespace: reference namespace - # - SystemNamespace: knative namespace - # - UID: reference UID - # - # Pod.v1: https://addressable-pod.{{ .SystemNamespace }}.svc.cluster.local/{{ .Name }} - ---- -# Copyright 2018 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: v1 -kind: ConfigMap -metadata: - name: config-leader-election - namespace: knative-eventing - labels: - eventing.knative.dev/release: "v1.8.8" - app.kubernetes.io/version: "1.8.8" - app.kubernetes.io/name: knative-eventing - annotations: - knative.dev/example-checksum: "f7948630" -data: - _example: | - ################################ - # # - # EXAMPLE CONFIGURATION # - # # - ################################ - - # This block is not actually functional configuration, - # but serves to illustrate the available configuration - # options and document them in a way that is accessible - # to users that `kubectl edit` this config map. - # - # These sample configuration options may be copied out of - # this example block and unindented to be in the data block - # to actually change the configuration. - - # lease-duration is how long non-leaders will wait to try to acquire the - # lock; 15 seconds is the value used by core kubernetes controllers. - lease-duration: "15s" - - # renew-deadline is how long a leader will try to renew the lease before - # giving up; 10 seconds is the value used by core kubernetes controllers. - renew-deadline: "10s" - - # retry-period is how long the leader election client waits between tries of - # actions; 2 seconds is the value used by core kubernetes controllers. - retry-period: "2s" - - # buckets is the number of buckets used to partition key space of each - # Reconciler. If this number is M and the replica number of the controller - # is N, the N replicas will compete for the M buckets. The owner of a - # bucket will take care of the reconciling for the keys partitioned into - # that bucket. - buckets: "1" - ---- -# Copyright 2018 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: v1 -kind: ConfigMap -metadata: - name: config-logging - namespace: knative-eventing - labels: - eventing.knative.dev/release: "v1.8.8" - knative.dev/config-propagation: original - knative.dev/config-category: eventing - app.kubernetes.io/version: "1.8.8" - app.kubernetes.io/name: knative-eventing -data: - # Common configuration for all Knative codebase - zap-logger-config: | - { - "level": "info", - "development": false, - "outputPaths": ["stdout"], - "errorOutputPaths": ["stderr"], - "encoding": "json", - "encoderConfig": { - "timeKey": "ts", - "levelKey": "level", - "nameKey": "logger", - "callerKey": "caller", - "messageKey": "msg", - "stacktraceKey": "stacktrace", - "lineEnding": "", - "levelEncoder": "", - "timeEncoder": "iso8601", - "durationEncoder": "", - "callerEncoder": "" - } - } - # Log level overrides - # For all components changes are be picked up immediately. - loglevel.controller: "info" - loglevel.webhook: "info" - ---- -# Copyright 2019 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: v1 -kind: ConfigMap -metadata: - name: config-observability - namespace: knative-eventing - labels: - eventing.knative.dev/release: "v1.8.8" - knative.dev/config-propagation: original - knative.dev/config-category: eventing - app.kubernetes.io/version: "1.8.8" - app.kubernetes.io/name: knative-eventing - annotations: - knative.dev/example-checksum: "f46cf09d" -data: - _example: | - ################################ - # # - # EXAMPLE CONFIGURATION # - # # - ################################ - - # This block is not actually functional configuration, - # but serves to illustrate the available configuration - # options and document them in a way that is accessible - # to users that `kubectl edit` this config map. - # - # These sample configuration options may be copied out of - # this example block and unindented to be in the data block - # to actually change the configuration. - - # metrics.backend-destination field specifies the system metrics destination. - # It supports either prometheus (the default) or stackdriver. - # Note: Using stackdriver will incur additional charges - metrics.backend-destination: prometheus - - # metrics.request-metrics-backend-destination specifies the request metrics - # destination. If non-empty, it enables queue proxy to send request metrics. - # Currently supported values: prometheus, stackdriver. - metrics.request-metrics-backend-destination: prometheus - - # metrics.stackdriver-project-id field specifies the stackdriver project ID. This - # field is optional. When running on GCE, application default credentials will be - # used if this field is not provided. - metrics.stackdriver-project-id: "" - - # metrics.allow-stackdriver-custom-metrics indicates whether it is allowed to send metrics to - # Stackdriver using "global" resource type and custom metric type if the - # metrics are not supported by "knative_broker", "knative_trigger", and "knative_source" resource types. - # Setting this flag to "true" could cause extra Stackdriver charge. - # If metrics.backend-destination is not Stackdriver, this is ignored. - metrics.allow-stackdriver-custom-metrics: "false" - - # profiling.enable indicates whether it is allowed to retrieve runtime profiling data from - # the pods via an HTTP server in the format expected by the pprof visualization tool. When - # enabled, the Knative Eventing pods expose the profiling data on an alternate HTTP port 8008. - # The HTTP context root for profiling is then /debug/pprof/. - profiling.enable: "false" - - # sink-event-error-reporting.enable whether the adapter reports a kube event to the CRD indicating - # a failure to send a cloud event to the sink. - sink-event-error-reporting.enable: "false" - ---- -# Copyright 2022 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: v1 -kind: ConfigMap -metadata: - name: config-sugar - namespace: knative-eventing - labels: - eventing.knative.dev/release: "v1.8.8" - app.kubernetes.io/version: "1.8.8" - app.kubernetes.io/name: knative-eventing - annotations: - knative.dev/example-checksum: "62dfac6f" -data: - _example: | - ################################ - # # - # EXAMPLE CONFIGURATION # - # # - ################################ - # This block is not actually functional configuration, - # but serves to illustrate the available configuration - # options and document them in a way that is accessible - # to users that `kubectl edit` this config map. - # - # These sample configuration options may be copied out of - # this example block and unindented to be in the data block - # to actually change the configuration. - - # namespace-selector specifies a LabelSelector which - # determines which namespaces the Sugar Controller should operate upon - # Use an empty value to disable the feature (this is the default): - namespace-selector: "" - - # Use an empty object as a string to enable for all namespaces - namespace-selector: "{}" - - # trigger-selector specifies a LabelSelector which - # determines which triggers the Sugar Controller should operate upon - # Use an empty value to disable the feature (this is the default): - trigger-selector: "" - - # Use an empty object as string to enable for all triggers - trigger-selector: "{}" - ---- -# Copyright 2019 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: v1 -kind: ConfigMap -metadata: - name: config-tracing - namespace: knative-eventing - labels: - eventing.knative.dev/release: "v1.8.8" - knative.dev/config-propagation: original - knative.dev/config-category: eventing - app.kubernetes.io/version: "1.8.8" - app.kubernetes.io/name: knative-eventing - annotations: - knative.dev/example-checksum: "0492ceb0" -data: - _example: | - ################################ - # # - # EXAMPLE CONFIGURATION # - # # - ################################ - # This block is not actually functional configuration, - # but serves to illustrate the available configuration - # options and document them in a way that is accessible - # to users that `kubectl edit` this config map. - # - # These sample configuration options may be copied out of - # this example block and unindented to be in the data block - # to actually change the configuration. - # - # This may be "zipkin" or "none". the default is "none" - backend: "none" - - # URL to zipkin collector where traces are sent. - # This must be specified when backend is "zipkin" - zipkin-endpoint: "http://zipkin.istio-system.svc.cluster.local:9411/api/v2/spans" - - # Enable zipkin debug mode. This allows all spans to be sent to the server - # bypassing sampling. - debug: "false" - - # Percentage (0-1) of requests to trace - sample-rate: "0.1" - ---- -# Copyright 2018 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: apps/v1 -kind: Deployment -metadata: - name: eventing-controller - namespace: knative-eventing - labels: - eventing.knative.dev/release: "v1.8.8" - knative.dev/high-availability: "true" - app.kubernetes.io/component: eventing-controller - app.kubernetes.io/version: "1.8.8" - app.kubernetes.io/name: knative-eventing -spec: - selector: - matchLabels: - app: eventing-controller - template: - metadata: - labels: - app: eventing-controller - eventing.knative.dev/release: "v1.8.8" - app.kubernetes.io/component: eventing-controller - app.kubernetes.io/version: "1.8.8" - app.kubernetes.io/name: knative-eventing - spec: - # To avoid node becoming SPOF, spread our replicas to different nodes. - affinity: - podAntiAffinity: - preferredDuringSchedulingIgnoredDuringExecution: - - podAffinityTerm: - labelSelector: - matchLabels: - app: eventing-controller - topologyKey: kubernetes.io/hostname - weight: 100 - serviceAccountName: eventing-controller - enableServiceLinks: false - containers: - - name: eventing-controller - terminationMessagePolicy: FallbackToLogsOnError - image: gcr.io/knative-releases/knative.dev/eventing/cmd/controller@sha256:139943397273c08bd402d8850de243315803b43d2f266396e8202563cd7747c6 - resources: - requests: - cpu: 100m - memory: 100Mi - env: - - name: SYSTEM_NAMESPACE - valueFrom: - fieldRef: - fieldPath: metadata.namespace - - name: CONFIG_LOGGING_NAME - value: config-logging - - name: CONFIG_OBSERVABILITY_NAME - value: config-observability - - name: METRICS_DOMAIN - value: knative.dev/eventing - # APIServerSource - - name: APISERVER_RA_IMAGE - value: gcr.io/knative-releases/knative.dev/eventing/cmd/apiserver_receive_adapter@sha256:e6ec13421dbd49918f01ce4b36a4a350c3a06ade67c87003a9c4eb43aff9c141 - - name: POD_NAME - valueFrom: - fieldRef: - fieldPath: metadata.name - ## Adapter settings - # - name: K_LOGGING_CONFIG - # value: '' - # - name: K_LEADER_ELECTION_CONFIG - # value: '' - # - name: K_NO_SHUTDOWN_AFTER - # value: '' - ## Time in seconds the adapter will wait for the sink to respond. Default is no timeout - # - name: K_SINK_TIMEOUT - # value: '' - securityContext: - allowPrivilegeEscalation: false - readOnlyRootFilesystem: true - runAsNonRoot: true - capabilities: - drop: - - ALL - seccompProfile: - type: RuntimeDefault - livenessProbe: - httpGet: - path: /health - port: probes - scheme: HTTP - initialDelaySeconds: 20 - periodSeconds: 10 - timeoutSeconds: 5 - readinessProbe: - httpGet: - path: /readiness - port: probes - scheme: HTTP - initialDelaySeconds: 20 - periodSeconds: 10 - timeoutSeconds: 5 - ports: - - name: metrics - containerPort: 9090 - - name: profiling - containerPort: 8008 - - name: probes - containerPort: 8080 - ---- -# Copyright 2018 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: apps/v1 -kind: Deployment -metadata: - name: pingsource-mt-adapter - namespace: knative-eventing - labels: - eventing.knative.dev/release: "v1.8.8" - app.kubernetes.io/component: pingsource-mt-adapter - app.kubernetes.io/version: "1.8.8" - app.kubernetes.io/name: knative-eventing -spec: - # when set to 0 (and only 0) will be set to 1 when the first PingSource is created. - replicas: 0 - selector: - matchLabels: &labels - eventing.knative.dev/source: ping-source-controller - sources.knative.dev/role: adapter - template: - metadata: - labels: - !!merge <<: *labels - eventing.knative.dev/release: "v1.8.8" - app.kubernetes.io/component: pingsource-mt-adapter - app.kubernetes.io/version: "1.8.8" - app.kubernetes.io/name: knative-eventing - spec: - affinity: - podAntiAffinity: - preferredDuringSchedulingIgnoredDuringExecution: - - podAffinityTerm: - labelSelector: - matchLabels: *labels - topologyKey: kubernetes.io/hostname - weight: 100 - enableServiceLinks: false - containers: - - name: dispatcher - image: gcr.io/knative-releases/knative.dev/eventing/cmd/mtping@sha256:37e47b68736f147c7e059e95147366b912004c894c57acfb6e3d4098bdb80dfe - env: - - name: SYSTEM_NAMESPACE - value: '' - valueFrom: - fieldRef: - apiVersion: v1 - fieldPath: metadata.namespace - - name: NAMESPACE - value: '' - valueFrom: - fieldRef: - apiVersion: v1 - fieldPath: metadata.namespace - # DO NOT MODIFY: The values below are being filled by the ping source controller - # See 500-controller.yaml - - name: K_METRICS_CONFIG - value: '' - - name: K_LOGGING_CONFIG - value: '' - - name: K_LEADER_ELECTION_CONFIG - value: '' - - name: K_NO_SHUTDOWN_AFTER - value: '' - - name: K_SINK_TIMEOUT - value: '-1' - - name: POD_NAME - valueFrom: - fieldRef: - fieldPath: metadata.name - ports: - - containerPort: 9090 - name: metrics - protocol: TCP - resources: - requests: - cpu: 125m - memory: 64Mi - limits: - cpu: 1000m - memory: 2048Mi - securityContext: - allowPrivilegeEscalation: false - readOnlyRootFilesystem: true - runAsNonRoot: true - capabilities: - drop: - - ALL - seccompProfile: - type: RuntimeDefault - serviceAccountName: pingsource-mt-adapter - ---- -# Copyright 2021 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: autoscaling/v2 -kind: HorizontalPodAutoscaler -metadata: - name: eventing-webhook - namespace: knative-eventing - labels: - eventing.knative.dev/release: "v1.8.8" - app.kubernetes.io/component: eventing-webhook - app.kubernetes.io/version: "1.8.8" - app.kubernetes.io/name: knative-eventing -spec: - scaleTargetRef: - apiVersion: apps/v1 - kind: Deployment - name: eventing-webhook - minReplicas: 1 - maxReplicas: 5 - metrics: - - type: Resource - resource: - name: cpu - target: - type: Utilization - averageUtilization: 100 ---- -# Webhook PDB. -apiVersion: policy/v1 -kind: PodDisruptionBudget -metadata: - name: eventing-webhook - namespace: knative-eventing - labels: - eventing.knative.dev/release: "v1.8.8" - app.kubernetes.io/component: eventing-webhook - app.kubernetes.io/version: "1.8.8" - app.kubernetes.io/name: knative-eventing -spec: - minAvailable: 80% - selector: - matchLabels: - app: eventing-webhook - ---- -# Copyright 2018 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: apps/v1 -kind: Deployment -metadata: - name: eventing-webhook - namespace: knative-eventing - labels: - eventing.knative.dev/release: "v1.8.8" - app.kubernetes.io/component: eventing-webhook - app.kubernetes.io/version: "1.8.8" - app.kubernetes.io/name: knative-eventing -spec: - selector: - matchLabels: &labels - app: eventing-webhook - role: eventing-webhook - template: - metadata: - labels: - !!merge <<: *labels - eventing.knative.dev/release: "v1.8.8" - app.kubernetes.io/component: eventing-webhook - app.kubernetes.io/version: "1.8.8" - app.kubernetes.io/name: knative-eventing - spec: - # To avoid node becoming SPOF, spread our replicas to different nodes. - affinity: - podAntiAffinity: - preferredDuringSchedulingIgnoredDuringExecution: - - podAffinityTerm: - labelSelector: - matchLabels: - app: eventing-webhook - topologyKey: kubernetes.io/hostname - weight: 100 - serviceAccountName: eventing-webhook - enableServiceLinks: false - containers: - - name: eventing-webhook - terminationMessagePolicy: FallbackToLogsOnError - # This is the Go import path for the binary that is containerized - # and substituted here. - image: gcr.io/knative-releases/knative.dev/eventing/cmd/webhook@sha256:b28a975330928e1ed29cdb25f32bcea4e3b35ef4c1181abe2d237a67b0e959c0 - resources: - requests: - # taken from serving. - cpu: 100m - memory: 50Mi - limits: - # taken from serving. - cpu: 200m - memory: 200Mi - env: - - name: SYSTEM_NAMESPACE - valueFrom: - fieldRef: - fieldPath: metadata.namespace - - name: CONFIG_LOGGING_NAME - value: config-logging - - name: METRICS_DOMAIN - value: knative.dev/eventing - - name: WEBHOOK_NAME - value: eventing-webhook - - name: WEBHOOK_PORT - value: "8443" - # SINK_BINDING_SELECTION_MODE specifies the NamespaceSelector and ObjectSelector - # for the sinkbinding webhook. - # If `inclusion` is selected, namespaces/objects labelled as `bindings.knative.dev/include:true` - # will be considered by the sinkbinding webhook; - # If `exclusion` is selected, namespaces/objects labelled as `bindings.knative.dev/exclude:true` - # will NOT be considered by the sinkbinding webhook. - # The default is `exclusion`. - - name: SINK_BINDING_SELECTION_MODE - value: "exclusion" - - name: POD_NAME - valueFrom: - fieldRef: - fieldPath: metadata.name - securityContext: - allowPrivilegeEscalation: false - readOnlyRootFilesystem: true - runAsNonRoot: true - capabilities: - drop: - - ALL - seccompProfile: - type: RuntimeDefault - ports: - - name: https-webhook - containerPort: 8443 - - name: metrics - containerPort: 9090 - - name: profiling - containerPort: 8008 - readinessProbe: &probe - periodSeconds: 1 - httpGet: - scheme: HTTPS - port: 8443 - httpHeaders: - - name: k-kubelet-probe - value: "webhook" - livenessProbe: - !!merge <<: *probe - initialDelaySeconds: 120 - # Our webhook should gracefully terminate by lame ducking first, set this to a sufficiently - # high value that we respect whatever value it has configured for the lame duck grace period. - terminationGracePeriodSeconds: 300 ---- -apiVersion: v1 -kind: Service -metadata: - labels: - eventing.knative.dev/release: "v1.8.8" - role: eventing-webhook - app.kubernetes.io/component: eventing-webhook - app.kubernetes.io/version: "1.8.8" - app.kubernetes.io/name: knative-eventing - name: eventing-webhook - namespace: knative-eventing -spec: - ports: - - name: https-webhook - port: 443 - targetPort: 8443 - selector: - role: eventing-webhook - ---- -# Copyright 2020 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - creationTimestamp: null - labels: - eventing.knative.dev/release: "v1.8.8" - eventing.knative.dev/source: "true" - duck.knative.dev/source: "true" - knative.dev/crd-install: "true" - app.kubernetes.io/version: "1.8.8" - app.kubernetes.io/name: knative-eventing - annotations: - # TODO add schemas and descriptions - registry.knative.dev/eventTypes: | - [ - { "type": "dev.knative.apiserver.resource.add" }, - { "type": "dev.knative.apiserver.resource.delete" }, - { "type": "dev.knative.apiserver.resource.update" }, - { "type": "dev.knative.apiserver.ref.add" }, - { "type": "dev.knative.apiserver.ref.delete" }, - { "type": "dev.knative.apiserver.ref.update" } - ] - name: apiserversources.sources.knative.dev -spec: - group: sources.knative.dev - versions: - - name: v1 - served: true - storage: true - subresources: - status: {} - schema: - openAPIV3Schema: - description: 'ApiServerSource is an event source that brings Kubernetes API server events into Knative.' - type: object - properties: - spec: - type: object - required: - - resources - properties: - ceOverrides: - description: CloudEventOverrides defines overrides to control the output format and modifications of the event sent to the sink. - type: object - properties: - extensions: - description: Extensions specify what attribute are added or overridden on the outbound event. Each `Extensions` key-value pair are set on the event as an attribute extension independently. - type: object - x-kubernetes-preserve-unknown-fields: true - mode: - description: EventMode controls the format of the event. `Reference` sends a dataref event type for the resource under watch. `Resource` send the full resource lifecycle event. Defaults to `Reference` - type: string - owner: - description: ResourceOwner is an additional filter to only track resources that are owned by a specific resource type. If ResourceOwner matches Resources[n] then Resources[n] is allowed to pass the ResourceOwner filter. - type: object - properties: - apiVersion: - description: APIVersion - the API version of the resource to watch. - type: string - kind: - description: 'Kind of the resource to watch. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - resources: - description: Resource are the resources this source will track and send related lifecycle events from the Kubernetes ApiServer, with an optional label selector to help filter. - type: array - items: - type: object - properties: - apiVersion: - description: APIVersion - the API version of the resource to watch. - type: string - kind: - description: 'Kind of the resource to watch. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - selector: - description: 'LabelSelector filters this source to objects to those resources pass the label selector. More info: http://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#label-selectors' - type: object - properties: - matchExpressions: - description: matchExpressions is a list of label selector requirements. The requirements are ANDed. - type: array - items: - type: object - properties: - key: - description: key is the label key that the selector applies to. - type: string - operator: - description: operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. - type: string - values: - description: values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. - type: array - items: - type: string - matchLabels: - description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. - type: object - x-kubernetes-preserve-unknown-fields: true - serviceAccountName: - description: ServiceAccountName is the name of the ServiceAccount to use to run this source. Defaults to default if not set. - type: string - sink: - description: Sink is a reference to an object that will resolve to a uri to use as the sink. - type: object - properties: - ref: - description: Ref points to an Addressable. - type: object - properties: - apiVersion: - description: API version of the referent. - type: string - kind: - description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - namespace: - description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ This is optional field, it gets defaulted to the object holding it if left out.' - type: string - uri: - description: URI can be an absolute URL(non-empty scheme and non-empty host) pointing to the target or a relative URI. Relative URIs will be resolved using the base URI retrieved from Ref. - type: string - status: - type: object - properties: - annotations: - description: Annotations is additional Status fields for the Resource to save some additional State as well as convey more information to the user. This is roughly akin to Annotations on any k8s resource, just the reconciler conveying richer information outwards. - type: object - x-kubernetes-preserve-unknown-fields: true - ceAttributes: - description: CloudEventAttributes are the specific attributes that the Source uses as part of its CloudEvents. - type: array - items: - type: object - properties: - source: - description: Source is the CloudEvents source attribute. - type: string - type: - description: Type refers to the CloudEvent type attribute. - type: string - conditions: - description: Conditions the latest available observations of a resource's current state. - type: array - items: - type: object - required: - - type - - status - properties: - lastTransitionTime: - description: LastTransitionTime is the last time the condition transitioned from one status to another. We use VolatileTime in place of metav1.Time to exclude this from creating equality.Semantic differences (all other things held constant). - type: string - message: - description: A human readable message indicating details about the transition. - type: string - reason: - description: The reason for the condition's last transition. - type: string - severity: - description: Severity with which to treat failures of this type of condition. When this is not specified, it defaults to Error. - type: string - status: - description: Status of the condition, one of True, False, Unknown. - type: string - type: - description: Type of condition. - type: string - observedGeneration: - description: ObservedGeneration is the 'Generation' of the Service that was last processed by the controller. - type: integer - format: int64 - sinkUri: - description: SinkURI is the current active sink URI that has been configured for the Source. - type: string - additionalPrinterColumns: - - name: Sink - type: string - jsonPath: ".status.sinkUri" - - name: Age - type: date - jsonPath: .metadata.creationTimestamp - - name: Ready - type: string - jsonPath: ".status.conditions[?(@.type==\"Ready\")].status" - - name: Reason - type: string - jsonPath: ".status.conditions[?(@.type==\"Ready\")].reason" - names: - categories: - - all - - knative - - sources - kind: ApiServerSource - plural: apiserversources - singular: apiserversource - scope: Namespaced - ---- -# Copyright 2020 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - name: brokers.eventing.knative.dev - labels: - eventing.knative.dev/release: "v1.8.8" - knative.dev/crd-install: "true" - duck.knative.dev/addressable: "true" - app.kubernetes.io/version: "1.8.8" - app.kubernetes.io/name: knative-eventing -spec: - group: eventing.knative.dev - versions: - - name: v1 - served: true - storage: true - subresources: - status: {} - schema: - openAPIV3Schema: - description: 'Broker collects a pool of events that are consumable using Triggers. Brokers provide a well-known endpoint for event delivery that senders can use with minimal knowledge of the event routing strategy. Subscribers use Triggers to request delivery of events from a Broker''s pool to a specific URL or Addressable endpoint.' - type: object - properties: - spec: - description: Spec defines the desired state of the Broker. - type: object - properties: - config: - description: Config is a KReference to the configuration that specifies configuration options for this Broker. For example, this could be a pointer to a ConfigMap. - type: object - properties: - apiVersion: - description: API version of the referent. - type: string - kind: - description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - namespace: - description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ This is optional field, it gets defaulted to the object holding it if left out.' - type: string - delivery: - description: Delivery contains the delivery spec for each trigger to this Broker. Each trigger delivery spec, if any, overrides this global delivery spec. - type: object - properties: - backoffDelay: - description: 'BackoffDelay is the delay before retrying. More information on Duration format: - https://www.iso.org/iso-8601-date-and-time-format.html - https://en.wikipedia.org/wiki/ISO_8601 For linear policy, backoff delay is backoffDelay*. For exponential policy, backoff delay is backoffDelay*2^.' - type: string - backoffPolicy: - description: BackoffPolicy is the retry backoff policy (linear, exponential). - type: string - deadLetterSink: - description: DeadLetterSink is the sink receiving event that could not be sent to a destination. - type: object - properties: - ref: - description: Ref points to an Addressable. - type: object - properties: - apiVersion: - description: API version of the referent. - type: string - kind: - description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - namespace: - description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ This is optional field, it gets defaulted to the object holding it if left out.' - type: string - uri: - description: URI can be an absolute URL(non-empty scheme and non-empty host) pointing to the target or a relative URI. Relative URIs will be resolved using the base URI retrieved from Ref. - type: string - retry: - description: Retry is the minimum number of retries the sender should attempt when sending an event before moving it to the dead letter sink. - type: integer - format: int32 - x-kubernetes-preserve-unknown-fields: true # This is necessary to enable the experimental feature delivery-timeout - status: - description: Status represents the current state of the Broker. This data may be out of date. - type: object - properties: - address: - description: Broker is Addressable. It exposes the endpoint as an URI to get events delivered into the Broker mesh. - type: object - properties: - url: - type: string - annotations: - description: Annotations is additional Status fields for the Resource to save some additional State as well as convey more information to the user. This is roughly akin to Annotations on any k8s resource, just the reconciler conveying richer information outwards. - type: object - x-kubernetes-preserve-unknown-fields: true - conditions: - description: Conditions the latest available observations of a resource's current state. - type: array - items: - type: object - required: - - type - - status - properties: - lastTransitionTime: - description: 'LastTransitionTime is the last time the condition transitioned from one status to another. We use VolatileTime in place of metav1.Time to exclude this from creating equality.Semantic differences (all other things held constant).' - type: string - message: - description: 'A human readable message indicating details about the transition.' - type: string - reason: - description: 'The reason for the condition''s last transition.' - type: string - severity: - description: 'Severity with which to treat failures of this type of condition. When this is not specified, it defaults to Error.' - type: string - status: - description: 'Status of the condition, one of True, False, Unknown.' - type: string - type: - description: 'Type of condition.' - type: string - deadLetterSinkUri: - description: DeadLetterSinkURI is the resolved URI of the dead letter sink that will be used as a fallback when not specified by Triggers. - type: string - observedGeneration: - description: ObservedGeneration is the 'Generation' of the Service that was last processed by the controller. - type: integer - format: int64 - additionalPrinterColumns: - - name: URL - type: string - jsonPath: .status.address.url - - name: Age - type: date - jsonPath: .metadata.creationTimestamp - - name: Ready - type: string - jsonPath: ".status.conditions[?(@.type==\"Ready\")].status" - - name: Reason - type: string - jsonPath: ".status.conditions[?(@.type==\"Ready\")].reason" - names: - kind: Broker - plural: brokers - singular: broker - categories: - - all - - knative - - eventing - scope: Namespaced - ---- -# Copyright 2020 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - name: channels.messaging.knative.dev - labels: - eventing.knative.dev/release: "v1.8.8" - knative.dev/crd-install: "true" - messaging.knative.dev/subscribable: "true" - duck.knative.dev/addressable: "true" - app.kubernetes.io/version: "1.8.8" - app.kubernetes.io/name: knative-eventing -spec: - group: messaging.knative.dev - versions: - - name: v1 - served: true - storage: true - subresources: - status: {} - additionalPrinterColumns: - - name: URL - type: string - jsonPath: .status.address.url - - name: Age - type: date - jsonPath: .metadata.creationTimestamp - - name: Ready - type: string - jsonPath: ".status.conditions[?(@.type==\"Ready\")].status" - - name: Reason - type: string - jsonPath: ".status.conditions[?(@.type==\"Ready\")].reason" - schema: - openAPIV3Schema: - description: 'Channel represents a generic Channel. It is normally used when we want a Channel, but do not need a specific Channel implementation.' - type: object - properties: - spec: - description: Spec defines the desired state of the Channel. - type: object - properties: - channelTemplate: - description: ChannelTemplate specifies which Channel CRD to use to create the CRD Channel backing this Channel. This is immutable after creation. Normally this is set by the Channel defaulter, not directly by the user. - type: object - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - spec: - description: Spec defines the Spec to use for each channel created. Passed in verbatim to the Channel CRD as Spec section. - type: object - x-kubernetes-preserve-unknown-fields: true - delivery: - description: DeliverySpec contains the default delivery spec for each subscription to this Channelable. Each subscription delivery spec, if any, overrides this global delivery spec. - type: object - properties: - backoffDelay: - description: 'BackoffDelay is the delay before retrying. More information on Duration format: - https://www.iso.org/iso-8601-date-and-time-format.html - https://en.wikipedia.org/wiki/ISO_8601 For linear policy, backoff delay is backoffDelay*. For exponential policy, backoff delay is backoffDelay*2^.' - type: string - backoffPolicy: - description: BackoffPolicy is the retry backoff policy (linear, exponential). - type: string - deadLetterSink: - description: DeadLetterSink is the sink receiving event that could not be sent to a destination. - type: object - properties: - ref: - description: Ref points to an Addressable. - type: object - properties: - apiVersion: - description: API version of the referent. - type: string - kind: - description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - namespace: - description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ This is optional field, it gets defaulted to the object holding it if left out.' - type: string - uri: - description: URI can be an absolute URL(non-empty scheme and non-empty host) pointing to the target or a relative URI. Relative URIs will be resolved using the base URI retrieved from Ref. - type: string - retry: - description: Retry is the minimum number of retries the sender should attempt when sending an event before moving it to the dead letter sink. - type: integer - format: int32 - x-kubernetes-preserve-unknown-fields: true # This is necessary to enable the experimental feature delivery-timeout - subscribers: - description: This is the list of subscriptions for this subscribable. - type: array - items: - type: object - properties: - delivery: - description: DeliverySpec contains options controlling the event delivery - type: object - properties: - backoffDelay: - description: 'BackoffDelay is the delay before retrying. More information on Duration format: - https://www.iso.org/iso-8601-date-and-time-format.html - https://en.wikipedia.org/wiki/ISO_8601 For linear policy, backoff delay is backoffDelay*. For exponential policy, backoff delay is backoffDelay*2^.' - type: string - backoffPolicy: - description: BackoffPolicy is the retry backoff policy (linear, exponential). - type: string - deadLetterSink: - description: DeadLetterSink is the sink receiving event that could not be sent to a destination. - type: object - properties: - ref: - description: Ref points to an Addressable. - type: object - properties: - apiVersion: - description: API version of the referent. - type: string - kind: - description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - namespace: - description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ This is optional field, it gets defaulted to the object holding it if left out.' - type: string - uri: - description: URI can be an absolute URL(non-empty scheme and non-empty host) pointing to the target or a relative URI. Relative URIs will be resolved using the base URI retrieved from Ref. - type: string - retry: - description: Retry is the minimum number of retries the sender should attempt when sending an event before moving it to the dead letter sink. - type: integer - format: int32 - x-kubernetes-preserve-unknown-fields: true # This is necessary to enable the experimental feature - generation: - description: Generation of the origin of the subscriber with uid:UID. - type: integer - format: int64 - replyUri: - description: ReplyURI is the endpoint for the reply - type: string - subscriberUri: - description: SubscriberURI is the endpoint for the subscriber - type: string - uid: - description: UID is used to understand the origin of the subscriber. - type: string - status: - description: Status represents the current state of the Channel. This data may be out of date. - type: object - properties: - address: - type: object - properties: - url: - type: string - annotations: - description: Annotations is additional Status fields for the Resource to save some additional State as well as convey more information to the user. This is roughly akin to Annotations on any k8s resource, just the reconciler conveying richer information outwards. - type: object - x-kubernetes-preserve-unknown-fields: true - channel: - description: Channel is an KReference to the Channel CRD backing this Channel. - type: object - properties: - apiVersion: - description: API version of the referent. - type: string - kind: - description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - namespace: - description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ This is optional field, it gets defaulted to the object holding it if left out.' - type: string - conditions: - description: Conditions the latest available observations of a resource's current state. - type: array - items: - type: object - required: - - type - - status - properties: - lastTransitionTime: - description: LastTransitionTime is the last time the condition transitioned from one status to another. We use VolatileTime in place of metav1.Time to exclude this from creating equality.Semantic differences (all other things held constant). - type: string - message: - description: A human readable message indicating details about the transition. - type: string - reason: - description: The reason for the condition's last transition. - type: string - severity: - description: Severity with which to treat failures of this type of condition. When this is not specified, it defaults to Error. - type: string - status: - description: Status of the condition, one of True, False, Unknown. - type: string - type: - description: Type of condition. - type: string - deadLetterChannel: - description: DeadLetterChannel is a KReference and is set by the channel when it supports native error handling via a channel Failed messages are delivered here. - type: object - properties: - apiVersion: - description: API version of the referent. - type: string - kind: - description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - namespace: - description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ This is optional field, it gets defaulted to the object holding it if left out.' - type: string - deadLetterSinkUri: - description: DeadLetterSinkURI is the resolved URI of the dead letter sink that will be used as a fallback when not specified by Triggers. - type: string - observedGeneration: - description: ObservedGeneration is the 'Generation' of the Service that was last processed by the controller. - type: integer - format: int64 - subscribers: - description: This is the list of subscription's statuses for this channel. - type: array - items: - type: object - properties: - message: - description: A human readable message indicating details of Ready status. - type: string - observedGeneration: - description: Generation of the origin of the subscriber with uid:UID. - type: integer - format: int64 - ready: - description: Status of the subscriber. - type: string - uid: - description: UID is used to understand the origin of the subscriber. - type: string - names: - kind: Channel - plural: channels - singular: channel - categories: - - all - - knative - - messaging - - channel - shortNames: - - ch - scope: Namespaced - ---- -# Copyright 2020 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - labels: - eventing.knative.dev/release: "v1.8.8" - eventing.knative.dev/source: "true" - duck.knative.dev/source: "true" - knative.dev/crd-install: "true" - app.kubernetes.io/version: "1.8.8" - app.kubernetes.io/name: knative-eventing - name: containersources.sources.knative.dev -spec: - group: sources.knative.dev - versions: - - name: v1 - served: true - storage: true - subresources: - status: {} - schema: - openAPIV3Schema: - description: 'ContainerSource is an event source that starts a container image which generates events under certain situations and sends messages to a sink URI' - type: object - properties: - spec: - type: object - properties: - ceOverrides: - description: CloudEventOverrides defines overrides to control the output format and modifications of the event sent to the sink. - type: object - properties: - extensions: - description: Extensions specify what attribute are added or overridden on the outbound event. Each `Extensions` key-value pair are set on the event as an attribute extension independently. - type: object - x-kubernetes-preserve-unknown-fields: true - sink: - description: Sink is a reference to an object that will resolve to a uri to use as the sink. - type: object - properties: - ref: - description: Ref points to an Addressable. - type: object - properties: - apiVersion: - description: API version of the referent. - type: string - kind: - description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - namespace: - description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ This is optional field, it gets defaulted to the object holding it if left out.' - type: string - uri: - description: URI can be an absolute URL(non-empty scheme and non-empty host) pointing to the target or a relative URI. Relative URIs will be resolved using the base URI retrieved from Ref. - type: string - # WARNING: the schema tool can not parse PodTemplateSpec, stub here and redirect to Deployment documentation. - template: - type: object - x-kubernetes-preserve-unknown-fields: true - description: 'A template in the shape of `Deployment.spec.template` to be used for this ContainerSource. More info: https://kubernetes.io/docs/concepts/workloads/controllers/deployment/' - status: - type: object - properties: - annotations: - description: Annotations is additional Status fields for the Resource to save some additional State as well as convey more information to the user. This is roughly akin to Annotations on any k8s resource, just the reconciler conveying richer information outwards. - type: object - x-kubernetes-preserve-unknown-fields: true - ceAttributes: - description: CloudEventAttributes are the specific attributes that the Source uses as part of its CloudEvents. - type: array - items: - type: object - properties: - source: - description: Source is the CloudEvents source attribute. - type: string - type: - description: Type refers to the CloudEvent type attribute. - type: string - conditions: - description: Conditions the latest available observations of a resource's current state. - type: array - items: - type: object - required: - - type - - status - properties: - lastTransitionTime: - description: LastTransitionTime is the last time the condition transitioned from one status to another. We use VolatileTime in place of metav1.Time to exclude this from creating equality.Semantic differences (all other things held constant). - type: string - message: - description: A human readable message indicating details about the transition. - type: string - reason: - description: The reason for the condition's last transition. - type: string - severity: - description: Severity with which to treat failures of this type of condition. When this is not specified, it defaults to Error. - type: string - status: - description: Status of the condition, one of True, False, Unknown. - type: string - type: - description: Type of condition. - type: string - observedGeneration: - description: ObservedGeneration is the 'Generation' of the Service that was last processed by the controller. - type: integer - format: int64 - sinkUri: - description: SinkURI is the current active sink URI that has been configured for the Source. - type: string - additionalPrinterColumns: - - name: Sink - type: string - jsonPath: ".status.sinkUri" - - name: Age - type: date - jsonPath: .metadata.creationTimestamp - - name: Ready - type: string - jsonPath: ".status.conditions[?(@.type==\"Ready\")].status" - - name: Reason - type: string - jsonPath: ".status.conditions[?(@.type=='Ready')].reason" - names: - categories: - - all - - knative - - sources - kind: ContainerSource - plural: containersources - singular: containersource - scope: Namespaced - ---- -# Copyright 2020 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - name: eventtypes.eventing.knative.dev - labels: - eventing.knative.dev/release: "v1.8.8" - knative.dev/crd-install: "true" - app.kubernetes.io/version: "1.8.8" - app.kubernetes.io/name: knative-eventing -spec: - group: eventing.knative.dev - versions: - - name: v1beta1 - served: true - storage: true - subresources: - status: {} - schema: - openAPIV3Schema: - type: object - description: 'EventType represents a type of event that can be consumed from a Broker.' - properties: - spec: - description: 'Spec defines the desired state of the EventType.' - type: object - properties: - broker: - type: string - description: - description: 'Description is an optional field used to describe the EventType, in any meaningful way.' - type: string - schema: - description: 'Schema is a URI, it represents the CloudEvents schemaurl extension attribute. It may be a JSON schema, a protobuf schema, etc. It is optional.' - type: string - schemaData: - description: 'SchemaData allows the CloudEvents schema to be stored directly in the EventType. Content is dependent on the encoding. Optional attribute. The contents are not validated or manipulated by the system.' - type: string - source: - description: 'Source is a URI, it represents the CloudEvents source.' - type: string - type: - description: 'Type represents the CloudEvents type. It is authoritative.' - type: string - status: - description: 'Status represents the current state of the EventType. This data may be out of date.' - type: object - properties: - annotations: - description: 'Annotations is additional Status fields for the Resource to save some additional State as well as convey more information to the user. This is roughly akin to Annotations on any k8s resource, just the reconciler conveying richer information outwards.' - type: object - x-kubernetes-preserve-unknown-fields: true - conditions: - description: 'Conditions the latest available observations of a resource''s current state.' - type: array - items: - type: object - required: - - type - - status - properties: - lastTransitionTime: - description: 'LastTransitionTime is the last time the condition transitioned from one status to another. We use VolatileTime in place of metav1.Time to exclude this from creating equality.Semantic differences (all other things held constant).' - type: string - message: - description: 'A human readable message indicating details about the transition.' - type: string - reason: - description: 'The reason for the condition''s last transition.' - type: string - severity: - description: 'Severity with which to treat failures of this type of condition. When this is not specified, it defaults to Error.' - type: string - status: - description: 'Status of the condition, one of True, False, Unknown.' - type: string - type: - description: 'Type of condition.' - type: string - observedGeneration: - description: 'ObservedGeneration is the ''Generation'' of the Service that was last processed by the controller.' - type: integer - format: int64 - additionalPrinterColumns: - - name: Type - type: string - jsonPath: ".spec.type" - - name: Source - type: string - jsonPath: ".spec.source" - - name: Schema - type: string - jsonPath: ".spec.schema" - - name: Broker - type: string - jsonPath: ".spec.broker" - - name: Description - type: string - jsonPath: ".spec.description" - # TODO remove Status https://github.com/knative/eventing/issues/2750 - - name: Ready - type: string - jsonPath: ".status.conditions[?(@.type==\"Ready\")].status" - - name: Reason - type: string - jsonPath: ".status.conditions[?(@.type==\"Ready\")].reason" - names: - kind: EventType - plural: eventtypes - singular: eventtype - categories: - - all - - knative - - eventing - scope: Namespaced - ---- -# Copyright 2020 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - name: parallels.flows.knative.dev - labels: - eventing.knative.dev/release: "v1.8.8" - knative.dev/crd-install: "true" - duck.knative.dev/addressable: "true" - app.kubernetes.io/version: "1.8.8" - app.kubernetes.io/name: knative-eventing -spec: - group: flows.knative.dev - versions: - - name: v1 - served: true - storage: true - subresources: - status: {} - schema: - openAPIV3Schema: - description: 'Parallel defines conditional branches that will be wired in series through Channels and Subscriptions.' - type: object - properties: - spec: - description: Spec defines the desired state of the Parallel. - type: object - properties: - branches: - description: Branches is the list of Filter/Subscribers pairs. - type: array - items: - type: object - x-kubernetes-preserve-unknown-fields: true - properties: - delivery: - description: Delivery is the delivery specification for events to the subscriber This includes things like retries, DLQ, etc. - type: object - properties: - backoffDelay: - description: 'BackoffDelay is the delay before retrying. More information on Duration format: - https://www.iso.org/iso-8601-date-and-time-format.html - https://en.wikipedia.org/wiki/ISO_8601 For linear policy, backoff delay is backoffDelay*. For exponential policy, backoff delay is backoffDelay*2^.' - type: string - backoffPolicy: - description: BackoffPolicy is the retry backoff policy (linear, exponential). - type: string - deadLetterSink: - description: DeadLetterSink is the sink receiving event that could not be sent to a destination. - type: object - properties: &addressableProperties - ref: - description: Ref points to an Addressable. - type: object - properties: - apiVersion: - description: API version of the referent. - type: string - kind: - description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - namespace: - description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ This is optional field, it gets defaulted to the object holding it if left out.' - type: string - uri: - description: URI can be an absolute URL(non-empty scheme and non-empty host) pointing to the target or a relative URI. Relative URIs will be resolved using the base URI retrieved from Ref. - type: string - retry: - description: Retry is the minimum number of retries the sender should attempt when sending an event before moving it to the dead letter sink. - type: integer - format: int32 - x-kubernetes-preserve-unknown-fields: true # This is necessary to enable the experimental feature delivery-timeout - filter: - description: Filter is the expression guarding the branch - type: object - properties: - !!merge <<: *addressableProperties - reply: - description: Reply is a Reference to where the result of Subscriber of this case gets sent to. If not specified, sent the result to the Parallel Reply - type: object - properties: - !!merge <<: *addressableProperties - subscriber: - description: Subscriber receiving the event when the filter passes - type: object - properties: - !!merge <<: *addressableProperties - channelTemplate: - description: ChannelTemplate specifies which Channel CRD to use. If left unspecified, it is set to the default Channel CRD for the namespace (or cluster, in case there are no defaults for the namespace). - type: object - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - spec: - description: Spec defines the Spec to use for each channel created. Passed in verbatim to the Channel CRD as Spec section. - type: object - x-kubernetes-preserve-unknown-fields: true - reply: - description: Reply is a Reference to where the result of a case Subscriber gets sent to when the case does not have a Reply - type: object - properties: - !!merge <<: *addressableProperties - status: - description: Status represents the current state of the Parallel. This data may be out of date. - type: object - properties: - address: - type: object - properties: - url: - type: string - annotations: - description: Annotations is additional Status fields for the Resource to save some additional State as well as convey more information to the user. This is roughly akin to Annotations on any k8s resource, just the reconciler conveying richer information outwards. - type: object - x-kubernetes-preserve-unknown-fields: true - branchStatuses: - description: BranchStatuses is an array of corresponding to branch statuses. Matches the Spec.Branches array in the order. - type: array - items: - type: object - properties: - filterChannelStatus: - description: FilterChannelStatus corresponds to the filter channel status. - type: object - properties: &channelProperties - channel: - description: Channel is the reference to the underlying channel. - type: object - properties: &referentProperties - apiVersion: - description: API version of the referent. - type: string - fieldPath: - description: 'If referring to a piece of an object instead of an entire object, this string should contain a valid JSON/Go field access statement, such as desiredState.manifest.containers[2]. For example, if the object reference is to a container within a pod, this would take on a value like: "spec.containers{name}" (where "name" refers to the name of the container that triggered the event) or if no container name is specified "spec.containers[2]" (container with index 2 in this pod). This syntax is chosen only to have some well-defined way of referencing a part of an object.' - type: string - kind: - description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - namespace: - description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' - type: string - resourceVersion: - description: 'Specific resourceVersion to which this reference is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency' - type: string - uid: - description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids' - type: string - ready: - description: ReadyCondition indicates whether the Channel is ready or not. - type: object - x-kubernetes-preserve-unknown-fields: true - properties: &readyConditionProperties - message: - description: A human readable message indicating details about the transition. - type: string - reason: - description: The reason for the condition's last transition. - type: string - severity: - description: Severity with which to treat failures of this type of condition. When this is not specified, it defaults to Error. - type: string - status: - description: Status of the condition, one of True, False, Unknown. - type: string - type: - description: Type of condition. - type: string - filterSubscriptionStatus: - description: FilterSubscriptionStatus corresponds to the filter subscription status. - type: object - properties: - ready: - description: ReadyCondition indicates whether the Subscription is ready or not. - type: object - properties: - !!merge <<: *readyConditionProperties - subscription: - description: Subscription is the reference to the underlying Subscription. - type: object - properties: - !!merge <<: *referentProperties - subscriberSubscriptionStatus: - description: SubscriptionStatus corresponds to the subscriber subscription status. - type: object - properties: - ready: - description: ReadyCondition indicates whether the Subscription is ready or not. - type: object - properties: - !!merge <<: *readyConditionProperties - subscription: - description: Subscription is the reference to the underlying Subscription. - type: object - properties: - !!merge <<: *referentProperties - conditions: - description: Conditions the latest available observations of a resource's current state. - type: array - items: - type: object - properties: - !!merge <<: *readyConditionProperties - ingressChannelStatus: - description: IngressChannelStatus corresponds to the ingress channel status. - type: object - properties: - !!merge <<: *channelProperties - observedGeneration: - description: ObservedGeneration is the 'Generation' of the Service that was last processed by the controller. - type: integer - format: int64 - additionalPrinterColumns: - - name: URL - type: string - jsonPath: .status.address.url - - name: Age - type: date - jsonPath: .metadata.creationTimestamp - - name: Ready - type: string - jsonPath: ".status.conditions[?(@.type==\"Ready\")].status" - - name: Reason - type: string - jsonPath: ".status.conditions[?(@.type==\"Ready\")].reason" - names: - kind: Parallel - plural: parallels - singular: parallel - categories: - - all - - knative - - flows - scope: Namespaced - ---- -# Copyright 2020 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - labels: - eventing.knative.dev/release: "v1.8.8" - eventing.knative.dev/source: "true" - duck.knative.dev/source: "true" - knative.dev/crd-install: "true" - app.kubernetes.io/version: "1.8.8" - app.kubernetes.io/name: knative-eventing - annotations: - # TODO add schemas and descriptions - registry.knative.dev/eventTypes: | - [ - { "type": "dev.knative.sources.ping" } - ] - name: pingsources.sources.knative.dev -spec: - group: sources.knative.dev - versions: - - &version - name: v1beta2 - served: true - storage: false - subresources: - status: {} - schema: - openAPIV3Schema: - type: object - description: 'PingSource describes an event source with a fixed payload produced on a specified cron schedule.' - properties: - spec: - type: object - description: 'PingSourceSpec defines the desired state of the PingSource (from the client).' - properties: - ceOverrides: - description: 'CloudEventOverrides defines overrides to control the output format and modifications of the event sent to the sink.' - type: object - properties: - extensions: - description: 'Extensions specify what attribute are added or overridden on the outbound event. Each `Extensions` key-value pair are set on the event as an attribute extension independently.' - type: object - additionalProperties: - type: string - x-kubernetes-preserve-unknown-fields: true - contentType: - description: 'ContentType is the media type of `data` or `dataBase64`. Default is empty.' - type: string - data: - description: 'Data is data used as the body of the event posted to the sink. Default is empty. Mutually exclusive with `dataBase64`.' - type: string - dataBase64: - description: "DataBase64 is the base64-encoded string of the actual event's body posted to the sink. Default is empty. Mutually exclusive with `data`." - type: string - schedule: - description: 'Schedule is the cron schedule. Defaults to `* * * * *`.' - type: string - sink: - description: 'Sink is a reference to an object that will resolve to a uri to use as the sink.' - type: object - properties: - ref: - description: 'Ref points to an Addressable.' - type: object - properties: - apiVersion: - description: 'API version of the referent.' - type: string - kind: - description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - namespace: - description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ This is optional field, it gets defaulted to the object holding it if left out.' - type: string - uri: - description: 'URI can be an absolute URL(non-empty scheme and non-empty host) pointing to the target or a relative URI. Relative URIs will be resolved using the base URI retrieved from Ref.' - type: string - timezone: - description: 'Timezone modifies the actual time relative to the specified timezone. Defaults to the system time zone. More general information about time zones: https://www.iana.org/time-zones List of valid timezone values: https://en.wikipedia.org/wiki/List_of_tz_database_time_zones' - type: string - status: - type: object - description: 'PingSourceStatus defines the observed state of PingSource (from the controller).' - properties: - annotations: - description: 'Annotations is additional Status fields for the Resource to save some additional State as well as convey more information to the user. This is roughly akin to Annotations on any k8s resource, just the reconciler conveying richer information outwards.' - type: object - x-kubernetes-preserve-unknown-fields: true - ceAttributes: - description: 'CloudEventAttributes are the specific attributes that the Source uses as part of its CloudEvents.' - type: array - items: - type: object - properties: - source: - description: 'Source is the CloudEvents source attribute.' - type: string - type: - description: 'Type refers to the CloudEvent type attribute.' - type: string - conditions: - description: 'Conditions the latest available observations of a resource''s current state.' - type: array - items: - type: object - required: - - type - - status - properties: - lastTransitionTime: - description: 'LastTransitionTime is the last time the condition transitioned from one status to another. We use VolatileTime in place of metav1.Time to exclude this from creating equality.Semantic differences (all other things held constant).' - type: string - message: - description: 'A human readable message indicating details about the transition.' - type: string - reason: - description: 'The reason for the condition''s last transition.' - type: string - severity: - description: 'Severity with which to treat failures of this type of condition. When this is not specified, it defaults to Error.' - type: string - status: - description: 'Status of the condition, one of True, False, Unknown.' - type: string - type: - description: 'Type of condition.' - type: string - observedGeneration: - description: 'ObservedGeneration is the "Generation" of the Service that was last processed by the controller.' - type: integer - format: int64 - sinkUri: - description: 'SinkURI is the current active sink URI that has been configured for the Source.' - type: string - additionalPrinterColumns: - - name: Sink - type: string - jsonPath: .status.sinkUri - - name: Schedule - type: string - jsonPath: .spec.schedule - - name: Age - type: date - jsonPath: .metadata.creationTimestamp - - name: Ready - type: string - jsonPath: ".status.conditions[?(@.type=='Ready')].status" - - name: Reason - type: string - jsonPath: ".status.conditions[?(@.type=='Ready')].reason" - - !!merge <<: *version - name: v1 - served: true - storage: true - # v1 schema is identical to the v1beta2 schema - names: - categories: - - all - - knative - - sources - kind: PingSource - plural: pingsources - singular: pingsource - scope: Namespaced - conversion: - strategy: Webhook - webhook: - conversionReviewVersions: ["v1", "v1beta1"] - clientConfig: - service: - name: eventing-webhook - namespace: knative-eventing - ---- -# Copyright 2020 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - name: sequences.flows.knative.dev - labels: - eventing.knative.dev/release: "v1.8.8" - knative.dev/crd-install: "true" - duck.knative.dev/addressable: "true" - app.kubernetes.io/version: "1.8.8" - app.kubernetes.io/name: knative-eventing -spec: - group: flows.knative.dev - versions: - - name: v1 - served: true - storage: true - subresources: - status: {} - schema: - openAPIV3Schema: - description: 'Sequence defines a sequence of Subscribers that will be wired in series through Channels and Subscriptions.' - type: object - properties: - spec: - description: Spec defines the desired state of the Sequence. - type: object - properties: - channelTemplate: - description: ChannelTemplate specifies which Channel CRD to use. If left unspecified, it is set to the default Channel CRD for the namespace (or cluster, in case there are no defaults for the namespace). - type: object - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - spec: - description: Spec defines the Spec to use for each channel created. Passed in verbatim to the Channel CRD as Spec section. - type: object - x-kubernetes-preserve-unknown-fields: true - reply: - description: Reply is a Reference to where the result of the last Subscriber gets sent to. - type: object - properties: - ref: - description: Ref points to an Addressable. - type: object - properties: - apiVersion: - description: API version of the referent. - type: string - kind: - description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - namespace: - description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ This is optional field, it gets defaulted to the object holding it if left out.' - type: string - uri: - description: URI can be an absolute URL(non-empty scheme and non-empty host) pointing to the target or a relative URI. Relative URIs will be resolved using the base URI retrieved from Ref. - type: string - steps: - description: Steps is the list of Destinations (processors / functions) that will be called in the order provided. Each step has its own delivery options - type: array - items: - type: object - properties: - delivery: - description: Delivery is the delivery specification for events to the subscriber This includes things like retries, DLQ, etc. - type: object - properties: - backoffDelay: - description: 'BackoffDelay is the delay before retrying. More information on Duration format: - https://www.iso.org/iso-8601-date-and-time-format.html - https://en.wikipedia.org/wiki/ISO_8601 For linear policy, backoff delay is backoffDelay*. For exponential policy, backoff delay is backoffDelay*2^.' - type: string - backoffPolicy: - description: BackoffPolicy is the retry backoff policy (linear, exponential). - type: string - deadLetterSink: - description: DeadLetterSink is the sink receiving event that could not be sent to a destination. - type: object - properties: - ref: - description: Ref points to an Addressable. - type: object - properties: - apiVersion: - description: API version of the referent. - type: string - kind: - description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - namespace: - description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ This is optional field, it gets defaulted to the object holding it if left out.' - type: string - uri: - description: URI can be an absolute URL(non-empty scheme and non-empty host) pointing to the target or a relative URI. Relative URIs will be resolved using the base URI retrieved from Ref. - type: string - retry: - description: Retry is the minimum number of retries the sender should attempt when sending an event before moving it to the dead letter sink. - type: integer - format: int32 - x-kubernetes-preserve-unknown-fields: true # This is necessary to enable the experimental feature delivery-timeout - ref: - description: Ref points to an Addressable. - type: object - properties: - apiVersion: - description: API version of the referent. - type: string - kind: - description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - namespace: - description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ This is optional field, it gets defaulted to the object holding it if left out.' - type: string - uri: - description: URI can be an absolute URL(non-empty scheme and non-empty host) pointing to the target or a relative URI. Relative URIs will be resolved using the base URI retrieved from Ref. - type: string - status: - description: Status represents the current state of the Sequence. This data may be out of date. - type: object - properties: - address: - type: object - properties: - url: - type: string - annotations: - description: Annotations is additional Status fields for the Resource to save some additional State as well as convey more information to the user. This is roughly akin to Annotations on any k8s resource, just the reconciler conveying richer information outwards. - type: object - x-kubernetes-preserve-unknown-fields: true - channelStatuses: - description: ChannelStatuses is an array of corresponding Channel statuses. Matches the Spec.Steps array in the order. - type: array - items: - type: object - properties: - channel: - description: Channel is the reference to the underlying channel. - type: object - properties: - apiVersion: - description: API version of the referent. - type: string - fieldPath: - description: 'If referring to a piece of an object instead of an entire object, this string should contain a valid JSON/Go field access statement, such as desiredState.manifest.containers[2]. For example, if the object reference is to a container within a pod, this would take on a value like: "spec.containers{name}" (where "name" refers to the name of the container that triggered the event) or if no container name is specified "spec.containers[2]" (container with index 2 in this pod). This syntax is chosen only to have some well-defined way of referencing a part of an object.' - type: string - kind: - description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - namespace: - description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' - type: string - resourceVersion: - description: 'Specific resourceVersion to which this reference is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency' - type: string - uid: - description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids' - type: string - ready: - description: ReadyCondition indicates whether the Channel is ready or not. - type: object - required: - - type - - status - properties: - lastTransitionTime: - description: LastTransitionTime is the last time the condition transitioned from one status to another. We use VolatileTime in place of metav1.Time to exclude this from creating equality.Semantic differences (all other things held constant). - type: string - message: - description: A human readable message indicating details about the transition. - type: string - reason: - description: The reason for the condition's last transition. - type: string - severity: - description: Severity with which to treat failures of this type of condition. When this is not specified, it defaults to Error. - type: string - status: - description: Status of the condition, one of True, False, Unknown. - type: string - type: - description: Type of condition. - type: string - conditions: - description: Conditions the latest available observations of a resource's current state. - type: array - items: - type: object - required: - - type - - status - properties: - lastTransitionTime: - description: LastTransitionTime is the last time the condition transitioned from one status to another. We use VolatileTime in place of metav1.Time to exclude this from creating equality.Semantic differences (all other things held constant). - type: string - message: - description: A human readable message indicating details about the transition. - type: string - reason: - description: The reason for the condition's last transition. - type: string - severity: - description: Severity with which to treat failures of this type of condition. When this is not specified, it defaults to Error. - type: string - status: - description: Status of the condition, one of True, False, Unknown. - type: string - type: - description: Type of condition. - type: string - observedGeneration: - description: ObservedGeneration is the 'Generation' of the Service that was last processed by the controller. - type: integer - format: int64 - subscriptionStatuses: - description: SubscriptionStatuses is an array of corresponding Subscription statuses. Matches the Spec.Steps array in the order. - type: array - items: - type: object - properties: - ready: - description: ReadyCondition indicates whether the Subscription is ready or not. - type: object - required: - - type - - status - properties: - lastTransitionTime: - description: LastTransitionTime is the last time the condition transitioned from one status to another. We use VolatileTime in place of metav1.Time to exclude this from creating equality.Semantic differences (all other things held constant). - type: string - message: - description: A human readable message indicating details about the transition. - type: string - reason: - description: The reason for the condition's last transition. - type: string - severity: - description: Severity with which to treat failures of this type of condition. When this is not specified, it defaults to Error. - type: string - status: - description: Status of the condition, one of True, False, Unknown. - type: string - type: - description: Type of condition. - type: string - subscription: - description: Subscription is the reference to the underlying Subscription. - type: object - properties: - apiVersion: - description: API version of the referent. - type: string - fieldPath: - description: 'If referring to a piece of an object instead of an entire object, this string should contain a valid JSON/Go field access statement, such as desiredState.manifest.containers[2]. For example, if the object reference is to a container within a pod, this would take on a value like: "spec.containers{name}" (where "name" refers to the name of the container that triggered the event) or if no container name is specified "spec.containers[2]" (container with index 2 in this pod). This syntax is chosen only to have some well-defined way of referencing a part of an object.' - type: string - kind: - description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - namespace: - description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' - type: string - resourceVersion: - description: 'Specific resourceVersion to which this reference is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency' - type: string - uid: - description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids' - type: string - additionalPrinterColumns: - - name: URL - type: string - jsonPath: .status.address.url - - name: Age - type: date - jsonPath: .metadata.creationTimestamp - - name: Ready - type: string - jsonPath: ".status.conditions[?(@.type==\"Ready\")].status" - - name: Reason - type: string - jsonPath: ".status.conditions[?(@.type==\"Ready\")].reason" - names: - kind: Sequence - plural: sequences - singular: sequence - categories: - - all - - knative - - flows - scope: Namespaced - ---- -# Copyright 2020 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - labels: - eventing.knative.dev/release: "v1.8.8" - eventing.knative.dev/source: "true" - duck.knative.dev/source: "true" - duck.knative.dev/binding: "true" - knative.dev/crd-install: "true" - app.kubernetes.io/version: "1.8.8" - app.kubernetes.io/name: knative-eventing - name: sinkbindings.sources.knative.dev -spec: - group: sources.knative.dev - versions: - - name: v1 - served: true - storage: true - subresources: - status: {} - schema: - openAPIV3Schema: - description: 'SinkBinding describes a Binding that is also a Source. The `sink` (from the Source duck) is resolved to a URL and then projected into the `subject` by augmenting the runtime contract of the referenced containers to have a `K_SINK` environment variable holding the endpoint to which to send cloud events.' - type: object - properties: - spec: - type: object - properties: - ceOverrides: - description: CloudEventOverrides defines overrides to control the output format and modifications of the event sent to the sink. - type: object - properties: - extensions: - description: Extensions specify what attribute are added or overridden on the outbound event. Each `Extensions` key-value pair are set on the event as an attribute extension independently. - type: object - x-kubernetes-preserve-unknown-fields: true - sink: - description: Sink is a reference to an object that will resolve to a uri to use as the sink. - type: object - properties: - ref: - description: Ref points to an Addressable. - type: object - properties: - apiVersion: - description: API version of the referent. - type: string - kind: - description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - namespace: - description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ This is optional field, it gets defaulted to the object holding it if left out.' - type: string - uri: - description: URI can be an absolute URL(non-empty scheme and non-empty host) pointing to the target or a relative URI. Relative URIs will be resolved using the base URI retrieved from Ref. - type: string - subject: - description: Subject references the resource(s) whose "runtime contract" should be augmented by Binding implementations. - type: object - properties: - apiVersion: - description: API version of the referent. - type: string - kind: - description: Kind of the referent. - type: string - name: - description: Name of the referent. Mutually exclusive with Selector. - type: string - namespace: - description: Namespace of the referent. - type: string - selector: - description: Selector of the referents. Mutually exclusive with Name. - type: object - properties: - matchExpressions: - description: matchExpressions is a list of label selector requirements. The requirements are ANDed. - type: array - items: - type: object - properties: - key: - description: key is the label key that the selector applies to. - type: string - operator: - description: operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. - type: string - values: - description: values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. - type: array - items: - type: string - matchLabels: - description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. - type: object - x-kubernetes-preserve-unknown-fields: true - status: - type: object - properties: - annotations: - description: Annotations is additional Status fields for the Resource to save some additional State as well as convey more information to the user. This is roughly akin to Annotations on any k8s resource, just the reconciler conveying richer information outwards. - type: object - x-kubernetes-preserve-unknown-fields: true - ceAttributes: - description: CloudEventAttributes are the specific attributes that the Source uses as part of its CloudEvents. - type: array - items: - type: object - properties: - source: - description: Source is the CloudEvents source attribute. - type: string - type: - description: Type refers to the CloudEvent type attribute. - type: string - conditions: - description: Conditions the latest available observations of a resource's current state. - type: array - items: - type: object - required: - - type - - status - properties: - lastTransitionTime: - description: LastTransitionTime is the last time the condition transitioned from one status to another. We use VolatileTime in place of metav1.Time to exclude this from creating equality.Semantic differences (all other things held constant). - type: string - message: - description: A human readable message indicating details about the transition. - type: string - reason: - description: The reason for the condition's last transition. - type: string - severity: - description: Severity with which to treat failures of this type of condition. When this is not specified, it defaults to Error. - type: string - status: - description: Status of the condition, one of True, False, Unknown. - type: string - type: - description: Type of condition. - type: string - observedGeneration: - description: ObservedGeneration is the 'Generation' of the Service that was last processed by the controller. - type: integer - format: int64 - sinkUri: - description: SinkURI is the current active sink URI that has been configured for the Source. - type: string - additionalPrinterColumns: - - name: Sink - type: string - jsonPath: ".status.sinkUri" - - name: Age - type: date - jsonPath: .metadata.creationTimestamp - - name: Ready - type: string - jsonPath: ".status.conditions[?(@.type=='Ready')].status" - - name: Reason - type: string - jsonPath: ".status.conditions[?(@.type=='Ready')].reason" - names: - categories: - - all - - knative - - sources - - bindings - kind: SinkBinding - plural: sinkbindings - singular: sinkbinding - scope: Namespaced - ---- -# Copyright 2020 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - name: subscriptions.messaging.knative.dev - labels: - eventing.knative.dev/release: "v1.8.8" - knative.dev/crd-install: "true" - app.kubernetes.io/version: "1.8.8" - app.kubernetes.io/name: knative-eventing -spec: - group: messaging.knative.dev - versions: - - name: v1 - served: true - storage: true - subresources: - status: {} - schema: - openAPIV3Schema: - description: 'Subscription routes events received on a Channel to a DNS name and corresponds to the subscriptions.channels.knative.dev CRD.' - type: object - properties: - spec: - type: object - properties: - channel: - description: 'Reference to a channel that will be used to create the subscription. You can specify only the following fields of the KReference: kind, apiVersion and name. The resource pointed by this KReference must meet the contract to the ChannelableSpec duck type. If the resource does not meet this contract it will be reflected in the Subscription''s status. This field is immutable. We have no good answer on what happens to the events that are currently in the channel being consumed from and what the semantics there should be. For now, you can always delete the Subscription and recreate it to point to a different channel, giving the user more control over what semantics should be used (drain the channel first, possibly have events dropped, etc.)' - type: object - properties: - apiVersion: - description: API version of the referent. - type: string - kind: - description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - x-kubernetes-preserve-unknown-fields: true # This is necessary to enable the experimental feature - delivery: - description: Delivery configuration - type: object - properties: - backoffDelay: - description: 'BackoffDelay is the delay before retrying. More information on Duration format: - https://www.iso.org/iso-8601-date-and-time-format.html - https://en.wikipedia.org/wiki/ISO_8601 For linear policy, backoff delay is backoffDelay*. For exponential policy, backoff delay is backoffDelay*2^.' - type: string - backoffPolicy: - description: BackoffPolicy is the retry backoff policy (linear, exponential). - type: string - deadLetterSink: - description: DeadLetterSink is the sink receiving event that could not be sent to a destination. - type: object - properties: - ref: - description: Ref points to an Addressable. - type: object - properties: - apiVersion: - description: API version of the referent. - type: string - kind: - description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - namespace: - description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ This is optional field, it gets defaulted to the object holding it if left out.' - type: string - uri: - description: URI can be an absolute URL(non-empty scheme and non-empty host) pointing to the target or a relative URI. Relative URIs will be resolved using the base URI retrieved from Ref. - type: string - retry: - description: Retry is the minimum number of retries the sender should attempt when sending an event before moving it to the dead letter sink. - type: integer - format: int32 - x-kubernetes-preserve-unknown-fields: true # This is necessary to enable the experimental feature delivery-timeout - reply: - description: Reply specifies (optionally) how to handle events returned from the Subscriber target. - type: object - properties: - ref: - description: Ref points to an Addressable. - type: object - properties: - apiVersion: - description: API version of the referent. - type: string - kind: - description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - namespace: - description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ This is optional field, it gets defaulted to the object holding it if left out.' - type: string - uri: - description: URI can be an absolute URL(non-empty scheme and non-empty host) pointing to the target or a relative URI. Relative URIs will be resolved using the base URI retrieved from Ref. - type: string - subscriber: - description: Subscriber is reference to (optional) function for processing events. Events from the Channel will be delivered here and replies are sent to a Destination as specified by the Reply. - type: object - properties: - ref: - description: Ref points to an Addressable. - type: object - properties: - apiVersion: - description: API version of the referent. - type: string - kind: - description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - namespace: - description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ This is optional field, it gets defaulted to the object holding it if left out.' - type: string - x-kubernetes-preserve-unknown-fields: true # This is necessary to enable the experimental feature - uri: - description: URI can be an absolute URL(non-empty scheme and non-empty host) pointing to the target or a relative URI. Relative URIs will be resolved using the base URI retrieved from Ref. - type: string - status: - type: object - properties: - annotations: - description: Annotations is additional Status fields for the Resource to save some additional State as well as convey more information to the user. This is roughly akin to Annotations on any k8s resource, just the reconciler conveying richer information outwards. - type: object - x-kubernetes-preserve-unknown-fields: true - conditions: - description: Conditions the latest available observations of a resource's current state. - type: array - items: - type: object - required: - - type - - status - properties: - lastTransitionTime: - description: LastTransitionTime is the last time the condition transitioned from one status to another. We use VolatileTime in place of metav1.Time to exclude this from creating equality.Semantic differences (all other things held constant). - type: string - message: - description: A human readable message indicating details about the transition. - type: string - reason: - description: The reason for the condition's last transition. - type: string - severity: - description: Severity with which to treat failures of this type of condition. When this is not specified, it defaults to Error. - type: string - status: - description: Status of the condition, one of True, False, Unknown. - type: string - type: - description: Type of condition. - type: string - observedGeneration: - description: ObservedGeneration is the 'Generation' of the Service that was last processed by the controller. - type: integer - format: int64 - physicalSubscription: - description: PhysicalSubscription is the fully resolved values that this Subscription represents. - type: object - properties: - deadLetterSinkUri: - description: ReplyURI is the fully resolved URI for the spec.delivery.deadLetterSink. - type: string - replyUri: - description: ReplyURI is the fully resolved URI for the spec.reply. - type: string - subscriberUri: - description: SubscriberURI is the fully resolved URI for spec.subscriber. - type: string - additionalPrinterColumns: - - name: Age - type: date - jsonPath: .metadata.creationTimestamp - - name: Ready - type: string - jsonPath: ".status.conditions[?(@.type==\"Ready\")].status" - - name: Reason - type: string - jsonPath: ".status.conditions[?(@.type==\"Ready\")].reason" - names: - kind: Subscription - plural: subscriptions - singular: subscription - categories: - - all - - knative - - messaging - shortNames: - - sub - scope: Namespaced - ---- -# Copyright 2020 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - name: triggers.eventing.knative.dev - labels: - eventing.knative.dev/release: "v1.8.8" - knative.dev/crd-install: "true" - app.kubernetes.io/version: "1.8.8" - app.kubernetes.io/name: knative-eventing -spec: - group: eventing.knative.dev - versions: - - name: v1 - served: true - storage: true - subresources: - status: {} - additionalPrinterColumns: - - name: Broker - type: string - jsonPath: .spec.broker - - name: Subscriber_URI - type: string - jsonPath: .status.subscriberUri - - name: Age - type: date - jsonPath: .metadata.creationTimestamp - - name: Ready - type: string - jsonPath: ".status.conditions[?(@.type==\"Ready\")].status" - - name: Reason - type: string - jsonPath: ".status.conditions[?(@.type==\"Ready\")].reason" - schema: - openAPIV3Schema: - description: 'Trigger represents a request to have events delivered to a subscriber from a Broker''s event pool.' - type: object - properties: - spec: - description: Spec defines the desired state of the Trigger. - type: object - x-kubernetes-preserve-unknown-fields: true - properties: - broker: - description: Broker is the broker that this trigger receives events from. - type: string - delivery: - description: Delivery contains the delivery spec for this specific trigger. - type: object - x-kubernetes-preserve-unknown-fields: true # This is necessary to enable the experimental feature delivery-timeout - properties: - backoffDelay: - description: 'BackoffDelay is the delay before retrying. More information on Duration format: - https://www.iso.org/iso-8601-date-and-time-format.html - https://en.wikipedia.org/wiki/ISO_8601 For linear policy, backoff delay is backoffDelay*. For exponential policy, backoff delay is backoffDelay*2^.' - type: string - backoffPolicy: - description: BackoffPolicy is the retry backoff policy (linear, exponential). - type: string - deadLetterSink: - description: DeadLetterSink is the sink receiving event that could not be sent to a destination. - type: object - properties: - ref: - description: Ref points to an Addressable. - type: object - properties: - apiVersion: - description: API version of the referent. - type: string - kind: - description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - namespace: - description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ This is optional field, it gets defaulted to the object holding it if left out.' - type: string - uri: - description: URI can be an absolute URL(non-empty scheme and non-empty host) pointing to the target or a relative URI. Relative URIs will be resolved using the base URI retrieved from Ref. - type: string - retry: - description: Retry is the minimum number of retries the sender should attempt when sending an event before moving it to the dead letter sink. - type: integer - format: int32 - filter: - description: 'Filter is the filter to apply against all events from the Broker. Only events that pass this filter will be sent to the Subscriber. If not specified, will default to allowing all events. ' - type: object - properties: - attributes: - description: 'Attributes filters events by exact match on event context attributes. Each key in the map is compared with the equivalent key in the event context. An event passes the filter if all values are equal to the specified values. Nested context attributes are not supported as keys. Only string values are supported. ' - type: object - x-kubernetes-preserve-unknown-fields: true - subscriber: - description: Subscriber is the addressable that receives events from the Broker that pass the Filter. It is required. - type: object - properties: - ref: - description: Ref points to an Addressable. - type: object - properties: - apiVersion: - description: API version of the referent. - type: string - kind: - description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - namespace: - description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ This is optional field, it gets defaulted to the object holding it if left out.' - type: string - uri: - description: URI can be an absolute URL(non-empty scheme and non-empty host) pointing to the target or a relative URI. Relative URIs will be resolved using the base URI retrieved from Ref. - type: string - status: - description: Status represents the current state of the Trigger. This data may be out of date. - type: object - properties: - annotations: - description: Annotations is additional Status fields for the Resource to save some additional State as well as convey more information to the user. This is roughly akin to Annotations on any k8s resource, just the reconciler conveying richer information outwards. - type: object - x-kubernetes-preserve-unknown-fields: true - conditions: - description: Conditions the latest available observations of a resource's current state. - type: array - items: - type: object - required: - - type - - status - properties: - lastTransitionTime: - description: 'LastTransitionTime is the last time the condition transitioned from one status to another. We use VolatileTime in place of metav1.Time to exclude this from creating equality.Semantic differences (all other things held constant).' - type: string - message: - description: 'A human readable message indicating details about the transition.' - type: string - reason: - description: 'The reason for the condition''s last transition.' - type: string - severity: - description: 'Severity with which to treat failures of this type of condition. When this is not specified, it defaults to Error.' - type: string - status: - description: 'Status of the condition, one of True, False, Unknown.' - type: string - type: - description: 'Type of condition.' - type: string - deadLetterSinkUri: - description: DeadLetterSinkURI is the resolved URI of the dead letter sink for this Trigger, in case there is none this will fallback to it's Broker status DeadLetterSinkURI. - type: string - observedGeneration: - description: ObservedGeneration is the 'Generation' of the Service that was last processed by the controller. - type: integer - format: int64 - subscriberUri: - description: SubscriberURI is the resolved URI of the receiver for this Trigger. - type: string - names: - kind: Trigger - plural: triggers - singular: trigger - categories: - - all - - knative - - eventing - scope: Namespaced - ---- -# Copyright 2019 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -# Use this aggregated ClusterRole when you need readonly access to "Addressables" -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRole -metadata: - name: addressable-resolver - labels: - eventing.knative.dev/release: "v1.8.8" - app.kubernetes.io/version: "1.8.8" - app.kubernetes.io/name: knative-eventing -aggregationRule: - clusterRoleSelectors: - - matchLabels: - duck.knative.dev/addressable: "true" -rules: [] # Rules are automatically filled in by the controller manager. ---- -kind: ClusterRole -apiVersion: rbac.authorization.k8s.io/v1 -metadata: - name: service-addressable-resolver - labels: - eventing.knative.dev/release: "v1.8.8" - duck.knative.dev/addressable: "true" - app.kubernetes.io/version: "1.8.8" - app.kubernetes.io/name: knative-eventing -# Do not use this role directly. These rules will be added to the "addressable-resolver" role. -rules: - - apiGroups: - - "" - resources: - - services - verbs: - - get - - list - - watch ---- -kind: ClusterRole -apiVersion: rbac.authorization.k8s.io/v1 -metadata: - name: serving-addressable-resolver - labels: - eventing.knative.dev/release: "v1.8.8" - duck.knative.dev/addressable: "true" - app.kubernetes.io/version: "1.8.8" - app.kubernetes.io/name: knative-eventing -# Do not use this role directly. These rules will be added to the "addressable-resolver" role. -rules: - - apiGroups: - - serving.knative.dev - resources: - - routes - - routes/status - - services - - services/status - verbs: - - get - - list - - watch ---- -kind: ClusterRole -apiVersion: rbac.authorization.k8s.io/v1 -metadata: - name: channel-addressable-resolver - labels: - eventing.knative.dev/release: "v1.8.8" - duck.knative.dev/addressable: "true" - app.kubernetes.io/version: "1.8.8" - app.kubernetes.io/name: knative-eventing -# Do not use this role directly. These rules will be added to the "addressable-resolver" role. -rules: - - apiGroups: - - messaging.knative.dev - resources: - - channels - - channels/status - verbs: - - get - - list - - watch - - apiGroups: - - messaging.knative.dev - resources: - - channels/finalizers - verbs: - - update ---- -kind: ClusterRole -apiVersion: rbac.authorization.k8s.io/v1 -metadata: - name: broker-addressable-resolver - labels: - eventing.knative.dev/release: "v1.8.8" - duck.knative.dev/addressable: "true" - app.kubernetes.io/version: "1.8.8" - app.kubernetes.io/name: knative-eventing -# Do not use this role directly. These rules will be added to the "addressable-resolver" role. -rules: - - apiGroups: - - eventing.knative.dev - resources: - - brokers - - brokers/status - verbs: - - get - - list - - watch ---- -kind: ClusterRole -apiVersion: rbac.authorization.k8s.io/v1 -metadata: - name: flows-addressable-resolver - labels: - eventing.knative.dev/release: "v1.8.8" - duck.knative.dev/addressable: "true" - app.kubernetes.io/version: "1.8.8" - app.kubernetes.io/name: knative-eventing -# Do not use this role directly. These rules will be added to the "addressable-resolver" role. -rules: - - apiGroups: - - flows.knative.dev - resources: - - sequences - - sequences/status - - parallels - - parallels/status - verbs: - - get - - list - - watch - ---- -# Copyright 2019 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRole -metadata: - name: eventing-broker-filter - labels: - eventing.knative.dev/release: "v1.8.8" - app.kubernetes.io/version: "1.8.8" - app.kubernetes.io/name: knative-eventing -rules: - - apiGroups: - - "" - resources: - - "configmaps" - verbs: - - "get" - - "list" - - "watch" - - apiGroups: - - "eventing.knative.dev" - resources: - - "triggers" - - "triggers/status" - verbs: - - "get" - - "list" - - "watch" ---- -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRole -metadata: - name: eventing-broker-ingress - labels: - eventing.knative.dev/release: "v1.8.8" - app.kubernetes.io/version: "1.8.8" - app.kubernetes.io/name: knative-eventing -rules: - - apiGroups: - - "" - resources: - - "configmaps" - verbs: - - "get" - - "list" - - "watch" ---- -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRole -metadata: - name: eventing-config-reader - labels: - eventing.knative.dev/release: "v1.8.8" - app.kubernetes.io/version: "1.8.8" - app.kubernetes.io/name: knative-eventing -rules: - - apiGroups: - - "" - resources: - - "configmaps" - verbs: - - "get" - - "list" - - "watch" - ---- -# Copyright 2019 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -# Use this aggregated ClusterRole when you need read and update permissions on "Channelables". -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRole -metadata: - name: channelable-manipulator - labels: - eventing.knative.dev/release: "v1.8.8" - app.kubernetes.io/version: "1.8.8" - app.kubernetes.io/name: knative-eventing -aggregationRule: - clusterRoleSelectors: - - matchLabels: - duck.knative.dev/channelable: "true" -rules: [] # Rules are automatically filled in by the controller manager. ---- -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRole -metadata: - name: meta-channelable-manipulator - labels: - eventing.knative.dev/release: "v1.8.8" - duck.knative.dev/channelable: "true" - app.kubernetes.io/version: "1.8.8" - app.kubernetes.io/name: knative-eventing -# Do not use this role directly. These rules will be added to the "channelable-manipulator" role. -rules: - - apiGroups: - - messaging.knative.dev - resources: - - channels - - channels/status - verbs: - - create - - get - - list - - watch - - update - - patch - - delete - ---- -# Copyright 2019 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -kind: ClusterRole -apiVersion: rbac.authorization.k8s.io/v1 -metadata: - name: knative-eventing-namespaced-admin - labels: - eventing.knative.dev/release: "v1.8.8" - rbac.authorization.k8s.io/aggregate-to-admin: "true" - app.kubernetes.io/version: "1.8.8" - app.kubernetes.io/name: knative-eventing -rules: - - apiGroups: ["eventing.knative.dev"] - resources: ["*"] - verbs: ["*"] ---- -kind: ClusterRole -apiVersion: rbac.authorization.k8s.io/v1 -metadata: - name: knative-messaging-namespaced-admin - labels: - eventing.knative.dev/release: "v1.8.8" - rbac.authorization.k8s.io/aggregate-to-admin: "true" - app.kubernetes.io/version: "1.8.8" - app.kubernetes.io/name: knative-eventing -rules: - - apiGroups: ["messaging.knative.dev"] - resources: ["*"] - verbs: ["*"] ---- -kind: ClusterRole -apiVersion: rbac.authorization.k8s.io/v1 -metadata: - name: knative-flows-namespaced-admin - labels: - eventing.knative.dev/release: "v1.8.8" - rbac.authorization.k8s.io/aggregate-to-admin: "true" - app.kubernetes.io/version: "1.8.8" - app.kubernetes.io/name: knative-eventing -rules: - - apiGroups: ["flows.knative.dev"] - resources: ["*"] - verbs: ["*"] ---- -kind: ClusterRole -apiVersion: rbac.authorization.k8s.io/v1 -metadata: - name: knative-sources-namespaced-admin - labels: - eventing.knative.dev/release: "v1.8.8" - rbac.authorization.k8s.io/aggregate-to-admin: "true" - app.kubernetes.io/version: "1.8.8" - app.kubernetes.io/name: knative-eventing -rules: - - apiGroups: ["sources.knative.dev"] - resources: ["*"] - verbs: ["*"] ---- -kind: ClusterRole -apiVersion: rbac.authorization.k8s.io/v1 -metadata: - name: knative-bindings-namespaced-admin - labels: - eventing.knative.dev/release: "v1.8.8" - rbac.authorization.k8s.io/aggregate-to-admin: "true" - app.kubernetes.io/version: "1.8.8" - app.kubernetes.io/name: knative-eventing -rules: - - apiGroups: ["bindings.knative.dev"] - resources: ["*"] - verbs: ["*"] ---- -kind: ClusterRole -apiVersion: rbac.authorization.k8s.io/v1 -metadata: - name: knative-eventing-namespaced-edit - labels: - rbac.authorization.k8s.io/aggregate-to-edit: "true" - eventing.knative.dev/release: "v1.8.8" - app.kubernetes.io/version: "1.8.8" - app.kubernetes.io/name: knative-eventing -rules: - - apiGroups: ["eventing.knative.dev", "messaging.knative.dev", "sources.knative.dev", "flows.knative.dev", "bindings.knative.dev"] - resources: ["*"] - verbs: ["create", "update", "patch", "delete"] ---- -kind: ClusterRole -apiVersion: rbac.authorization.k8s.io/v1 -metadata: - name: knative-eventing-namespaced-view - labels: - rbac.authorization.k8s.io/aggregate-to-view: "true" - eventing.knative.dev/release: "v1.8.8" - app.kubernetes.io/version: "1.8.8" - app.kubernetes.io/name: knative-eventing -rules: - - apiGroups: ["eventing.knative.dev", "messaging.knative.dev", "sources.knative.dev", "flows.knative.dev", "bindings.knative.dev"] - resources: ["*"] - verbs: ["get", "list", "watch"] - ---- -# Copyright 2019 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRole -metadata: - name: knative-eventing-controller - labels: - eventing.knative.dev/release: "v1.8.8" - app.kubernetes.io/version: "1.8.8" - app.kubernetes.io/name: knative-eventing -rules: - - apiGroups: - - "" - resources: - - "namespaces" - - "secrets" - - "configmaps" - - "services" - - "endpoints" - - "events" - - "serviceaccounts" - - "pods" - verbs: &everything - - "get" - - "list" - - "create" - - "update" - - "delete" - - "patch" - - "watch" - # Brokers and the namespace annotation controllers manipulate Deployments. - - apiGroups: - - "apps" - resources: - - "deployments" - verbs: *everything - # PingSource controller manipulates Deployment owner reference - - apiGroups: - - "apps" - resources: - - "deployments/finalizers" - verbs: - - "update" - # The namespace annotation controller needs to manipulate RoleBindings. - - apiGroups: - - "rbac.authorization.k8s.io" - resources: - - "rolebindings" - verbs: *everything - # Our own resources and statuses we care about. - - apiGroups: - - "eventing.knative.dev" - resources: - - "brokers" - - "brokers/status" - - "triggers" - - "triggers/status" - - "eventtypes" - - "eventtypes/status" - verbs: *everything - # Eventing resources and finalizers we care about. - - apiGroups: - - "eventing.knative.dev" - resources: - - "brokers/finalizers" - - "triggers/finalizers" - verbs: - - "update" - # Our own resources and statuses we care about. - - apiGroups: - - "messaging.knative.dev" - resources: - - "sequences" - - "sequences/status" - - "channels" - - "channels/status" - - "parallels" - - "parallels/status" - - "subscriptions" - - "subscriptions/status" - verbs: *everything - # Flow resources and statuses we care about. - - apiGroups: - - "flows.knative.dev" - resources: - - "sequences" - - "sequences/status" - - "parallels" - - "parallels/status" - verbs: *everything - # Messaging resources and finalizers we care about. - - apiGroups: - - "messaging.knative.dev" - resources: - - "sequences/finalizers" - - "parallels/finalizers" - - "channels/finalizers" - verbs: - - "update" - # Flows resources and finalizers we care about. - - apiGroups: - - "flows.knative.dev" - resources: - - "sequences/finalizers" - - "parallels/finalizers" - verbs: - - "update" - # The subscription controller needs to retrieve and watch CustomResourceDefinitions. - - apiGroups: - - "apiextensions.k8s.io" - resources: - - "customresourcedefinitions" - verbs: - - "get" - - "list" - - "watch" - # For leader election - - apiGroups: - - "coordination.k8s.io" - resources: - - "leases" - verbs: *everything - ---- -# Copyright 2020 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRole -metadata: - name: knative-eventing-pingsource-mt-adapter - labels: - eventing.knative.dev/release: "v1.8.8" - app.kubernetes.io/version: "1.8.8" - app.kubernetes.io/name: knative-eventing -rules: - - apiGroups: - - "" - resources: - - "configmaps" - verbs: - - "get" - - "list" - - "watch" - - apiGroups: - - sources.knative.dev - resources: - - pingsources - - pingsources/status - verbs: - - get - - list - - watch - - patch - - apiGroups: - - sources.knative.dev - resources: - - pingsources/finalizers - verbs: - - "patch" - - apiGroups: - - "" - resources: - - events - verbs: - - "create" - - "patch" - - apiGroups: - - coordination.k8s.io - resources: - - leases - verbs: - - get - - list - - watch - - create - - update - - patch - ---- -# Copyright 2019 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -# Use this aggregated ClusterRole when you need readonly access to "PodSpecables" -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRole -metadata: - name: podspecable-binding - labels: - eventing.knative.dev/release: "v1.8.8" - app.kubernetes.io/version: "1.8.8" - app.kubernetes.io/name: knative-eventing -aggregationRule: - clusterRoleSelectors: - - matchLabels: - duck.knative.dev/podspecable: "true" -rules: [] # Rules are automatically filled in by the controller manager. ---- -kind: ClusterRole -apiVersion: rbac.authorization.k8s.io/v1 -metadata: - name: builtin-podspecable-binding - labels: - eventing.knative.dev/release: "v1.8.8" - duck.knative.dev/podspecable: "true" - app.kubernetes.io/version: "1.8.8" - app.kubernetes.io/name: knative-eventing -# Do not use this role directly. These rules will be added to the "podspecable-binding role. -rules: - # To patch the subjects of our bindings - - apiGroups: - - "apps" - resources: - - "deployments" - - "daemonsets" - - "statefulsets" - - "replicasets" - verbs: - - "list" - - "watch" - - "patch" - - apiGroups: - - "batch" - resources: - - "jobs" - verbs: - - "list" - - "watch" - - "patch" - ---- -# Copyright 2019 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -# Use this aggregated ClusterRole when you need to read "Sources". -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRole -metadata: - name: source-observer - labels: - eventing.knative.dev/release: "v1.8.8" - app.kubernetes.io/version: "1.8.8" - app.kubernetes.io/name: knative-eventing -aggregationRule: - clusterRoleSelectors: - - matchLabels: - duck.knative.dev/source: "true" -rules: [] # Rules are automatically filled in by the controller manager. ---- -kind: ClusterRole -apiVersion: rbac.authorization.k8s.io/v1 -metadata: - name: eventing-sources-source-observer - labels: - eventing.knative.dev/release: "v1.8.8" - duck.knative.dev/source: "true" - app.kubernetes.io/version: "1.8.8" - app.kubernetes.io/name: knative-eventing -# Do not use this role directly. These rules will be added to the "source-observer" role. -rules: - - apiGroups: - - sources.knative.dev - resources: - - apiserversources - - pingsources - - sinkbindings - - containersources - verbs: - - get - - list - - watch - ---- -# Copyright 2019 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRole -metadata: - name: knative-eventing-sources-controller - labels: - eventing.knative.dev/release: "v1.8.8" - app.kubernetes.io/version: "1.8.8" - app.kubernetes.io/name: knative-eventing -rules: - - apiGroups: - - "" - resources: - - "secrets" - - "configmaps" - - "services" - verbs: &everything - - "get" - - "list" - - "create" - - "update" - - "delete" - - "patch" - - "watch" - # Deployments admin - - apiGroups: - - "apps" - resources: - - "deployments" - verbs: *everything - # Source resources and statuses we care about. - - apiGroups: - - "sources.knative.dev" - resources: - - "sinkbindings" - - "sinkbindings/status" - - "sinkbindings/finalizers" - - "apiserversources" - - "apiserversources/status" - - "apiserversources/finalizers" - - "pingsources" - - "pingsources/status" - - "pingsources/finalizers" - - "containersources" - - "containersources/status" - - "containersources/finalizers" - verbs: *everything - # Knative Services admin - - apiGroups: - - serving.knative.dev - resources: - - services - verbs: *everything - # EventTypes admin - - apiGroups: - - eventing.knative.dev - resources: - - eventtypes - verbs: *everything - # Events admin - - apiGroups: - - "" - resources: - - events - verbs: *everything - # Authorization checker - - apiGroups: - - authorization.k8s.io - resources: - - subjectaccessreviews - verbs: - - create - ---- -# Copyright 2019 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRole -metadata: - name: knative-eventing-webhook - labels: - eventing.knative.dev/release: "v1.8.8" - app.kubernetes.io/version: "1.8.8" - app.kubernetes.io/name: knative-eventing -rules: - # For watching logging configuration and getting certs. - - apiGroups: - - "" - resources: - - "configmaps" - verbs: - - "get" - - "list" - - "watch" - # For manipulating certs into secrets. - - apiGroups: - - "" - resources: - - "namespaces" - verbs: - - "get" - - "create" - - "update" - - "list" - - "watch" - - "patch" - # finalizers are needed for the owner reference of the webhook - - apiGroups: - - "" - resources: - - "namespaces/finalizers" - verbs: - - "update" - # For getting our Deployment so we can decorate with ownerref. - - apiGroups: - - "apps" - resources: - - "deployments" - verbs: - - "get" - - apiGroups: - - "apps" - resources: - - "deployments/finalizers" - verbs: - - update - # For actually registering our webhook. - - apiGroups: - - "admissionregistration.k8s.io" - resources: - - "mutatingwebhookconfigurations" - - "validatingwebhookconfigurations" - verbs: &everything - - "get" - - "list" - - "create" - - "update" - - "delete" - - "patch" - - "watch" - # For running the SinkBinding reconciler. - - apiGroups: - - "sources.knative.dev" - resources: - - "sinkbindings" - - "sinkbindings/status" - - "sinkbindings/finalizers" - verbs: *everything - # For leader election - - apiGroups: - - "coordination.k8s.io" - resources: - - "leases" - verbs: *everything - # Necessary for conversion webhook. These are copied from the serving - # TODO: Do we really need all these permissions? - - apiGroups: ["apiextensions.k8s.io"] - resources: ["customresourcedefinitions"] - verbs: ["get", "list", "create", "update", "delete", "patch", "watch"] - ---- -# Copyright 2020 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: rbac.authorization.k8s.io/v1 -kind: Role -metadata: - namespace: knative-eventing - name: knative-eventing-webhook - labels: - eventing.knative.dev/release: "v1.8.8" - app.kubernetes.io/version: "1.8.8" - app.kubernetes.io/name: knative-eventing -rules: - # For manipulating certs into secrets. - - apiGroups: - - "" - resources: - - "secrets" - verbs: - - "get" - - "create" - - "update" - - "list" - - "watch" - - "patch" - ---- -# Copyright 2018 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: admissionregistration.k8s.io/v1 -kind: ValidatingWebhookConfiguration -metadata: - name: config.webhook.eventing.knative.dev - labels: - eventing.knative.dev/release: "v1.8.8" - app.kubernetes.io/version: "1.8.8" - app.kubernetes.io/name: knative-eventing -webhooks: - - admissionReviewVersions: ["v1", "v1beta1"] - clientConfig: - service: - name: eventing-webhook - namespace: knative-eventing - sideEffects: None - failurePolicy: Ignore - name: config.webhook.eventing.knative.dev - namespaceSelector: - matchExpressions: - - key: eventing.knative.dev/release - operator: Exists - timeoutSeconds: 10 - ---- -# Copyright 2018 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: admissionregistration.k8s.io/v1 -kind: MutatingWebhookConfiguration -metadata: - name: webhook.eventing.knative.dev - labels: - eventing.knative.dev/release: "v1.8.8" - app.kubernetes.io/version: "1.8.8" - app.kubernetes.io/name: knative-eventing -webhooks: - - admissionReviewVersions: ["v1", "v1beta1"] - clientConfig: - service: - name: eventing-webhook - namespace: knative-eventing - sideEffects: None - failurePolicy: Fail - name: webhook.eventing.knative.dev - timeoutSeconds: 10 - ---- -# Copyright 2018 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: admissionregistration.k8s.io/v1 -kind: ValidatingWebhookConfiguration -metadata: - name: validation.webhook.eventing.knative.dev - labels: - eventing.knative.dev/release: "v1.8.8" - app.kubernetes.io/version: "1.8.8" - app.kubernetes.io/name: knative-eventing -webhooks: - - admissionReviewVersions: ["v1", "v1beta1"] - clientConfig: - service: - name: eventing-webhook - namespace: knative-eventing - sideEffects: None - failurePolicy: Fail - name: validation.webhook.eventing.knative.dev - timeoutSeconds: 10 - ---- -# Copyright 2018 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: v1 -kind: Secret -metadata: - name: eventing-webhook-certs - namespace: knative-eventing - labels: - eventing.knative.dev/release: "v1.8.8" - app.kubernetes.io/version: "1.8.8" - app.kubernetes.io/name: knative-eventing -# The data is populated at install time. - ---- -# Copyright 2018 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: admissionregistration.k8s.io/v1 -kind: MutatingWebhookConfiguration -metadata: - name: sinkbindings.webhook.sources.knative.dev - labels: - eventing.knative.dev/release: "v1.8.8" - app.kubernetes.io/version: "1.8.8" - app.kubernetes.io/name: knative-eventing -webhooks: - - admissionReviewVersions: ["v1", "v1beta1"] - clientConfig: - service: - name: eventing-webhook - namespace: knative-eventing - failurePolicy: Fail - sideEffects: None - name: sinkbindings.webhook.sources.knative.dev - timeoutSeconds: 10 - ---- diff --git a/cmd/operator/kodata/knative-eventing/1.8.8/3-in-memory-channel.yaml b/cmd/operator/kodata/knative-eventing/1.8.8/3-in-memory-channel.yaml deleted file mode 100644 index a29873a184..0000000000 --- a/cmd/operator/kodata/knative-eventing/1.8.8/3-in-memory-channel.yaml +++ /dev/null @@ -1,1215 +0,0 @@ -# Copyright 2021 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: v1 -kind: ServiceAccount -metadata: - name: imc-controller - namespace: knative-eventing - labels: - eventing.knative.dev/release: "v1.8.8" - app.kubernetes.io/version: "1.8.8" - app.kubernetes.io/name: knative-eventing ---- -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRoleBinding -metadata: - name: imc-controller - labels: - eventing.knative.dev/release: "v1.8.8" - app.kubernetes.io/version: "1.8.8" - app.kubernetes.io/name: knative-eventing -subjects: - - kind: ServiceAccount - name: imc-controller - namespace: knative-eventing -roleRef: - kind: ClusterRole - name: imc-controller - apiGroup: rbac.authorization.k8s.io ---- -apiVersion: rbac.authorization.k8s.io/v1 -kind: RoleBinding -metadata: - namespace: knative-eventing - name: imc-controller - labels: - eventing.knative.dev/release: "v1.8.8" - app.kubernetes.io/version: "1.8.8" - app.kubernetes.io/name: knative-eventing -subjects: - - kind: ServiceAccount - name: imc-controller - namespace: knative-eventing -roleRef: - kind: Role - name: knative-inmemorychannel-webhook - apiGroup: rbac.authorization.k8s.io ---- -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRoleBinding -metadata: - name: imc-controller-resolver - labels: - eventing.knative.dev/release: "v1.8.8" - app.kubernetes.io/version: "1.8.8" - app.kubernetes.io/name: knative-eventing -subjects: - - kind: ServiceAccount - name: imc-controller - namespace: knative-eventing -roleRef: - kind: ClusterRole - name: addressable-resolver - apiGroup: rbac.authorization.k8s.io - ---- -# Copyright 2021 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: v1 -kind: ServiceAccount -metadata: - name: imc-dispatcher - namespace: knative-eventing - labels: - eventing.knative.dev/release: "v1.8.8" - app.kubernetes.io/version: "1.8.8" - app.kubernetes.io/name: knative-eventing ---- -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRoleBinding -metadata: - name: imc-dispatcher - labels: - eventing.knative.dev/release: "v1.8.8" - app.kubernetes.io/version: "1.8.8" - app.kubernetes.io/name: knative-eventing -subjects: - - kind: ServiceAccount - name: imc-dispatcher - namespace: knative-eventing -roleRef: - kind: ClusterRole - name: imc-dispatcher - apiGroup: rbac.authorization.k8s.io - ---- -# Copyright 2020 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: v1 -kind: ConfigMap -metadata: - name: config-imc-event-dispatcher - namespace: knative-eventing - labels: - eventing.knative.dev/release: "v1.8.8" - app.kubernetes.io/component: imc-controller - app.kubernetes.io/version: "1.8.8" - app.kubernetes.io/name: knative-eventing -data: - MaxIdleConnections: "1000" - MaxIdleConnectionsPerHost: "100" - ---- -# Copyright 2019 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: v1 -kind: ConfigMap -metadata: - name: config-observability - namespace: knative-eventing - labels: - eventing.knative.dev/release: "v1.8.8" - knative.dev/config-propagation: original - knative.dev/config-category: eventing - app.kubernetes.io/version: "1.8.8" - app.kubernetes.io/name: knative-eventing - annotations: - knative.dev/example-checksum: "f46cf09d" -data: - _example: | - ################################ - # # - # EXAMPLE CONFIGURATION # - # # - ################################ - - # This block is not actually functional configuration, - # but serves to illustrate the available configuration - # options and document them in a way that is accessible - # to users that `kubectl edit` this config map. - # - # These sample configuration options may be copied out of - # this example block and unindented to be in the data block - # to actually change the configuration. - - # metrics.backend-destination field specifies the system metrics destination. - # It supports either prometheus (the default) or stackdriver. - # Note: Using stackdriver will incur additional charges - metrics.backend-destination: prometheus - - # metrics.request-metrics-backend-destination specifies the request metrics - # destination. If non-empty, it enables queue proxy to send request metrics. - # Currently supported values: prometheus, stackdriver. - metrics.request-metrics-backend-destination: prometheus - - # metrics.stackdriver-project-id field specifies the stackdriver project ID. This - # field is optional. When running on GCE, application default credentials will be - # used if this field is not provided. - metrics.stackdriver-project-id: "" - - # metrics.allow-stackdriver-custom-metrics indicates whether it is allowed to send metrics to - # Stackdriver using "global" resource type and custom metric type if the - # metrics are not supported by "knative_broker", "knative_trigger", and "knative_source" resource types. - # Setting this flag to "true" could cause extra Stackdriver charge. - # If metrics.backend-destination is not Stackdriver, this is ignored. - metrics.allow-stackdriver-custom-metrics: "false" - - # profiling.enable indicates whether it is allowed to retrieve runtime profiling data from - # the pods via an HTTP server in the format expected by the pprof visualization tool. When - # enabled, the Knative Eventing pods expose the profiling data on an alternate HTTP port 8008. - # The HTTP context root for profiling is then /debug/pprof/. - profiling.enable: "false" - - # sink-event-error-reporting.enable whether the adapter reports a kube event to the CRD indicating - # a failure to send a cloud event to the sink. - sink-event-error-reporting.enable: "false" - ---- -# Copyright 2019 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: v1 -kind: ConfigMap -metadata: - name: config-tracing - namespace: knative-eventing - labels: - eventing.knative.dev/release: "v1.8.8" - knative.dev/config-propagation: original - knative.dev/config-category: eventing - app.kubernetes.io/version: "1.8.8" - app.kubernetes.io/name: knative-eventing - annotations: - knative.dev/example-checksum: "0492ceb0" -data: - _example: | - ################################ - # # - # EXAMPLE CONFIGURATION # - # # - ################################ - # This block is not actually functional configuration, - # but serves to illustrate the available configuration - # options and document them in a way that is accessible - # to users that `kubectl edit` this config map. - # - # These sample configuration options may be copied out of - # this example block and unindented to be in the data block - # to actually change the configuration. - # - # This may be "zipkin" or "none". the default is "none" - backend: "none" - - # URL to zipkin collector where traces are sent. - # This must be specified when backend is "zipkin" - zipkin-endpoint: "http://zipkin.istio-system.svc.cluster.local:9411/api/v2/spans" - - # Enable zipkin debug mode. This allows all spans to be sent to the server - # bypassing sampling. - debug: "false" - - # Percentage (0-1) of requests to trace - sample-rate: "0.1" - ---- -# Copyright 2019 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: apps/v1 -kind: Deployment -metadata: - name: imc-controller - namespace: knative-eventing - labels: - eventing.knative.dev/release: "v1.8.8" - knative.dev/high-availability: "true" - app.kubernetes.io/component: imc-controller - app.kubernetes.io/version: "1.8.8" - app.kubernetes.io/name: knative-eventing -spec: - selector: - matchLabels: &labels - messaging.knative.dev/channel: in-memory-channel - messaging.knative.dev/role: controller - template: - metadata: - labels: - !!merge <<: *labels - app.kubernetes.io/component: imc-controller - app.kubernetes.io/version: "1.8.8" - app.kubernetes.io/name: knative-eventing - spec: - affinity: - podAntiAffinity: - preferredDuringSchedulingIgnoredDuringExecution: - - podAffinityTerm: - labelSelector: - matchLabels: *labels - topologyKey: kubernetes.io/hostname - weight: 100 - serviceAccountName: imc-controller - enableServiceLinks: false - containers: - - name: controller - image: gcr.io/knative-releases/knative.dev/eventing/cmd/in_memory/channel_controller@sha256:76ab1c9a26d6df07aebb2077fd5598412e39e6888414d12c26acf7221c9a872d - env: - - name: WEBHOOK_NAME - value: inmemorychannel-webhook - - name: WEBHOOK_PORT - value: "8443" - - name: CONFIG_LOGGING_NAME - value: config-logging - - name: CONFIG_OBSERVABILITY_NAME - value: config-observability - - name: METRICS_DOMAIN - value: knative.dev/inmemorychannel-controller - - name: SYSTEM_NAMESPACE - valueFrom: - fieldRef: - fieldPath: metadata.namespace - - name: DISPATCHER_IMAGE - value: gcr.io/knative-releases/knative.dev/eventing/cmd/in_memory/channel_dispatcher@sha256:2a1229278e408b50382157e4fd49c1f8136312b6028630ece51a8406590e7ea7 - - name: POD_NAME - valueFrom: - fieldRef: - fieldPath: metadata.name - securityContext: - allowPrivilegeEscalation: false - readOnlyRootFilesystem: true - runAsNonRoot: true - capabilities: - drop: - - ALL - seccompProfile: - type: RuntimeDefault - ports: - - name: metrics - containerPort: 9090 - - name: profiling - containerPort: 8008 - - name: https-webhook - containerPort: 8443 - readinessProbe: &probe - periodSeconds: 1 - httpGet: - scheme: HTTPS - port: 8443 - httpHeaders: - - name: k-kubelet-probe - value: "webhook" - livenessProbe: - !!merge <<: *probe - initialDelaySeconds: 120 - # Our webhook should gracefully terminate by lame ducking first, set this to a sufficiently - # high value that we respect whatever value it has configured for the lame duck grace period. - terminationGracePeriodSeconds: 300 ---- -apiVersion: v1 -kind: Service -metadata: - labels: - app.kubernetes.io/component: imc-controller - app.kubernetes.io/version: "1.8.8" - app.kubernetes.io/name: knative-eventing - eventing.knative.dev/release: "v1.8.8" - name: inmemorychannel-webhook - namespace: knative-eventing -spec: - ports: - - name: https-webhook - port: 443 - targetPort: 8443 - - name: http-metrics - port: 9090 - targetPort: 9090 - - name: http-profiling - port: 8008 - targetPort: 8008 - selector: - messaging.knative.dev/channel: in-memory-channel - messaging.knative.dev/role: controller - ---- -# Copyright 2019 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -apiVersion: v1 -kind: Service -metadata: - name: imc-dispatcher - namespace: knative-eventing - labels: - eventing.knative.dev/release: "v1.8.8" - messaging.knative.dev/channel: in-memory-channel - messaging.knative.dev/role: dispatcher - app.kubernetes.io/component: imc-dispatcher - app.kubernetes.io/version: "1.8.8" - app.kubernetes.io/name: knative-eventing -spec: - selector: - messaging.knative.dev/channel: in-memory-channel - messaging.knative.dev/role: dispatcher - ports: - - name: http-dispatcher - port: 80 - protocol: TCP - targetPort: 8080 - - name: http-metrics - port: 9090 - targetPort: 9090 - ---- -# Copyright 2019 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: apps/v1 -kind: Deployment -metadata: - name: imc-dispatcher - namespace: knative-eventing - labels: - eventing.knative.dev/release: "v1.8.8" - knative.dev/high-availability: "true" - app.kubernetes.io/component: imc-dispatcher - app.kubernetes.io/version: "1.8.8" - app.kubernetes.io/name: knative-eventing -spec: - selector: - matchLabels: &labels - messaging.knative.dev/channel: in-memory-channel - messaging.knative.dev/role: dispatcher - template: - metadata: - labels: - !!merge <<: *labels - app.kubernetes.io/component: imc-dispatcher - app.kubernetes.io/version: "1.8.8" - app.kubernetes.io/name: knative-eventing - spec: - affinity: - podAntiAffinity: - preferredDuringSchedulingIgnoredDuringExecution: - - podAffinityTerm: - labelSelector: - matchLabels: *labels - topologyKey: kubernetes.io/hostname - weight: 100 - serviceAccountName: imc-dispatcher - enableServiceLinks: false - containers: - - name: dispatcher - image: gcr.io/knative-releases/knative.dev/eventing/cmd/in_memory/channel_dispatcher@sha256:2a1229278e408b50382157e4fd49c1f8136312b6028630ece51a8406590e7ea7 - readinessProbe: &probe - failureThreshold: 3 - httpGet: - path: /healthz - port: 8080 - scheme: HTTP - periodSeconds: 2 - successThreshold: 1 - timeoutSeconds: 1 - livenessProbe: - !!merge <<: *probe - initialDelaySeconds: 5 - env: - - name: CONFIG_LOGGING_NAME - value: config-logging - - name: CONFIG_OBSERVABILITY_NAME - value: config-observability - - name: METRICS_DOMAIN - value: knative.dev/inmemorychannel-dispatcher - - name: SYSTEM_NAMESPACE - valueFrom: - fieldRef: - fieldPath: metadata.namespace - - name: POD_NAME - valueFrom: - fieldRef: - fieldPath: metadata.name - - name: CONTAINER_NAME - value: dispatcher - - name: MAX_IDLE_CONNS - value: "1000" - - name: MAX_IDLE_CONNS_PER_HOST - value: "1000" - ports: - - containerPort: 8080 - name: http - protocol: TCP - - containerPort: 9090 - name: metrics - securityContext: - allowPrivilegeEscalation: false - readOnlyRootFilesystem: true - runAsNonRoot: true - capabilities: - drop: - - ALL - seccompProfile: - type: RuntimeDefault - ---- -# Copyright 2019 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - name: inmemorychannels.messaging.knative.dev - labels: - eventing.knative.dev/release: "v1.8.8" - knative.dev/crd-install: "true" - messaging.knative.dev/subscribable: "true" - duck.knative.dev/addressable: "true" - app.kubernetes.io/version: "1.8.8" - app.kubernetes.io/name: knative-eventing -spec: - group: messaging.knative.dev - versions: - - name: v1 - served: true - storage: true - subresources: - status: {} - schema: - openAPIV3Schema: - description: 'InMemoryChannel is a resource representing an in memory channel' - type: object - properties: - spec: - description: Spec defines the desired state of the Channel. - type: object - properties: - delivery: - description: DeliverySpec contains the default delivery spec for each subscription to this Channelable. Each subscription delivery spec, if any, overrides this global delivery spec. - type: object - properties: - backoffDelay: - description: 'BackoffDelay is the delay before retrying. More information on Duration format: - https://www.iso.org/iso-8601-date-and-time-format.html - https://en.wikipedia.org/wiki/ISO_8601 For linear policy, backoff delay is backoffDelay*. For exponential policy, backoff delay is backoffDelay*2^.' - type: string - backoffPolicy: - description: BackoffPolicy is the retry backoff policy (linear, exponential). - type: string - deadLetterSink: - description: DeadLetterSink is the sink receiving event that could not be sent to a destination. - type: object - properties: - ref: - description: Ref points to an Addressable. - type: object - properties: - apiVersion: - description: API version of the referent. - type: string - kind: - description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - namespace: - description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ This is optional field, it gets defaulted to the object holding it if left out.' - type: string - uri: - description: URI can be an absolute URL(non-empty scheme and non-empty host) pointing to the target or a relative URI. Relative URIs will be resolved using the base URI retrieved from Ref. - type: string - retry: - description: Retry is the minimum number of retries the sender should attempt when sending an event before moving it to the dead letter sink. - type: integer - format: int32 - x-kubernetes-preserve-unknown-fields: true # This is necessary to enable the experimental feature delivery-timeout - subscribers: - description: This is the list of subscriptions for this subscribable. - type: array - items: - type: object - properties: - delivery: - description: DeliverySpec contains options controlling the event delivery - type: object - properties: - backoffDelay: - description: 'BackoffDelay is the delay before retrying. More information on Duration format: - https://www.iso.org/iso-8601-date-and-time-format.html - https://en.wikipedia.org/wiki/ISO_8601 For linear policy, backoff delay is backoffDelay*. For exponential policy, backoff delay is backoffDelay*2^.' - type: string - backoffPolicy: - description: BackoffPolicy is the retry backoff policy (linear, exponential). - type: string - deadLetterSink: - description: DeadLetterSink is the sink receiving event that could not be sent to a destination. - type: object - properties: - ref: - description: Ref points to an Addressable. - type: object - properties: - apiVersion: - description: API version of the referent. - type: string - kind: - description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - namespace: - description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ This is optional field, it gets defaulted to the object holding it if left out.' - type: string - uri: - description: URI can be an absolute URL(non-empty scheme and non-empty host) pointing to the target or a relative URI. Relative URIs will be resolved using the base URI retrieved from Ref. - type: string - retry: - description: Retry is the minimum number of retries the sender should attempt when sending an event before moving it to the dead letter sink. - type: integer - format: int32 - x-kubernetes-preserve-unknown-fields: true # This is necessary to enable the experimental feature - generation: - description: Generation of the origin of the subscriber with uid:UID. - type: integer - format: int64 - replyUri: - description: ReplyURI is the endpoint for the reply - type: string - subscriberUri: - description: SubscriberURI is the endpoint for the subscriber - type: string - uid: - description: UID is used to understand the origin of the subscriber. - type: string - status: - description: Status represents the current state of the Channel. This data may be out of date. - type: object - properties: - address: - type: object - properties: - url: - type: string - annotations: - description: Annotations is additional Status fields for the Resource to save some additional State as well as convey more information to the user. This is roughly akin to Annotations on any k8s resource, just the reconciler conveying richer information outwards. - type: object - x-kubernetes-preserve-unknown-fields: true - conditions: - description: Conditions the latest available observations of a resource's current state. - type: array - items: - type: object - required: - - type - - status - properties: - lastTransitionTime: - description: LastTransitionTime is the last time the condition transitioned from one status to another. We use VolatileTime in place of metav1.Time to exclude this from creating equality.Semantic differences (all other things held constant). - type: string - message: - description: A human readable message indicating details about the transition. - type: string - reason: - description: The reason for the condition's last transition. - type: string - severity: - description: Severity with which to treat failures of this type of condition. When this is not specified, it defaults to Error. - type: string - status: - description: Status of the condition, one of True, False, Unknown. - type: string - type: - description: Type of condition. - type: string - deadLetterChannel: - description: DeadLetterChannel is a KReference and is set by the channel when it supports native error handling via a channel Failed messages are delivered here. - type: object - properties: - apiVersion: - description: API version of the referent. - type: string - kind: - description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - namespace: - description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ This is optional field, it gets defaulted to the object holding it if left out.' - type: string - deadLetterSinkUri: - description: DeadLetterSinkURI is the resolved URI of the dead letter ref if one is specified in the Spec.Delivery. - type: string - observedGeneration: - description: ObservedGeneration is the 'Generation' of the Service that was last processed by the controller. - type: integer - format: int64 - subscribers: - description: This is the list of subscription's statuses for this channel. - type: array - items: - type: object - properties: - message: - description: A human readable message indicating details of Ready status. - type: string - observedGeneration: - description: Generation of the origin of the subscriber with uid:UID. - type: integer - format: int64 - ready: - description: Status of the subscriber. - type: string - uid: - description: UID is used to understand the origin of the subscriber. - type: string - additionalPrinterColumns: - - name: URL - type: string - jsonPath: .status.address.url - - name: Age - type: date - jsonPath: .metadata.creationTimestamp - - name: Ready - type: string - jsonPath: ".status.conditions[?(@.type==\"Ready\")].status" - - name: Reason - type: string - jsonPath: ".status.conditions[?(@.type==\"Ready\")].reason" - names: - kind: InMemoryChannel - plural: inmemorychannels - singular: inmemorychannel - categories: - - all - - knative - - messaging - - channel - shortNames: - - imc - scope: Namespaced - ---- -# Copyright 2019 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRole -metadata: - name: imc-addressable-resolver - labels: - eventing.knative.dev/release: "v1.8.8" - duck.knative.dev/addressable: "true" - app.kubernetes.io/version: "1.8.8" - app.kubernetes.io/name: knative-eventing -# Do not use this role directly. These rules will be added to the "addressable-resolver" role. -rules: - - apiGroups: - - messaging.knative.dev - resources: - - inmemorychannels - - inmemorychannels/status - verbs: - - get - - list - - watch - ---- -# Copyright 2019 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRole -metadata: - name: imc-channelable-manipulator - labels: - eventing.knative.dev/release: "v1.8.8" - duck.knative.dev/channelable: "true" - app.kubernetes.io/version: "1.8.8" - app.kubernetes.io/name: knative-eventing -# Do not use this role directly. These rules will be added to the "channelable-manipulator" role. -rules: - - apiGroups: - - messaging.knative.dev - resources: - - inmemorychannels - - inmemorychannels/status - verbs: - - create - - get - - list - - watch - - update - - patch - - delete - ---- -# Copyright 2019 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRole -metadata: - name: imc-controller - labels: - eventing.knative.dev/release: "v1.8.8" - app.kubernetes.io/version: "1.8.8" - app.kubernetes.io/name: knative-eventing -rules: - - apiGroups: - - messaging.knative.dev - resources: - - inmemorychannels - - inmemorychannels/status - verbs: - - get - - list - - watch - - update - - apiGroups: - - messaging.knative.dev - resources: - - inmemorychannels/finalizers - verbs: - - update - - apiGroups: - - messaging.knative.dev - resources: - - inmemorychannels/finalizers - - inmemorychannels/status - - inmemorychannels - verbs: - - patch - - apiGroups: - - "" - resources: - - services - - serviceaccounts - verbs: &everything - - get - - list - - watch - - create - - update - - patch - - apiGroups: - - "" - resources: - - endpoints - verbs: - - get - - list - - watch - - apiGroups: - - "rbac.authorization.k8s.io" - resources: - - rolebindings - verbs: *everything - - apiGroups: - - apps - resources: - - deployments - verbs: *everything - - apiGroups: - - apps - resources: - - deployments/status - verbs: - - get - - list - - watch - - apiGroups: - - "" - resources: - - configmaps - verbs: - - get - - list - - watch - - apiGroups: - - "" - resources: - - events - verbs: - - create - - patch - - apiGroups: - - coordination.k8s.io - resources: - - leases - verbs: *everything - # For actually registering our webhook. - - apiGroups: - - "admissionregistration.k8s.io" - resources: - - "mutatingwebhookconfigurations" - - "validatingwebhookconfigurations" - verbs: &everything - - "get" - - "list" - - "create" - - "update" - - "delete" - - "patch" - - "watch" - # For manipulating certs into secrets. - - apiGroups: - - "" - resources: - - "namespaces" - verbs: - - "get" - - "create" - - "update" - - "list" - - "watch" - - "patch" - # finalizers are needed for the owner reference of the webhook - - apiGroups: - - "" - resources: - - "namespaces/finalizers" - verbs: - - "update" - ---- -# Copyright 2019 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRole -metadata: - name: imc-dispatcher - labels: - eventing.knative.dev/release: "v1.8.8" - app.kubernetes.io/version: "1.8.8" - app.kubernetes.io/name: knative-eventing -rules: - - apiGroups: - - messaging.knative.dev - resources: - - inmemorychannels - - inmemorychannels/status - verbs: - - get - - list - - watch - - apiGroups: - - "" # Core API group. - resources: - - configmaps - verbs: - - get - - list - - watch - - apiGroups: - - "" - resources: - - events - verbs: - - create - - patch - # Updates the finalizer so we can remove our handlers when channel is deleted - # Patches the status.subscribers to reflect when the subscription dataplane has been - # configured. - - apiGroups: - - messaging.knative.dev - resources: - - inmemorychannels/finalizers - - inmemorychannels/status - - inmemorychannels - verbs: - - patch - - apiGroups: - - coordination.k8s.io - resources: - - leases - verbs: - - get - - list - - watch - - create - - update - - patch - ---- -# Copyright 2020 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: rbac.authorization.k8s.io/v1 -kind: Role -metadata: - namespace: knative-eventing - name: knative-inmemorychannel-webhook - labels: - eventing.knative.dev/release: "v1.8.8" - app.kubernetes.io/version: "1.8.8" - app.kubernetes.io/name: knative-eventing -rules: - # For manipulating certs into secrets. - - apiGroups: - - "" - resources: - - "secrets" - verbs: - - "get" - - "create" - - "update" - - "list" - - "watch" - - "patch" - ---- -# Copyright 2021 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: admissionregistration.k8s.io/v1 -kind: MutatingWebhookConfiguration -metadata: - name: inmemorychannel.eventing.knative.dev - labels: - eventing.knative.dev/release: "v1.8.8" - app.kubernetes.io/version: "1.8.8" - app.kubernetes.io/name: knative-eventing -webhooks: - - admissionReviewVersions: ["v1"] - clientConfig: - service: - name: inmemorychannel-webhook - namespace: knative-eventing - sideEffects: None - failurePolicy: Fail - name: inmemorychannel.eventing.knative.dev - timeoutSeconds: 10 - ---- -# Copyright 2021 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: admissionregistration.k8s.io/v1 -kind: ValidatingWebhookConfiguration -metadata: - name: validation.inmemorychannel.eventing.knative.dev - labels: - eventing.knative.dev/release: "v1.8.8" - app.kubernetes.io/version: "1.8.8" - app.kubernetes.io/name: knative-eventing -webhooks: - - admissionReviewVersions: ["v1"] - clientConfig: - service: - name: inmemorychannel-webhook - namespace: knative-eventing - sideEffects: None - failurePolicy: Fail - name: validation.inmemorychannel.eventing.knative.dev - timeoutSeconds: 10 - ---- -# Copyright 2021 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: v1 -kind: Secret -metadata: - name: inmemorychannel-webhook-certs - namespace: knative-eventing - labels: - eventing.knative.dev/release: "v1.8.8" - app.kubernetes.io/version: "1.8.8" - app.kubernetes.io/name: knative-eventing -# The data is populated at install time. - ---- diff --git a/cmd/operator/kodata/knative-eventing/1.8.8/4-mt-channel-broker.yaml b/cmd/operator/kodata/knative-eventing/1.8.8/4-mt-channel-broker.yaml deleted file mode 100644 index 5850fec67c..0000000000 --- a/cmd/operator/kodata/knative-eventing/1.8.8/4-mt-channel-broker.yaml +++ /dev/null @@ -1,675 +0,0 @@ -# Copyright 2020 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRole -metadata: - name: knative-eventing-mt-channel-broker-controller - labels: - eventing.knative.dev/release: "v1.8.8" - app.kubernetes.io/version: "1.8.8" - app.kubernetes.io/name: knative-eventing -rules: - # Configs resources and status we care about. - - apiGroups: - - "" - resources: - - "namespaces/finalizers" - verbs: - - "update" - - apiGroups: - - coordination.k8s.io - resources: - - leases - verbs: - - "get" - - "list" - - "create" - - "update" - - "delete" - - "patch" - - "watch" - ---- -# Copyright 2020 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRole -metadata: - name: knative-eventing-mt-broker-filter - labels: - eventing.knative.dev/release: "v1.8.8" - app.kubernetes.io/version: "1.8.8" - app.kubernetes.io/name: knative-eventing -rules: - - apiGroups: - - eventing.knative.dev - resources: - - triggers - - triggers/status - verbs: - - get - - list - - watch - - apiGroups: - - "" - resources: - - "configmaps" - verbs: - - get - - list - - watch - ---- -# Copyright 2020 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -apiVersion: v1 -kind: ServiceAccount -metadata: - name: mt-broker-filter - namespace: knative-eventing - labels: - eventing.knative.dev/release: "v1.8.8" - app.kubernetes.io/version: "1.8.8" - app.kubernetes.io/name: knative-eventing - ---- -# Copyright 2020 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRole -metadata: - name: knative-eventing-mt-broker-ingress - labels: - eventing.knative.dev/release: "v1.8.8" - app.kubernetes.io/version: "1.8.8" - app.kubernetes.io/name: knative-eventing -rules: - - apiGroups: - - eventing.knative.dev - resources: - - brokers - verbs: - - get - - list - - watch - - apiGroups: - - "" - resources: - - "configmaps" - verbs: - - get - - list - - watch - ---- -# Copyright 2020 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -apiVersion: v1 -kind: ServiceAccount -metadata: - name: mt-broker-ingress - namespace: knative-eventing - labels: - eventing.knative.dev/release: "v1.8.8" - app.kubernetes.io/version: "1.8.8" - app.kubernetes.io/name: knative-eventing - ---- -# Copyright 2020 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRoleBinding -metadata: - name: eventing-mt-channel-broker-controller - labels: - eventing.knative.dev/release: "v1.8.8" - app.kubernetes.io/version: "1.8.8" - app.kubernetes.io/name: knative-eventing -subjects: - - kind: ServiceAccount - name: eventing-controller - namespace: knative-eventing -roleRef: - kind: ClusterRole - name: knative-eventing-mt-channel-broker-controller - apiGroup: rbac.authorization.k8s.io - ---- -# Copyright 2020 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRoleBinding -metadata: - name: knative-eventing-mt-broker-filter - labels: - eventing.knative.dev/release: "v1.8.8" - app.kubernetes.io/version: "1.8.8" - app.kubernetes.io/name: knative-eventing -subjects: - - kind: ServiceAccount - name: mt-broker-filter - namespace: knative-eventing -roleRef: - kind: ClusterRole - name: knative-eventing-mt-broker-filter - apiGroup: rbac.authorization.k8s.io - ---- -# Copyright 2020 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRoleBinding -metadata: - name: knative-eventing-mt-broker-ingress - labels: - eventing.knative.dev/release: "v1.8.8" - app.kubernetes.io/version: "1.8.8" - app.kubernetes.io/name: knative-eventing -subjects: - - kind: ServiceAccount - name: mt-broker-ingress - namespace: knative-eventing -roleRef: - kind: ClusterRole - name: knative-eventing-mt-broker-ingress - apiGroup: rbac.authorization.k8s.io - ---- -# Copyright 2020 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: apps/v1 -kind: Deployment -metadata: - name: mt-broker-filter - namespace: knative-eventing - labels: - eventing.knative.dev/release: "v1.8.8" - app.kubernetes.io/component: broker-filter - app.kubernetes.io/version: "1.8.8" - app.kubernetes.io/name: knative-eventing -spec: - selector: - matchLabels: - eventing.knative.dev/brokerRole: filter - template: - metadata: - labels: - eventing.knative.dev/brokerRole: filter - eventing.knative.dev/release: "v1.8.8" - app.kubernetes.io/component: broker-filter - app.kubernetes.io/version: "1.8.8" - app.kubernetes.io/name: knative-eventing - spec: - serviceAccountName: mt-broker-filter - enableServiceLinks: false - containers: - - name: filter - terminationMessagePolicy: FallbackToLogsOnError - image: gcr.io/knative-releases/knative.dev/eventing/cmd/broker/filter@sha256:222ad7c53377d012319a9defd7c7453ba767de168911cc95aadd1a27e95f9a7e - readinessProbe: &probe - failureThreshold: 3 - httpGet: - path: /healthz - port: 8080 - scheme: HTTP - periodSeconds: 2 - successThreshold: 1 - timeoutSeconds: 1 - livenessProbe: - !!merge <<: *probe - initialDelaySeconds: 5 - resources: - requests: - cpu: 100m - memory: 100Mi - ports: - - containerPort: 8080 - name: http - protocol: TCP - - containerPort: 9092 - name: metrics - protocol: TCP - terminationMessagePath: /dev/termination-log - env: - - name: SYSTEM_NAMESPACE - valueFrom: - fieldRef: - fieldPath: metadata.namespace - - name: NAMESPACE - valueFrom: - fieldRef: - apiVersion: v1 - fieldPath: metadata.namespace - - name: POD_NAME - valueFrom: - fieldRef: - apiVersion: v1 - fieldPath: metadata.name - - name: CONTAINER_NAME - value: filter - - name: CONFIG_LOGGING_NAME - value: config-logging - - name: CONFIG_OBSERVABILITY_NAME - value: config-observability - - name: METRICS_DOMAIN - value: knative.dev/internal/eventing - - name: FILTER_PORT - value: "8080" - securityContext: - allowPrivilegeEscalation: false - readOnlyRootFilesystem: true - runAsNonRoot: true - capabilities: - drop: - - ALL - seccompProfile: - type: RuntimeDefault ---- -apiVersion: v1 -kind: Service -metadata: - labels: - eventing.knative.dev/brokerRole: filter - eventing.knative.dev/release: "v1.8.8" - app.kubernetes.io/component: broker-filter - app.kubernetes.io/version: "1.8.8" - app.kubernetes.io/name: knative-eventing - name: broker-filter - namespace: knative-eventing -spec: - ports: - - name: http - port: 80 - protocol: TCP - targetPort: 8080 - - name: http-metrics - port: 9092 - protocol: TCP - targetPort: 9092 - selector: - eventing.knative.dev/brokerRole: filter - ---- -# Copyright 2020 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: apps/v1 -kind: Deployment -metadata: - name: mt-broker-ingress - namespace: knative-eventing - labels: - eventing.knative.dev/release: "v1.8.8" - app.kubernetes.io/component: broker-ingress - app.kubernetes.io/version: "1.8.8" - app.kubernetes.io/name: knative-eventing -spec: - selector: - matchLabels: - eventing.knative.dev/brokerRole: ingress - template: - metadata: - labels: - eventing.knative.dev/brokerRole: ingress - eventing.knative.dev/release: "v1.8.8" - app.kubernetes.io/component: broker-ingress - app.kubernetes.io/version: "1.8.8" - app.kubernetes.io/name: knative-eventing - spec: - serviceAccountName: mt-broker-ingress - enableServiceLinks: false - containers: - - name: ingress - terminationMessagePolicy: FallbackToLogsOnError - image: gcr.io/knative-releases/knative.dev/eventing/cmd/broker/ingress@sha256:f5bf5b09e3b5d2eab19c89f58e0c22dd11d96a7cf319d1ed91052be573b0ae23 - readinessProbe: &probe - failureThreshold: 3 - httpGet: - path: /healthz - port: 8080 - scheme: HTTP - periodSeconds: 2 - successThreshold: 1 - timeoutSeconds: 1 - livenessProbe: - !!merge <<: *probe - initialDelaySeconds: 5 - resources: - requests: - cpu: 100m - memory: 100Mi - ports: - - containerPort: 8080 - name: http - protocol: TCP - - containerPort: 9092 - name: metrics - protocol: TCP - terminationMessagePath: /dev/termination-log - env: - - name: SYSTEM_NAMESPACE - valueFrom: - fieldRef: - fieldPath: metadata.namespace - - name: NAMESPACE - valueFrom: - fieldRef: - apiVersion: v1 - fieldPath: metadata.namespace - - name: POD_NAME - valueFrom: - fieldRef: - apiVersion: v1 - fieldPath: metadata.name - - name: CONTAINER_NAME - value: ingress - - name: CONFIG_LOGGING_NAME - value: config-logging - - name: CONFIG_OBSERVABILITY_NAME - value: config-observability - - name: METRICS_DOMAIN - value: knative.dev/internal/eventing - - name: INGRESS_PORT - value: "8080" - securityContext: - allowPrivilegeEscalation: false - readOnlyRootFilesystem: true - runAsNonRoot: true - capabilities: - drop: - - ALL - seccompProfile: - type: RuntimeDefault ---- -apiVersion: v1 -kind: Service -metadata: - labels: - eventing.knative.dev/brokerRole: ingress - eventing.knative.dev/release: "v1.8.8" - app.kubernetes.io/component: broker-ingress - app.kubernetes.io/version: "1.8.8" - app.kubernetes.io/name: knative-eventing - name: broker-ingress - namespace: knative-eventing -spec: - ports: - - name: http - port: 80 - protocol: TCP - targetPort: 8080 - - name: http-metrics - port: 9092 - protocol: TCP - targetPort: 9092 - selector: - eventing.knative.dev/brokerRole: ingress - ---- -# Copyright 2020 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: apps/v1 -kind: Deployment -metadata: - name: mt-broker-controller - namespace: knative-eventing - labels: - eventing.knative.dev/release: "v1.8.8" - app.kubernetes.io/component: mt-broker-controller - app.kubernetes.io/version: "1.8.8" - app.kubernetes.io/name: knative-eventing -spec: - selector: - matchLabels: - app: mt-broker-controller - template: - metadata: - labels: - app: mt-broker-controller - eventing.knative.dev/release: "v1.8.8" - app.kubernetes.io/component: broker-controller - app.kubernetes.io/version: "1.8.8" - app.kubernetes.io/name: knative-eventing - spec: - # To avoid node becoming SPOF, spread our replicas to different nodes. - affinity: - podAntiAffinity: - preferredDuringSchedulingIgnoredDuringExecution: - - podAffinityTerm: - labelSelector: - matchLabels: - app: mt-broker-controller - topologyKey: kubernetes.io/hostname - weight: 100 - serviceAccountName: eventing-controller - enableServiceLinks: false - containers: - - name: mt-broker-controller - terminationMessagePolicy: FallbackToLogsOnError - image: gcr.io/knative-releases/knative.dev/eventing/cmd/mtchannel_broker@sha256:52d38f4f7b1600def12803e1ddbc788c25ea9c3d0c242e288a33ac8d94292f92 - resources: - requests: - cpu: 100m - memory: 100Mi - env: - - name: SYSTEM_NAMESPACE - valueFrom: - fieldRef: - fieldPath: metadata.namespace - - name: CONFIG_LOGGING_NAME - value: config-logging - - name: CONFIG_OBSERVABILITY_NAME - value: config-observability - - name: METRICS_DOMAIN - value: knative.dev/eventing - - name: POD_NAME - valueFrom: - fieldRef: - fieldPath: metadata.name - securityContext: - allowPrivilegeEscalation: false - readOnlyRootFilesystem: true - runAsNonRoot: true - capabilities: - drop: - - ALL - seccompProfile: - type: RuntimeDefault - ports: - - name: metrics - containerPort: 9090 - - name: profiling - containerPort: 8008 - ---- -# Copyright 2020 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: autoscaling/v2 -kind: HorizontalPodAutoscaler -metadata: - name: broker-ingress-hpa - namespace: knative-eventing - labels: - eventing.knative.dev/release: "v1.8.8" - app.kubernetes.io/component: broker-ingress - app.kubernetes.io/version: "1.8.8" - app.kubernetes.io/name: knative-eventing -spec: - scaleTargetRef: - apiVersion: apps/v1 - kind: Deployment - name: mt-broker-ingress - minReplicas: 1 - maxReplicas: 10 - metrics: - - type: Resource - resource: - name: cpu - target: - type: Utilization - averageUtilization: 70 ---- -apiVersion: autoscaling/v2 -kind: HorizontalPodAutoscaler -metadata: - name: broker-filter-hpa - namespace: knative-eventing - labels: - eventing.knative.dev/release: "v1.8.8" - app.kubernetes.io/component: broker-filter - app.kubernetes.io/version: "1.8.8" - app.kubernetes.io/name: knative-eventing -spec: - scaleTargetRef: - apiVersion: apps/v1 - kind: Deployment - name: mt-broker-filter - minReplicas: 1 - maxReplicas: 10 - metrics: - - type: Resource - resource: - name: cpu - target: - type: Utilization - averageUtilization: 70 - ---- diff --git a/cmd/operator/kodata/knative-eventing/1.8.8/5-eventing-post-install.yaml b/cmd/operator/kodata/knative-eventing/1.8.8/5-eventing-post-install.yaml deleted file mode 100644 index 7fb25f0490..0000000000 --- a/cmd/operator/kodata/knative-eventing/1.8.8/5-eventing-post-install.yaml +++ /dev/null @@ -1,231 +0,0 @@ -# Copyright 2020 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRole -metadata: - name: knative-eventing-post-install-job-role - labels: - app.kubernetes.io/version: "1.8.8" - app.kubernetes.io/name: knative-eventing - eventing.knative.dev/release: "v1.8.8" -rules: - # Storage version upgrader needs to be able to patch CRDs. - - apiGroups: - - "apiextensions.k8s.io" - resources: - - "customresourcedefinitions" - - "customresourcedefinitions/status" - verbs: - - "get" - - "list" - - "update" - - "patch" - - "watch" - # Our own resources we care about. - - apiGroups: - - "sources.knative.dev" - resources: - - "apiserversources" - - "apiserversources/finalizers" - - "apiserversources/status" - - "containersources" - - "containersources/finalizers" - - "containersources/status" - - "pingsources" - - "pingsources/finalizers" - - "pingsources/status" - - "sinkbindings" - - "sinkbindings/finalizers" - - "sinkbindings/status" - verbs: - - "get" - - "list" - - "create" - - "update" - - "patch" - - "watch" - - apiGroups: - - "eventing.knative.dev" - resources: - - "brokers" - - "brokers/finalizers" - - "brokers/status" - - "eventtypes" - - "eventtypes/finalizers" - - "eventtypes/status" - - "triggers" - - "triggers/finalizers" - - "triggers/status" - verbs: - - "get" - - "list" - - "create" - - "update" - - "patch" - - "watch" - - apiGroups: - - "messaging.knative.dev" - resources: - - "channels" - - "channels/finalizers" - - "channels/status" - - "inmemorychannels" - - "inmemorychannels/finalizers" - - "inmemorychannels/status" - - "subscriptions" - - "subscriptions/finalizers" - - "subscriptions/status" - verbs: - - "get" - - "list" - - "create" - - "update" - - "patch" - - "watch" - - apiGroups: - - "flows.knative.dev" - resources: - - "parallels" - - "parallels/finalizers" - - "parallels/status" - - "sequences" - - "sequences/finalizers" - - "sequences/status" - verbs: - - "get" - - "list" - - "create" - - "update" - - "patch" - - "watch" - - apiGroups: - - "" - resources: - - "namespaces" - verbs: - - "get" - - "list" - ---- -# Copyright 2020 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: v1 -kind: ServiceAccount -metadata: - name: knative-eventing-post-install-job - namespace: knative-eventing - labels: - eventing.knative.dev/release: "v1.8.8" - app.kubernetes.io/version: "1.8.8" - app.kubernetes.io/name: knative-eventing ---- -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRoleBinding -metadata: - name: knative-eventing-post-install-job-role-binding - labels: - eventing.knative.dev/release: "v1.8.8" - app.kubernetes.io/version: "1.8.8" - app.kubernetes.io/name: knative-eventing -subjects: - - kind: ServiceAccount - name: knative-eventing-post-install-job - namespace: knative-eventing -roleRef: - kind: ClusterRole - name: knative-eventing-post-install-job-role - apiGroup: rbac.authorization.k8s.io - ---- -# Copyright 2020 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: batch/v1 -kind: Job -metadata: - generateName: storage-version-migration-eventing- - namespace: knative-eventing - labels: - app: "storage-version-migration-eventing" - app.kubernetes.io/name: knative-eventing - app.kubernetes.io/component: storage-version-migration-job - app.kubernetes.io/version: "1.8.8" - eventing.knative.dev/release: "v1.8.8" -spec: - ttlSecondsAfterFinished: 600 - backoffLimit: 10 - template: - metadata: - labels: - app: "storage-version-migration-eventing" - app.kubernetes.io/name: knative-eventing - app.kubernetes.io/component: storage-version-migration-job - app.kubernetes.io/version: "1.8.8" - eventing.knative.dev/release: "v1.8.8" - annotations: - sidecar.istio.io/inject: "false" - spec: - serviceAccountName: knative-eventing-post-install-job - restartPolicy: OnFailure - containers: - - name: migrate - image: gcr.io/knative-releases/knative.dev/pkg/apiextensions/storageversion/cmd/migrate@sha256:aba43d4bd2aeb16f1ddaf152eac17859b9d3021d6b84ed72b5a4101f4ec7831d - args: - - "apiserversources.sources.knative.dev" - - "brokers.eventing.knative.dev" - - "channels.messaging.knative.dev" - - "containersources.sources.knative.dev" - - "eventtypes.eventing.knative.dev" - - "inmemorychannels.messaging.knative.dev" - - "parallels.flows.knative.dev" - - "pingsources.sources.knative.dev" - - "sequences.flows.knative.dev" - - "sinkbindings.sources.knative.dev" - - "subscriptions.messaging.knative.dev" - - "triggers.eventing.knative.dev" - securityContext: - allowPrivilegeEscalation: false - readOnlyRootFilesystem: true - runAsNonRoot: true - capabilities: - drop: - - ALL - seccompProfile: - type: RuntimeDefault - ---- diff --git a/cmd/operator/kodata/knative-serving/1.8.2/1-serving-crds.yaml b/cmd/operator/kodata/knative-serving/1.12.0/1-serving-crds.yaml similarity index 90% rename from cmd/operator/kodata/knative-serving/1.8.2/1-serving-crds.yaml rename to cmd/operator/kodata/knative-serving/1.12.0/1-serving-crds.yaml index 32dfdf3628..e000ace933 100644 --- a/cmd/operator/kodata/knative-serving/1.8.2/1-serving-crds.yaml +++ b/cmd/operator/kodata/knative-serving/1.12.0/1-serving-crds.yaml @@ -19,7 +19,7 @@ metadata: labels: app.kubernetes.io/name: knative-serving app.kubernetes.io/component: networking - app.kubernetes.io/version: "1.8.2" + app.kubernetes.io/version: "1.12.0" knative.dev/crd-install: "true" spec: group: networking.internal.knative.dev @@ -54,6 +54,9 @@ spec: type: array items: type: string + domain: + description: Domain is the top level domain of the values for DNSNames. + type: string secretName: description: SecretName is the name of the secret resource to store the SSL certificate in. type: string @@ -165,7 +168,7 @@ metadata: name: configurations.serving.knative.dev labels: app.kubernetes.io/name: knative-serving - app.kubernetes.io/version: "1.8.2" + app.kubernetes.io/version: "1.12.0" knative.dev/crd-install: "true" duck.knative.dev/podspecable: "true" spec: @@ -392,6 +395,19 @@ spec: description: Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1. type: integer format: int32 + grpc: + description: GRPC specifies an action involving a GRPC port. + type: object + required: + - port + properties: + port: + description: Port number of the gRPC service. Number must be in the range 1 to 65535. + type: integer + format: int32 + service: + description: "Service is the name of the service to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). \n If this is not specified, the default behavior is defined by gRPC." + type: string httpGet: description: HTTPGet specifies the http request to perform. type: object @@ -410,7 +426,7 @@ spec: - value properties: name: - description: The header field name + description: The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header. type: string value: description: The header field value @@ -500,6 +516,19 @@ spec: description: Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1. type: integer format: int32 + grpc: + description: GRPC specifies an action involving a GRPC port. + type: object + required: + - port + properties: + port: + description: Port number of the gRPC service. Number must be in the range 1 to 65535. + type: integer + format: int32 + service: + description: "Service is the name of the service to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). \n If this is not specified, the default behavior is defined by gRPC." + type: string httpGet: description: HTTPGet specifies the http request to perform. type: object @@ -518,7 +547,7 @@ spec: - value properties: name: - description: The header field name + description: The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header. type: string value: description: The header field value @@ -568,6 +597,21 @@ spec: description: 'Compute Resources required by this container. Cannot be updated. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' type: object properties: + claims: + description: "Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. \n This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. \n This field is immutable. It can only be set for containers." + type: array + items: + description: ResourceClaim references one entry in PodSpec.ResourceClaims. + type: object + required: + - name + properties: + name: + description: Name must match the name of one entry in pod.spec.resourceClaims of the Pod where this field is used. It makes that resource available inside a container. + type: string + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map limits: description: 'Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' type: object @@ -578,7 +622,7 @@ spec: - type: string x-kubernetes-int-or-string: true requests: - description: 'Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' + description: 'Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. Requests cannot exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' type: object additionalProperties: pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ @@ -623,6 +667,18 @@ spec: description: The UID to run the entrypoint of the container process. Defaults to user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is windows. type: integer format: int64 + seccompProfile: + description: The seccomp options to use by this container. If seccomp options are provided at both the pod & container level, the container options override the pod options. Note that this field cannot be set when spec.os.name is windows. + type: object + required: + - type + properties: + localhostProfile: + description: localhostProfile indicates a profile defined in a file on the node should be used. The profile must be preconfigured on the node to work. Must be a descending path, relative to the kubelet's configured seccomp profile location. Must only be set if type is "Localhost". + type: string + type: + description: "type indicates which kind of seccomp profile will be applied. Valid options are: \n Localhost - a profile defined in a file on the node should be used. RuntimeDefault - the container runtime default profile should be used. Unconfined - no profile should be applied." + type: string terminationMessagePath: description: 'Optional: Path at which the file to which the container''s termination message will be written is mounted into the container''s filesystem. Message written is intended to be brief final status, such as an assertion failure message. Will be truncated by the node if greater than 4096 bytes. The total message length across all containers will be limited to 12kb. Defaults to /dev/termination-log. Cannot be updated.' type: string @@ -721,6 +777,10 @@ spec: serviceAccountName: description: 'ServiceAccountName is the name of the ServiceAccount to use to run this pod. More info: https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/' type: string + shareProcessNamespace: + description: This is accessible behind a feature flag - kubernetes.podspec-shareproccessnamespace + type: boolean + x-kubernetes-preserve-unknown-fields: true timeoutSeconds: description: TimeoutSeconds is the maximum duration in seconds that the request instance is allowed to respond to a request. If unspecified, a system default will be provided. type: integer @@ -840,6 +900,59 @@ spec: description: optional specify whether the ConfigMap or its keys must be defined type: boolean x-kubernetes-map-type: atomic + downwardAPI: + description: downwardAPI information about the downwardAPI data to project + type: object + properties: + items: + description: Items is a list of DownwardAPIVolume file + type: array + items: + description: DownwardAPIVolumeFile represents information to create the file containing the pod field + type: object + required: + - path + properties: + fieldRef: + description: 'Required: Selects a field of the pod: only annotations, labels, name and namespace are supported.' + type: object + required: + - fieldPath + properties: + apiVersion: + description: Version of the schema the FieldPath is written in terms of, defaults to "v1". + type: string + fieldPath: + description: Path of the field to select in the specified API version. + type: string + x-kubernetes-map-type: atomic + mode: + description: 'Optional: mode bits used to set permissions on this file, must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.' + type: integer + format: int32 + path: + description: 'Required: Path is the relative path name of the file to be created. Must not be absolute or contain the ''..'' path. Must be utf-8 encoded. The first item of the relative path must not start with ''..''' + type: string + resourceFieldRef: + description: 'Selects a resource of the container: only resources limits and requests (limits.cpu, limits.memory, requests.cpu and requests.memory) are currently supported.' + type: object + required: + - resource + properties: + containerName: + description: 'Container name: required for volumes, optional for env vars' + type: string + divisor: + description: Specifies the output format of the exposed resources, defaults to "1" + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + resource: + description: 'Required: resource to select' + type: string + x-kubernetes-map-type: atomic secret: description: secret information about the secret data to project type: object @@ -991,7 +1104,7 @@ metadata: labels: app.kubernetes.io/name: knative-serving app.kubernetes.io/component: networking - app.kubernetes.io/version: "1.8.2" + app.kubernetes.io/version: "1.12.0" knative.dev/crd-install: "true" spec: group: networking.internal.knative.dev @@ -1055,14 +1168,14 @@ metadata: name: domainmappings.serving.knative.dev labels: app.kubernetes.io/name: knative-serving - app.kubernetes.io/version: "1.8.2" + app.kubernetes.io/version: "1.12.0" knative.dev/crd-install: "true" spec: group: serving.knative.dev versions: - name: v1beta1 served: true - storage: false + storage: true subresources: status: {} additionalPrinterColumns: @@ -1101,6 +1214,9 @@ spec: - kind - name properties: + address: + description: Address points to a specific Address Name. + type: string apiVersion: description: API version of the referent. type: string @@ -1133,111 +1249,15 @@ spec: description: Address holds the information needed for a DomainMapping to be the target of an event. type: object properties: - url: + CACerts: + description: CACerts is the Certification Authority (CA) certificates in PEM format according to https://www.rfc-editor.org/rfc/rfc7468. type: string - annotations: - description: Annotations is additional Status fields for the Resource to save some additional State as well as convey more information to the user. This is roughly akin to Annotations on any k8s resource, just the reconciler conveying richer information outwards. - type: object - additionalProperties: - type: string - conditions: - description: Conditions the latest available observations of a resource's current state. - type: array - items: - description: 'Condition defines a readiness condition for a Knative resource. See: https://github.com/kubernetes/community/blob/master/contributors/devel/sig-architecture/api-conventions.md#typical-status-properties' - type: object - required: - - status - - type - properties: - lastTransitionTime: - description: LastTransitionTime is the last time the condition transitioned from one status to another. We use VolatileTime in place of metav1.Time to exclude this from creating equality.Semantic differences (all other things held constant). - type: string - message: - description: A human readable message indicating details about the transition. - type: string - reason: - description: The reason for the condition's last transition. - type: string - severity: - description: Severity with which to treat failures of this type of condition. When this is not specified, it defaults to Error. - type: string - status: - description: Status of the condition, one of True, False, Unknown. - type: string - type: - description: Type of condition. - type: string - observedGeneration: - description: ObservedGeneration is the 'Generation' of the Service that was last processed by the controller. - type: integer - format: int64 - url: - description: URL is the URL of this DomainMapping. - type: string - - name: v1alpha1 - served: true - storage: true - subresources: - status: {} - schema: - openAPIV3Schema: - description: DomainMapping is a mapping from a custom hostname to an Addressable. - type: object - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - description: 'Spec is the desired state of the DomainMapping. More info: https://github.com/kubernetes/community/blob/master/contributors/devel/sig-architecture/api-conventions.md#spec-and-status' - type: object - required: - - ref - properties: - ref: - description: "Ref specifies the target of the Domain Mapping. \n The object identified by the Ref must be an Addressable with a URL of the form `{name}.{namespace}.{domain}` where `{domain}` is the cluster domain, and `{name}` and `{namespace}` are the name and namespace of a Kubernetes Service. \n This contract is satisfied by Knative types such as Knative Services and Knative Routes, and by Kubernetes Services." - type: object - required: - - kind - - name - properties: - apiVersion: - description: API version of the referent. - type: string - group: - description: 'Group of the API, without the version of the group. This can be used as an alternative to the APIVersion, and then resolved using ResolveGroup. Note: This API is EXPERIMENTAL and might break anytime. For more details: https://github.com/knative/eventing/issues/5086' - type: string - kind: - description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + audience: + description: Audience is the OIDC audience for this address. type: string name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + description: Name is the name of the address. type: string - namespace: - description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ This is optional field, it gets defaulted to the object holding it if left out.' - type: string - tls: - description: TLS allows the DomainMapping to terminate TLS traffic with an existing secret. - type: object - required: - - secretName - properties: - secretName: - description: SecretName is the name of the existing secret used to terminate TLS traffic. - type: string - status: - description: 'Status is the current state of the DomainMapping. More info: https://github.com/kubernetes/community/blob/master/contributors/devel/sig-architecture/api-conventions.md#spec-and-status' - type: object - properties: - address: - description: Address holds the information needed for a DomainMapping to be the target of an event. - type: object - properties: url: type: string annotations: @@ -1324,7 +1344,7 @@ metadata: labels: app.kubernetes.io/name: knative-serving app.kubernetes.io/component: networking - app.kubernetes.io/version: "1.8.2" + app.kubernetes.io/version: "1.12.0" knative.dev/crd-install: "true" spec: group: networking.internal.knative.dev @@ -1584,7 +1604,7 @@ metadata: name: metrics.autoscaling.internal.knative.dev labels: app.kubernetes.io/name: knative-serving - app.kubernetes.io/version: "1.8.2" + app.kubernetes.io/version: "1.12.0" knative.dev/crd-install: "true" spec: group: autoscaling.internal.knative.dev @@ -1706,7 +1726,7 @@ metadata: name: podautoscalers.autoscaling.internal.knative.dev labels: app.kubernetes.io/name: knative-serving - app.kubernetes.io/version: "1.8.2" + app.kubernetes.io/version: "1.12.0" knative.dev/crd-install: "true" spec: group: autoscaling.internal.knative.dev @@ -1866,7 +1886,7 @@ metadata: name: revisions.serving.knative.dev labels: app.kubernetes.io/name: knative-serving - app.kubernetes.io/version: "1.8.2" + app.kubernetes.io/version: "1.12.0" knative.dev/crd-install: "true" spec: group: serving.knative.dev @@ -2072,6 +2092,19 @@ spec: description: Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1. type: integer format: int32 + grpc: + description: GRPC specifies an action involving a GRPC port. + type: object + required: + - port + properties: + port: + description: Port number of the gRPC service. Number must be in the range 1 to 65535. + type: integer + format: int32 + service: + description: "Service is the name of the service to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). \n If this is not specified, the default behavior is defined by gRPC." + type: string httpGet: description: HTTPGet specifies the http request to perform. type: object @@ -2090,7 +2123,7 @@ spec: - value properties: name: - description: The header field name + description: The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header. type: string value: description: The header field value @@ -2180,6 +2213,19 @@ spec: description: Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1. type: integer format: int32 + grpc: + description: GRPC specifies an action involving a GRPC port. + type: object + required: + - port + properties: + port: + description: Port number of the gRPC service. Number must be in the range 1 to 65535. + type: integer + format: int32 + service: + description: "Service is the name of the service to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). \n If this is not specified, the default behavior is defined by gRPC." + type: string httpGet: description: HTTPGet specifies the http request to perform. type: object @@ -2198,7 +2244,7 @@ spec: - value properties: name: - description: The header field name + description: The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header. type: string value: description: The header field value @@ -2248,6 +2294,21 @@ spec: description: 'Compute Resources required by this container. Cannot be updated. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' type: object properties: + claims: + description: "Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. \n This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. \n This field is immutable. It can only be set for containers." + type: array + items: + description: ResourceClaim references one entry in PodSpec.ResourceClaims. + type: object + required: + - name + properties: + name: + description: Name must match the name of one entry in pod.spec.resourceClaims of the Pod where this field is used. It makes that resource available inside a container. + type: string + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map limits: description: 'Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' type: object @@ -2258,7 +2319,7 @@ spec: - type: string x-kubernetes-int-or-string: true requests: - description: 'Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' + description: 'Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. Requests cannot exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' type: object additionalProperties: pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ @@ -2303,6 +2364,18 @@ spec: description: The UID to run the entrypoint of the container process. Defaults to user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is windows. type: integer format: int64 + seccompProfile: + description: The seccomp options to use by this container. If seccomp options are provided at both the pod & container level, the container options override the pod options. Note that this field cannot be set when spec.os.name is windows. + type: object + required: + - type + properties: + localhostProfile: + description: localhostProfile indicates a profile defined in a file on the node should be used. The profile must be preconfigured on the node to work. Must be a descending path, relative to the kubelet's configured seccomp profile location. Must only be set if type is "Localhost". + type: string + type: + description: "type indicates which kind of seccomp profile will be applied. Valid options are: \n Localhost - a profile defined in a file on the node should be used. RuntimeDefault - the container runtime default profile should be used. Unconfined - no profile should be applied." + type: string terminationMessagePath: description: 'Optional: Path at which the file to which the container''s termination message will be written is mounted into the container''s filesystem. Message written is intended to be brief final status, such as an assertion failure message. Will be truncated by the node if greater than 4096 bytes. The total message length across all containers will be limited to 12kb. Defaults to /dev/termination-log. Cannot be updated.' type: string @@ -2401,6 +2474,10 @@ spec: serviceAccountName: description: 'ServiceAccountName is the name of the ServiceAccount to use to run this pod. More info: https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/' type: string + shareProcessNamespace: + description: This is accessible behind a feature flag - kubernetes.podspec-shareproccessnamespace + type: boolean + x-kubernetes-preserve-unknown-fields: true timeoutSeconds: description: TimeoutSeconds is the maximum duration in seconds that the request instance is allowed to respond to a request. If unspecified, a system default will be provided. type: integer @@ -2520,6 +2597,59 @@ spec: description: optional specify whether the ConfigMap or its keys must be defined type: boolean x-kubernetes-map-type: atomic + downwardAPI: + description: downwardAPI information about the downwardAPI data to project + type: object + properties: + items: + description: Items is a list of DownwardAPIVolume file + type: array + items: + description: DownwardAPIVolumeFile represents information to create the file containing the pod field + type: object + required: + - path + properties: + fieldRef: + description: 'Required: Selects a field of the pod: only annotations, labels, name and namespace are supported.' + type: object + required: + - fieldPath + properties: + apiVersion: + description: Version of the schema the FieldPath is written in terms of, defaults to "v1". + type: string + fieldPath: + description: Path of the field to select in the specified API version. + type: string + x-kubernetes-map-type: atomic + mode: + description: 'Optional: mode bits used to set permissions on this file, must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.' + type: integer + format: int32 + path: + description: 'Required: Path is the relative path name of the file to be created. Must not be absolute or contain the ''..'' path. Must be utf-8 encoded. The first item of the relative path must not start with ''..''' + type: string + resourceFieldRef: + description: 'Selects a resource of the container: only resources limits and requests (limits.cpu, limits.memory, requests.cpu and requests.memory) are currently supported.' + type: object + required: + - resource + properties: + containerName: + description: 'Container name: required for volumes, optional for env vars' + type: string + divisor: + description: Specifies the output format of the exposed resources, defaults to "1" + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + resource: + description: 'Required: resource to select' + type: string + x-kubernetes-map-type: atomic secret: description: secret information about the secret data to project type: object @@ -2699,7 +2829,7 @@ metadata: name: routes.serving.knative.dev labels: app.kubernetes.io/name: knative-serving - app.kubernetes.io/version: "1.8.2" + app.kubernetes.io/version: "1.12.0" knative.dev/crd-install: "true" duck.knative.dev/addressable: "true" spec: @@ -2782,6 +2912,15 @@ spec: description: Address holds the information needed for a Route to be the target of an event. type: object properties: + CACerts: + description: CACerts is the Certification Authority (CA) certificates in PEM format according to https://www.rfc-editor.org/rfc/rfc7468. + type: string + audience: + description: Audience is the OIDC audience for this address. + type: string + name: + description: Name is the name of the address. + type: string url: type: string annotations: @@ -2873,7 +3012,7 @@ metadata: labels: app.kubernetes.io/name: knative-serving app.kubernetes.io/component: networking - app.kubernetes.io/version: "1.8.2" + app.kubernetes.io/version: "1.12.0" knative.dev/crd-install: "true" spec: group: networking.internal.knative.dev @@ -3039,7 +3178,7 @@ metadata: name: services.serving.knative.dev labels: app.kubernetes.io/name: knative-serving - app.kubernetes.io/version: "1.8.2" + app.kubernetes.io/version: "1.12.0" knative.dev/crd-install: "true" duck.knative.dev/addressable: "true" duck.knative.dev/podspecable: "true" @@ -3270,6 +3409,19 @@ spec: description: Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1. type: integer format: int32 + grpc: + description: GRPC specifies an action involving a GRPC port. + type: object + required: + - port + properties: + port: + description: Port number of the gRPC service. Number must be in the range 1 to 65535. + type: integer + format: int32 + service: + description: "Service is the name of the service to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). \n If this is not specified, the default behavior is defined by gRPC." + type: string httpGet: description: HTTPGet specifies the http request to perform. type: object @@ -3288,7 +3440,7 @@ spec: - value properties: name: - description: The header field name + description: The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header. type: string value: description: The header field value @@ -3378,6 +3530,19 @@ spec: description: Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1. type: integer format: int32 + grpc: + description: GRPC specifies an action involving a GRPC port. + type: object + required: + - port + properties: + port: + description: Port number of the gRPC service. Number must be in the range 1 to 65535. + type: integer + format: int32 + service: + description: "Service is the name of the service to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). \n If this is not specified, the default behavior is defined by gRPC." + type: string httpGet: description: HTTPGet specifies the http request to perform. type: object @@ -3396,7 +3561,7 @@ spec: - value properties: name: - description: The header field name + description: The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header. type: string value: description: The header field value @@ -3446,6 +3611,21 @@ spec: description: 'Compute Resources required by this container. Cannot be updated. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' type: object properties: + claims: + description: "Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. \n This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. \n This field is immutable. It can only be set for containers." + type: array + items: + description: ResourceClaim references one entry in PodSpec.ResourceClaims. + type: object + required: + - name + properties: + name: + description: Name must match the name of one entry in pod.spec.resourceClaims of the Pod where this field is used. It makes that resource available inside a container. + type: string + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map limits: description: 'Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' type: object @@ -3456,7 +3636,7 @@ spec: - type: string x-kubernetes-int-or-string: true requests: - description: 'Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' + description: 'Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. Requests cannot exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' type: object additionalProperties: pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ @@ -3501,6 +3681,18 @@ spec: description: The UID to run the entrypoint of the container process. Defaults to user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is windows. type: integer format: int64 + seccompProfile: + description: The seccomp options to use by this container. If seccomp options are provided at both the pod & container level, the container options override the pod options. Note that this field cannot be set when spec.os.name is windows. + type: object + required: + - type + properties: + localhostProfile: + description: localhostProfile indicates a profile defined in a file on the node should be used. The profile must be preconfigured on the node to work. Must be a descending path, relative to the kubelet's configured seccomp profile location. Must only be set if type is "Localhost". + type: string + type: + description: "type indicates which kind of seccomp profile will be applied. Valid options are: \n Localhost - a profile defined in a file on the node should be used. RuntimeDefault - the container runtime default profile should be used. Unconfined - no profile should be applied." + type: string terminationMessagePath: description: 'Optional: Path at which the file to which the container''s termination message will be written is mounted into the container''s filesystem. Message written is intended to be brief final status, such as an assertion failure message. Will be truncated by the node if greater than 4096 bytes. The total message length across all containers will be limited to 12kb. Defaults to /dev/termination-log. Cannot be updated.' type: string @@ -3599,6 +3791,10 @@ spec: serviceAccountName: description: 'ServiceAccountName is the name of the ServiceAccount to use to run this pod. More info: https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/' type: string + shareProcessNamespace: + description: This is accessible behind a feature flag - kubernetes.podspec-shareproccessnamespace + type: boolean + x-kubernetes-preserve-unknown-fields: true timeoutSeconds: description: TimeoutSeconds is the maximum duration in seconds that the request instance is allowed to respond to a request. If unspecified, a system default will be provided. type: integer @@ -3718,6 +3914,59 @@ spec: description: optional specify whether the ConfigMap or its keys must be defined type: boolean x-kubernetes-map-type: atomic + downwardAPI: + description: downwardAPI information about the downwardAPI data to project + type: object + properties: + items: + description: Items is a list of DownwardAPIVolume file + type: array + items: + description: DownwardAPIVolumeFile represents information to create the file containing the pod field + type: object + required: + - path + properties: + fieldRef: + description: 'Required: Selects a field of the pod: only annotations, labels, name and namespace are supported.' + type: object + required: + - fieldPath + properties: + apiVersion: + description: Version of the schema the FieldPath is written in terms of, defaults to "v1". + type: string + fieldPath: + description: Path of the field to select in the specified API version. + type: string + x-kubernetes-map-type: atomic + mode: + description: 'Optional: mode bits used to set permissions on this file, must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.' + type: integer + format: int32 + path: + description: 'Required: Path is the relative path name of the file to be created. Must not be absolute or contain the ''..'' path. Must be utf-8 encoded. The first item of the relative path must not start with ''..''' + type: string + resourceFieldRef: + description: 'Selects a resource of the container: only resources limits and requests (limits.cpu, limits.memory, requests.cpu and requests.memory) are currently supported.' + type: object + required: + - resource + properties: + containerName: + description: 'Container name: required for volumes, optional for env vars' + type: string + divisor: + description: Specifies the output format of the exposed resources, defaults to "1" + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + resource: + description: 'Required: resource to select' + type: string + x-kubernetes-map-type: atomic secret: description: secret information about the secret data to project type: object @@ -3833,6 +4082,15 @@ spec: description: Address holds the information needed for a Route to be the target of an event. type: object properties: + CACerts: + description: CACerts is the Certification Authority (CA) certificates in PEM format according to https://www.rfc-editor.org/rfc/rfc7468. + type: string + audience: + description: Audience is the OIDC audience for this address. + type: string + name: + description: Name is the name of the address. + type: string url: type: string annotations: @@ -3929,7 +4187,7 @@ metadata: name: images.caching.internal.knative.dev labels: app.kubernetes.io/name: knative-serving - app.kubernetes.io/version: "1.8.2" + app.kubernetes.io/version: "1.12.0" knative.dev/crd-install: "true" spec: group: caching.internal.knative.dev diff --git a/cmd/operator/kodata/knative-serving/1.8.6/2-serving-core.yaml b/cmd/operator/kodata/knative-serving/1.12.0/2-serving-core.yaml similarity index 90% rename from cmd/operator/kodata/knative-serving/1.8.6/2-serving-core.yaml rename to cmd/operator/kodata/knative-serving/1.12.0/2-serving-core.yaml index fdbee46a11..b6c786e3cf 100644 --- a/cmd/operator/kodata/knative-serving/1.8.6/2-serving-core.yaml +++ b/cmd/operator/kodata/knative-serving/1.12.0/2-serving-core.yaml @@ -18,7 +18,56 @@ metadata: name: knative-serving labels: app.kubernetes.io/name: knative-serving - app.kubernetes.io/version: "1.8.6" + app.kubernetes.io/version: "1.12.0" + +--- +# Copyright 2023 The Knative Authors +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# https://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +kind: Role +apiVersion: rbac.authorization.k8s.io/v1 +metadata: + name: knative-serving-activator + namespace: knative-serving + labels: + serving.knative.dev/controller: "true" + app.kubernetes.io/version: "1.12.0" + app.kubernetes.io/name: knative-serving +rules: + - apiGroups: [""] + resources: ["configmaps", "secrets"] + verbs: ["get", "list", "watch"] + - apiGroups: [""] + resources: ["secrets"] + verbs: ["get", "list", "watch"] + resourceNames: ["routing-serving-certs", "knative-serving-certs"] +--- +kind: ClusterRole +apiVersion: rbac.authorization.k8s.io/v1 +metadata: + name: knative-serving-activator-cluster + labels: + serving.knative.dev/controller: "true" + app.kubernetes.io/version: "1.12.0" + app.kubernetes.io/name: knative-serving +rules: + - apiGroups: [""] + resources: ["services", "endpoints"] + verbs: ["get", "list", "watch"] + - apiGroups: ["serving.knative.dev"] + resources: ["revisions"] + verbs: ["get", "list", "watch"] --- # Copyright 2019 The Knative Authors @@ -43,7 +92,7 @@ metadata: # (which should be identical, but isn't guaranteed to be installed alongside serving). name: knative-serving-aggregated-addressable-resolver labels: - app.kubernetes.io/version: "1.8.6" + app.kubernetes.io/version: "1.12.0" app.kubernetes.io/name: knative-serving aggregationRule: clusterRoleSelectors: @@ -55,7 +104,7 @@ apiVersion: rbac.authorization.k8s.io/v1 metadata: name: knative-serving-addressable-resolver labels: - app.kubernetes.io/version: "1.8.6" + app.kubernetes.io/version: "1.12.0" app.kubernetes.io/name: knative-serving # Labeled to facilitate aggregated cluster roles that act on Addressables. duck.knative.dev/addressable: "true" @@ -94,7 +143,7 @@ metadata: name: knative-serving-namespaced-admin labels: rbac.authorization.k8s.io/aggregate-to-admin: "true" - app.kubernetes.io/version: "1.8.6" + app.kubernetes.io/version: "1.12.0" app.kubernetes.io/name: knative-serving rules: - apiGroups: ["serving.knative.dev"] @@ -110,7 +159,7 @@ metadata: name: knative-serving-namespaced-edit labels: rbac.authorization.k8s.io/aggregate-to-edit: "true" - app.kubernetes.io/version: "1.8.6" + app.kubernetes.io/version: "1.12.0" app.kubernetes.io/name: knative-serving rules: - apiGroups: ["serving.knative.dev"] @@ -126,7 +175,7 @@ metadata: name: knative-serving-namespaced-view labels: rbac.authorization.k8s.io/aggregate-to-view: "true" - app.kubernetes.io/version: "1.8.6" + app.kubernetes.io/version: "1.12.0" app.kubernetes.io/name: knative-serving rules: - apiGroups: ["serving.knative.dev", "networking.internal.knative.dev", "autoscaling.internal.knative.dev", "caching.internal.knative.dev"] @@ -154,7 +203,7 @@ metadata: name: knative-serving-core labels: serving.knative.dev/controller: "true" - app.kubernetes.io/version: "1.8.6" + app.kubernetes.io/version: "1.12.0" app.kubernetes.io/name: knative-serving rules: - apiGroups: [""] @@ -208,7 +257,7 @@ apiVersion: rbac.authorization.k8s.io/v1 metadata: name: knative-serving-podspecable-binding labels: - app.kubernetes.io/version: "1.8.6" + app.kubernetes.io/version: "1.12.0" app.kubernetes.io/name: knative-serving # Labeled to facilitate aggregated cluster roles that act on PodSpecables. duck.knative.dev/podspecable: "true" @@ -247,7 +296,7 @@ metadata: labels: app.kubernetes.io/component: controller app.kubernetes.io/name: knative-serving - app.kubernetes.io/version: "1.8.6" + app.kubernetes.io/version: "1.12.0" --- kind: ClusterRole apiVersion: rbac.authorization.k8s.io/v1 @@ -255,7 +304,7 @@ metadata: name: knative-serving-admin labels: app.kubernetes.io/name: knative-serving - app.kubernetes.io/version: "1.8.6" + app.kubernetes.io/version: "1.12.0" aggregationRule: clusterRoleSelectors: - matchLabels: @@ -268,7 +317,7 @@ metadata: labels: app.kubernetes.io/component: controller app.kubernetes.io/name: knative-serving - app.kubernetes.io/version: "1.8.6" + app.kubernetes.io/version: "1.12.0" subjects: - kind: ServiceAccount name: controller @@ -285,7 +334,7 @@ metadata: labels: app.kubernetes.io/component: controller app.kubernetes.io/name: knative-serving - app.kubernetes.io/version: "1.8.6" + app.kubernetes.io/version: "1.12.0" subjects: - kind: ServiceAccount name: controller @@ -294,6 +343,51 @@ roleRef: kind: ClusterRole name: knative-serving-aggregated-addressable-resolver apiGroup: rbac.authorization.k8s.io +--- +apiVersion: v1 +kind: ServiceAccount +metadata: + name: activator + namespace: knative-serving + labels: + app.kubernetes.io/component: activator + app.kubernetes.io/name: knative-serving + app.kubernetes.io/version: "1.12.0" +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: RoleBinding +metadata: + name: knative-serving-activator + namespace: knative-serving + labels: + app.kubernetes.io/component: activator + app.kubernetes.io/name: knative-serving + app.kubernetes.io/version: "1.12.0" +subjects: + - kind: ServiceAccount + name: activator + namespace: knative-serving +roleRef: + kind: Role + name: knative-serving-activator + apiGroup: rbac.authorization.k8s.io +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + name: knative-serving-activator-cluster + labels: + app.kubernetes.io/component: activator + app.kubernetes.io/name: knative-serving + app.kubernetes.io/version: "1.12.0" +subjects: + - kind: ServiceAccount + name: activator + namespace: knative-serving +roleRef: + kind: ClusterRole + name: knative-serving-activator-cluster + apiGroup: rbac.authorization.k8s.io --- # Copyright 2018 The Knative Authors @@ -316,7 +410,7 @@ metadata: name: images.caching.internal.knative.dev labels: app.kubernetes.io/name: knative-serving - app.kubernetes.io/version: "1.8.6" + app.kubernetes.io/version: "1.12.0" knative.dev/crd-install: "true" spec: group: caching.internal.knative.dev @@ -438,7 +532,7 @@ metadata: labels: app.kubernetes.io/name: knative-serving app.kubernetes.io/component: networking - app.kubernetes.io/version: "1.8.6" + app.kubernetes.io/version: "1.12.0" knative.dev/crd-install: "true" spec: group: networking.internal.knative.dev @@ -473,6 +567,9 @@ spec: type: array items: type: string + domain: + description: Domain is the top level domain of the values for DNSNames. + type: string secretName: description: SecretName is the name of the secret resource to store the SSL certificate in. type: string @@ -584,7 +681,7 @@ metadata: name: configurations.serving.knative.dev labels: app.kubernetes.io/name: knative-serving - app.kubernetes.io/version: "1.8.6" + app.kubernetes.io/version: "1.12.0" knative.dev/crd-install: "true" duck.knative.dev/podspecable: "true" spec: @@ -811,6 +908,19 @@ spec: description: Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1. type: integer format: int32 + grpc: + description: GRPC specifies an action involving a GRPC port. + type: object + required: + - port + properties: + port: + description: Port number of the gRPC service. Number must be in the range 1 to 65535. + type: integer + format: int32 + service: + description: "Service is the name of the service to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). \n If this is not specified, the default behavior is defined by gRPC." + type: string httpGet: description: HTTPGet specifies the http request to perform. type: object @@ -829,7 +939,7 @@ spec: - value properties: name: - description: The header field name + description: The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header. type: string value: description: The header field value @@ -919,6 +1029,19 @@ spec: description: Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1. type: integer format: int32 + grpc: + description: GRPC specifies an action involving a GRPC port. + type: object + required: + - port + properties: + port: + description: Port number of the gRPC service. Number must be in the range 1 to 65535. + type: integer + format: int32 + service: + description: "Service is the name of the service to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). \n If this is not specified, the default behavior is defined by gRPC." + type: string httpGet: description: HTTPGet specifies the http request to perform. type: object @@ -937,7 +1060,7 @@ spec: - value properties: name: - description: The header field name + description: The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header. type: string value: description: The header field value @@ -987,6 +1110,21 @@ spec: description: 'Compute Resources required by this container. Cannot be updated. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' type: object properties: + claims: + description: "Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. \n This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. \n This field is immutable. It can only be set for containers." + type: array + items: + description: ResourceClaim references one entry in PodSpec.ResourceClaims. + type: object + required: + - name + properties: + name: + description: Name must match the name of one entry in pod.spec.resourceClaims of the Pod where this field is used. It makes that resource available inside a container. + type: string + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map limits: description: 'Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' type: object @@ -997,7 +1135,7 @@ spec: - type: string x-kubernetes-int-or-string: true requests: - description: 'Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' + description: 'Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. Requests cannot exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' type: object additionalProperties: pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ @@ -1042,6 +1180,18 @@ spec: description: The UID to run the entrypoint of the container process. Defaults to user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is windows. type: integer format: int64 + seccompProfile: + description: The seccomp options to use by this container. If seccomp options are provided at both the pod & container level, the container options override the pod options. Note that this field cannot be set when spec.os.name is windows. + type: object + required: + - type + properties: + localhostProfile: + description: localhostProfile indicates a profile defined in a file on the node should be used. The profile must be preconfigured on the node to work. Must be a descending path, relative to the kubelet's configured seccomp profile location. Must only be set if type is "Localhost". + type: string + type: + description: "type indicates which kind of seccomp profile will be applied. Valid options are: \n Localhost - a profile defined in a file on the node should be used. RuntimeDefault - the container runtime default profile should be used. Unconfined - no profile should be applied." + type: string terminationMessagePath: description: 'Optional: Path at which the file to which the container''s termination message will be written is mounted into the container''s filesystem. Message written is intended to be brief final status, such as an assertion failure message. Will be truncated by the node if greater than 4096 bytes. The total message length across all containers will be limited to 12kb. Defaults to /dev/termination-log. Cannot be updated.' type: string @@ -1140,6 +1290,10 @@ spec: serviceAccountName: description: 'ServiceAccountName is the name of the ServiceAccount to use to run this pod. More info: https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/' type: string + shareProcessNamespace: + description: This is accessible behind a feature flag - kubernetes.podspec-shareproccessnamespace + type: boolean + x-kubernetes-preserve-unknown-fields: true timeoutSeconds: description: TimeoutSeconds is the maximum duration in seconds that the request instance is allowed to respond to a request. If unspecified, a system default will be provided. type: integer @@ -1259,6 +1413,59 @@ spec: description: optional specify whether the ConfigMap or its keys must be defined type: boolean x-kubernetes-map-type: atomic + downwardAPI: + description: downwardAPI information about the downwardAPI data to project + type: object + properties: + items: + description: Items is a list of DownwardAPIVolume file + type: array + items: + description: DownwardAPIVolumeFile represents information to create the file containing the pod field + type: object + required: + - path + properties: + fieldRef: + description: 'Required: Selects a field of the pod: only annotations, labels, name and namespace are supported.' + type: object + required: + - fieldPath + properties: + apiVersion: + description: Version of the schema the FieldPath is written in terms of, defaults to "v1". + type: string + fieldPath: + description: Path of the field to select in the specified API version. + type: string + x-kubernetes-map-type: atomic + mode: + description: 'Optional: mode bits used to set permissions on this file, must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.' + type: integer + format: int32 + path: + description: 'Required: Path is the relative path name of the file to be created. Must not be absolute or contain the ''..'' path. Must be utf-8 encoded. The first item of the relative path must not start with ''..''' + type: string + resourceFieldRef: + description: 'Selects a resource of the container: only resources limits and requests (limits.cpu, limits.memory, requests.cpu and requests.memory) are currently supported.' + type: object + required: + - resource + properties: + containerName: + description: 'Container name: required for volumes, optional for env vars' + type: string + divisor: + description: Specifies the output format of the exposed resources, defaults to "1" + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + resource: + description: 'Required: resource to select' + type: string + x-kubernetes-map-type: atomic secret: description: secret information about the secret data to project type: object @@ -1410,7 +1617,7 @@ metadata: labels: app.kubernetes.io/name: knative-serving app.kubernetes.io/component: networking - app.kubernetes.io/version: "1.8.6" + app.kubernetes.io/version: "1.12.0" knative.dev/crd-install: "true" spec: group: networking.internal.knative.dev @@ -1474,14 +1681,14 @@ metadata: name: domainmappings.serving.knative.dev labels: app.kubernetes.io/name: knative-serving - app.kubernetes.io/version: "1.8.6" + app.kubernetes.io/version: "1.12.0" knative.dev/crd-install: "true" spec: group: serving.knative.dev versions: - name: v1beta1 served: true - storage: false + storage: true subresources: status: {} additionalPrinterColumns: @@ -1520,6 +1727,9 @@ spec: - kind - name properties: + address: + description: Address points to a specific Address Name. + type: string apiVersion: description: API version of the referent. type: string @@ -1552,111 +1762,15 @@ spec: description: Address holds the information needed for a DomainMapping to be the target of an event. type: object properties: - url: - type: string - annotations: - description: Annotations is additional Status fields for the Resource to save some additional State as well as convey more information to the user. This is roughly akin to Annotations on any k8s resource, just the reconciler conveying richer information outwards. - type: object - additionalProperties: - type: string - conditions: - description: Conditions the latest available observations of a resource's current state. - type: array - items: - description: 'Condition defines a readiness condition for a Knative resource. See: https://github.com/kubernetes/community/blob/master/contributors/devel/sig-architecture/api-conventions.md#typical-status-properties' - type: object - required: - - status - - type - properties: - lastTransitionTime: - description: LastTransitionTime is the last time the condition transitioned from one status to another. We use VolatileTime in place of metav1.Time to exclude this from creating equality.Semantic differences (all other things held constant). - type: string - message: - description: A human readable message indicating details about the transition. - type: string - reason: - description: The reason for the condition's last transition. - type: string - severity: - description: Severity with which to treat failures of this type of condition. When this is not specified, it defaults to Error. - type: string - status: - description: Status of the condition, one of True, False, Unknown. - type: string - type: - description: Type of condition. - type: string - observedGeneration: - description: ObservedGeneration is the 'Generation' of the Service that was last processed by the controller. - type: integer - format: int64 - url: - description: URL is the URL of this DomainMapping. - type: string - - name: v1alpha1 - served: true - storage: true - subresources: - status: {} - schema: - openAPIV3Schema: - description: DomainMapping is a mapping from a custom hostname to an Addressable. - type: object - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - description: 'Spec is the desired state of the DomainMapping. More info: https://github.com/kubernetes/community/blob/master/contributors/devel/sig-architecture/api-conventions.md#spec-and-status' - type: object - required: - - ref - properties: - ref: - description: "Ref specifies the target of the Domain Mapping. \n The object identified by the Ref must be an Addressable with a URL of the form `{name}.{namespace}.{domain}` where `{domain}` is the cluster domain, and `{name}` and `{namespace}` are the name and namespace of a Kubernetes Service. \n This contract is satisfied by Knative types such as Knative Services and Knative Routes, and by Kubernetes Services." - type: object - required: - - kind - - name - properties: - apiVersion: - description: API version of the referent. + CACerts: + description: CACerts is the Certification Authority (CA) certificates in PEM format according to https://www.rfc-editor.org/rfc/rfc7468. type: string - group: - description: 'Group of the API, without the version of the group. This can be used as an alternative to the APIVersion, and then resolved using ResolveGroup. Note: This API is EXPERIMENTAL and might break anytime. For more details: https://github.com/knative/eventing/issues/5086' - type: string - kind: - description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + audience: + description: Audience is the OIDC audience for this address. type: string name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - namespace: - description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ This is optional field, it gets defaulted to the object holding it if left out.' - type: string - tls: - description: TLS allows the DomainMapping to terminate TLS traffic with an existing secret. - type: object - required: - - secretName - properties: - secretName: - description: SecretName is the name of the existing secret used to terminate TLS traffic. + description: Name is the name of the address. type: string - status: - description: 'Status is the current state of the DomainMapping. More info: https://github.com/kubernetes/community/blob/master/contributors/devel/sig-architecture/api-conventions.md#spec-and-status' - type: object - properties: - address: - description: Address holds the information needed for a DomainMapping to be the target of an event. - type: object - properties: url: type: string annotations: @@ -1743,7 +1857,7 @@ metadata: labels: app.kubernetes.io/name: knative-serving app.kubernetes.io/component: networking - app.kubernetes.io/version: "1.8.6" + app.kubernetes.io/version: "1.12.0" knative.dev/crd-install: "true" spec: group: networking.internal.knative.dev @@ -2003,7 +2117,7 @@ metadata: name: metrics.autoscaling.internal.knative.dev labels: app.kubernetes.io/name: knative-serving - app.kubernetes.io/version: "1.8.6" + app.kubernetes.io/version: "1.12.0" knative.dev/crd-install: "true" spec: group: autoscaling.internal.knative.dev @@ -2125,7 +2239,7 @@ metadata: name: podautoscalers.autoscaling.internal.knative.dev labels: app.kubernetes.io/name: knative-serving - app.kubernetes.io/version: "1.8.6" + app.kubernetes.io/version: "1.12.0" knative.dev/crd-install: "true" spec: group: autoscaling.internal.knative.dev @@ -2285,7 +2399,7 @@ metadata: name: revisions.serving.knative.dev labels: app.kubernetes.io/name: knative-serving - app.kubernetes.io/version: "1.8.6" + app.kubernetes.io/version: "1.12.0" knative.dev/crd-install: "true" spec: group: serving.knative.dev @@ -2491,6 +2605,19 @@ spec: description: Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1. type: integer format: int32 + grpc: + description: GRPC specifies an action involving a GRPC port. + type: object + required: + - port + properties: + port: + description: Port number of the gRPC service. Number must be in the range 1 to 65535. + type: integer + format: int32 + service: + description: "Service is the name of the service to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). \n If this is not specified, the default behavior is defined by gRPC." + type: string httpGet: description: HTTPGet specifies the http request to perform. type: object @@ -2509,7 +2636,7 @@ spec: - value properties: name: - description: The header field name + description: The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header. type: string value: description: The header field value @@ -2599,6 +2726,19 @@ spec: description: Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1. type: integer format: int32 + grpc: + description: GRPC specifies an action involving a GRPC port. + type: object + required: + - port + properties: + port: + description: Port number of the gRPC service. Number must be in the range 1 to 65535. + type: integer + format: int32 + service: + description: "Service is the name of the service to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). \n If this is not specified, the default behavior is defined by gRPC." + type: string httpGet: description: HTTPGet specifies the http request to perform. type: object @@ -2617,7 +2757,7 @@ spec: - value properties: name: - description: The header field name + description: The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header. type: string value: description: The header field value @@ -2667,6 +2807,21 @@ spec: description: 'Compute Resources required by this container. Cannot be updated. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' type: object properties: + claims: + description: "Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. \n This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. \n This field is immutable. It can only be set for containers." + type: array + items: + description: ResourceClaim references one entry in PodSpec.ResourceClaims. + type: object + required: + - name + properties: + name: + description: Name must match the name of one entry in pod.spec.resourceClaims of the Pod where this field is used. It makes that resource available inside a container. + type: string + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map limits: description: 'Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' type: object @@ -2677,7 +2832,7 @@ spec: - type: string x-kubernetes-int-or-string: true requests: - description: 'Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' + description: 'Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. Requests cannot exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' type: object additionalProperties: pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ @@ -2722,6 +2877,18 @@ spec: description: The UID to run the entrypoint of the container process. Defaults to user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is windows. type: integer format: int64 + seccompProfile: + description: The seccomp options to use by this container. If seccomp options are provided at both the pod & container level, the container options override the pod options. Note that this field cannot be set when spec.os.name is windows. + type: object + required: + - type + properties: + localhostProfile: + description: localhostProfile indicates a profile defined in a file on the node should be used. The profile must be preconfigured on the node to work. Must be a descending path, relative to the kubelet's configured seccomp profile location. Must only be set if type is "Localhost". + type: string + type: + description: "type indicates which kind of seccomp profile will be applied. Valid options are: \n Localhost - a profile defined in a file on the node should be used. RuntimeDefault - the container runtime default profile should be used. Unconfined - no profile should be applied." + type: string terminationMessagePath: description: 'Optional: Path at which the file to which the container''s termination message will be written is mounted into the container''s filesystem. Message written is intended to be brief final status, such as an assertion failure message. Will be truncated by the node if greater than 4096 bytes. The total message length across all containers will be limited to 12kb. Defaults to /dev/termination-log. Cannot be updated.' type: string @@ -2820,6 +2987,10 @@ spec: serviceAccountName: description: 'ServiceAccountName is the name of the ServiceAccount to use to run this pod. More info: https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/' type: string + shareProcessNamespace: + description: This is accessible behind a feature flag - kubernetes.podspec-shareproccessnamespace + type: boolean + x-kubernetes-preserve-unknown-fields: true timeoutSeconds: description: TimeoutSeconds is the maximum duration in seconds that the request instance is allowed to respond to a request. If unspecified, a system default will be provided. type: integer @@ -2939,33 +3110,86 @@ spec: description: optional specify whether the ConfigMap or its keys must be defined type: boolean x-kubernetes-map-type: atomic - secret: - description: secret information about the secret data to project + downwardAPI: + description: downwardAPI information about the downwardAPI data to project type: object properties: items: - description: items if unspecified, each key-value pair in the Data field of the referenced Secret will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the Secret, the volume setup will error unless it is marked optional. Paths must be relative and may not contain the '..' path or start with '..'. + description: Items is a list of DownwardAPIVolume file type: array items: - description: Maps a string key to a path within a volume. + description: DownwardAPIVolumeFile represents information to create the file containing the pod field type: object required: - - key - path properties: - key: - description: key is the key to project. - type: string + fieldRef: + description: 'Required: Selects a field of the pod: only annotations, labels, name and namespace are supported.' + type: object + required: + - fieldPath + properties: + apiVersion: + description: Version of the schema the FieldPath is written in terms of, defaults to "v1". + type: string + fieldPath: + description: Path of the field to select in the specified API version. + type: string + x-kubernetes-map-type: atomic mode: - description: 'mode is Optional: mode bits used to set permissions on this file. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.' + description: 'Optional: mode bits used to set permissions on this file, must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.' type: integer format: int32 path: - description: path is the relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'. + description: 'Required: Path is the relative path name of the file to be created. Must not be absolute or contain the ''..'' path. Must be utf-8 encoded. The first item of the relative path must not start with ''..''' type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?' - type: string + resourceFieldRef: + description: 'Selects a resource of the container: only resources limits and requests (limits.cpu, limits.memory, requests.cpu and requests.memory) are currently supported.' + type: object + required: + - resource + properties: + containerName: + description: 'Container name: required for volumes, optional for env vars' + type: string + divisor: + description: Specifies the output format of the exposed resources, defaults to "1" + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + resource: + description: 'Required: resource to select' + type: string + x-kubernetes-map-type: atomic + secret: + description: secret information about the secret data to project + type: object + properties: + items: + description: items if unspecified, each key-value pair in the Data field of the referenced Secret will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the Secret, the volume setup will error unless it is marked optional. Paths must be relative and may not contain the '..' path or start with '..'. + type: array + items: + description: Maps a string key to a path within a volume. + type: object + required: + - key + - path + properties: + key: + description: key is the key to project. + type: string + mode: + description: 'mode is Optional: mode bits used to set permissions on this file. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.' + type: integer + format: int32 + path: + description: path is the relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'. + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?' + type: string optional: description: optional field specify whether the Secret or its key must be defined type: boolean @@ -3118,7 +3342,7 @@ metadata: name: routes.serving.knative.dev labels: app.kubernetes.io/name: knative-serving - app.kubernetes.io/version: "1.8.6" + app.kubernetes.io/version: "1.12.0" knative.dev/crd-install: "true" duck.knative.dev/addressable: "true" spec: @@ -3201,6 +3425,15 @@ spec: description: Address holds the information needed for a Route to be the target of an event. type: object properties: + CACerts: + description: CACerts is the Certification Authority (CA) certificates in PEM format according to https://www.rfc-editor.org/rfc/rfc7468. + type: string + audience: + description: Audience is the OIDC audience for this address. + type: string + name: + description: Name is the name of the address. + type: string url: type: string annotations: @@ -3292,7 +3525,7 @@ metadata: labels: app.kubernetes.io/name: knative-serving app.kubernetes.io/component: networking - app.kubernetes.io/version: "1.8.6" + app.kubernetes.io/version: "1.12.0" knative.dev/crd-install: "true" spec: group: networking.internal.knative.dev @@ -3458,7 +3691,7 @@ metadata: name: services.serving.knative.dev labels: app.kubernetes.io/name: knative-serving - app.kubernetes.io/version: "1.8.6" + app.kubernetes.io/version: "1.12.0" knative.dev/crd-install: "true" duck.knative.dev/addressable: "true" duck.knative.dev/podspecable: "true" @@ -3689,6 +3922,19 @@ spec: description: Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1. type: integer format: int32 + grpc: + description: GRPC specifies an action involving a GRPC port. + type: object + required: + - port + properties: + port: + description: Port number of the gRPC service. Number must be in the range 1 to 65535. + type: integer + format: int32 + service: + description: "Service is the name of the service to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). \n If this is not specified, the default behavior is defined by gRPC." + type: string httpGet: description: HTTPGet specifies the http request to perform. type: object @@ -3707,7 +3953,7 @@ spec: - value properties: name: - description: The header field name + description: The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header. type: string value: description: The header field value @@ -3797,6 +4043,19 @@ spec: description: Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1. type: integer format: int32 + grpc: + description: GRPC specifies an action involving a GRPC port. + type: object + required: + - port + properties: + port: + description: Port number of the gRPC service. Number must be in the range 1 to 65535. + type: integer + format: int32 + service: + description: "Service is the name of the service to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). \n If this is not specified, the default behavior is defined by gRPC." + type: string httpGet: description: HTTPGet specifies the http request to perform. type: object @@ -3815,7 +4074,7 @@ spec: - value properties: name: - description: The header field name + description: The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header. type: string value: description: The header field value @@ -3865,6 +4124,21 @@ spec: description: 'Compute Resources required by this container. Cannot be updated. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' type: object properties: + claims: + description: "Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. \n This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. \n This field is immutable. It can only be set for containers." + type: array + items: + description: ResourceClaim references one entry in PodSpec.ResourceClaims. + type: object + required: + - name + properties: + name: + description: Name must match the name of one entry in pod.spec.resourceClaims of the Pod where this field is used. It makes that resource available inside a container. + type: string + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map limits: description: 'Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' type: object @@ -3875,7 +4149,7 @@ spec: - type: string x-kubernetes-int-or-string: true requests: - description: 'Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' + description: 'Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. Requests cannot exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' type: object additionalProperties: pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ @@ -3920,6 +4194,18 @@ spec: description: The UID to run the entrypoint of the container process. Defaults to user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is windows. type: integer format: int64 + seccompProfile: + description: The seccomp options to use by this container. If seccomp options are provided at both the pod & container level, the container options override the pod options. Note that this field cannot be set when spec.os.name is windows. + type: object + required: + - type + properties: + localhostProfile: + description: localhostProfile indicates a profile defined in a file on the node should be used. The profile must be preconfigured on the node to work. Must be a descending path, relative to the kubelet's configured seccomp profile location. Must only be set if type is "Localhost". + type: string + type: + description: "type indicates which kind of seccomp profile will be applied. Valid options are: \n Localhost - a profile defined in a file on the node should be used. RuntimeDefault - the container runtime default profile should be used. Unconfined - no profile should be applied." + type: string terminationMessagePath: description: 'Optional: Path at which the file to which the container''s termination message will be written is mounted into the container''s filesystem. Message written is intended to be brief final status, such as an assertion failure message. Will be truncated by the node if greater than 4096 bytes. The total message length across all containers will be limited to 12kb. Defaults to /dev/termination-log. Cannot be updated.' type: string @@ -4018,6 +4304,10 @@ spec: serviceAccountName: description: 'ServiceAccountName is the name of the ServiceAccount to use to run this pod. More info: https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/' type: string + shareProcessNamespace: + description: This is accessible behind a feature flag - kubernetes.podspec-shareproccessnamespace + type: boolean + x-kubernetes-preserve-unknown-fields: true timeoutSeconds: description: TimeoutSeconds is the maximum duration in seconds that the request instance is allowed to respond to a request. If unspecified, a system default will be provided. type: integer @@ -4137,6 +4427,59 @@ spec: description: optional specify whether the ConfigMap or its keys must be defined type: boolean x-kubernetes-map-type: atomic + downwardAPI: + description: downwardAPI information about the downwardAPI data to project + type: object + properties: + items: + description: Items is a list of DownwardAPIVolume file + type: array + items: + description: DownwardAPIVolumeFile represents information to create the file containing the pod field + type: object + required: + - path + properties: + fieldRef: + description: 'Required: Selects a field of the pod: only annotations, labels, name and namespace are supported.' + type: object + required: + - fieldPath + properties: + apiVersion: + description: Version of the schema the FieldPath is written in terms of, defaults to "v1". + type: string + fieldPath: + description: Path of the field to select in the specified API version. + type: string + x-kubernetes-map-type: atomic + mode: + description: 'Optional: mode bits used to set permissions on this file, must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.' + type: integer + format: int32 + path: + description: 'Required: Path is the relative path name of the file to be created. Must not be absolute or contain the ''..'' path. Must be utf-8 encoded. The first item of the relative path must not start with ''..''' + type: string + resourceFieldRef: + description: 'Selects a resource of the container: only resources limits and requests (limits.cpu, limits.memory, requests.cpu and requests.memory) are currently supported.' + type: object + required: + - resource + properties: + containerName: + description: 'Container name: required for volumes, optional for env vars' + type: string + divisor: + description: Specifies the output format of the exposed resources, defaults to "1" + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + resource: + description: 'Required: resource to select' + type: string + x-kubernetes-map-type: atomic secret: description: secret information about the secret data to project type: object @@ -4252,6 +4595,15 @@ spec: description: Address holds the information needed for a Route to be the target of an event. type: object properties: + CACerts: + description: CACerts is the Certification Authority (CA) certificates in PEM format according to https://www.rfc-editor.org/rfc/rfc7468. + type: string + audience: + description: Audience is the OIDC audience for this address. + type: string + name: + description: Name is the name of the address. + type: string url: type: string annotations: @@ -4345,25 +4697,38 @@ spec: apiVersion: v1 kind: Secret metadata: - # Do not drop -ctrl-ca suffix as control-protocol requires it. - # https://github.com/knative-sandbox/control-protocol/blob/main/pkg/certificates/reconciler/controller.go + # Do not drop -ctrl-ca suffix as certificate creation requires it + # https://github.com/knative/networking/blob/main/pkg/certificates/reconciler/controller.go#L38 name: serving-certs-ctrl-ca namespace: knative-serving labels: serving-certs-ctrl: "data-plane" networking.internal.knative.dev/certificate-uid: "serving-certs" -# The data is populated when internal-encryption is enabled. +# The data is populated when knative-internal-tls is enabled. --- apiVersion: v1 kind: Secret metadata: + # this is the legacy secret + # we can drop this once all net-* implementations are using the new `routing-serving-certs` secret name: knative-serving-certs namespace: knative-serving labels: serving-certs-ctrl: "data-plane" networking.internal.knative.dev/certificate-uid: "serving-certs" -# The data is populated when internal-encryption is enabled. + +# The data is populated when knative-internal-tls is enabled. +--- +apiVersion: v1 +kind: Secret +metadata: + name: routing-serving-certs + namespace: knative-serving + labels: + serving-certs-ctrl: "data-plane-routing" + networking.internal.knative.dev/certificate-uid: "serving-certs" +# The data is populated when knative-internal-tls is enabled. --- # Copyright 2018 The Knative Authors @@ -4388,11 +4753,11 @@ metadata: labels: app.kubernetes.io/component: queue-proxy app.kubernetes.io/name: knative-serving - app.kubernetes.io/version: "1.8.6" + app.kubernetes.io/version: "1.12.0" spec: # This is the Go import path for the binary that is containerized # and substituted here. - image: gcr.io/knative-releases/knative.dev/serving/cmd/queue@sha256:cdb92342ed096c133adc4d0018207d05a614f29d81041a8bc8a4bf1df231f145 + image: gcr.io/knative-releases/knative.dev/serving/cmd/queue@sha256:9b9b7adc18bfc9e7eb0bc7896c2f5033a5363a44448519043f84f57aa39a6304 --- # Copyright 2018 The Knative Authors @@ -4417,7 +4782,7 @@ metadata: labels: app.kubernetes.io/component: autoscaler app.kubernetes.io/name: knative-serving - app.kubernetes.io/version: "1.8.6" + app.kubernetes.io/version: "1.12.0" annotations: knative.dev/example-checksum: "47c2487f" data: @@ -4628,7 +4993,7 @@ metadata: labels: app.kubernetes.io/name: knative-serving app.kubernetes.io/component: controller - app.kubernetes.io/version: "1.8.6" + app.kubernetes.io/version: "1.12.0" annotations: knative.dev/example-checksum: "e7973912" data: @@ -4783,13 +5148,13 @@ metadata: labels: app.kubernetes.io/name: knative-serving app.kubernetes.io/component: controller - app.kubernetes.io/version: "1.8.6" + app.kubernetes.io/version: "1.12.0" annotations: - knative.dev/example-checksum: "dd7ee769" + knative.dev/example-checksum: "ed77183a" data: # This is the Go import path for the binary that is containerized # and substituted here. - queue-sidecar-image: gcr.io/knative-releases/knative.dev/serving/cmd/queue@sha256:cdb92342ed096c133adc4d0018207d05a614f29d81041a8bc8a4bf1df231f145 + queue-sidecar-image: gcr.io/knative-releases/knative.dev/serving/cmd/queue@sha256:9b9b7adc18bfc9e7eb0bc7896c2f5033a5363a44448519043f84f57aa39a6304 _example: |- ################################ # # @@ -4820,15 +5185,18 @@ data: queue-sidecar-cpu-request: "25m" # Sets the queue proxy's CPU limit. - # If omitted, no value is specified and the system default is used. + # If omitted, a default value (currently "1000m"), is used when + # `queueproxy.resource-defaults` is set to `Enabled`. queue-sidecar-cpu-limit: "1000m" # Sets the queue proxy's memory request. - # If omitted, no value is specified and the system default is used. + # If omitted, a default value (currently "400Mi"), is used when + # `queueproxy.resource-defaults` is set to `Enabled`. queue-sidecar-memory-request: "400Mi" # Sets the queue proxy's memory limit. - # If omitted, no value is specified and the system default is used. + # If omitted, a default value (currently "800Mi"), is used when + # `queueproxy.resource-defaults` is set to `Enabled`. queue-sidecar-memory-limit: "800Mi" # Sets the queue proxy's ephemeral storage request. @@ -4839,28 +5207,18 @@ data: # If omitted, no value is specified and the system default is used. queue-sidecar-ephemeral-storage-limit: "1024Mi" - # The freezer service endpoint that queue-proxy calls when its traffic drops to zero or - # scales up from zero. - # - # Freezer service is available at: https://github.com/knative-sandbox/container-freezer - # or users may write their own service. - # - # The value will need to include both the host and the port that will be accessed. - # For the host, $HOST_IP can be passed, and the appropriate host IP value will be swapped - # in at runtime, which will enable the freezer daemonset to be reachable via the node IP. + # Sets tokens associated with specific audiences for queue proxy - used by QPOptions # - # As an example: - # concurrency-state-endpoint: "http://$HOST_IP:9696" - # - # If not set, queue proxy takes no action (this is the default behavior). - # - # When enabled, a serviceAccountToken will be mounted to queue-proxy using - # a projected volume. This requires the Service Account Token Volume Projection feature - # to be enabled. For details, see this link: - # https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/#service-account-token-volume-projection - # - # NOTE THAT THIS IS AN EXPERIMENTAL / ALPHA FEATURE - concurrency-state-endpoint: "" + # For example, to add the `service-x` audience: + # queue-sidecar-token-audiences: "service-x" + # Also supports a list of audiences, for example: + # queue-sidecar-token-audiences: "service-x,service-y" + # If omitted, or empty, no tokens are created + queue-sidecar-token-audiences: "" + + # Sets rootCA for the queue proxy - used by QPOptions + # If omitted, or empty, no rootCA is added to the golang rootCAs + queue-sidecar-rootca: "" --- # Copyright 2018 The Knative Authors @@ -4885,7 +5243,7 @@ metadata: labels: app.kubernetes.io/name: knative-serving app.kubernetes.io/component: controller - app.kubernetes.io/version: "1.8.6" + app.kubernetes.io/version: "1.12.0" annotations: knative.dev/example-checksum: "26c09de5" data: @@ -4950,9 +5308,9 @@ metadata: labels: app.kubernetes.io/name: knative-serving app.kubernetes.io/component: controller - app.kubernetes.io/version: "1.8.6" + app.kubernetes.io/version: "1.12.0" annotations: - knative.dev/example-checksum: "691a192e" + knative.dev/example-checksum: "f2fc138e" data: _example: |- ################################ @@ -4970,6 +5328,13 @@ data: # this example block and unindented to be in the data block # to actually change the configuration. + # Default SecurityContext settings to secure-by-default values + # if unset. + # + # This value will default to "enabled" in a future release, + # probably Knative 1.10 + secure-pod-defaults: "disabled" + # Indicates whether multi container support is enabled # # WARNING: Cannot safely be disabled once enabled. @@ -5049,6 +5414,12 @@ data: # See: https://knative.dev/docs/serving/feature-flags/#kubernetes-security-context kubernetes.podspec-securitycontext: "disabled" + # Indicated whether sharing the process namespace via ShareProcessNamespace pod spec is allowed. + # This can be especially useful for sharing data from images directly between sidecars + # + # See: https://knative.dev/docs/serving/configuration/feature-flags/#kubernetes-share-process-namespace + kubernetes.podspec-shareprocessnamespace: "disabled" + # Indicates whether Kubernetes PriorityClassName support is enabled # # WARNING: Cannot safely be disabled once enabled. @@ -5125,6 +5496,9 @@ data: # NOTE THAT THIS IS AN EXPERIMENTAL / ALPHA FEATURE queueproxy.mount-podinfo: "disabled" + # Default queue proxy resource requests and limits to good values for most cases if set. + queueproxy.resource-defaults: "disabled" + --- # Copyright 2018 The Knative Authors # @@ -5148,7 +5522,7 @@ metadata: labels: app.kubernetes.io/name: knative-serving app.kubernetes.io/component: controller - app.kubernetes.io/version: "1.8.6" + app.kubernetes.io/version: "1.12.0" annotations: knative.dev/example-checksum: "aa3813a8" data: @@ -5248,7 +5622,7 @@ metadata: labels: app.kubernetes.io/name: knative-serving app.kubernetes.io/component: controller - app.kubernetes.io/version: "1.8.6" + app.kubernetes.io/version: "1.12.0" annotations: knative.dev/example-checksum: "f4b71f57" data: @@ -5308,11 +5682,11 @@ metadata: name: config-logging namespace: knative-serving labels: - app.kubernetes.io/version: "1.8.6" + app.kubernetes.io/version: "1.12.0" app.kubernetes.io/component: logging app.kubernetes.io/name: knative-serving annotations: - knative.dev/example-checksum: "b0f3c6f2" + knative.dev/example-checksum: "53fda05f" data: _example: | ################################ @@ -5366,6 +5740,8 @@ data: loglevel.net-certmanager-controller: "info" loglevel.net-istio-controller: "info" loglevel.net-contour-controller: "info" + loglevel.net-kourier-controller: "info" + loglevel.net-gateway-api-controller: "info" --- # Copyright 2018 The Knative Authors @@ -5390,9 +5766,9 @@ metadata: labels: app.kubernetes.io/name: knative-serving app.kubernetes.io/component: networking - app.kubernetes.io/version: "1.8.6" + app.kubernetes.io/version: "1.12.0" annotations: - knative.dev/example-checksum: "73d96d1b" + knative.dev/example-checksum: "0573e07d" data: _example: | ################################ @@ -5443,7 +5819,7 @@ data: # namespace-wildcard-cert-selector: {} # # Useful labels include the "kubernetes.io/metadata.name" label to - # avoid provisioning a certifcate for the "kube-system" namespaces. + # avoid provisioning a certificate for the "kube-system" namespaces. # Use the following selector to match pre-1.0 behavior of using # "networking.knative.dev/disableWildcardCert" to exclude namespaces: # @@ -5458,7 +5834,7 @@ data: # value is "{{.Name}}.{{.Namespace}}.{{.Domain}}". # # Valid variables defined in the template include Name, Namespace, Domain, - # Labels, and Annotations. Name will be the result of the tagTemplate + # Labels, and Annotations. Name will be the result of the tag-template # below, if a tag is specified for the route. # # Changing this value might be necessary when the extra levels in @@ -5478,22 +5854,51 @@ data: # would be {Name}-{Namespace}.foo.{Domain} domain-template: "{{.Name}}.{{.Namespace}}.{{.Domain}}" - # tagTemplate specifies the golang text template string to use + # tag-template specifies the golang text template string to use # when constructing the DNS name for "tags" within the traffic blocks # of Routes and Configuration. This is used in conjunction with the - # domainTemplate above to determine the full URL for the tag. + # domain-template above to determine the full URL for the tag. tag-template: "{{.Tag}}-{{.Name}}" - # Controls whether TLS certificates are automatically provisioned and - # installed in the Knative ingress to terminate external TLS connection. - # 1. Enabled: enabling auto-TLS feature. - # 2. Disabled: disabling auto-TLS feature. + # auto-tls is deprecated and replaced by external-domain-tls auto-tls: "Disabled" + # Controls whether TLS certificates are automatically provisioned and + # installed in the Knative ingress to terminate TLS connections + # for cluster external domains (like: app.example.com) + # - Enabled: enables the TLS certificate provisioning feature for cluster external domains. + # - Disabled: disables the TLS certificate provisioning feature for cluster external domains. + external-domain-tls: "Disabled" + + # Controls weather TLS certificates are automatically provisioned and + # installed in the Knative ingress to terminate TLS connections + # for cluster local domains (like: app.namespace.svc.) + # - Enabled: enables the TLS certificate provisioning feature for cluster cluster-local domains. + # - Disabled: disables the TLS certificate provisioning feature for cluster cluster local domains. + # NOTE: This flag is in an alpha state and is mostly here to enable internal testing + # for now. Use with caution. + cluster-local-domain-tls: "Disabled" + + # internal-encryption is deprecated and replaced by system-internal-tls + internal-encryption: "false" + + # system-internal-tls controls weather TLS encryption is used for connections between + # the internal components of Knative: + # - ingress to activator + # - ingress to queue-proxy + # - activator to queue-proxy + # + # Possible values for this flag are: + # - Enabled: enables the TLS certificate provisioning feature for cluster cluster-local domains. + # - Disabled: disables the TLS certificate provisioning feature for cluster cluster local domains. + # NOTE: This flag is in an alpha state and is mostly here to enable internal testing + # for now. Use with caution. + system-internal-tls: "Disabled" + # Controls the behavior of the HTTP endpoint for the Knative ingress. - # It requires autoTLS to be enabled. - # 1. Enabled: The Knative ingress will be able to serve HTTP connection. - # 2. Redirected: The Knative ingress will send a 301 redirect for all + # It requires auto-tls to be enabled. + # - Enabled: The Knative ingress will be able to serve HTTP connection. + # - Redirected: The Knative ingress will send a 301 redirect for all # http connections, asking the clients to use HTTPS. # # "Disabled" option is deprecated. @@ -5537,22 +5942,12 @@ data: # - "disabled": always use Pod IPs and do not fall back to Cluster IP on failure. mesh-compatibility-mode: "auto" - # Defines the scheme used for external URLs if autoTLS is not enabled. + # Defines the scheme used for external URLs if auto-tls is not enabled. # This can be used for making Knative report all URLs as "HTTPS" for example, if you're # fronting Knative with an external loadbalancer that deals with TLS termination and # Knative doesn't know about that otherwise. default-external-scheme: "http" - # internal-encryption indicates whether internal traffic is encrypted or not. - # If this is "true", the following traffic are encrypted: - # - ingress to activator - # - ingress to queue-proxy - # - activator to queue-proxy - # - # NOTE: This flag is in an alpha state and is mostly here to enable internal testing - # for now. Use with caution. - internal-encryption: "false" - --- # Copyright 2018 The Knative Authors # @@ -5576,9 +5971,9 @@ metadata: labels: app.kubernetes.io/name: knative-serving app.kubernetes.io/component: observability - app.kubernetes.io/version: "1.8.6" + app.kubernetes.io/version: "1.12.0" annotations: - knative.dev/example-checksum: "fed4756e" + knative.dev/example-checksum: "54abd711" data: _example: | ################################ @@ -5651,11 +6046,22 @@ data: # It supports either prometheus (the default) or opencensus. metrics.backend-destination: prometheus + # metrics.reporting-period-seconds specifies the global metrics reporting period for control and data plane components. + # If a zero or negative value is passed the default reporting period is used (10 secs). + # If the attribute is not specified a default value is used per metrics backend. + # For the prometheus backend the default reporting period is 5s while for opencensus it is 60s. + metrics.reporting-period-seconds: "5" + # metrics.request-metrics-backend-destination specifies the request metrics # destination. It enables queue proxy to send request metrics. # Currently supported values: prometheus (the default), opencensus. metrics.request-metrics-backend-destination: prometheus + # metrics.request-metrics-reporting-period-seconds specifies the request metrics reporting period in sec at queue proxy. + # If a zero or negative value is passed the default reporting period is used (10 secs). + # If the attribute is not specified, it is overridden by the value of metrics.reporting-period-seconds. + metrics.request-metrics-reporting-period-seconds: "5" + # profiling.enable indicates whether it is allowed to retrieve runtime profiling data from # the pods via an HTTP server in the format expected by the pprof visualization tool. When # enabled, the Knative Serving pods expose the profiling data on an alternate HTTP port 8008. @@ -5685,7 +6091,7 @@ metadata: labels: app.kubernetes.io/name: knative-serving app.kubernetes.io/component: tracing - app.kubernetes.io/version: "1.8.6" + app.kubernetes.io/version: "1.12.0" annotations: knative.dev/example-checksum: "26614636" data: @@ -5742,7 +6148,7 @@ metadata: labels: app.kubernetes.io/component: activator app.kubernetes.io/name: knative-serving - app.kubernetes.io/version: "1.8.6" + app.kubernetes.io/version: "1.12.0" spec: minReplicas: 1 maxReplicas: 20 @@ -5770,7 +6176,7 @@ metadata: labels: app.kubernetes.io/component: activator app.kubernetes.io/name: knative-serving - app.kubernetes.io/version: "1.8.6" + app.kubernetes.io/version: "1.12.0" spec: minAvailable: 80% selector: @@ -5799,7 +6205,7 @@ metadata: namespace: knative-serving labels: app.kubernetes.io/component: activator - app.kubernetes.io/version: "1.8.6" + app.kubernetes.io/version: "1.12.0" app.kubernetes.io/name: knative-serving spec: selector: @@ -5808,21 +6214,19 @@ spec: role: activator template: metadata: - annotations: - cluster-autoscaler.kubernetes.io/safe-to-evict: "false" labels: app: activator role: activator app.kubernetes.io/component: activator app.kubernetes.io/name: knative-serving - app.kubernetes.io/version: "1.8.6" + app.kubernetes.io/version: "1.12.0" spec: - serviceAccountName: controller + serviceAccountName: activator containers: - name: activator # This is the Go import path for the binary that is containerized # and substituted here. - image: gcr.io/knative-releases/knative.dev/serving/cmd/activator@sha256:920366eb0cbc9bab5c0ee21bc3086e8432a4f1a858a23c09a66cab00e566af1e + image: gcr.io/knative-releases/knative.dev/serving/cmd/activator@sha256:d54c43aeac6a22464bc9e3e9e131397daace467278965e94e3651b56c5fab71b # The numbers are based on performance test results from # https://github.com/knative/serving/issues/1625#issuecomment-511930023 resources: @@ -5907,7 +6311,7 @@ metadata: labels: app: activator app.kubernetes.io/component: activator - app.kubernetes.io/version: "1.8.6" + app.kubernetes.io/version: "1.12.0" app.kubernetes.io/name: knative-serving spec: selector: @@ -5954,7 +6358,7 @@ metadata: labels: app.kubernetes.io/component: autoscaler app.kubernetes.io/name: knative-serving - app.kubernetes.io/version: "1.8.6" + app.kubernetes.io/version: "1.12.0" spec: replicas: 1 selector: @@ -5966,13 +6370,11 @@ spec: maxUnavailable: 0 template: metadata: - annotations: - cluster-autoscaler.kubernetes.io/safe-to-evict: "false" labels: app: autoscaler app.kubernetes.io/component: autoscaler app.kubernetes.io/name: knative-serving - app.kubernetes.io/version: "1.8.6" + app.kubernetes.io/version: "1.12.0" spec: # To avoid node becoming SPOF, spread our replicas to different nodes. affinity: @@ -5989,7 +6391,7 @@ spec: - name: autoscaler # This is the Go import path for the binary that is containerized # and substituted here. - image: gcr.io/knative-releases/knative.dev/serving/cmd/autoscaler@sha256:022e057849f8f9d246bfb0cb6b78be8a9d6d4bbc5dbedf853097180f3ef74ef4 + image: gcr.io/knative-releases/knative.dev/serving/cmd/autoscaler@sha256:348d8d1bf9684150815265ac335d5ae137f2de0b3e1a5313ea08f80c4a6841f4 resources: requests: cpu: 100m @@ -6054,7 +6456,7 @@ metadata: app: autoscaler app.kubernetes.io/component: autoscaler app.kubernetes.io/name: knative-serving - app.kubernetes.io/version: "1.8.6" + app.kubernetes.io/version: "1.12.0" name: autoscaler namespace: knative-serving spec: @@ -6095,20 +6497,18 @@ metadata: labels: app.kubernetes.io/component: controller app.kubernetes.io/name: knative-serving - app.kubernetes.io/version: "1.8.6" + app.kubernetes.io/version: "1.12.0" spec: selector: matchLabels: app: controller template: metadata: - annotations: - cluster-autoscaler.kubernetes.io/safe-to-evict: "true" labels: app: controller app.kubernetes.io/component: controller app.kubernetes.io/name: knative-serving - app.kubernetes.io/version: "1.8.6" + app.kubernetes.io/version: "1.12.0" spec: # To avoid node becoming SPOF, spread our replicas to different nodes. affinity: @@ -6125,7 +6525,7 @@ spec: - name: controller # This is the Go import path for the binary that is containerized # and substituted here. - image: gcr.io/knative-releases/knative.dev/serving/cmd/controller@sha256:c2a0254bf1fe82ec51d9e8b0d733f9e398551da419b19acbac113d0d31ba63cb + image: gcr.io/knative-releases/knative.dev/serving/cmd/controller@sha256:858415fc0b769fc450407a806036051cbb0f3dcbf19062572bcc0c5a454d0de4 resources: requests: cpu: 100m @@ -6158,11 +6558,27 @@ spec: - ALL seccompProfile: type: RuntimeDefault + livenessProbe: + httpGet: + path: /health + port: probes + scheme: HTTP + periodSeconds: 5 + failureThreshold: 6 + readinessProbe: + httpGet: + path: /readiness + port: probes + scheme: HTTP + periodSeconds: 5 + failureThreshold: 3 ports: - name: metrics containerPort: 9090 - name: profiling containerPort: 8008 + - name: probes + containerPort: 8080 --- apiVersion: v1 kind: Service @@ -6171,7 +6587,7 @@ metadata: app: controller app.kubernetes.io/component: controller app.kubernetes.io/name: knative-serving - app.kubernetes.io/version: "1.8.6" + app.kubernetes.io/version: "1.12.0" name: controller namespace: knative-serving spec: @@ -6201,238 +6617,6 @@ spec: # See the License for the specific language governing permissions and # limitations under the License. -apiVersion: apps/v1 -kind: Deployment -metadata: - name: domain-mapping - namespace: knative-serving - labels: - app.kubernetes.io/component: domain-mapping - app.kubernetes.io/name: knative-serving - app.kubernetes.io/version: "1.8.6" -spec: - selector: - matchLabels: - app: domain-mapping - template: - metadata: - annotations: - cluster-autoscaler.kubernetes.io/safe-to-evict: "true" - labels: - app: domain-mapping - app.kubernetes.io/component: domain-mapping - app.kubernetes.io/name: knative-serving - app.kubernetes.io/version: "1.8.6" - spec: - # To avoid node becoming SPOF, spread our replicas to different nodes. - affinity: - podAntiAffinity: - preferredDuringSchedulingIgnoredDuringExecution: - - podAffinityTerm: - labelSelector: - matchLabels: - app: domain-mapping - topologyKey: kubernetes.io/hostname - weight: 100 - serviceAccountName: controller - containers: - - name: domain-mapping - # This is the Go import path for the binary that is containerized - # and substituted here. - image: gcr.io/knative-releases/knative.dev/serving/cmd/domain-mapping@sha256:258e01d90106668a8472de04b944791a239c7add42315912dcbb356e1f172f67 - resources: - requests: - cpu: 30m - memory: 40Mi - limits: - cpu: 300m - memory: 400Mi - env: - - name: SYSTEM_NAMESPACE - valueFrom: - fieldRef: - fieldPath: metadata.namespace - - name: CONFIG_LOGGING_NAME - value: config-logging - - name: CONFIG_OBSERVABILITY_NAME - value: config-observability - # TODO(https://github.com/knative/pkg/pull/953): Remove stackdriver specific config - - name: METRICS_DOMAIN - value: knative.dev/serving - securityContext: - allowPrivilegeEscalation: false - readOnlyRootFilesystem: true - runAsNonRoot: true - capabilities: - drop: - - ALL - seccompProfile: - type: RuntimeDefault - ports: - - name: metrics - containerPort: 9090 - - name: profiling - containerPort: 8008 - ---- -# Copyright 2020 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: apps/v1 -kind: Deployment -metadata: - name: domainmapping-webhook - namespace: knative-serving - labels: - app.kubernetes.io/component: domain-mapping - app.kubernetes.io/name: knative-serving - app.kubernetes.io/version: "1.8.6" -spec: - selector: - matchLabels: - app: domainmapping-webhook - role: domainmapping-webhook - template: - metadata: - annotations: - cluster-autoscaler.kubernetes.io/safe-to-evict: "false" - labels: - app: domainmapping-webhook - role: domainmapping-webhook - app.kubernetes.io/component: domain-mapping - app.kubernetes.io/name: knative-serving - app.kubernetes.io/version: "1.8.6" - spec: - # To avoid node becoming SPOF, spread our replicas to different nodes. - affinity: - podAntiAffinity: - preferredDuringSchedulingIgnoredDuringExecution: - - podAffinityTerm: - labelSelector: - matchLabels: - app: domainmapping-webhook - topologyKey: kubernetes.io/hostname - weight: 100 - serviceAccountName: controller - containers: - - name: domainmapping-webhook - # This is the Go import path for the binary that is containerized - # and substituted here. - image: gcr.io/knative-releases/knative.dev/serving/cmd/domain-mapping-webhook@sha256:b28dd27db82922d3dc2fec61fff777925a8a830e0505ebe015b851650df57d48 - resources: - requests: - cpu: 100m - memory: 100Mi - limits: - cpu: 500m - memory: 500Mi - env: - - name: POD_NAME - valueFrom: - fieldRef: - fieldPath: metadata.name - - name: SYSTEM_NAMESPACE - valueFrom: - fieldRef: - fieldPath: metadata.namespace - - name: CONFIG_LOGGING_NAME - value: config-logging - - name: CONFIG_OBSERVABILITY_NAME - value: config-observability - - name: WEBHOOK_PORT - value: "8443" - # TODO(https://github.com/knative/pkg/pull/953): Remove stackdriver specific config - - name: METRICS_DOMAIN - value: knative.dev/serving - securityContext: - allowPrivilegeEscalation: false - readOnlyRootFilesystem: true - runAsNonRoot: true - capabilities: - drop: - - ALL - seccompProfile: - type: RuntimeDefault - ports: - - name: metrics - containerPort: 9090 - - name: profiling - containerPort: 8008 - - name: https-webhook - containerPort: 8443 - readinessProbe: - periodSeconds: 1 - httpGet: - scheme: HTTPS - port: 8443 - httpHeaders: - - name: k-kubelet-probe - value: "webhook" - livenessProbe: - periodSeconds: 1 - httpGet: - scheme: HTTPS - port: 8443 - httpHeaders: - - name: k-kubelet-probe - value: "webhook" - failureThreshold: 6 - initialDelaySeconds: 20 - # Our webhook should gracefully terminate by lame ducking first, set this to a sufficiently - # high value that we respect whatever value it has configured for the lame duck grace period. - terminationGracePeriodSeconds: 300 ---- -apiVersion: v1 -kind: Service -metadata: - labels: - role: domainmapping-webhook - app.kubernetes.io/component: domain-mapping - app.kubernetes.io/name: knative-serving - app.kubernetes.io/version: "1.8.6" - name: domainmapping-webhook - namespace: knative-serving -spec: - ports: - # Define metrics and profiling for them to be accessible within service meshes. - - name: http-metrics - port: 9090 - targetPort: 9090 - - name: http-profiling - port: 8008 - targetPort: 8008 - - name: https-webhook - port: 443 - targetPort: 8443 - selector: - role: domainmapping-webhook - ---- -# Copyright 2020 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - apiVersion: autoscaling/v2 kind: HorizontalPodAutoscaler metadata: @@ -6441,7 +6625,7 @@ metadata: labels: app.kubernetes.io/component: webhook app.kubernetes.io/name: knative-serving - app.kubernetes.io/version: "1.8.6" + app.kubernetes.io/version: "1.12.0" spec: minReplicas: 1 maxReplicas: 5 @@ -6467,7 +6651,7 @@ metadata: labels: app.kubernetes.io/component: webhook app.kubernetes.io/name: knative-serving - app.kubernetes.io/version: "1.8.6" + app.kubernetes.io/version: "1.12.0" spec: minAvailable: 80% selector: @@ -6496,7 +6680,7 @@ metadata: namespace: knative-serving labels: app.kubernetes.io/component: webhook - app.kubernetes.io/version: "1.8.6" + app.kubernetes.io/version: "1.12.0" app.kubernetes.io/name: knative-serving spec: selector: @@ -6505,12 +6689,11 @@ spec: role: webhook template: metadata: - annotations: - cluster-autoscaler.kubernetes.io/safe-to-evict: "false" labels: app: webhook role: webhook - app.kubernetes.io/version: "1.8.6" + app.kubernetes.io/component: webhook + app.kubernetes.io/version: "1.12.0" app.kubernetes.io/name: knative-serving spec: # To avoid node becoming SPOF, spread our replicas to different nodes. @@ -6528,7 +6711,7 @@ spec: - name: webhook # This is the Go import path for the binary that is containerized # and substituted here. - image: gcr.io/knative-releases/knative.dev/serving/cmd/webhook@sha256:93f57d11953ccbb4279cd0e031e5ed1e219f9bad328a2b9209493c4e153b6bb7 + image: gcr.io/knative-releases/knative.dev/serving/cmd/webhook@sha256:1a87934978e46ac11508d561458d25bec82a80b27b87e7114922defb189b5588 resources: requests: cpu: 100m @@ -6598,9 +6781,10 @@ apiVersion: v1 kind: Service metadata: labels: + app: webhook role: webhook app.kubernetes.io/component: webhook - app.kubernetes.io/version: "1.8.6" + app.kubernetes.io/version: "1.12.0" app.kubernetes.io/name: knative-serving name: webhook namespace: knative-serving @@ -6617,6 +6801,7 @@ spec: port: 443 targetPort: 8443 selector: + app: webhook role: webhook --- @@ -6641,7 +6826,7 @@ metadata: labels: app.kubernetes.io/component: webhook app.kubernetes.io/name: knative-serving - app.kubernetes.io/version: "1.8.6" + app.kubernetes.io/version: "1.12.0" webhooks: - admissionReviewVersions: ["v1", "v1beta1"] clientConfig: @@ -6683,7 +6868,7 @@ metadata: labels: app.kubernetes.io/component: webhook app.kubernetes.io/name: knative-serving - app.kubernetes.io/version: "1.8.6" + app.kubernetes.io/version: "1.12.0" webhooks: - admissionReviewVersions: ["v1", "v1beta1"] clientConfig: @@ -6715,123 +6900,6 @@ webhooks: - revisions - routes - services - ---- -# Copyright 2020 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: admissionregistration.k8s.io/v1 -kind: MutatingWebhookConfiguration -metadata: - name: webhook.domainmapping.serving.knative.dev - labels: - app.kubernetes.io/component: domain-mapping - app.kubernetes.io/name: knative-serving - app.kubernetes.io/version: "1.8.6" -webhooks: - - admissionReviewVersions: ["v1", "v1beta1"] - clientConfig: - service: - name: domainmapping-webhook - namespace: knative-serving - failurePolicy: Fail - sideEffects: None - name: webhook.domainmapping.serving.knative.dev - timeoutSeconds: 10 - rules: - - apiGroups: - - serving.knative.dev - apiVersions: - - "*" - operations: - - CREATE - - UPDATE - scope: "*" - resources: - - domainmappings - - domainmappings/status - ---- -# Copyright 2020 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: v1 -kind: Secret -metadata: - name: domainmapping-webhook-certs - namespace: knative-serving - labels: - app.kubernetes.io/component: domain-mapping - app.kubernetes.io/name: knative-serving - app.kubernetes.io/version: "1.8.6" -# The data is populated at install time. - ---- -# Copyright 2020 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: admissionregistration.k8s.io/v1 -kind: ValidatingWebhookConfiguration -metadata: - name: validation.webhook.domainmapping.serving.knative.dev - labels: - app.kubernetes.io/component: domain-mapping - app.kubernetes.io/name: knative-serving - app.kubernetes.io/version: "1.8.6" -webhooks: - - admissionReviewVersions: ["v1", "v1beta1"] - clientConfig: - service: - name: domainmapping-webhook - namespace: knative-serving - failurePolicy: Fail - sideEffects: None - name: validation.webhook.domainmapping.serving.knative.dev - timeoutSeconds: 10 - rules: - - apiGroups: - - serving.knative.dev - apiVersions: - - "*" - operations: - - CREATE - - UPDATE - - DELETE - scope: "*" - resources: - domainmappings - domainmappings/status @@ -6857,7 +6925,7 @@ metadata: labels: app.kubernetes.io/component: webhook app.kubernetes.io/name: knative-serving - app.kubernetes.io/version: "1.8.6" + app.kubernetes.io/version: "1.12.0" webhooks: - admissionReviewVersions: ["v1", "v1beta1"] clientConfig: @@ -6890,6 +6958,8 @@ webhooks: - revisions - routes - services + - domainmappings + - domainmappings/status --- # Copyright 2020 The Knative Authors @@ -6914,7 +6984,7 @@ metadata: labels: app.kubernetes.io/component: webhook app.kubernetes.io/name: knative-serving - app.kubernetes.io/version: "1.8.6" + app.kubernetes.io/version: "1.12.0" # The data is populated at install time. --- diff --git a/cmd/operator/kodata/knative-serving/1.8.0/3-serving-hpa.yaml b/cmd/operator/kodata/knative-serving/1.12.0/3-serving-hpa.yaml similarity index 83% rename from cmd/operator/kodata/knative-serving/1.8.0/3-serving-hpa.yaml rename to cmd/operator/kodata/knative-serving/1.12.0/3-serving-hpa.yaml index af3aa507cd..6f34fbd03d 100644 --- a/cmd/operator/kodata/knative-serving/1.8.0/3-serving-hpa.yaml +++ b/cmd/operator/kodata/knative-serving/1.12.0/3-serving-hpa.yaml @@ -21,20 +21,18 @@ metadata: autoscaling.knative.dev/autoscaler-provider: hpa app.kubernetes.io/component: autoscaler-hpa app.kubernetes.io/name: knative-serving - app.kubernetes.io/version: "1.8.0" + app.kubernetes.io/version: "1.12.0" spec: selector: matchLabels: app: autoscaler-hpa template: metadata: - annotations: - cluster-autoscaler.kubernetes.io/safe-to-evict: "true" labels: app: autoscaler-hpa app.kubernetes.io/component: autoscaler-hpa app.kubernetes.io/name: knative-serving - app.kubernetes.io/version: "1.8.0" + app.kubernetes.io/version: "1.12.0" spec: # To avoid node becoming SPOF, spread our replicas to different nodes. affinity: @@ -51,7 +49,7 @@ spec: - name: autoscaler-hpa # This is the Go import path for the binary that is containerized # and substituted here. - image: gcr.io/knative-releases/knative.dev/serving/cmd/autoscaler-hpa@sha256:7003443f0faabbaca12249aa16b73fa171bddf350abd826dd93b06f5080a146d + image: gcr.io/knative-releases/knative.dev/serving/cmd/autoscaler-hpa@sha256:03466e3b78f2ae45ed905b7eaaac73c6365967462d27d0098a3b12b18ab11bd9 resources: requests: cpu: 30m @@ -80,11 +78,27 @@ spec: - ALL seccompProfile: type: RuntimeDefault + livenessProbe: + httpGet: + path: /health + port: probes + scheme: HTTP + periodSeconds: 5 + failureThreshold: 5 + readinessProbe: + httpGet: + path: /readiness + port: probes + scheme: HTTP + periodSeconds: 5 + failureThreshold: 5 ports: - name: metrics containerPort: 9090 - name: profiling containerPort: 8008 + - name: probes + containerPort: 8080 --- apiVersion: v1 kind: Service @@ -94,7 +108,7 @@ metadata: autoscaling.knative.dev/autoscaler-provider: hpa app.kubernetes.io/component: autoscaler-hpa app.kubernetes.io/name: knative-serving - app.kubernetes.io/version: "1.8.0" + app.kubernetes.io/version: "1.12.0" name: autoscaler-hpa namespace: knative-serving spec: diff --git a/cmd/operator/kodata/knative-serving/1.8.2/4-serving-post-install-jobs.yaml b/cmd/operator/kodata/knative-serving/1.12.0/4-serving-post-install-jobs.yaml similarity index 87% rename from cmd/operator/kodata/knative-serving/1.8.2/4-serving-post-install-jobs.yaml rename to cmd/operator/kodata/knative-serving/1.12.0/4-serving-post-install-jobs.yaml index 05ac9c018c..952e374908 100644 --- a/cmd/operator/kodata/knative-serving/1.8.2/4-serving-post-install-jobs.yaml +++ b/cmd/operator/kodata/knative-serving/1.12.0/4-serving-post-install-jobs.yaml @@ -1,6 +1,6 @@ --- -# /tmp/knative.SpZj6gsS/tmp.AKTq8CPOXF/serving-storage-version-migration.yaml +# /tmp/knative.EfRimX7j/tmp.PlBmGyrKQY/serving-storage-version-migration.yaml # Copyright 2020 The Knative Authors # # Licensed under the Apache License, Version 2.0 (the "License"); @@ -24,7 +24,7 @@ metadata: app: storage-version-migration-serving app.kubernetes.io/name: knative-serving app.kubernetes.io/component: storage-version-migration-job - app.kubernetes.io/version: "1.8.2" + app.kubernetes.io/version: "1.12.0" spec: ttlSecondsAfterFinished: 600 backoffLimit: 10 @@ -36,7 +36,7 @@ spec: app: storage-version-migration-serving app.kubernetes.io/name: knative-serving app.kubernetes.io/component: storage-version-migration-job - app.kubernetes.io/version: "1.8.2" + app.kubernetes.io/version: "1.12.0" spec: serviceAccountName: controller restartPolicy: OnFailure @@ -44,12 +44,13 @@ spec: - name: migrate # This is the Go import path for the binary that is containerized # and substituted here. - image: gcr.io/knative-releases/knative.dev/pkg/apiextensions/storageversion/cmd/migrate@sha256:b6a9bb1c500669410d1ec2fef88af0de011375e619c335973a2894f109135858 + image: gcr.io/knative-releases/knative.dev/pkg/apiextensions/storageversion/cmd/migrate@sha256:5b8e6519a1a7f14555bbdf33f7621883624bf9aaad940c88319258a949274d18 args: - "services.serving.knative.dev" - "configurations.serving.knative.dev" - "revisions.serving.knative.dev" - "routes.serving.knative.dev" + - "domainmappings.serving.knative.dev" resources: requests: cpu: 100m diff --git a/cmd/operator/kodata/knative-serving/1.8.0/1-serving-crds.yaml b/cmd/operator/kodata/knative-serving/1.8.0/1-serving-crds.yaml deleted file mode 100644 index b3c517bebc..0000000000 --- a/cmd/operator/kodata/knative-serving/1.8.0/1-serving-crds.yaml +++ /dev/null @@ -1,4032 +0,0 @@ -# Copyright 2020 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - name: certificates.networking.internal.knative.dev - labels: - app.kubernetes.io/name: knative-serving - app.kubernetes.io/component: networking - app.kubernetes.io/version: "1.8.0" - knative.dev/crd-install: "true" -spec: - group: networking.internal.knative.dev - versions: - - name: v1alpha1 - served: true - storage: true - subresources: - status: {} - schema: - openAPIV3Schema: - description: Certificate is responsible for provisioning a SSL certificate for the given hosts. It is a Knative abstraction for various SSL certificate provisioning solutions (such as cert-manager or self-signed SSL certificate). - type: object - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - description: 'Spec is the desired state of the Certificate. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status' - type: object - required: - - dnsNames - - secretName - properties: - dnsNames: - description: DNSNames is a list of DNS names the Certificate could support. The wildcard format of DNSNames (e.g. *.default.example.com) is supported. - type: array - items: - type: string - secretName: - description: SecretName is the name of the secret resource to store the SSL certificate in. - type: string - status: - description: 'Status is the current state of the Certificate. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status' - type: object - properties: - annotations: - description: Annotations is additional Status fields for the Resource to save some additional State as well as convey more information to the user. This is roughly akin to Annotations on any k8s resource, just the reconciler conveying richer information outwards. - type: object - additionalProperties: - type: string - conditions: - description: Conditions the latest available observations of a resource's current state. - type: array - items: - description: 'Condition defines a readiness condition for a Knative resource. See: https://github.com/kubernetes/community/blob/master/contributors/devel/sig-architecture/api-conventions.md#typical-status-properties' - type: object - required: - - status - - type - properties: - lastTransitionTime: - description: LastTransitionTime is the last time the condition transitioned from one status to another. We use VolatileTime in place of metav1.Time to exclude this from creating equality.Semantic differences (all other things held constant). - type: string - message: - description: A human readable message indicating details about the transition. - type: string - reason: - description: The reason for the condition's last transition. - type: string - severity: - description: Severity with which to treat failures of this type of condition. When this is not specified, it defaults to Error. - type: string - status: - description: Status of the condition, one of True, False, Unknown. - type: string - type: - description: Type of condition. - type: string - http01Challenges: - description: HTTP01Challenges is a list of HTTP01 challenges that need to be fulfilled in order to get the TLS certificate.. - type: array - items: - description: HTTP01Challenge defines the status of a HTTP01 challenge that a certificate needs to fulfill. - type: object - properties: - serviceName: - description: ServiceName is the name of the service to serve HTTP01 challenge requests. - type: string - serviceNamespace: - description: ServiceNamespace is the namespace of the service to serve HTTP01 challenge requests. - type: string - servicePort: - description: ServicePort is the port of the service to serve HTTP01 challenge requests. - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - url: - description: URL is the URL that the HTTP01 challenge is expected to serve on. - type: string - notAfter: - description: The expiration time of the TLS certificate stored in the secret named by this resource in spec.secretName. - type: string - format: date-time - observedGeneration: - description: ObservedGeneration is the 'Generation' of the Service that was last processed by the controller. - type: integer - format: int64 - additionalPrinterColumns: - - name: Ready - type: string - jsonPath: ".status.conditions[?(@.type==\"Ready\")].status" - - name: Reason - type: string - jsonPath: ".status.conditions[?(@.type==\"Ready\")].reason" - names: - kind: Certificate - plural: certificates - singular: certificate - categories: - - knative-internal - - networking - shortNames: - - kcert - scope: Namespaced - ---- -# Copyright 2019 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -# Note: The schema part of the spec is auto-generated by hack/update-schemas.sh. - -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - name: configurations.serving.knative.dev - labels: - app.kubernetes.io/name: knative-serving - app.kubernetes.io/version: "1.8.0" - knative.dev/crd-install: "true" - duck.knative.dev/podspecable: "true" -spec: - group: serving.knative.dev - names: - kind: Configuration - plural: configurations - singular: configuration - categories: - - all - - knative - - serving - shortNames: - - config - - cfg - scope: Namespaced - versions: - - name: v1 - served: true - storage: true - subresources: - status: {} - additionalPrinterColumns: - - name: LatestCreated - type: string - jsonPath: .status.latestCreatedRevisionName - - name: LatestReady - type: string - jsonPath: .status.latestReadyRevisionName - - name: Ready - type: string - jsonPath: ".status.conditions[?(@.type=='Ready')].status" - - name: Reason - type: string - jsonPath: ".status.conditions[?(@.type=='Ready')].reason" - schema: - openAPIV3Schema: - description: 'Configuration represents the "floating HEAD" of a linear history of Revisions. Users create new Revisions by updating the Configuration''s spec. The "latest created" revision''s name is available under status, as is the "latest ready" revision''s name. See also: https://github.com/knative/serving/blob/main/docs/spec/overview.md#configuration' - type: object - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - description: ConfigurationSpec holds the desired state of the Configuration (from the client). - type: object - properties: - template: - description: Template holds the latest specification for the Revision to be stamped out. - type: object - properties: - metadata: - type: object - properties: - annotations: - type: object - additionalProperties: - type: string - finalizers: - type: array - items: - type: string - labels: - type: object - additionalProperties: - type: string - name: - type: string - namespace: - type: string - x-kubernetes-preserve-unknown-fields: true - spec: - description: RevisionSpec holds the desired state of the Revision (from the client). - type: object - required: - - containers - properties: - affinity: - description: This is accessible behind a feature flag - kubernetes.podspec-affinity - type: object - x-kubernetes-preserve-unknown-fields: true - automountServiceAccountToken: - description: AutomountServiceAccountToken indicates whether a service account token should be automatically mounted. - type: boolean - containerConcurrency: - description: ContainerConcurrency specifies the maximum allowed in-flight (concurrent) requests per container of the Revision. Defaults to `0` which means concurrency to the application is not limited, and the system decides the target concurrency for the autoscaler. - type: integer - format: int64 - containers: - description: List of containers belonging to the pod. Containers cannot currently be added or removed. There must be at least one container in a Pod. Cannot be updated. - type: array - items: - description: A single application container that you want to run within a pod. - type: object - properties: - args: - description: 'Arguments to the entrypoint. The container image''s CMD is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container''s environment. If a variable cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)" will produce the string literal "$(VAR_NAME)". Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell' - type: array - items: - type: string - command: - description: 'Entrypoint array. Not executed within a shell. The container image''s ENTRYPOINT is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container''s environment. If a variable cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)" will produce the string literal "$(VAR_NAME)". Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell' - type: array - items: - type: string - env: - description: List of environment variables to set in the container. Cannot be updated. - type: array - items: - description: EnvVar represents an environment variable present in a Container. - type: object - required: - - name - properties: - name: - description: Name of the environment variable. Must be a C_IDENTIFIER. - type: string - value: - description: 'Variable references $(VAR_NAME) are expanded using the previously defined environment variables in the container and any service environment variables. If a variable cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)" will produce the string literal "$(VAR_NAME)". Escaped references will never be expanded, regardless of whether the variable exists or not. Defaults to "".' - type: string - valueFrom: - description: Source for the environment variable's value. Cannot be used if value is not empty. - type: object - properties: - configMapKeyRef: - description: Selects a key of a ConfigMap. - type: object - required: - - key - properties: - key: - description: The key to select. - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?' - type: string - optional: - description: Specify whether the ConfigMap or its key must be defined - type: boolean - x-kubernetes-map-type: atomic - fieldRef: - description: This is accessible behind a feature flag - kubernetes.podspec-fieldref - type: object - x-kubernetes-preserve-unknown-fields: true - x-kubernetes-map-type: atomic - resourceFieldRef: - description: This is accessible behind a feature flag - kubernetes.podspec-fieldref - type: object - x-kubernetes-preserve-unknown-fields: true - x-kubernetes-map-type: atomic - secretKeyRef: - description: Selects a key of a secret in the pod's namespace - type: object - required: - - key - properties: - key: - description: The key of the secret to select from. Must be a valid secret key. - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?' - type: string - optional: - description: Specify whether the Secret or its key must be defined - type: boolean - x-kubernetes-map-type: atomic - envFrom: - description: List of sources to populate environment variables in the container. The keys defined within a source must be a C_IDENTIFIER. All invalid keys will be reported as an event when the container is starting. When a key exists in multiple sources, the value associated with the last source will take precedence. Values defined by an Env with a duplicate key will take precedence. Cannot be updated. - type: array - items: - description: EnvFromSource represents the source of a set of ConfigMaps - type: object - properties: - configMapRef: - description: The ConfigMap to select from - type: object - properties: - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?' - type: string - optional: - description: Specify whether the ConfigMap must be defined - type: boolean - x-kubernetes-map-type: atomic - prefix: - description: An optional identifier to prepend to each key in the ConfigMap. Must be a C_IDENTIFIER. - type: string - secretRef: - description: The Secret to select from - type: object - properties: - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?' - type: string - optional: - description: Specify whether the Secret must be defined - type: boolean - x-kubernetes-map-type: atomic - image: - description: 'Container image name. More info: https://kubernetes.io/docs/concepts/containers/images This field is optional to allow higher level config management to default or override container images in workload controllers like Deployments and StatefulSets.' - type: string - imagePullPolicy: - description: 'Image pull policy. One of Always, Never, IfNotPresent. Defaults to Always if :latest tag is specified, or IfNotPresent otherwise. Cannot be updated. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images' - type: string - livenessProbe: - description: 'Periodic probe of container liveness. Container will be restarted if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' - type: object - properties: - exec: - description: Exec specifies the action to take. - type: object - properties: - command: - description: Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. - type: array - items: - type: string - failureThreshold: - description: Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1. - type: integer - format: int32 - httpGet: - description: HTTPGet specifies the http request to perform. - type: object - properties: - host: - description: Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. - type: string - httpHeaders: - description: Custom headers to set in the request. HTTP allows repeated headers. - type: array - items: - description: HTTPHeader describes a custom header to be used in HTTP probes - type: object - required: - - name - - value - properties: - name: - description: The header field name - type: string - value: - description: The header field value - type: string - path: - description: Path to access on the HTTP server. - type: string - port: - description: Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - scheme: - description: Scheme to use for connecting to the host. Defaults to HTTP. - type: string - initialDelaySeconds: - description: 'Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' - type: integer - format: int32 - periodSeconds: - description: How often (in seconds) to perform the probe. - type: integer - format: int32 - successThreshold: - description: Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1. - type: integer - format: int32 - tcpSocket: - description: TCPSocket specifies an action involving a TCP port. - type: object - properties: - host: - description: 'Optional: Host name to connect to, defaults to the pod IP.' - type: string - port: - description: Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - timeoutSeconds: - description: 'Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' - type: integer - format: int32 - name: - description: Name of the container specified as a DNS_LABEL. Each container in a pod must have a unique name (DNS_LABEL). Cannot be updated. - type: string - ports: - description: List of ports to expose from the container. Not specifying a port here DOES NOT prevent that port from being exposed. Any port which is listening on the default "0.0.0.0" address inside a container will be accessible from the network. Modifying this array with strategic merge patch may corrupt the data. For more information See https://github.com/kubernetes/kubernetes/issues/108255. Cannot be updated. - type: array - items: - description: ContainerPort represents a network port in a single container. - type: object - required: - - containerPort - properties: - containerPort: - description: Number of port to expose on the pod's IP address. This must be a valid port number, 0 < x < 65536. - type: integer - format: int32 - name: - description: If specified, this must be an IANA_SVC_NAME and unique within the pod. Each named port in a pod must have a unique name. Name for the port that can be referred to by services. - type: string - protocol: - description: Protocol for port. Must be UDP, TCP, or SCTP. Defaults to "TCP". - type: string - default: TCP - x-kubernetes-list-map-keys: - - containerPort - - protocol - x-kubernetes-list-type: map - readinessProbe: - description: 'Periodic probe of container service readiness. Container will be removed from service endpoints if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' - type: object - properties: - exec: - description: Exec specifies the action to take. - type: object - properties: - command: - description: Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. - type: array - items: - type: string - failureThreshold: - description: Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1. - type: integer - format: int32 - httpGet: - description: HTTPGet specifies the http request to perform. - type: object - properties: - host: - description: Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. - type: string - httpHeaders: - description: Custom headers to set in the request. HTTP allows repeated headers. - type: array - items: - description: HTTPHeader describes a custom header to be used in HTTP probes - type: object - required: - - name - - value - properties: - name: - description: The header field name - type: string - value: - description: The header field value - type: string - path: - description: Path to access on the HTTP server. - type: string - port: - description: Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - scheme: - description: Scheme to use for connecting to the host. Defaults to HTTP. - type: string - initialDelaySeconds: - description: 'Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' - type: integer - format: int32 - periodSeconds: - description: How often (in seconds) to perform the probe. - type: integer - format: int32 - successThreshold: - description: Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1. - type: integer - format: int32 - tcpSocket: - description: TCPSocket specifies an action involving a TCP port. - type: object - properties: - host: - description: 'Optional: Host name to connect to, defaults to the pod IP.' - type: string - port: - description: Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - timeoutSeconds: - description: 'Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' - type: integer - format: int32 - resources: - description: 'Compute Resources required by this container. Cannot be updated. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' - type: object - properties: - limits: - description: 'Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' - type: object - additionalProperties: - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - requests: - description: 'Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' - type: object - additionalProperties: - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - securityContext: - description: 'SecurityContext defines the security options the container should be run with. If set, the fields of SecurityContext override the equivalent fields of PodSecurityContext. More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/' - type: object - properties: - allowPrivilegeEscalation: - description: 'AllowPrivilegeEscalation controls whether a process can gain more privileges than its parent process. This bool directly controls if the no_new_privs flag will be set on the container process. AllowPrivilegeEscalation is true always when the container is: 1) run as Privileged 2) has CAP_SYS_ADMIN Note that this field cannot be set when spec.os.name is windows.' - type: boolean - capabilities: - description: The capabilities to add/drop when running containers. Defaults to the default set of capabilities granted by the container runtime. Note that this field cannot be set when spec.os.name is windows. - type: object - properties: - add: - description: This is accessible behind a feature flag - kubernetes.containerspec-addcapabilities - type: array - items: - description: Capability represent POSIX capabilities type - type: string - drop: - description: Removed capabilities - type: array - items: - description: Capability represent POSIX capabilities type - type: string - readOnlyRootFilesystem: - description: Whether this container has a read-only root filesystem. Default is false. Note that this field cannot be set when spec.os.name is windows. - type: boolean - runAsGroup: - description: The GID to run the entrypoint of the container process. Uses runtime default if unset. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is windows. - type: integer - format: int64 - runAsNonRoot: - description: Indicates that the container must run as a non-root user. If true, the Kubelet will validate the image at runtime to ensure that it does not run as UID 0 (root) and fail to start the container if it does. If unset or false, no such validation will be performed. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. - type: boolean - runAsUser: - description: The UID to run the entrypoint of the container process. Defaults to user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is windows. - type: integer - format: int64 - terminationMessagePath: - description: 'Optional: Path at which the file to which the container''s termination message will be written is mounted into the container''s filesystem. Message written is intended to be brief final status, such as an assertion failure message. Will be truncated by the node if greater than 4096 bytes. The total message length across all containers will be limited to 12kb. Defaults to /dev/termination-log. Cannot be updated.' - type: string - terminationMessagePolicy: - description: Indicate how the termination message should be populated. File will use the contents of terminationMessagePath to populate the container status message on both success and failure. FallbackToLogsOnError will use the last chunk of container log output if the termination message file is empty and the container exited with an error. The log output is limited to 2048 bytes or 80 lines, whichever is smaller. Defaults to File. Cannot be updated. - type: string - volumeMounts: - description: Pod volumes to mount into the container's filesystem. Cannot be updated. - type: array - items: - description: VolumeMount describes a mounting of a Volume within a container. - type: object - required: - - mountPath - - name - properties: - mountPath: - description: Path within the container at which the volume should be mounted. Must not contain ':'. - type: string - name: - description: This must match the Name of a Volume. - type: string - readOnly: - description: Mounted read-only if true, read-write otherwise (false or unspecified). Defaults to false. - type: boolean - subPath: - description: Path within the volume from which the container's volume should be mounted. Defaults to "" (volume's root). - type: string - workingDir: - description: Container's working directory. If not specified, the container runtime's default will be used, which might be configured in the container image. Cannot be updated. - type: string - dnsConfig: - description: This is accessible behind a feature flag - kubernetes.podspec-dnsconfig - type: object - x-kubernetes-preserve-unknown-fields: true - dnsPolicy: - description: This is accessible behind a feature flag - kubernetes.podspec-dnspolicy - type: string - enableServiceLinks: - description: 'EnableServiceLinks indicates whether information about services should be injected into pod''s environment variables, matching the syntax of Docker links. Optional: Knative defaults this to false.' - type: boolean - hostAliases: - description: This is accessible behind a feature flag - kubernetes.podspec-hostaliases - type: array - items: - description: This is accessible behind a feature flag - kubernetes.podspec-hostaliases - type: object - x-kubernetes-preserve-unknown-fields: true - idleTimeoutSeconds: - description: IdleTimeoutSeconds is the maximum duration in seconds a request will be allowed to stay open while not receiving any bytes from the user's application. If unspecified, a system default will be provided. - type: integer - format: int64 - imagePullSecrets: - description: 'ImagePullSecrets is an optional list of references to secrets in the same namespace to use for pulling any of the images used by this PodSpec. If specified, these secrets will be passed to individual puller implementations for them to use. More info: https://kubernetes.io/docs/concepts/containers/images#specifying-imagepullsecrets-on-a-pod' - type: array - items: - description: LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. - type: object - properties: - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?' - type: string - x-kubernetes-map-type: atomic - initContainers: - description: 'List of initialization containers belonging to the pod. Init containers are executed in order prior to containers being started. If any init container fails, the pod is considered to have failed and is handled according to its restartPolicy. The name for an init container or normal container must be unique among all containers. Init containers may not have Lifecycle actions, Readiness probes, Liveness probes, or Startup probes. The resourceRequirements of an init container are taken into account during scheduling by finding the highest request/limit for each resource type, and then using the max of of that value or the sum of the normal containers. Limits are applied to init containers in a similar fashion. Init containers cannot currently be added or removed. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/init-containers/' - type: array - items: - description: This is accessible behind a feature flag - kubernetes.podspec-init-containers - type: object - x-kubernetes-preserve-unknown-fields: true - nodeSelector: - description: This is accessible behind a feature flag - kubernetes.podspec-nodeselector - type: object - x-kubernetes-preserve-unknown-fields: true - x-kubernetes-map-type: atomic - priorityClassName: - description: This is accessible behind a feature flag - kubernetes.podspec-priorityclassname - type: string - x-kubernetes-preserve-unknown-fields: true - responseStartTimeoutSeconds: - description: ResponseStartTimeoutSeconds is the maximum duration in seconds that the request routing layer will wait for a request delivered to a container to begin sending any network traffic. - type: integer - format: int64 - runtimeClassName: - description: This is accessible behind a feature flag - kubernetes.podspec-runtimeclassname - type: string - x-kubernetes-preserve-unknown-fields: true - schedulerName: - description: This is accessible behind a feature flag - kubernetes.podspec-schedulername - type: string - x-kubernetes-preserve-unknown-fields: true - securityContext: - description: This is accessible behind a feature flag - kubernetes.podspec-securitycontext - type: object - x-kubernetes-preserve-unknown-fields: true - serviceAccountName: - description: 'ServiceAccountName is the name of the ServiceAccount to use to run this pod. More info: https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/' - type: string - timeoutSeconds: - description: TimeoutSeconds is the maximum duration in seconds that the request instance is allowed to respond to a request. If unspecified, a system default will be provided. - type: integer - format: int64 - tolerations: - description: This is accessible behind a feature flag - kubernetes.podspec-tolerations - type: array - items: - description: This is accessible behind a feature flag - kubernetes.podspec-tolerations - type: object - x-kubernetes-preserve-unknown-fields: true - topologySpreadConstraints: - description: This is accessible behind a feature flag - kubernetes.podspec-topologyspreadconstraints - type: array - items: - description: This is accessible behind a feature flag - kubernetes.podspec-topologyspreadconstraints - type: object - x-kubernetes-preserve-unknown-fields: true - volumes: - description: 'List of volumes that can be mounted by containers belonging to the pod. More info: https://kubernetes.io/docs/concepts/storage/volumes' - type: array - items: - description: Volume represents a named volume in a pod that may be accessed by any container in the pod. - type: object - required: - - name - properties: - configMap: - description: configMap represents a configMap that should populate this volume - type: object - properties: - defaultMode: - description: 'defaultMode is optional: mode bits used to set permissions on created files by default. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. Defaults to 0644. Directories within the path are not affected by this setting. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.' - type: integer - format: int32 - items: - description: items if unspecified, each key-value pair in the Data field of the referenced ConfigMap will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the ConfigMap, the volume setup will error unless it is marked optional. Paths must be relative and may not contain the '..' path or start with '..'. - type: array - items: - description: Maps a string key to a path within a volume. - type: object - required: - - key - - path - properties: - key: - description: key is the key to project. - type: string - mode: - description: 'mode is Optional: mode bits used to set permissions on this file. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.' - type: integer - format: int32 - path: - description: path is the relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'. - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?' - type: string - optional: - description: optional specify whether the ConfigMap or its keys must be defined - type: boolean - x-kubernetes-map-type: atomic - emptyDir: - description: This is accessible behind a feature flag - kubernetes.podspec-emptydir - type: object - x-kubernetes-preserve-unknown-fields: true - name: - description: 'name of the volume. Must be a DNS_LABEL and unique within the pod. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - persistentVolumeClaim: - description: This is accessible behind a feature flag - kubernetes.podspec-persistent-volume-claim - type: object - x-kubernetes-preserve-unknown-fields: true - projected: - description: projected items for all in one resources secrets, configmaps, and downward API - type: object - properties: - defaultMode: - description: defaultMode are the mode bits used to set permissions on created files by default. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. Directories within the path are not affected by this setting. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. - type: integer - format: int32 - sources: - description: sources is the list of volume projections - type: array - items: - description: Projection that may be projected along with other supported volume types - type: object - properties: - configMap: - description: configMap information about the configMap data to project - type: object - properties: - items: - description: items if unspecified, each key-value pair in the Data field of the referenced ConfigMap will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the ConfigMap, the volume setup will error unless it is marked optional. Paths must be relative and may not contain the '..' path or start with '..'. - type: array - items: - description: Maps a string key to a path within a volume. - type: object - required: - - key - - path - properties: - key: - description: key is the key to project. - type: string - mode: - description: 'mode is Optional: mode bits used to set permissions on this file. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.' - type: integer - format: int32 - path: - description: path is the relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'. - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?' - type: string - optional: - description: optional specify whether the ConfigMap or its keys must be defined - type: boolean - x-kubernetes-map-type: atomic - secret: - description: secret information about the secret data to project - type: object - properties: - items: - description: items if unspecified, each key-value pair in the Data field of the referenced Secret will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the Secret, the volume setup will error unless it is marked optional. Paths must be relative and may not contain the '..' path or start with '..'. - type: array - items: - description: Maps a string key to a path within a volume. - type: object - required: - - key - - path - properties: - key: - description: key is the key to project. - type: string - mode: - description: 'mode is Optional: mode bits used to set permissions on this file. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.' - type: integer - format: int32 - path: - description: path is the relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'. - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?' - type: string - optional: - description: optional field specify whether the Secret or its key must be defined - type: boolean - x-kubernetes-map-type: atomic - serviceAccountToken: - description: serviceAccountToken is information about the serviceAccountToken data to project - type: object - required: - - path - properties: - audience: - description: audience is the intended audience of the token. A recipient of a token must identify itself with an identifier specified in the audience of the token, and otherwise should reject the token. The audience defaults to the identifier of the apiserver. - type: string - expirationSeconds: - description: expirationSeconds is the requested duration of validity of the service account token. As the token approaches expiration, the kubelet volume plugin will proactively rotate the service account token. The kubelet will start trying to rotate the token if the token is older than 80 percent of its time to live or if the token is older than 24 hours.Defaults to 1 hour and must be at least 10 minutes. - type: integer - format: int64 - path: - description: path is the path relative to the mount point of the file to project the token into. - type: string - secret: - description: 'secret represents a secret that should populate this volume. More info: https://kubernetes.io/docs/concepts/storage/volumes#secret' - type: object - properties: - defaultMode: - description: 'defaultMode is Optional: mode bits used to set permissions on created files by default. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. Defaults to 0644. Directories within the path are not affected by this setting. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.' - type: integer - format: int32 - items: - description: items If unspecified, each key-value pair in the Data field of the referenced Secret will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the Secret, the volume setup will error unless it is marked optional. Paths must be relative and may not contain the '..' path or start with '..'. - type: array - items: - description: Maps a string key to a path within a volume. - type: object - required: - - key - - path - properties: - key: - description: key is the key to project. - type: string - mode: - description: 'mode is Optional: mode bits used to set permissions on this file. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.' - type: integer - format: int32 - path: - description: path is the relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'. - type: string - optional: - description: optional field specify whether the Secret or its keys must be defined - type: boolean - secretName: - description: 'secretName is the name of the secret in the pod''s namespace to use. More info: https://kubernetes.io/docs/concepts/storage/volumes#secret' - type: string - status: - description: ConfigurationStatus communicates the observed state of the Configuration (from the controller). - type: object - properties: - annotations: - description: Annotations is additional Status fields for the Resource to save some additional State as well as convey more information to the user. This is roughly akin to Annotations on any k8s resource, just the reconciler conveying richer information outwards. - type: object - additionalProperties: - type: string - conditions: - description: Conditions the latest available observations of a resource's current state. - type: array - items: - description: 'Condition defines a readiness condition for a Knative resource. See: https://github.com/kubernetes/community/blob/master/contributors/devel/sig-architecture/api-conventions.md#typical-status-properties' - type: object - required: - - status - - type - properties: - lastTransitionTime: - description: LastTransitionTime is the last time the condition transitioned from one status to another. We use VolatileTime in place of metav1.Time to exclude this from creating equality.Semantic differences (all other things held constant). - type: string - message: - description: A human readable message indicating details about the transition. - type: string - reason: - description: The reason for the condition's last transition. - type: string - severity: - description: Severity with which to treat failures of this type of condition. When this is not specified, it defaults to Error. - type: string - status: - description: Status of the condition, one of True, False, Unknown. - type: string - type: - description: Type of condition. - type: string - latestCreatedRevisionName: - description: LatestCreatedRevisionName is the last revision that was created from this Configuration. It might not be ready yet, for that use LatestReadyRevisionName. - type: string - latestReadyRevisionName: - description: LatestReadyRevisionName holds the name of the latest Revision stamped out from this Configuration that has had its "Ready" condition become "True". - type: string - observedGeneration: - description: ObservedGeneration is the 'Generation' of the Service that was last processed by the controller. - type: integer - format: int64 - ---- -# Copyright 2020 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - name: clusterdomainclaims.networking.internal.knative.dev - labels: - app.kubernetes.io/name: knative-serving - app.kubernetes.io/component: networking - app.kubernetes.io/version: "1.8.0" - knative.dev/crd-install: "true" -spec: - group: networking.internal.knative.dev - versions: - - name: v1alpha1 - served: true - storage: true - subresources: - status: {} - schema: - openAPIV3Schema: - description: ClusterDomainClaim is a cluster-wide reservation for a particular domain name. - type: object - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - description: 'Spec is the desired state of the ClusterDomainClaim. More info: https://github.com/kubernetes/community/blob/master/contributors/devel/sig-architecture/api-conventions.md#spec-and-status' - type: object - required: - - namespace - properties: - namespace: - description: Namespace is the namespace which is allowed to create a DomainMapping using this ClusterDomainClaim's name. - type: string - names: - kind: ClusterDomainClaim - plural: clusterdomainclaims - singular: clusterdomainclaim - categories: - - knative-internal - - networking - shortNames: - - cdc - scope: Cluster - ---- -# Copyright 2020 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - name: domainmappings.serving.knative.dev - labels: - app.kubernetes.io/name: knative-serving - app.kubernetes.io/version: "1.8.0" - knative.dev/crd-install: "true" -spec: - group: serving.knative.dev - versions: - - name: v1beta1 - served: true - storage: false - subresources: - status: {} - additionalPrinterColumns: - - name: URL - type: string - jsonPath: .status.url - - name: Ready - type: string - jsonPath: ".status.conditions[?(@.type=='Ready')].status" - - name: Reason - type: string - jsonPath: ".status.conditions[?(@.type=='Ready')].reason" - "schema": - "openAPIV3Schema": - description: DomainMapping is a mapping from a custom hostname to an Addressable. - type: object - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - description: 'Spec is the desired state of the DomainMapping. More info: https://github.com/kubernetes/community/blob/master/contributors/devel/sig-architecture/api-conventions.md#spec-and-status' - type: object - required: - - ref - properties: - ref: - description: "Ref specifies the target of the Domain Mapping. \n The object identified by the Ref must be an Addressable with a URL of the form `{name}.{namespace}.{domain}` where `{domain}` is the cluster domain, and `{name}` and `{namespace}` are the name and namespace of a Kubernetes Service. \n This contract is satisfied by Knative types such as Knative Services and Knative Routes, and by Kubernetes Services." - type: object - required: - - kind - - name - properties: - apiVersion: - description: API version of the referent. - type: string - group: - description: 'Group of the API, without the version of the group. This can be used as an alternative to the APIVersion, and then resolved using ResolveGroup. Note: This API is EXPERIMENTAL and might break anytime. For more details: https://github.com/knative/eventing/issues/5086' - type: string - kind: - description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - namespace: - description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ This is optional field, it gets defaulted to the object holding it if left out.' - type: string - tls: - description: TLS allows the DomainMapping to terminate TLS traffic with an existing secret. - type: object - required: - - secretName - properties: - secretName: - description: SecretName is the name of the existing secret used to terminate TLS traffic. - type: string - status: - description: 'Status is the current state of the DomainMapping. More info: https://github.com/kubernetes/community/blob/master/contributors/devel/sig-architecture/api-conventions.md#spec-and-status' - type: object - properties: - address: - description: Address holds the information needed for a DomainMapping to be the target of an event. - type: object - properties: - url: - type: string - annotations: - description: Annotations is additional Status fields for the Resource to save some additional State as well as convey more information to the user. This is roughly akin to Annotations on any k8s resource, just the reconciler conveying richer information outwards. - type: object - additionalProperties: - type: string - conditions: - description: Conditions the latest available observations of a resource's current state. - type: array - items: - description: 'Condition defines a readiness condition for a Knative resource. See: https://github.com/kubernetes/community/blob/master/contributors/devel/sig-architecture/api-conventions.md#typical-status-properties' - type: object - required: - - status - - type - properties: - lastTransitionTime: - description: LastTransitionTime is the last time the condition transitioned from one status to another. We use VolatileTime in place of metav1.Time to exclude this from creating equality.Semantic differences (all other things held constant). - type: string - message: - description: A human readable message indicating details about the transition. - type: string - reason: - description: The reason for the condition's last transition. - type: string - severity: - description: Severity with which to treat failures of this type of condition. When this is not specified, it defaults to Error. - type: string - status: - description: Status of the condition, one of True, False, Unknown. - type: string - type: - description: Type of condition. - type: string - observedGeneration: - description: ObservedGeneration is the 'Generation' of the Service that was last processed by the controller. - type: integer - format: int64 - url: - description: URL is the URL of this DomainMapping. - type: string - - name: v1alpha1 - served: true - storage: true - subresources: - status: {} - schema: - openAPIV3Schema: - description: DomainMapping is a mapping from a custom hostname to an Addressable. - type: object - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - description: 'Spec is the desired state of the DomainMapping. More info: https://github.com/kubernetes/community/blob/master/contributors/devel/sig-architecture/api-conventions.md#spec-and-status' - type: object - required: - - ref - properties: - ref: - description: "Ref specifies the target of the Domain Mapping. \n The object identified by the Ref must be an Addressable with a URL of the form `{name}.{namespace}.{domain}` where `{domain}` is the cluster domain, and `{name}` and `{namespace}` are the name and namespace of a Kubernetes Service. \n This contract is satisfied by Knative types such as Knative Services and Knative Routes, and by Kubernetes Services." - type: object - required: - - kind - - name - properties: - apiVersion: - description: API version of the referent. - type: string - group: - description: 'Group of the API, without the version of the group. This can be used as an alternative to the APIVersion, and then resolved using ResolveGroup. Note: This API is EXPERIMENTAL and might break anytime. For more details: https://github.com/knative/eventing/issues/5086' - type: string - kind: - description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - namespace: - description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ This is optional field, it gets defaulted to the object holding it if left out.' - type: string - tls: - description: TLS allows the DomainMapping to terminate TLS traffic with an existing secret. - type: object - required: - - secretName - properties: - secretName: - description: SecretName is the name of the existing secret used to terminate TLS traffic. - type: string - status: - description: 'Status is the current state of the DomainMapping. More info: https://github.com/kubernetes/community/blob/master/contributors/devel/sig-architecture/api-conventions.md#spec-and-status' - type: object - properties: - address: - description: Address holds the information needed for a DomainMapping to be the target of an event. - type: object - properties: - url: - type: string - annotations: - description: Annotations is additional Status fields for the Resource to save some additional State as well as convey more information to the user. This is roughly akin to Annotations on any k8s resource, just the reconciler conveying richer information outwards. - type: object - additionalProperties: - type: string - conditions: - description: Conditions the latest available observations of a resource's current state. - type: array - items: - description: 'Condition defines a readiness condition for a Knative resource. See: https://github.com/kubernetes/community/blob/master/contributors/devel/sig-architecture/api-conventions.md#typical-status-properties' - type: object - required: - - status - - type - properties: - lastTransitionTime: - description: LastTransitionTime is the last time the condition transitioned from one status to another. We use VolatileTime in place of metav1.Time to exclude this from creating equality.Semantic differences (all other things held constant). - type: string - message: - description: A human readable message indicating details about the transition. - type: string - reason: - description: The reason for the condition's last transition. - type: string - severity: - description: Severity with which to treat failures of this type of condition. When this is not specified, it defaults to Error. - type: string - status: - description: Status of the condition, one of True, False, Unknown. - type: string - type: - description: Type of condition. - type: string - observedGeneration: - description: ObservedGeneration is the 'Generation' of the Service that was last processed by the controller. - type: integer - format: int64 - url: - description: URL is the URL of this DomainMapping. - type: string - additionalPrinterColumns: - - name: URL - type: string - jsonPath: .status.url - - name: Ready - type: string - jsonPath: ".status.conditions[?(@.type=='Ready')].status" - - name: Reason - type: string - jsonPath: ".status.conditions[?(@.type=='Ready')].reason" - names: - kind: DomainMapping - plural: domainmappings - singular: domainmapping - categories: - - all - - knative - - serving - shortNames: - - dm - scope: Namespaced - ---- -# Copyright 2020 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - name: ingresses.networking.internal.knative.dev - labels: - app.kubernetes.io/name: knative-serving - app.kubernetes.io/component: networking - app.kubernetes.io/version: "1.8.0" - knative.dev/crd-install: "true" -spec: - group: networking.internal.knative.dev - versions: - - name: v1alpha1 - served: true - storage: true - subresources: - status: {} - schema: - openAPIV3Schema: - description: "Ingress is a collection of rules that allow inbound connections to reach the endpoints defined by a backend. An Ingress can be configured to give services externally-reachable URLs, load balance traffic, offer name based virtual hosting, etc. \n This is heavily based on K8s Ingress https://godoc.org/k8s.io/api/networking/v1beta1#Ingress which some highlighted modifications." - type: object - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - description: 'Spec is the desired state of the Ingress. More info: https://github.com/kubernetes/community/blob/master/contributors/devel/sig-architecture/api-conventions.md#spec-and-status' - type: object - properties: - httpOption: - description: 'HTTPOption is the option of HTTP. It has the following two values: `HTTPOptionEnabled`, `HTTPOptionRedirected`' - type: string - rules: - description: A list of host rules used to configure the Ingress. - type: array - items: - description: IngressRule represents the rules mapping the paths under a specified host to the related backend services. Incoming requests are first evaluated for a host match, then routed to the backend associated with the matching IngressRuleValue. - type: object - properties: - hosts: - description: 'Host is the fully qualified domain name of a network host, as defined by RFC 3986. Note the following deviations from the "host" part of the URI as defined in the RFC: 1. IPs are not allowed. Currently a rule value can only apply to the IP in the Spec of the parent . 2. The `:` delimiter is not respected because ports are not allowed. Currently the port of an Ingress is implicitly :80 for http and :443 for https. Both these may change in the future. If the host is unspecified, the Ingress routes all traffic based on the specified IngressRuleValue. If multiple matching Hosts were provided, the first rule will take precedent.' - type: array - items: - type: string - http: - description: HTTP represents a rule to apply against incoming requests. If the rule is satisfied, the request is routed to the specified backend. - type: object - required: - - paths - properties: - paths: - description: "A collection of paths that map requests to backends. \n If they are multiple matching paths, the first match takes precedence." - type: array - items: - description: HTTPIngressPath associates a path regex with a backend. Incoming URLs matching the path are forwarded to the backend. - type: object - required: - - splits - properties: - appendHeaders: - description: "AppendHeaders allow specifying additional HTTP headers to add before forwarding a request to the destination service. \n NOTE: This differs from K8s Ingress which doesn't allow header appending." - type: object - additionalProperties: - type: string - headers: - description: Headers defines header matching rules which is a map from a header name to HeaderMatch which specify a matching condition. When a request matched with all the header matching rules, the request is routed by the corresponding ingress rule. If it is empty, the headers are not used for matching - type: object - additionalProperties: - description: HeaderMatch represents a matching value of Headers in HTTPIngressPath. Currently, only the exact matching is supported. - type: object - required: - - exact - properties: - exact: - type: string - path: - description: Path represents a literal prefix to which this rule should apply. Currently it can contain characters disallowed from the conventional "path" part of a URL as defined by RFC 3986. Paths must begin with a '/'. If unspecified, the path defaults to a catch all sending traffic to the backend. - type: string - rewriteHost: - description: "RewriteHost rewrites the incoming request's host header. \n This field is currently experimental and not supported by all Ingress implementations." - type: string - splits: - description: Splits defines the referenced service endpoints to which the traffic will be forwarded to. - type: array - items: - description: IngressBackendSplit describes all endpoints for a given service and port. - type: object - required: - - serviceName - - serviceNamespace - - servicePort - properties: - appendHeaders: - description: "AppendHeaders allow specifying additional HTTP headers to add before forwarding a request to the destination service. \n NOTE: This differs from K8s Ingress which doesn't allow header appending." - type: object - additionalProperties: - type: string - percent: - description: "Specifies the split percentage, a number between 0 and 100. If only one split is specified, we default to 100. \n NOTE: This differs from K8s Ingress to allow percentage split." - type: integer - serviceName: - description: Specifies the name of the referenced service. - type: string - serviceNamespace: - description: "Specifies the namespace of the referenced service. \n NOTE: This differs from K8s Ingress to allow routing to different namespaces." - type: string - servicePort: - description: Specifies the port of the referenced service. - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - visibility: - description: Visibility signifies whether this rule should `ClusterLocal`. If it's not specified then it defaults to `ExternalIP`. - type: string - tls: - description: 'TLS configuration. Currently Ingress only supports a single TLS port: 443. If multiple members of this list specify different hosts, they will be multiplexed on the same port according to the hostname specified through the SNI TLS extension, if the ingress controller fulfilling the ingress supports SNI.' - type: array - items: - description: IngressTLS describes the transport layer security associated with an Ingress. - type: object - properties: - hosts: - description: Hosts is a list of hosts included in the TLS certificate. The values in this list must match the name/s used in the tlsSecret. Defaults to the wildcard host setting for the loadbalancer controller fulfilling this Ingress, if left unspecified. - type: array - items: - type: string - secretName: - description: SecretName is the name of the secret used to terminate SSL traffic. - type: string - secretNamespace: - description: SecretNamespace is the namespace of the secret used to terminate SSL traffic. If not set the namespace should be assumed to be the same as the Ingress. If set the secret should have the same namespace as the Ingress otherwise the behaviour is undefined and not supported. - type: string - status: - description: 'Status is the current state of the Ingress. More info: https://github.com/kubernetes/community/blob/master/contributors/devel/sig-architecture/api-conventions.md#spec-and-status' - type: object - properties: - annotations: - description: Annotations is additional Status fields for the Resource to save some additional State as well as convey more information to the user. This is roughly akin to Annotations on any k8s resource, just the reconciler conveying richer information outwards. - type: object - additionalProperties: - type: string - conditions: - description: Conditions the latest available observations of a resource's current state. - type: array - items: - description: 'Condition defines a readiness condition for a Knative resource. See: https://github.com/kubernetes/community/blob/master/contributors/devel/sig-architecture/api-conventions.md#typical-status-properties' - type: object - required: - - status - - type - properties: - lastTransitionTime: - description: LastTransitionTime is the last time the condition transitioned from one status to another. We use VolatileTime in place of metav1.Time to exclude this from creating equality.Semantic differences (all other things held constant). - type: string - message: - description: A human readable message indicating details about the transition. - type: string - reason: - description: The reason for the condition's last transition. - type: string - severity: - description: Severity with which to treat failures of this type of condition. When this is not specified, it defaults to Error. - type: string - status: - description: Status of the condition, one of True, False, Unknown. - type: string - type: - description: Type of condition. - type: string - observedGeneration: - description: ObservedGeneration is the 'Generation' of the Service that was last processed by the controller. - type: integer - format: int64 - privateLoadBalancer: - description: PrivateLoadBalancer contains the current status of the load-balancer. - type: object - properties: - ingress: - description: Ingress is a list containing ingress points for the load-balancer. Traffic intended for the service should be sent to these ingress points. - type: array - items: - description: 'LoadBalancerIngressStatus represents the status of a load-balancer ingress point: traffic intended for the service should be sent to an ingress point.' - type: object - properties: - domain: - description: Domain is set for load-balancer ingress points that are DNS based (typically AWS load-balancers) - type: string - domainInternal: - description: "DomainInternal is set if there is a cluster-local DNS name to access the Ingress. \n NOTE: This differs from K8s Ingress, since we also desire to have a cluster-local DNS name to allow routing in case of not having a mesh." - type: string - ip: - description: IP is set for load-balancer ingress points that are IP based (typically GCE or OpenStack load-balancers) - type: string - meshOnly: - description: MeshOnly is set if the Ingress is only load-balanced through a Service mesh. - type: boolean - publicLoadBalancer: - description: PublicLoadBalancer contains the current status of the load-balancer. - type: object - properties: - ingress: - description: Ingress is a list containing ingress points for the load-balancer. Traffic intended for the service should be sent to these ingress points. - type: array - items: - description: 'LoadBalancerIngressStatus represents the status of a load-balancer ingress point: traffic intended for the service should be sent to an ingress point.' - type: object - properties: - domain: - description: Domain is set for load-balancer ingress points that are DNS based (typically AWS load-balancers) - type: string - domainInternal: - description: "DomainInternal is set if there is a cluster-local DNS name to access the Ingress. \n NOTE: This differs from K8s Ingress, since we also desire to have a cluster-local DNS name to allow routing in case of not having a mesh." - type: string - ip: - description: IP is set for load-balancer ingress points that are IP based (typically GCE or OpenStack load-balancers) - type: string - meshOnly: - description: MeshOnly is set if the Ingress is only load-balanced through a Service mesh. - type: boolean - additionalPrinterColumns: - - name: Ready - type: string - jsonPath: ".status.conditions[?(@.type=='Ready')].status" - - name: Reason - type: string - jsonPath: ".status.conditions[?(@.type=='Ready')].reason" - names: - kind: Ingress - plural: ingresses - singular: ingress - categories: - - knative-internal - - networking - shortNames: - - kingress - - king - scope: Namespaced - ---- -# Copyright 2019 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -# Note: The schema part of the spec is auto-generated by hack/update-schemas.sh. - -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - name: metrics.autoscaling.internal.knative.dev - labels: - app.kubernetes.io/name: knative-serving - app.kubernetes.io/version: "1.8.0" - knative.dev/crd-install: "true" -spec: - group: autoscaling.internal.knative.dev - names: - kind: Metric - plural: metrics - singular: metric - categories: - - knative-internal - - autoscaling - scope: Namespaced - versions: - - name: v1alpha1 - served: true - storage: true - subresources: - status: {} - additionalPrinterColumns: - - name: Ready - type: string - jsonPath: ".status.conditions[?(@.type=='Ready')].status" - - name: Reason - type: string - jsonPath: ".status.conditions[?(@.type=='Ready')].reason" - schema: - openAPIV3Schema: - description: Metric represents a resource to configure the metric collector with. - type: object - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - description: Spec holds the desired state of the Metric (from the client). - type: object - required: - - panicWindow - - scrapeTarget - - stableWindow - properties: - panicWindow: - description: PanicWindow is the aggregation window for metrics where quick reactions are needed. - type: integer - format: int64 - scrapeTarget: - description: ScrapeTarget is the K8s service that publishes the metric endpoint. - type: string - stableWindow: - description: StableWindow is the aggregation window for metrics in a stable state. - type: integer - format: int64 - status: - description: Status communicates the observed state of the Metric (from the controller). - type: object - properties: - annotations: - description: Annotations is additional Status fields for the Resource to save some additional State as well as convey more information to the user. This is roughly akin to Annotations on any k8s resource, just the reconciler conveying richer information outwards. - type: object - additionalProperties: - type: string - conditions: - description: Conditions the latest available observations of a resource's current state. - type: array - items: - description: 'Condition defines a readiness condition for a Knative resource. See: https://github.com/kubernetes/community/blob/master/contributors/devel/sig-architecture/api-conventions.md#typical-status-properties' - type: object - required: - - status - - type - properties: - lastTransitionTime: - description: LastTransitionTime is the last time the condition transitioned from one status to another. We use VolatileTime in place of metav1.Time to exclude this from creating equality.Semantic differences (all other things held constant). - type: string - message: - description: A human readable message indicating details about the transition. - type: string - reason: - description: The reason for the condition's last transition. - type: string - severity: - description: Severity with which to treat failures of this type of condition. When this is not specified, it defaults to Error. - type: string - status: - description: Status of the condition, one of True, False, Unknown. - type: string - type: - description: Type of condition. - type: string - observedGeneration: - description: ObservedGeneration is the 'Generation' of the Service that was last processed by the controller. - type: integer - format: int64 - ---- -# Copyright 2018 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -# Note: The schema part of the spec is auto-generated by hack/update-schemas.sh. - -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - name: podautoscalers.autoscaling.internal.knative.dev - labels: - app.kubernetes.io/name: knative-serving - app.kubernetes.io/version: "1.8.0" - knative.dev/crd-install: "true" -spec: - group: autoscaling.internal.knative.dev - names: - kind: PodAutoscaler - plural: podautoscalers - singular: podautoscaler - categories: - - knative-internal - - autoscaling - shortNames: - - kpa - - pa - scope: Namespaced - versions: - - name: v1alpha1 - served: true - storage: true - subresources: - status: {} - additionalPrinterColumns: - - name: DesiredScale - type: integer - jsonPath: ".status.desiredScale" - - name: ActualScale - type: integer - jsonPath: ".status.actualScale" - - name: Ready - type: string - jsonPath: ".status.conditions[?(@.type=='Ready')].status" - - name: Reason - type: string - jsonPath: ".status.conditions[?(@.type=='Ready')].reason" - schema: - openAPIV3Schema: - description: 'PodAutoscaler is a Knative abstraction that encapsulates the interface by which Knative components instantiate autoscalers. This definition is an abstraction that may be backed by multiple definitions. For more information, see the Knative Pluggability presentation: https://docs.google.com/presentation/d/19vW9HFZ6Puxt31biNZF3uLRejDmu82rxJIk1cWmxF7w/edit' - type: object - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - description: Spec holds the desired state of the PodAutoscaler (from the client). - type: object - required: - - protocolType - - scaleTargetRef - properties: - containerConcurrency: - description: ContainerConcurrency specifies the maximum allowed in-flight (concurrent) requests per container of the Revision. Defaults to `0` which means unlimited concurrency. - type: integer - format: int64 - protocolType: - description: The application-layer protocol. Matches `ProtocolType` inferred from the revision spec. - type: string - reachability: - description: Reachability specifies whether or not the `ScaleTargetRef` can be reached (ie. has a route). Defaults to `ReachabilityUnknown` - type: string - scaleTargetRef: - description: ScaleTargetRef defines the /scale-able resource that this PodAutoscaler is responsible for quickly right-sizing. - type: object - properties: - apiVersion: - description: API version of the referent. - type: string - kind: - description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - x-kubernetes-map-type: atomic - status: - description: Status communicates the observed state of the PodAutoscaler (from the controller). - type: object - required: - - metricsServiceName - - serviceName - properties: - actualScale: - description: ActualScale shows the actual number of replicas for the revision. - type: integer - format: int32 - annotations: - description: Annotations is additional Status fields for the Resource to save some additional State as well as convey more information to the user. This is roughly akin to Annotations on any k8s resource, just the reconciler conveying richer information outwards. - type: object - additionalProperties: - type: string - conditions: - description: Conditions the latest available observations of a resource's current state. - type: array - items: - description: 'Condition defines a readiness condition for a Knative resource. See: https://github.com/kubernetes/community/blob/master/contributors/devel/sig-architecture/api-conventions.md#typical-status-properties' - type: object - required: - - status - - type - properties: - lastTransitionTime: - description: LastTransitionTime is the last time the condition transitioned from one status to another. We use VolatileTime in place of metav1.Time to exclude this from creating equality.Semantic differences (all other things held constant). - type: string - message: - description: A human readable message indicating details about the transition. - type: string - reason: - description: The reason for the condition's last transition. - type: string - severity: - description: Severity with which to treat failures of this type of condition. When this is not specified, it defaults to Error. - type: string - status: - description: Status of the condition, one of True, False, Unknown. - type: string - type: - description: Type of condition. - type: string - desiredScale: - description: DesiredScale shows the current desired number of replicas for the revision. - type: integer - format: int32 - metricsServiceName: - description: MetricsServiceName is the K8s Service name that provides revision metrics. The service is managed by the PA object. - type: string - observedGeneration: - description: ObservedGeneration is the 'Generation' of the Service that was last processed by the controller. - type: integer - format: int64 - serviceName: - description: ServiceName is the K8s Service name that serves the revision, scaled by this PA. The service is created and owned by the ServerlessService object owned by this PA. - type: string - ---- -# Copyright 2019 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -# Note: The schema part of the spec is auto-generated by hack/update-schemas.sh. - -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - name: revisions.serving.knative.dev - labels: - app.kubernetes.io/name: knative-serving - app.kubernetes.io/version: "1.8.0" - knative.dev/crd-install: "true" -spec: - group: serving.knative.dev - names: - kind: Revision - plural: revisions - singular: revision - categories: - - all - - knative - - serving - shortNames: - - rev - scope: Namespaced - versions: - - name: v1 - served: true - storage: true - subresources: - status: {} - additionalPrinterColumns: - - name: Config Name - type: string - jsonPath: ".metadata.labels['serving\\.knative\\.dev/configuration']" - - name: K8s Service Name - type: string - jsonPath: ".status.serviceName" - - name: Generation - type: string # int in string form :( - jsonPath: ".metadata.labels['serving\\.knative\\.dev/configurationGeneration']" - - name: Ready - type: string - jsonPath: ".status.conditions[?(@.type=='Ready')].status" - - name: Reason - type: string - jsonPath: ".status.conditions[?(@.type=='Ready')].reason" - - name: Actual Replicas - type: integer - jsonPath: ".status.actualReplicas" - - name: Desired Replicas - type: integer - jsonPath: ".status.desiredReplicas" - schema: - openAPIV3Schema: - description: "Revision is an immutable snapshot of code and configuration. A revision references a container image. Revisions are created by updates to a Configuration. \n See also: https://github.com/knative/serving/blob/main/docs/spec/overview.md#revision" - type: object - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - description: RevisionSpec holds the desired state of the Revision (from the client). - type: object - required: - - containers - properties: - affinity: - description: This is accessible behind a feature flag - kubernetes.podspec-affinity - type: object - x-kubernetes-preserve-unknown-fields: true - automountServiceAccountToken: - description: AutomountServiceAccountToken indicates whether a service account token should be automatically mounted. - type: boolean - containerConcurrency: - description: ContainerConcurrency specifies the maximum allowed in-flight (concurrent) requests per container of the Revision. Defaults to `0` which means concurrency to the application is not limited, and the system decides the target concurrency for the autoscaler. - type: integer - format: int64 - containers: - description: List of containers belonging to the pod. Containers cannot currently be added or removed. There must be at least one container in a Pod. Cannot be updated. - type: array - items: - description: A single application container that you want to run within a pod. - type: object - properties: - args: - description: 'Arguments to the entrypoint. The container image''s CMD is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container''s environment. If a variable cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)" will produce the string literal "$(VAR_NAME)". Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell' - type: array - items: - type: string - command: - description: 'Entrypoint array. Not executed within a shell. The container image''s ENTRYPOINT is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container''s environment. If a variable cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)" will produce the string literal "$(VAR_NAME)". Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell' - type: array - items: - type: string - env: - description: List of environment variables to set in the container. Cannot be updated. - type: array - items: - description: EnvVar represents an environment variable present in a Container. - type: object - required: - - name - properties: - name: - description: Name of the environment variable. Must be a C_IDENTIFIER. - type: string - value: - description: 'Variable references $(VAR_NAME) are expanded using the previously defined environment variables in the container and any service environment variables. If a variable cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)" will produce the string literal "$(VAR_NAME)". Escaped references will never be expanded, regardless of whether the variable exists or not. Defaults to "".' - type: string - valueFrom: - description: Source for the environment variable's value. Cannot be used if value is not empty. - type: object - properties: - configMapKeyRef: - description: Selects a key of a ConfigMap. - type: object - required: - - key - properties: - key: - description: The key to select. - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?' - type: string - optional: - description: Specify whether the ConfigMap or its key must be defined - type: boolean - x-kubernetes-map-type: atomic - fieldRef: - description: This is accessible behind a feature flag - kubernetes.podspec-fieldref - type: object - x-kubernetes-preserve-unknown-fields: true - x-kubernetes-map-type: atomic - resourceFieldRef: - description: This is accessible behind a feature flag - kubernetes.podspec-fieldref - type: object - x-kubernetes-preserve-unknown-fields: true - x-kubernetes-map-type: atomic - secretKeyRef: - description: Selects a key of a secret in the pod's namespace - type: object - required: - - key - properties: - key: - description: The key of the secret to select from. Must be a valid secret key. - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?' - type: string - optional: - description: Specify whether the Secret or its key must be defined - type: boolean - x-kubernetes-map-type: atomic - envFrom: - description: List of sources to populate environment variables in the container. The keys defined within a source must be a C_IDENTIFIER. All invalid keys will be reported as an event when the container is starting. When a key exists in multiple sources, the value associated with the last source will take precedence. Values defined by an Env with a duplicate key will take precedence. Cannot be updated. - type: array - items: - description: EnvFromSource represents the source of a set of ConfigMaps - type: object - properties: - configMapRef: - description: The ConfigMap to select from - type: object - properties: - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?' - type: string - optional: - description: Specify whether the ConfigMap must be defined - type: boolean - x-kubernetes-map-type: atomic - prefix: - description: An optional identifier to prepend to each key in the ConfigMap. Must be a C_IDENTIFIER. - type: string - secretRef: - description: The Secret to select from - type: object - properties: - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?' - type: string - optional: - description: Specify whether the Secret must be defined - type: boolean - x-kubernetes-map-type: atomic - image: - description: 'Container image name. More info: https://kubernetes.io/docs/concepts/containers/images This field is optional to allow higher level config management to default or override container images in workload controllers like Deployments and StatefulSets.' - type: string - imagePullPolicy: - description: 'Image pull policy. One of Always, Never, IfNotPresent. Defaults to Always if :latest tag is specified, or IfNotPresent otherwise. Cannot be updated. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images' - type: string - livenessProbe: - description: 'Periodic probe of container liveness. Container will be restarted if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' - type: object - properties: - exec: - description: Exec specifies the action to take. - type: object - properties: - command: - description: Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. - type: array - items: - type: string - failureThreshold: - description: Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1. - type: integer - format: int32 - httpGet: - description: HTTPGet specifies the http request to perform. - type: object - properties: - host: - description: Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. - type: string - httpHeaders: - description: Custom headers to set in the request. HTTP allows repeated headers. - type: array - items: - description: HTTPHeader describes a custom header to be used in HTTP probes - type: object - required: - - name - - value - properties: - name: - description: The header field name - type: string - value: - description: The header field value - type: string - path: - description: Path to access on the HTTP server. - type: string - port: - description: Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - scheme: - description: Scheme to use for connecting to the host. Defaults to HTTP. - type: string - initialDelaySeconds: - description: 'Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' - type: integer - format: int32 - periodSeconds: - description: How often (in seconds) to perform the probe. - type: integer - format: int32 - successThreshold: - description: Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1. - type: integer - format: int32 - tcpSocket: - description: TCPSocket specifies an action involving a TCP port. - type: object - properties: - host: - description: 'Optional: Host name to connect to, defaults to the pod IP.' - type: string - port: - description: Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - timeoutSeconds: - description: 'Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' - type: integer - format: int32 - name: - description: Name of the container specified as a DNS_LABEL. Each container in a pod must have a unique name (DNS_LABEL). Cannot be updated. - type: string - ports: - description: List of ports to expose from the container. Not specifying a port here DOES NOT prevent that port from being exposed. Any port which is listening on the default "0.0.0.0" address inside a container will be accessible from the network. Modifying this array with strategic merge patch may corrupt the data. For more information See https://github.com/kubernetes/kubernetes/issues/108255. Cannot be updated. - type: array - items: - description: ContainerPort represents a network port in a single container. - type: object - required: - - containerPort - properties: - containerPort: - description: Number of port to expose on the pod's IP address. This must be a valid port number, 0 < x < 65536. - type: integer - format: int32 - name: - description: If specified, this must be an IANA_SVC_NAME and unique within the pod. Each named port in a pod must have a unique name. Name for the port that can be referred to by services. - type: string - protocol: - description: Protocol for port. Must be UDP, TCP, or SCTP. Defaults to "TCP". - type: string - default: TCP - x-kubernetes-list-map-keys: - - containerPort - - protocol - x-kubernetes-list-type: map - readinessProbe: - description: 'Periodic probe of container service readiness. Container will be removed from service endpoints if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' - type: object - properties: - exec: - description: Exec specifies the action to take. - type: object - properties: - command: - description: Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. - type: array - items: - type: string - failureThreshold: - description: Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1. - type: integer - format: int32 - httpGet: - description: HTTPGet specifies the http request to perform. - type: object - properties: - host: - description: Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. - type: string - httpHeaders: - description: Custom headers to set in the request. HTTP allows repeated headers. - type: array - items: - description: HTTPHeader describes a custom header to be used in HTTP probes - type: object - required: - - name - - value - properties: - name: - description: The header field name - type: string - value: - description: The header field value - type: string - path: - description: Path to access on the HTTP server. - type: string - port: - description: Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - scheme: - description: Scheme to use for connecting to the host. Defaults to HTTP. - type: string - initialDelaySeconds: - description: 'Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' - type: integer - format: int32 - periodSeconds: - description: How often (in seconds) to perform the probe. - type: integer - format: int32 - successThreshold: - description: Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1. - type: integer - format: int32 - tcpSocket: - description: TCPSocket specifies an action involving a TCP port. - type: object - properties: - host: - description: 'Optional: Host name to connect to, defaults to the pod IP.' - type: string - port: - description: Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - timeoutSeconds: - description: 'Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' - type: integer - format: int32 - resources: - description: 'Compute Resources required by this container. Cannot be updated. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' - type: object - properties: - limits: - description: 'Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' - type: object - additionalProperties: - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - requests: - description: 'Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' - type: object - additionalProperties: - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - securityContext: - description: 'SecurityContext defines the security options the container should be run with. If set, the fields of SecurityContext override the equivalent fields of PodSecurityContext. More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/' - type: object - properties: - allowPrivilegeEscalation: - description: 'AllowPrivilegeEscalation controls whether a process can gain more privileges than its parent process. This bool directly controls if the no_new_privs flag will be set on the container process. AllowPrivilegeEscalation is true always when the container is: 1) run as Privileged 2) has CAP_SYS_ADMIN Note that this field cannot be set when spec.os.name is windows.' - type: boolean - capabilities: - description: The capabilities to add/drop when running containers. Defaults to the default set of capabilities granted by the container runtime. Note that this field cannot be set when spec.os.name is windows. - type: object - properties: - add: - description: This is accessible behind a feature flag - kubernetes.containerspec-addcapabilities - type: array - items: - description: Capability represent POSIX capabilities type - type: string - drop: - description: Removed capabilities - type: array - items: - description: Capability represent POSIX capabilities type - type: string - readOnlyRootFilesystem: - description: Whether this container has a read-only root filesystem. Default is false. Note that this field cannot be set when spec.os.name is windows. - type: boolean - runAsGroup: - description: The GID to run the entrypoint of the container process. Uses runtime default if unset. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is windows. - type: integer - format: int64 - runAsNonRoot: - description: Indicates that the container must run as a non-root user. If true, the Kubelet will validate the image at runtime to ensure that it does not run as UID 0 (root) and fail to start the container if it does. If unset or false, no such validation will be performed. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. - type: boolean - runAsUser: - description: The UID to run the entrypoint of the container process. Defaults to user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is windows. - type: integer - format: int64 - terminationMessagePath: - description: 'Optional: Path at which the file to which the container''s termination message will be written is mounted into the container''s filesystem. Message written is intended to be brief final status, such as an assertion failure message. Will be truncated by the node if greater than 4096 bytes. The total message length across all containers will be limited to 12kb. Defaults to /dev/termination-log. Cannot be updated.' - type: string - terminationMessagePolicy: - description: Indicate how the termination message should be populated. File will use the contents of terminationMessagePath to populate the container status message on both success and failure. FallbackToLogsOnError will use the last chunk of container log output if the termination message file is empty and the container exited with an error. The log output is limited to 2048 bytes or 80 lines, whichever is smaller. Defaults to File. Cannot be updated. - type: string - volumeMounts: - description: Pod volumes to mount into the container's filesystem. Cannot be updated. - type: array - items: - description: VolumeMount describes a mounting of a Volume within a container. - type: object - required: - - mountPath - - name - properties: - mountPath: - description: Path within the container at which the volume should be mounted. Must not contain ':'. - type: string - name: - description: This must match the Name of a Volume. - type: string - readOnly: - description: Mounted read-only if true, read-write otherwise (false or unspecified). Defaults to false. - type: boolean - subPath: - description: Path within the volume from which the container's volume should be mounted. Defaults to "" (volume's root). - type: string - workingDir: - description: Container's working directory. If not specified, the container runtime's default will be used, which might be configured in the container image. Cannot be updated. - type: string - dnsConfig: - description: This is accessible behind a feature flag - kubernetes.podspec-dnsconfig - type: object - x-kubernetes-preserve-unknown-fields: true - dnsPolicy: - description: This is accessible behind a feature flag - kubernetes.podspec-dnspolicy - type: string - enableServiceLinks: - description: 'EnableServiceLinks indicates whether information about services should be injected into pod''s environment variables, matching the syntax of Docker links. Optional: Knative defaults this to false.' - type: boolean - hostAliases: - description: This is accessible behind a feature flag - kubernetes.podspec-hostaliases - type: array - items: - description: This is accessible behind a feature flag - kubernetes.podspec-hostaliases - type: object - x-kubernetes-preserve-unknown-fields: true - idleTimeoutSeconds: - description: IdleTimeoutSeconds is the maximum duration in seconds a request will be allowed to stay open while not receiving any bytes from the user's application. If unspecified, a system default will be provided. - type: integer - format: int64 - imagePullSecrets: - description: 'ImagePullSecrets is an optional list of references to secrets in the same namespace to use for pulling any of the images used by this PodSpec. If specified, these secrets will be passed to individual puller implementations for them to use. More info: https://kubernetes.io/docs/concepts/containers/images#specifying-imagepullsecrets-on-a-pod' - type: array - items: - description: LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. - type: object - properties: - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?' - type: string - x-kubernetes-map-type: atomic - initContainers: - description: 'List of initialization containers belonging to the pod. Init containers are executed in order prior to containers being started. If any init container fails, the pod is considered to have failed and is handled according to its restartPolicy. The name for an init container or normal container must be unique among all containers. Init containers may not have Lifecycle actions, Readiness probes, Liveness probes, or Startup probes. The resourceRequirements of an init container are taken into account during scheduling by finding the highest request/limit for each resource type, and then using the max of of that value or the sum of the normal containers. Limits are applied to init containers in a similar fashion. Init containers cannot currently be added or removed. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/init-containers/' - type: array - items: - description: This is accessible behind a feature flag - kubernetes.podspec-init-containers - type: object - x-kubernetes-preserve-unknown-fields: true - nodeSelector: - description: This is accessible behind a feature flag - kubernetes.podspec-nodeselector - type: object - x-kubernetes-preserve-unknown-fields: true - x-kubernetes-map-type: atomic - priorityClassName: - description: This is accessible behind a feature flag - kubernetes.podspec-priorityclassname - type: string - x-kubernetes-preserve-unknown-fields: true - responseStartTimeoutSeconds: - description: ResponseStartTimeoutSeconds is the maximum duration in seconds that the request routing layer will wait for a request delivered to a container to begin sending any network traffic. - type: integer - format: int64 - runtimeClassName: - description: This is accessible behind a feature flag - kubernetes.podspec-runtimeclassname - type: string - x-kubernetes-preserve-unknown-fields: true - schedulerName: - description: This is accessible behind a feature flag - kubernetes.podspec-schedulername - type: string - x-kubernetes-preserve-unknown-fields: true - securityContext: - description: This is accessible behind a feature flag - kubernetes.podspec-securitycontext - type: object - x-kubernetes-preserve-unknown-fields: true - serviceAccountName: - description: 'ServiceAccountName is the name of the ServiceAccount to use to run this pod. More info: https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/' - type: string - timeoutSeconds: - description: TimeoutSeconds is the maximum duration in seconds that the request instance is allowed to respond to a request. If unspecified, a system default will be provided. - type: integer - format: int64 - tolerations: - description: This is accessible behind a feature flag - kubernetes.podspec-tolerations - type: array - items: - description: This is accessible behind a feature flag - kubernetes.podspec-tolerations - type: object - x-kubernetes-preserve-unknown-fields: true - topologySpreadConstraints: - description: This is accessible behind a feature flag - kubernetes.podspec-topologyspreadconstraints - type: array - items: - description: This is accessible behind a feature flag - kubernetes.podspec-topologyspreadconstraints - type: object - x-kubernetes-preserve-unknown-fields: true - volumes: - description: 'List of volumes that can be mounted by containers belonging to the pod. More info: https://kubernetes.io/docs/concepts/storage/volumes' - type: array - items: - description: Volume represents a named volume in a pod that may be accessed by any container in the pod. - type: object - required: - - name - properties: - configMap: - description: configMap represents a configMap that should populate this volume - type: object - properties: - defaultMode: - description: 'defaultMode is optional: mode bits used to set permissions on created files by default. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. Defaults to 0644. Directories within the path are not affected by this setting. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.' - type: integer - format: int32 - items: - description: items if unspecified, each key-value pair in the Data field of the referenced ConfigMap will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the ConfigMap, the volume setup will error unless it is marked optional. Paths must be relative and may not contain the '..' path or start with '..'. - type: array - items: - description: Maps a string key to a path within a volume. - type: object - required: - - key - - path - properties: - key: - description: key is the key to project. - type: string - mode: - description: 'mode is Optional: mode bits used to set permissions on this file. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.' - type: integer - format: int32 - path: - description: path is the relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'. - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?' - type: string - optional: - description: optional specify whether the ConfigMap or its keys must be defined - type: boolean - x-kubernetes-map-type: atomic - emptyDir: - description: This is accessible behind a feature flag - kubernetes.podspec-emptydir - type: object - x-kubernetes-preserve-unknown-fields: true - name: - description: 'name of the volume. Must be a DNS_LABEL and unique within the pod. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - persistentVolumeClaim: - description: This is accessible behind a feature flag - kubernetes.podspec-persistent-volume-claim - type: object - x-kubernetes-preserve-unknown-fields: true - projected: - description: projected items for all in one resources secrets, configmaps, and downward API - type: object - properties: - defaultMode: - description: defaultMode are the mode bits used to set permissions on created files by default. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. Directories within the path are not affected by this setting. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. - type: integer - format: int32 - sources: - description: sources is the list of volume projections - type: array - items: - description: Projection that may be projected along with other supported volume types - type: object - properties: - configMap: - description: configMap information about the configMap data to project - type: object - properties: - items: - description: items if unspecified, each key-value pair in the Data field of the referenced ConfigMap will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the ConfigMap, the volume setup will error unless it is marked optional. Paths must be relative and may not contain the '..' path or start with '..'. - type: array - items: - description: Maps a string key to a path within a volume. - type: object - required: - - key - - path - properties: - key: - description: key is the key to project. - type: string - mode: - description: 'mode is Optional: mode bits used to set permissions on this file. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.' - type: integer - format: int32 - path: - description: path is the relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'. - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?' - type: string - optional: - description: optional specify whether the ConfigMap or its keys must be defined - type: boolean - x-kubernetes-map-type: atomic - secret: - description: secret information about the secret data to project - type: object - properties: - items: - description: items if unspecified, each key-value pair in the Data field of the referenced Secret will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the Secret, the volume setup will error unless it is marked optional. Paths must be relative and may not contain the '..' path or start with '..'. - type: array - items: - description: Maps a string key to a path within a volume. - type: object - required: - - key - - path - properties: - key: - description: key is the key to project. - type: string - mode: - description: 'mode is Optional: mode bits used to set permissions on this file. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.' - type: integer - format: int32 - path: - description: path is the relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'. - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?' - type: string - optional: - description: optional field specify whether the Secret or its key must be defined - type: boolean - x-kubernetes-map-type: atomic - serviceAccountToken: - description: serviceAccountToken is information about the serviceAccountToken data to project - type: object - required: - - path - properties: - audience: - description: audience is the intended audience of the token. A recipient of a token must identify itself with an identifier specified in the audience of the token, and otherwise should reject the token. The audience defaults to the identifier of the apiserver. - type: string - expirationSeconds: - description: expirationSeconds is the requested duration of validity of the service account token. As the token approaches expiration, the kubelet volume plugin will proactively rotate the service account token. The kubelet will start trying to rotate the token if the token is older than 80 percent of its time to live or if the token is older than 24 hours.Defaults to 1 hour and must be at least 10 minutes. - type: integer - format: int64 - path: - description: path is the path relative to the mount point of the file to project the token into. - type: string - secret: - description: 'secret represents a secret that should populate this volume. More info: https://kubernetes.io/docs/concepts/storage/volumes#secret' - type: object - properties: - defaultMode: - description: 'defaultMode is Optional: mode bits used to set permissions on created files by default. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. Defaults to 0644. Directories within the path are not affected by this setting. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.' - type: integer - format: int32 - items: - description: items If unspecified, each key-value pair in the Data field of the referenced Secret will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the Secret, the volume setup will error unless it is marked optional. Paths must be relative and may not contain the '..' path or start with '..'. - type: array - items: - description: Maps a string key to a path within a volume. - type: object - required: - - key - - path - properties: - key: - description: key is the key to project. - type: string - mode: - description: 'mode is Optional: mode bits used to set permissions on this file. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.' - type: integer - format: int32 - path: - description: path is the relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'. - type: string - optional: - description: optional field specify whether the Secret or its keys must be defined - type: boolean - secretName: - description: 'secretName is the name of the secret in the pod''s namespace to use. More info: https://kubernetes.io/docs/concepts/storage/volumes#secret' - type: string - status: - description: RevisionStatus communicates the observed state of the Revision (from the controller). - type: object - properties: - actualReplicas: - description: ActualReplicas reflects the amount of ready pods running this revision. - type: integer - format: int32 - annotations: - description: Annotations is additional Status fields for the Resource to save some additional State as well as convey more information to the user. This is roughly akin to Annotations on any k8s resource, just the reconciler conveying richer information outwards. - type: object - additionalProperties: - type: string - conditions: - description: Conditions the latest available observations of a resource's current state. - type: array - items: - description: 'Condition defines a readiness condition for a Knative resource. See: https://github.com/kubernetes/community/blob/master/contributors/devel/sig-architecture/api-conventions.md#typical-status-properties' - type: object - required: - - status - - type - properties: - lastTransitionTime: - description: LastTransitionTime is the last time the condition transitioned from one status to another. We use VolatileTime in place of metav1.Time to exclude this from creating equality.Semantic differences (all other things held constant). - type: string - message: - description: A human readable message indicating details about the transition. - type: string - reason: - description: The reason for the condition's last transition. - type: string - severity: - description: Severity with which to treat failures of this type of condition. When this is not specified, it defaults to Error. - type: string - status: - description: Status of the condition, one of True, False, Unknown. - type: string - type: - description: Type of condition. - type: string - containerStatuses: - description: 'ContainerStatuses is a slice of images present in .Spec.Container[*].Image to their respective digests and their container name. The digests are resolved during the creation of Revision. ContainerStatuses holds the container name and image digests for both serving and non serving containers. ref: http://bit.ly/image-digests' - type: array - items: - description: ContainerStatus holds the information of container name and image digest value - type: object - properties: - imageDigest: - type: string - name: - type: string - desiredReplicas: - description: DesiredReplicas reflects the desired amount of pods running this revision. - type: integer - format: int32 - initContainerStatuses: - description: 'InitContainerStatuses is a slice of images present in .Spec.InitContainer[*].Image to their respective digests and their container name. The digests are resolved during the creation of Revision. ContainerStatuses holds the container name and image digests for both serving and non serving containers. ref: http://bit.ly/image-digests' - type: array - items: - description: ContainerStatus holds the information of container name and image digest value - type: object - properties: - imageDigest: - type: string - name: - type: string - logUrl: - description: LogURL specifies the generated logging url for this particular revision based on the revision url template specified in the controller's config. - type: string - observedGeneration: - description: ObservedGeneration is the 'Generation' of the Service that was last processed by the controller. - type: integer - format: int64 - ---- -# Copyright 2019 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -# Note: The schema part of the spec is auto-generated by hack/update-schemas.sh. - -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - name: routes.serving.knative.dev - labels: - app.kubernetes.io/name: knative-serving - app.kubernetes.io/version: "1.8.0" - knative.dev/crd-install: "true" - duck.knative.dev/addressable: "true" -spec: - group: serving.knative.dev - names: - kind: Route - plural: routes - singular: route - categories: - - all - - knative - - serving - shortNames: - - rt - scope: Namespaced - versions: - - name: v1 - served: true - storage: true - subresources: - status: {} - additionalPrinterColumns: - - name: URL - type: string - jsonPath: .status.url - - name: Ready - type: string - jsonPath: ".status.conditions[?(@.type=='Ready')].status" - - name: Reason - type: string - jsonPath: ".status.conditions[?(@.type=='Ready')].reason" - schema: - openAPIV3Schema: - description: 'Route is responsible for configuring ingress over a collection of Revisions. Some of the Revisions a Route distributes traffic over may be specified by referencing the Configuration responsible for creating them; in these cases the Route is additionally responsible for monitoring the Configuration for "latest ready revision" changes, and smoothly rolling out latest revisions. See also: https://github.com/knative/serving/blob/main/docs/spec/overview.md#route' - type: object - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - description: Spec holds the desired state of the Route (from the client). - type: object - properties: - traffic: - description: Traffic specifies how to distribute traffic over a collection of revisions and configurations. - type: array - items: - description: TrafficTarget holds a single entry of the routing table for a Route. - type: object - properties: - configurationName: - description: ConfigurationName of a configuration to whose latest revision we will send this portion of traffic. When the "status.latestReadyRevisionName" of the referenced configuration changes, we will automatically migrate traffic from the prior "latest ready" revision to the new one. This field is never set in Route's status, only its spec. This is mutually exclusive with RevisionName. - type: string - latestRevision: - description: LatestRevision may be optionally provided to indicate that the latest ready Revision of the Configuration should be used for this traffic target. When provided LatestRevision must be true if RevisionName is empty; it must be false when RevisionName is non-empty. - type: boolean - percent: - description: 'Percent indicates that percentage based routing should be used and the value indicates the percent of traffic that is be routed to this Revision or Configuration. `0` (zero) mean no traffic, `100` means all traffic. When percentage based routing is being used the follow rules apply: - the sum of all percent values must equal 100 - when not specified, the implied value for `percent` is zero for that particular Revision or Configuration' - type: integer - format: int64 - revisionName: - description: RevisionName of a specific revision to which to send this portion of traffic. This is mutually exclusive with ConfigurationName. - type: string - tag: - description: Tag is optionally used to expose a dedicated url for referencing this target exclusively. - type: string - url: - description: URL displays the URL for accessing named traffic targets. URL is displayed in status, and is disallowed on spec. URL must contain a scheme (e.g. http://) and a hostname, but may not contain anything else (e.g. basic auth, url path, etc.) - type: string - status: - description: Status communicates the observed state of the Route (from the controller). - type: object - properties: - address: - description: Address holds the information needed for a Route to be the target of an event. - type: object - properties: - url: - type: string - annotations: - description: Annotations is additional Status fields for the Resource to save some additional State as well as convey more information to the user. This is roughly akin to Annotations on any k8s resource, just the reconciler conveying richer information outwards. - type: object - additionalProperties: - type: string - conditions: - description: Conditions the latest available observations of a resource's current state. - type: array - items: - description: 'Condition defines a readiness condition for a Knative resource. See: https://github.com/kubernetes/community/blob/master/contributors/devel/sig-architecture/api-conventions.md#typical-status-properties' - type: object - required: - - status - - type - properties: - lastTransitionTime: - description: LastTransitionTime is the last time the condition transitioned from one status to another. We use VolatileTime in place of metav1.Time to exclude this from creating equality.Semantic differences (all other things held constant). - type: string - message: - description: A human readable message indicating details about the transition. - type: string - reason: - description: The reason for the condition's last transition. - type: string - severity: - description: Severity with which to treat failures of this type of condition. When this is not specified, it defaults to Error. - type: string - status: - description: Status of the condition, one of True, False, Unknown. - type: string - type: - description: Type of condition. - type: string - observedGeneration: - description: ObservedGeneration is the 'Generation' of the Service that was last processed by the controller. - type: integer - format: int64 - traffic: - description: Traffic holds the configured traffic distribution. These entries will always contain RevisionName references. When ConfigurationName appears in the spec, this will hold the LatestReadyRevisionName that we last observed. - type: array - items: - description: TrafficTarget holds a single entry of the routing table for a Route. - type: object - properties: - configurationName: - description: ConfigurationName of a configuration to whose latest revision we will send this portion of traffic. When the "status.latestReadyRevisionName" of the referenced configuration changes, we will automatically migrate traffic from the prior "latest ready" revision to the new one. This field is never set in Route's status, only its spec. This is mutually exclusive with RevisionName. - type: string - latestRevision: - description: LatestRevision may be optionally provided to indicate that the latest ready Revision of the Configuration should be used for this traffic target. When provided LatestRevision must be true if RevisionName is empty; it must be false when RevisionName is non-empty. - type: boolean - percent: - description: 'Percent indicates that percentage based routing should be used and the value indicates the percent of traffic that is be routed to this Revision or Configuration. `0` (zero) mean no traffic, `100` means all traffic. When percentage based routing is being used the follow rules apply: - the sum of all percent values must equal 100 - when not specified, the implied value for `percent` is zero for that particular Revision or Configuration' - type: integer - format: int64 - revisionName: - description: RevisionName of a specific revision to which to send this portion of traffic. This is mutually exclusive with ConfigurationName. - type: string - tag: - description: Tag is optionally used to expose a dedicated url for referencing this target exclusively. - type: string - url: - description: URL displays the URL for accessing named traffic targets. URL is displayed in status, and is disallowed on spec. URL must contain a scheme (e.g. http://) and a hostname, but may not contain anything else (e.g. basic auth, url path, etc.) - type: string - url: - description: URL holds the url that will distribute traffic over the provided traffic targets. It generally has the form http[s]://{route-name}.{route-namespace}.{cluster-level-suffix} - type: string - ---- -# Copyright 2019 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - name: serverlessservices.networking.internal.knative.dev - labels: - app.kubernetes.io/name: knative-serving - app.kubernetes.io/component: networking - app.kubernetes.io/version: "1.8.0" - knative.dev/crd-install: "true" -spec: - group: networking.internal.knative.dev - versions: - - name: v1alpha1 - served: true - storage: true - subresources: - status: {} - schema: - openAPIV3Schema: - description: 'ServerlessService is a proxy for the K8s service objects containing the endpoints for the revision, whether those are endpoints of the activator or revision pods. See: https://knative.page.link/naxz for details.' - type: object - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - description: 'Spec is the desired state of the ServerlessService. More info: https://github.com/kubernetes/community/blob/master/contributors/devel/sig-architecture/api-conventions.md#spec-and-status' - type: object - required: - - objectRef - - protocolType - properties: - mode: - description: Mode describes the mode of operation of the ServerlessService. - type: string - numActivators: - description: NumActivators contains number of Activators that this revision should be assigned. O means — assign all. - type: integer - format: int32 - objectRef: - description: ObjectRef defines the resource that this ServerlessService is responsible for making "serverless". - type: object - properties: - apiVersion: - description: API version of the referent. - type: string - fieldPath: - description: 'If referring to a piece of an object instead of an entire object, this string should contain a valid JSON/Go field access statement, such as desiredState.manifest.containers[2]. For example, if the object reference is to a container within a pod, this would take on a value like: "spec.containers{name}" (where "name" refers to the name of the container that triggered the event) or if no container name is specified "spec.containers[2]" (container with index 2 in this pod). This syntax is chosen only to have some well-defined way of referencing a part of an object. TODO: this design is not final and this field is subject to change in the future.' - type: string - kind: - description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - namespace: - description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' - type: string - resourceVersion: - description: 'Specific resourceVersion to which this reference is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency' - type: string - uid: - description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids' - type: string - x-kubernetes-map-type: atomic - protocolType: - description: The application-layer protocol. Matches `RevisionProtocolType` set on the owning pa/revision. serving imports networking, so just use string. - type: string - status: - description: 'Status is the current state of the ServerlessService. More info: https://github.com/kubernetes/community/blob/master/contributors/devel/sig-architecture/api-conventions.md#spec-and-status' - type: object - properties: - annotations: - description: Annotations is additional Status fields for the Resource to save some additional State as well as convey more information to the user. This is roughly akin to Annotations on any k8s resource, just the reconciler conveying richer information outwards. - type: object - additionalProperties: - type: string - conditions: - description: Conditions the latest available observations of a resource's current state. - type: array - items: - description: 'Condition defines a readiness condition for a Knative resource. See: https://github.com/kubernetes/community/blob/master/contributors/devel/sig-architecture/api-conventions.md#typical-status-properties' - type: object - required: - - status - - type - properties: - lastTransitionTime: - description: LastTransitionTime is the last time the condition transitioned from one status to another. We use VolatileTime in place of metav1.Time to exclude this from creating equality.Semantic differences (all other things held constant). - type: string - message: - description: A human readable message indicating details about the transition. - type: string - reason: - description: The reason for the condition's last transition. - type: string - severity: - description: Severity with which to treat failures of this type of condition. When this is not specified, it defaults to Error. - type: string - status: - description: Status of the condition, one of True, False, Unknown. - type: string - type: - description: Type of condition. - type: string - observedGeneration: - description: ObservedGeneration is the 'Generation' of the Service that was last processed by the controller. - type: integer - format: int64 - privateServiceName: - description: PrivateServiceName holds the name of a core K8s Service resource that load balances over the user service pods backing this Revision. - type: string - serviceName: - description: ServiceName holds the name of a core K8s Service resource that load balances over the pods backing this Revision (activator or revision). - type: string - additionalPrinterColumns: - - name: Mode - type: string - jsonPath: ".spec.mode" - - name: Activators - type: integer - jsonPath: ".spec.numActivators" - - name: ServiceName - type: string - jsonPath: ".status.serviceName" - - name: PrivateServiceName - type: string - jsonPath: ".status.privateServiceName" - - name: Ready - type: string - jsonPath: ".status.conditions[?(@.type=='Ready')].status" - - name: Reason - type: string - jsonPath: ".status.conditions[?(@.type=='Ready')].reason" - names: - kind: ServerlessService - plural: serverlessservices - singular: serverlessservice - categories: - - knative-internal - - networking - shortNames: - - sks - scope: Namespaced - ---- -# Copyright 2019 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -# Note: The schema part of the spec is auto-generated by hack/update-schemas.sh. - -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - name: services.serving.knative.dev - labels: - app.kubernetes.io/name: knative-serving - app.kubernetes.io/version: "1.8.0" - knative.dev/crd-install: "true" - duck.knative.dev/addressable: "true" - duck.knative.dev/podspecable: "true" -spec: - group: serving.knative.dev - names: - kind: Service - plural: services - singular: service - categories: - - all - - knative - - serving - shortNames: - - kservice - - ksvc - scope: Namespaced - versions: - - name: v1 - served: true - storage: true - subresources: - status: {} - additionalPrinterColumns: - - name: URL - type: string - jsonPath: .status.url - - name: LatestCreated - type: string - jsonPath: .status.latestCreatedRevisionName - - name: LatestReady - type: string - jsonPath: .status.latestReadyRevisionName - - name: Ready - type: string - jsonPath: ".status.conditions[?(@.type=='Ready')].status" - - name: Reason - type: string - jsonPath: ".status.conditions[?(@.type=='Ready')].reason" - schema: - openAPIV3Schema: - description: "Service acts as a top-level container that manages a Route and Configuration which implement a network service. Service exists to provide a singular abstraction which can be access controlled, reasoned about, and which encapsulates software lifecycle decisions such as rollout policy and team resource ownership. Service acts only as an orchestrator of the underlying Routes and Configurations (much as a kubernetes Deployment orchestrates ReplicaSets), and its usage is optional but recommended. \n The Service's controller will track the statuses of its owned Configuration and Route, reflecting their statuses and conditions as its own. \n See also: https://github.com/knative/serving/blob/main/docs/spec/overview.md#service" - type: object - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - description: ServiceSpec represents the configuration for the Service object. A Service's specification is the union of the specifications for a Route and Configuration. The Service restricts what can be expressed in these fields, e.g. the Route must reference the provided Configuration; however, these limitations also enable friendlier defaulting, e.g. Route never needs a Configuration name, and may be defaulted to the appropriate "run latest" spec. - type: object - properties: - template: - description: Template holds the latest specification for the Revision to be stamped out. - type: object - properties: - metadata: - type: object - properties: - annotations: - type: object - additionalProperties: - type: string - finalizers: - type: array - items: - type: string - labels: - type: object - additionalProperties: - type: string - name: - type: string - namespace: - type: string - x-kubernetes-preserve-unknown-fields: true - spec: - description: RevisionSpec holds the desired state of the Revision (from the client). - type: object - required: - - containers - properties: - affinity: - description: This is accessible behind a feature flag - kubernetes.podspec-affinity - type: object - x-kubernetes-preserve-unknown-fields: true - automountServiceAccountToken: - description: AutomountServiceAccountToken indicates whether a service account token should be automatically mounted. - type: boolean - containerConcurrency: - description: ContainerConcurrency specifies the maximum allowed in-flight (concurrent) requests per container of the Revision. Defaults to `0` which means concurrency to the application is not limited, and the system decides the target concurrency for the autoscaler. - type: integer - format: int64 - containers: - description: List of containers belonging to the pod. Containers cannot currently be added or removed. There must be at least one container in a Pod. Cannot be updated. - type: array - items: - description: A single application container that you want to run within a pod. - type: object - properties: - args: - description: 'Arguments to the entrypoint. The container image''s CMD is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container''s environment. If a variable cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)" will produce the string literal "$(VAR_NAME)". Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell' - type: array - items: - type: string - command: - description: 'Entrypoint array. Not executed within a shell. The container image''s ENTRYPOINT is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container''s environment. If a variable cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)" will produce the string literal "$(VAR_NAME)". Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell' - type: array - items: - type: string - env: - description: List of environment variables to set in the container. Cannot be updated. - type: array - items: - description: EnvVar represents an environment variable present in a Container. - type: object - required: - - name - properties: - name: - description: Name of the environment variable. Must be a C_IDENTIFIER. - type: string - value: - description: 'Variable references $(VAR_NAME) are expanded using the previously defined environment variables in the container and any service environment variables. If a variable cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)" will produce the string literal "$(VAR_NAME)". Escaped references will never be expanded, regardless of whether the variable exists or not. Defaults to "".' - type: string - valueFrom: - description: Source for the environment variable's value. Cannot be used if value is not empty. - type: object - properties: - configMapKeyRef: - description: Selects a key of a ConfigMap. - type: object - required: - - key - properties: - key: - description: The key to select. - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?' - type: string - optional: - description: Specify whether the ConfigMap or its key must be defined - type: boolean - x-kubernetes-map-type: atomic - fieldRef: - description: This is accessible behind a feature flag - kubernetes.podspec-fieldref - type: object - x-kubernetes-preserve-unknown-fields: true - x-kubernetes-map-type: atomic - resourceFieldRef: - description: This is accessible behind a feature flag - kubernetes.podspec-fieldref - type: object - x-kubernetes-preserve-unknown-fields: true - x-kubernetes-map-type: atomic - secretKeyRef: - description: Selects a key of a secret in the pod's namespace - type: object - required: - - key - properties: - key: - description: The key of the secret to select from. Must be a valid secret key. - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?' - type: string - optional: - description: Specify whether the Secret or its key must be defined - type: boolean - x-kubernetes-map-type: atomic - envFrom: - description: List of sources to populate environment variables in the container. The keys defined within a source must be a C_IDENTIFIER. All invalid keys will be reported as an event when the container is starting. When a key exists in multiple sources, the value associated with the last source will take precedence. Values defined by an Env with a duplicate key will take precedence. Cannot be updated. - type: array - items: - description: EnvFromSource represents the source of a set of ConfigMaps - type: object - properties: - configMapRef: - description: The ConfigMap to select from - type: object - properties: - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?' - type: string - optional: - description: Specify whether the ConfigMap must be defined - type: boolean - x-kubernetes-map-type: atomic - prefix: - description: An optional identifier to prepend to each key in the ConfigMap. Must be a C_IDENTIFIER. - type: string - secretRef: - description: The Secret to select from - type: object - properties: - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?' - type: string - optional: - description: Specify whether the Secret must be defined - type: boolean - x-kubernetes-map-type: atomic - image: - description: 'Container image name. More info: https://kubernetes.io/docs/concepts/containers/images This field is optional to allow higher level config management to default or override container images in workload controllers like Deployments and StatefulSets.' - type: string - imagePullPolicy: - description: 'Image pull policy. One of Always, Never, IfNotPresent. Defaults to Always if :latest tag is specified, or IfNotPresent otherwise. Cannot be updated. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images' - type: string - livenessProbe: - description: 'Periodic probe of container liveness. Container will be restarted if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' - type: object - properties: - exec: - description: Exec specifies the action to take. - type: object - properties: - command: - description: Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. - type: array - items: - type: string - failureThreshold: - description: Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1. - type: integer - format: int32 - httpGet: - description: HTTPGet specifies the http request to perform. - type: object - properties: - host: - description: Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. - type: string - httpHeaders: - description: Custom headers to set in the request. HTTP allows repeated headers. - type: array - items: - description: HTTPHeader describes a custom header to be used in HTTP probes - type: object - required: - - name - - value - properties: - name: - description: The header field name - type: string - value: - description: The header field value - type: string - path: - description: Path to access on the HTTP server. - type: string - port: - description: Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - scheme: - description: Scheme to use for connecting to the host. Defaults to HTTP. - type: string - initialDelaySeconds: - description: 'Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' - type: integer - format: int32 - periodSeconds: - description: How often (in seconds) to perform the probe. - type: integer - format: int32 - successThreshold: - description: Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1. - type: integer - format: int32 - tcpSocket: - description: TCPSocket specifies an action involving a TCP port. - type: object - properties: - host: - description: 'Optional: Host name to connect to, defaults to the pod IP.' - type: string - port: - description: Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - timeoutSeconds: - description: 'Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' - type: integer - format: int32 - name: - description: Name of the container specified as a DNS_LABEL. Each container in a pod must have a unique name (DNS_LABEL). Cannot be updated. - type: string - ports: - description: List of ports to expose from the container. Not specifying a port here DOES NOT prevent that port from being exposed. Any port which is listening on the default "0.0.0.0" address inside a container will be accessible from the network. Modifying this array with strategic merge patch may corrupt the data. For more information See https://github.com/kubernetes/kubernetes/issues/108255. Cannot be updated. - type: array - items: - description: ContainerPort represents a network port in a single container. - type: object - required: - - containerPort - properties: - containerPort: - description: Number of port to expose on the pod's IP address. This must be a valid port number, 0 < x < 65536. - type: integer - format: int32 - name: - description: If specified, this must be an IANA_SVC_NAME and unique within the pod. Each named port in a pod must have a unique name. Name for the port that can be referred to by services. - type: string - protocol: - description: Protocol for port. Must be UDP, TCP, or SCTP. Defaults to "TCP". - type: string - default: TCP - x-kubernetes-list-map-keys: - - containerPort - - protocol - x-kubernetes-list-type: map - readinessProbe: - description: 'Periodic probe of container service readiness. Container will be removed from service endpoints if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' - type: object - properties: - exec: - description: Exec specifies the action to take. - type: object - properties: - command: - description: Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. - type: array - items: - type: string - failureThreshold: - description: Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1. - type: integer - format: int32 - httpGet: - description: HTTPGet specifies the http request to perform. - type: object - properties: - host: - description: Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. - type: string - httpHeaders: - description: Custom headers to set in the request. HTTP allows repeated headers. - type: array - items: - description: HTTPHeader describes a custom header to be used in HTTP probes - type: object - required: - - name - - value - properties: - name: - description: The header field name - type: string - value: - description: The header field value - type: string - path: - description: Path to access on the HTTP server. - type: string - port: - description: Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - scheme: - description: Scheme to use for connecting to the host. Defaults to HTTP. - type: string - initialDelaySeconds: - description: 'Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' - type: integer - format: int32 - periodSeconds: - description: How often (in seconds) to perform the probe. - type: integer - format: int32 - successThreshold: - description: Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1. - type: integer - format: int32 - tcpSocket: - description: TCPSocket specifies an action involving a TCP port. - type: object - properties: - host: - description: 'Optional: Host name to connect to, defaults to the pod IP.' - type: string - port: - description: Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - timeoutSeconds: - description: 'Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' - type: integer - format: int32 - resources: - description: 'Compute Resources required by this container. Cannot be updated. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' - type: object - properties: - limits: - description: 'Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' - type: object - additionalProperties: - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - requests: - description: 'Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' - type: object - additionalProperties: - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - securityContext: - description: 'SecurityContext defines the security options the container should be run with. If set, the fields of SecurityContext override the equivalent fields of PodSecurityContext. More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/' - type: object - properties: - allowPrivilegeEscalation: - description: 'AllowPrivilegeEscalation controls whether a process can gain more privileges than its parent process. This bool directly controls if the no_new_privs flag will be set on the container process. AllowPrivilegeEscalation is true always when the container is: 1) run as Privileged 2) has CAP_SYS_ADMIN Note that this field cannot be set when spec.os.name is windows.' - type: boolean - capabilities: - description: The capabilities to add/drop when running containers. Defaults to the default set of capabilities granted by the container runtime. Note that this field cannot be set when spec.os.name is windows. - type: object - properties: - add: - description: This is accessible behind a feature flag - kubernetes.containerspec-addcapabilities - type: array - items: - description: Capability represent POSIX capabilities type - type: string - drop: - description: Removed capabilities - type: array - items: - description: Capability represent POSIX capabilities type - type: string - readOnlyRootFilesystem: - description: Whether this container has a read-only root filesystem. Default is false. Note that this field cannot be set when spec.os.name is windows. - type: boolean - runAsGroup: - description: The GID to run the entrypoint of the container process. Uses runtime default if unset. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is windows. - type: integer - format: int64 - runAsNonRoot: - description: Indicates that the container must run as a non-root user. If true, the Kubelet will validate the image at runtime to ensure that it does not run as UID 0 (root) and fail to start the container if it does. If unset or false, no such validation will be performed. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. - type: boolean - runAsUser: - description: The UID to run the entrypoint of the container process. Defaults to user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is windows. - type: integer - format: int64 - terminationMessagePath: - description: 'Optional: Path at which the file to which the container''s termination message will be written is mounted into the container''s filesystem. Message written is intended to be brief final status, such as an assertion failure message. Will be truncated by the node if greater than 4096 bytes. The total message length across all containers will be limited to 12kb. Defaults to /dev/termination-log. Cannot be updated.' - type: string - terminationMessagePolicy: - description: Indicate how the termination message should be populated. File will use the contents of terminationMessagePath to populate the container status message on both success and failure. FallbackToLogsOnError will use the last chunk of container log output if the termination message file is empty and the container exited with an error. The log output is limited to 2048 bytes or 80 lines, whichever is smaller. Defaults to File. Cannot be updated. - type: string - volumeMounts: - description: Pod volumes to mount into the container's filesystem. Cannot be updated. - type: array - items: - description: VolumeMount describes a mounting of a Volume within a container. - type: object - required: - - mountPath - - name - properties: - mountPath: - description: Path within the container at which the volume should be mounted. Must not contain ':'. - type: string - name: - description: This must match the Name of a Volume. - type: string - readOnly: - description: Mounted read-only if true, read-write otherwise (false or unspecified). Defaults to false. - type: boolean - subPath: - description: Path within the volume from which the container's volume should be mounted. Defaults to "" (volume's root). - type: string - workingDir: - description: Container's working directory. If not specified, the container runtime's default will be used, which might be configured in the container image. Cannot be updated. - type: string - dnsConfig: - description: This is accessible behind a feature flag - kubernetes.podspec-dnsconfig - type: object - x-kubernetes-preserve-unknown-fields: true - dnsPolicy: - description: This is accessible behind a feature flag - kubernetes.podspec-dnspolicy - type: string - enableServiceLinks: - description: 'EnableServiceLinks indicates whether information about services should be injected into pod''s environment variables, matching the syntax of Docker links. Optional: Knative defaults this to false.' - type: boolean - hostAliases: - description: This is accessible behind a feature flag - kubernetes.podspec-hostaliases - type: array - items: - description: This is accessible behind a feature flag - kubernetes.podspec-hostaliases - type: object - x-kubernetes-preserve-unknown-fields: true - idleTimeoutSeconds: - description: IdleTimeoutSeconds is the maximum duration in seconds a request will be allowed to stay open while not receiving any bytes from the user's application. If unspecified, a system default will be provided. - type: integer - format: int64 - imagePullSecrets: - description: 'ImagePullSecrets is an optional list of references to secrets in the same namespace to use for pulling any of the images used by this PodSpec. If specified, these secrets will be passed to individual puller implementations for them to use. More info: https://kubernetes.io/docs/concepts/containers/images#specifying-imagepullsecrets-on-a-pod' - type: array - items: - description: LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. - type: object - properties: - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?' - type: string - x-kubernetes-map-type: atomic - initContainers: - description: 'List of initialization containers belonging to the pod. Init containers are executed in order prior to containers being started. If any init container fails, the pod is considered to have failed and is handled according to its restartPolicy. The name for an init container or normal container must be unique among all containers. Init containers may not have Lifecycle actions, Readiness probes, Liveness probes, or Startup probes. The resourceRequirements of an init container are taken into account during scheduling by finding the highest request/limit for each resource type, and then using the max of of that value or the sum of the normal containers. Limits are applied to init containers in a similar fashion. Init containers cannot currently be added or removed. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/init-containers/' - type: array - items: - description: This is accessible behind a feature flag - kubernetes.podspec-init-containers - type: object - x-kubernetes-preserve-unknown-fields: true - nodeSelector: - description: This is accessible behind a feature flag - kubernetes.podspec-nodeselector - type: object - x-kubernetes-preserve-unknown-fields: true - x-kubernetes-map-type: atomic - priorityClassName: - description: This is accessible behind a feature flag - kubernetes.podspec-priorityclassname - type: string - x-kubernetes-preserve-unknown-fields: true - responseStartTimeoutSeconds: - description: ResponseStartTimeoutSeconds is the maximum duration in seconds that the request routing layer will wait for a request delivered to a container to begin sending any network traffic. - type: integer - format: int64 - runtimeClassName: - description: This is accessible behind a feature flag - kubernetes.podspec-runtimeclassname - type: string - x-kubernetes-preserve-unknown-fields: true - schedulerName: - description: This is accessible behind a feature flag - kubernetes.podspec-schedulername - type: string - x-kubernetes-preserve-unknown-fields: true - securityContext: - description: This is accessible behind a feature flag - kubernetes.podspec-securitycontext - type: object - x-kubernetes-preserve-unknown-fields: true - serviceAccountName: - description: 'ServiceAccountName is the name of the ServiceAccount to use to run this pod. More info: https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/' - type: string - timeoutSeconds: - description: TimeoutSeconds is the maximum duration in seconds that the request instance is allowed to respond to a request. If unspecified, a system default will be provided. - type: integer - format: int64 - tolerations: - description: This is accessible behind a feature flag - kubernetes.podspec-tolerations - type: array - items: - description: This is accessible behind a feature flag - kubernetes.podspec-tolerations - type: object - x-kubernetes-preserve-unknown-fields: true - topologySpreadConstraints: - description: This is accessible behind a feature flag - kubernetes.podspec-topologyspreadconstraints - type: array - items: - description: This is accessible behind a feature flag - kubernetes.podspec-topologyspreadconstraints - type: object - x-kubernetes-preserve-unknown-fields: true - volumes: - description: 'List of volumes that can be mounted by containers belonging to the pod. More info: https://kubernetes.io/docs/concepts/storage/volumes' - type: array - items: - description: Volume represents a named volume in a pod that may be accessed by any container in the pod. - type: object - required: - - name - properties: - configMap: - description: configMap represents a configMap that should populate this volume - type: object - properties: - defaultMode: - description: 'defaultMode is optional: mode bits used to set permissions on created files by default. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. Defaults to 0644. Directories within the path are not affected by this setting. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.' - type: integer - format: int32 - items: - description: items if unspecified, each key-value pair in the Data field of the referenced ConfigMap will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the ConfigMap, the volume setup will error unless it is marked optional. Paths must be relative and may not contain the '..' path or start with '..'. - type: array - items: - description: Maps a string key to a path within a volume. - type: object - required: - - key - - path - properties: - key: - description: key is the key to project. - type: string - mode: - description: 'mode is Optional: mode bits used to set permissions on this file. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.' - type: integer - format: int32 - path: - description: path is the relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'. - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?' - type: string - optional: - description: optional specify whether the ConfigMap or its keys must be defined - type: boolean - x-kubernetes-map-type: atomic - emptyDir: - description: This is accessible behind a feature flag - kubernetes.podspec-emptydir - type: object - x-kubernetes-preserve-unknown-fields: true - name: - description: 'name of the volume. Must be a DNS_LABEL and unique within the pod. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - persistentVolumeClaim: - description: This is accessible behind a feature flag - kubernetes.podspec-persistent-volume-claim - type: object - x-kubernetes-preserve-unknown-fields: true - projected: - description: projected items for all in one resources secrets, configmaps, and downward API - type: object - properties: - defaultMode: - description: defaultMode are the mode bits used to set permissions on created files by default. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. Directories within the path are not affected by this setting. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. - type: integer - format: int32 - sources: - description: sources is the list of volume projections - type: array - items: - description: Projection that may be projected along with other supported volume types - type: object - properties: - configMap: - description: configMap information about the configMap data to project - type: object - properties: - items: - description: items if unspecified, each key-value pair in the Data field of the referenced ConfigMap will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the ConfigMap, the volume setup will error unless it is marked optional. Paths must be relative and may not contain the '..' path or start with '..'. - type: array - items: - description: Maps a string key to a path within a volume. - type: object - required: - - key - - path - properties: - key: - description: key is the key to project. - type: string - mode: - description: 'mode is Optional: mode bits used to set permissions on this file. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.' - type: integer - format: int32 - path: - description: path is the relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'. - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?' - type: string - optional: - description: optional specify whether the ConfigMap or its keys must be defined - type: boolean - x-kubernetes-map-type: atomic - secret: - description: secret information about the secret data to project - type: object - properties: - items: - description: items if unspecified, each key-value pair in the Data field of the referenced Secret will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the Secret, the volume setup will error unless it is marked optional. Paths must be relative and may not contain the '..' path or start with '..'. - type: array - items: - description: Maps a string key to a path within a volume. - type: object - required: - - key - - path - properties: - key: - description: key is the key to project. - type: string - mode: - description: 'mode is Optional: mode bits used to set permissions on this file. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.' - type: integer - format: int32 - path: - description: path is the relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'. - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?' - type: string - optional: - description: optional field specify whether the Secret or its key must be defined - type: boolean - x-kubernetes-map-type: atomic - serviceAccountToken: - description: serviceAccountToken is information about the serviceAccountToken data to project - type: object - required: - - path - properties: - audience: - description: audience is the intended audience of the token. A recipient of a token must identify itself with an identifier specified in the audience of the token, and otherwise should reject the token. The audience defaults to the identifier of the apiserver. - type: string - expirationSeconds: - description: expirationSeconds is the requested duration of validity of the service account token. As the token approaches expiration, the kubelet volume plugin will proactively rotate the service account token. The kubelet will start trying to rotate the token if the token is older than 80 percent of its time to live or if the token is older than 24 hours.Defaults to 1 hour and must be at least 10 minutes. - type: integer - format: int64 - path: - description: path is the path relative to the mount point of the file to project the token into. - type: string - secret: - description: 'secret represents a secret that should populate this volume. More info: https://kubernetes.io/docs/concepts/storage/volumes#secret' - type: object - properties: - defaultMode: - description: 'defaultMode is Optional: mode bits used to set permissions on created files by default. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. Defaults to 0644. Directories within the path are not affected by this setting. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.' - type: integer - format: int32 - items: - description: items If unspecified, each key-value pair in the Data field of the referenced Secret will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the Secret, the volume setup will error unless it is marked optional. Paths must be relative and may not contain the '..' path or start with '..'. - type: array - items: - description: Maps a string key to a path within a volume. - type: object - required: - - key - - path - properties: - key: - description: key is the key to project. - type: string - mode: - description: 'mode is Optional: mode bits used to set permissions on this file. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.' - type: integer - format: int32 - path: - description: path is the relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'. - type: string - optional: - description: optional field specify whether the Secret or its keys must be defined - type: boolean - secretName: - description: 'secretName is the name of the secret in the pod''s namespace to use. More info: https://kubernetes.io/docs/concepts/storage/volumes#secret' - type: string - traffic: - description: Traffic specifies how to distribute traffic over a collection of revisions and configurations. - type: array - items: - description: TrafficTarget holds a single entry of the routing table for a Route. - type: object - properties: - configurationName: - description: ConfigurationName of a configuration to whose latest revision we will send this portion of traffic. When the "status.latestReadyRevisionName" of the referenced configuration changes, we will automatically migrate traffic from the prior "latest ready" revision to the new one. This field is never set in Route's status, only its spec. This is mutually exclusive with RevisionName. - type: string - latestRevision: - description: LatestRevision may be optionally provided to indicate that the latest ready Revision of the Configuration should be used for this traffic target. When provided LatestRevision must be true if RevisionName is empty; it must be false when RevisionName is non-empty. - type: boolean - percent: - description: 'Percent indicates that percentage based routing should be used and the value indicates the percent of traffic that is be routed to this Revision or Configuration. `0` (zero) mean no traffic, `100` means all traffic. When percentage based routing is being used the follow rules apply: - the sum of all percent values must equal 100 - when not specified, the implied value for `percent` is zero for that particular Revision or Configuration' - type: integer - format: int64 - revisionName: - description: RevisionName of a specific revision to which to send this portion of traffic. This is mutually exclusive with ConfigurationName. - type: string - tag: - description: Tag is optionally used to expose a dedicated url for referencing this target exclusively. - type: string - url: - description: URL displays the URL for accessing named traffic targets. URL is displayed in status, and is disallowed on spec. URL must contain a scheme (e.g. http://) and a hostname, but may not contain anything else (e.g. basic auth, url path, etc.) - type: string - status: - description: ServiceStatus represents the Status stanza of the Service resource. - type: object - properties: - address: - description: Address holds the information needed for a Route to be the target of an event. - type: object - properties: - url: - type: string - annotations: - description: Annotations is additional Status fields for the Resource to save some additional State as well as convey more information to the user. This is roughly akin to Annotations on any k8s resource, just the reconciler conveying richer information outwards. - type: object - additionalProperties: - type: string - conditions: - description: Conditions the latest available observations of a resource's current state. - type: array - items: - description: 'Condition defines a readiness condition for a Knative resource. See: https://github.com/kubernetes/community/blob/master/contributors/devel/sig-architecture/api-conventions.md#typical-status-properties' - type: object - required: - - status - - type - properties: - lastTransitionTime: - description: LastTransitionTime is the last time the condition transitioned from one status to another. We use VolatileTime in place of metav1.Time to exclude this from creating equality.Semantic differences (all other things held constant). - type: string - message: - description: A human readable message indicating details about the transition. - type: string - reason: - description: The reason for the condition's last transition. - type: string - severity: - description: Severity with which to treat failures of this type of condition. When this is not specified, it defaults to Error. - type: string - status: - description: Status of the condition, one of True, False, Unknown. - type: string - type: - description: Type of condition. - type: string - latestCreatedRevisionName: - description: LatestCreatedRevisionName is the last revision that was created from this Configuration. It might not be ready yet, for that use LatestReadyRevisionName. - type: string - latestReadyRevisionName: - description: LatestReadyRevisionName holds the name of the latest Revision stamped out from this Configuration that has had its "Ready" condition become "True". - type: string - observedGeneration: - description: ObservedGeneration is the 'Generation' of the Service that was last processed by the controller. - type: integer - format: int64 - traffic: - description: Traffic holds the configured traffic distribution. These entries will always contain RevisionName references. When ConfigurationName appears in the spec, this will hold the LatestReadyRevisionName that we last observed. - type: array - items: - description: TrafficTarget holds a single entry of the routing table for a Route. - type: object - properties: - configurationName: - description: ConfigurationName of a configuration to whose latest revision we will send this portion of traffic. When the "status.latestReadyRevisionName" of the referenced configuration changes, we will automatically migrate traffic from the prior "latest ready" revision to the new one. This field is never set in Route's status, only its spec. This is mutually exclusive with RevisionName. - type: string - latestRevision: - description: LatestRevision may be optionally provided to indicate that the latest ready Revision of the Configuration should be used for this traffic target. When provided LatestRevision must be true if RevisionName is empty; it must be false when RevisionName is non-empty. - type: boolean - percent: - description: 'Percent indicates that percentage based routing should be used and the value indicates the percent of traffic that is be routed to this Revision or Configuration. `0` (zero) mean no traffic, `100` means all traffic. When percentage based routing is being used the follow rules apply: - the sum of all percent values must equal 100 - when not specified, the implied value for `percent` is zero for that particular Revision or Configuration' - type: integer - format: int64 - revisionName: - description: RevisionName of a specific revision to which to send this portion of traffic. This is mutually exclusive with ConfigurationName. - type: string - tag: - description: Tag is optionally used to expose a dedicated url for referencing this target exclusively. - type: string - url: - description: URL displays the URL for accessing named traffic targets. URL is displayed in status, and is disallowed on spec. URL must contain a scheme (e.g. http://) and a hostname, but may not contain anything else (e.g. basic auth, url path, etc.) - type: string - url: - description: URL holds the url that will distribute traffic over the provided traffic targets. It generally has the form http[s]://{route-name}.{route-namespace}.{cluster-level-suffix} - type: string - ---- -# Copyright 2018 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - name: images.caching.internal.knative.dev - labels: - app.kubernetes.io/name: knative-serving - app.kubernetes.io/version: "1.8.0" - knative.dev/crd-install: "true" -spec: - group: caching.internal.knative.dev - names: - kind: Image - plural: images - singular: image - categories: - - knative-internal - - caching - scope: Namespaced - versions: - - name: v1alpha1 - served: true - storage: true - subresources: - status: {} - schema: - openAPIV3Schema: - description: Image is a Knative abstraction that encapsulates the interface by which Knative components express a desire to have a particular image cached. - type: object - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - description: Spec holds the desired state of the Image (from the client). - type: object - required: - - image - properties: - image: - description: Image is the name of the container image url to cache across the cluster. - type: string - imagePullSecrets: - description: ImagePullSecrets contains the names of the Kubernetes Secrets containing login information used by the Pods which will run this container. - type: array - items: - description: LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. - type: object - properties: - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?' - type: string - x-kubernetes-map-type: atomic - serviceAccountName: - description: 'ServiceAccountName is the name of the Kubernetes ServiceAccount as which the Pods will run this container. This is potentially used to authenticate the image pull if the service account has attached pull secrets. For more information: https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/#add-imagepullsecrets-to-a-service-account' - type: string - status: - description: Status communicates the observed state of the Image (from the controller). - type: object - properties: - annotations: - description: Annotations is additional Status fields for the Resource to save some additional State as well as convey more information to the user. This is roughly akin to Annotations on any k8s resource, just the reconciler conveying richer information outwards. - type: object - additionalProperties: - type: string - conditions: - description: Conditions the latest available observations of a resource's current state. - type: array - items: - description: 'Condition defines a readiness condition for a Knative resource. See: https://github.com/kubernetes/community/blob/master/contributors/devel/sig-architecture/api-conventions.md#typical-status-properties' - type: object - required: - - status - - type - properties: - lastTransitionTime: - description: LastTransitionTime is the last time the condition transitioned from one status to another. We use VolatileTime in place of metav1.Time to exclude this from creating equality.Semantic differences (all other things held constant). - type: string - message: - description: A human readable message indicating details about the transition. - type: string - reason: - description: The reason for the condition's last transition. - type: string - severity: - description: Severity with which to treat failures of this type of condition. When this is not specified, it defaults to Error. - type: string - status: - description: Status of the condition, one of True, False, Unknown. - type: string - type: - description: Type of condition. - type: string - observedGeneration: - description: ObservedGeneration is the 'Generation' of the Service that was last processed by the controller. - type: integer - format: int64 - additionalPrinterColumns: - - name: Image - type: string - jsonPath: .spec.image - ---- diff --git a/cmd/operator/kodata/knative-serving/1.8.0/2-serving-core.yaml b/cmd/operator/kodata/knative-serving/1.8.0/2-serving-core.yaml deleted file mode 100644 index 0f06cac352..0000000000 --- a/cmd/operator/kodata/knative-serving/1.8.0/2-serving-core.yaml +++ /dev/null @@ -1,6917 +0,0 @@ -# Copyright 2018 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: v1 -kind: Namespace -metadata: - name: knative-serving - labels: - app.kubernetes.io/name: knative-serving - app.kubernetes.io/version: "1.8.0" - ---- -# Copyright 2019 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -# Use this aggregated ClusterRole when you need readonly access to "Addressables" -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRole -metadata: - # Named like this to avoid clashing with eventing's existing `addressable-resolver` role - # (which should be identical, but isn't guaranteed to be installed alongside serving). - name: knative-serving-aggregated-addressable-resolver - labels: - app.kubernetes.io/version: "1.8.0" - app.kubernetes.io/name: knative-serving -aggregationRule: - clusterRoleSelectors: - - matchLabels: - duck.knative.dev/addressable: "true" ---- -kind: ClusterRole -apiVersion: rbac.authorization.k8s.io/v1 -metadata: - name: knative-serving-addressable-resolver - labels: - app.kubernetes.io/version: "1.8.0" - app.kubernetes.io/name: knative-serving - # Labeled to facilitate aggregated cluster roles that act on Addressables. - duck.knative.dev/addressable: "true" -# Do not use this role directly. These rules will be added to the "addressable-resolver" role. -rules: - - apiGroups: - - serving.knative.dev - resources: - - routes - - routes/status - - services - - services/status - verbs: - - get - - list - - watch - ---- -# Copyright 2019 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -kind: ClusterRole -apiVersion: rbac.authorization.k8s.io/v1 -metadata: - name: knative-serving-namespaced-admin - labels: - rbac.authorization.k8s.io/aggregate-to-admin: "true" - app.kubernetes.io/version: "1.8.0" - app.kubernetes.io/name: knative-serving -rules: - - apiGroups: ["serving.knative.dev"] - resources: ["*"] - verbs: ["*"] - - apiGroups: ["networking.internal.knative.dev", "autoscaling.internal.knative.dev", "caching.internal.knative.dev"] - resources: ["*"] - verbs: ["get", "list", "watch"] ---- -kind: ClusterRole -apiVersion: rbac.authorization.k8s.io/v1 -metadata: - name: knative-serving-namespaced-edit - labels: - rbac.authorization.k8s.io/aggregate-to-edit: "true" - app.kubernetes.io/version: "1.8.0" - app.kubernetes.io/name: knative-serving -rules: - - apiGroups: ["serving.knative.dev"] - resources: ["*"] - verbs: ["create", "update", "patch", "delete"] - - apiGroups: ["networking.internal.knative.dev", "autoscaling.internal.knative.dev", "caching.internal.knative.dev"] - resources: ["*"] - verbs: ["get", "list", "watch"] ---- -kind: ClusterRole -apiVersion: rbac.authorization.k8s.io/v1 -metadata: - name: knative-serving-namespaced-view - labels: - rbac.authorization.k8s.io/aggregate-to-view: "true" - app.kubernetes.io/version: "1.8.0" - app.kubernetes.io/name: knative-serving -rules: - - apiGroups: ["serving.knative.dev", "networking.internal.knative.dev", "autoscaling.internal.knative.dev", "caching.internal.knative.dev"] - resources: ["*"] - verbs: ["get", "list", "watch"] - ---- -# Copyright 2019 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -kind: ClusterRole -apiVersion: rbac.authorization.k8s.io/v1 -metadata: - name: knative-serving-core - labels: - serving.knative.dev/controller: "true" - app.kubernetes.io/version: "1.8.0" - app.kubernetes.io/name: knative-serving -rules: - - apiGroups: [""] - resources: ["pods", "namespaces", "secrets", "configmaps", "endpoints", "services", "events", "serviceaccounts"] - verbs: ["get", "list", "create", "update", "delete", "patch", "watch"] - - apiGroups: [""] - resources: ["endpoints/restricted"] # Permission for RestrictedEndpointsAdmission - verbs: ["create"] - - apiGroups: [""] - resources: ["namespaces/finalizers"] # finalizers are needed for the owner reference of the webhook - verbs: ["update"] - - apiGroups: ["apps"] - resources: ["deployments", "deployments/finalizers"] # finalizers are needed for the owner reference of the webhook - verbs: ["get", "list", "create", "update", "delete", "patch", "watch"] - - apiGroups: ["admissionregistration.k8s.io"] - resources: ["mutatingwebhookconfigurations", "validatingwebhookconfigurations"] - verbs: ["get", "list", "create", "update", "delete", "patch", "watch"] - - apiGroups: ["apiextensions.k8s.io"] - resources: ["customresourcedefinitions", "customresourcedefinitions/status"] - verbs: ["get", "list", "create", "update", "delete", "patch", "watch"] - - apiGroups: ["autoscaling"] - resources: ["horizontalpodautoscalers"] - verbs: ["get", "list", "create", "update", "delete", "patch", "watch"] - - apiGroups: ["coordination.k8s.io"] - resources: ["leases"] - verbs: ["get", "list", "create", "update", "delete", "patch", "watch"] - - apiGroups: ["serving.knative.dev", "autoscaling.internal.knative.dev", "networking.internal.knative.dev"] - resources: ["*", "*/status", "*/finalizers"] - verbs: ["get", "list", "create", "update", "delete", "deletecollection", "patch", "watch"] - - apiGroups: ["caching.internal.knative.dev"] - resources: ["images"] - verbs: ["get", "list", "create", "update", "delete", "patch", "watch"] - ---- -# Copyright 2019 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -kind: ClusterRole -apiVersion: rbac.authorization.k8s.io/v1 -metadata: - name: knative-serving-podspecable-binding - labels: - app.kubernetes.io/version: "1.8.0" - app.kubernetes.io/name: knative-serving - # Labeled to facilitate aggregated cluster roles that act on PodSpecables. - duck.knative.dev/podspecable: "true" -# Do not use this role directly. These rules will be added to the "podspecable-binder" role. -rules: - - apiGroups: - - serving.knative.dev - resources: - - configurations - - services - verbs: - - list - - watch - - patch - ---- -# Copyright 2018 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: v1 -kind: ServiceAccount -metadata: - name: controller - namespace: knative-serving - labels: - app.kubernetes.io/component: controller - app.kubernetes.io/name: knative-serving - app.kubernetes.io/version: "1.8.0" ---- -kind: ClusterRole -apiVersion: rbac.authorization.k8s.io/v1 -metadata: - name: knative-serving-admin - labels: - app.kubernetes.io/name: knative-serving - app.kubernetes.io/version: "1.8.0" -aggregationRule: - clusterRoleSelectors: - - matchLabels: - serving.knative.dev/controller: "true" ---- -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRoleBinding -metadata: - name: knative-serving-controller-admin - labels: - app.kubernetes.io/component: controller - app.kubernetes.io/name: knative-serving - app.kubernetes.io/version: "1.8.0" -subjects: - - kind: ServiceAccount - name: controller - namespace: knative-serving -roleRef: - kind: ClusterRole - name: knative-serving-admin - apiGroup: rbac.authorization.k8s.io ---- -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRoleBinding -metadata: - name: knative-serving-controller-addressable-resolver - labels: - app.kubernetes.io/component: controller - app.kubernetes.io/name: knative-serving - app.kubernetes.io/version: "1.8.0" -subjects: - - kind: ServiceAccount - name: controller - namespace: knative-serving -roleRef: - kind: ClusterRole - name: knative-serving-aggregated-addressable-resolver - apiGroup: rbac.authorization.k8s.io - ---- -# Copyright 2018 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - name: images.caching.internal.knative.dev - labels: - app.kubernetes.io/name: knative-serving - app.kubernetes.io/version: "1.8.0" - knative.dev/crd-install: "true" -spec: - group: caching.internal.knative.dev - names: - kind: Image - plural: images - singular: image - categories: - - knative-internal - - caching - scope: Namespaced - versions: - - name: v1alpha1 - served: true - storage: true - subresources: - status: {} - schema: - openAPIV3Schema: - description: Image is a Knative abstraction that encapsulates the interface by which Knative components express a desire to have a particular image cached. - type: object - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - description: Spec holds the desired state of the Image (from the client). - type: object - required: - - image - properties: - image: - description: Image is the name of the container image url to cache across the cluster. - type: string - imagePullSecrets: - description: ImagePullSecrets contains the names of the Kubernetes Secrets containing login information used by the Pods which will run this container. - type: array - items: - description: LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. - type: object - properties: - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?' - type: string - x-kubernetes-map-type: atomic - serviceAccountName: - description: 'ServiceAccountName is the name of the Kubernetes ServiceAccount as which the Pods will run this container. This is potentially used to authenticate the image pull if the service account has attached pull secrets. For more information: https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/#add-imagepullsecrets-to-a-service-account' - type: string - status: - description: Status communicates the observed state of the Image (from the controller). - type: object - properties: - annotations: - description: Annotations is additional Status fields for the Resource to save some additional State as well as convey more information to the user. This is roughly akin to Annotations on any k8s resource, just the reconciler conveying richer information outwards. - type: object - additionalProperties: - type: string - conditions: - description: Conditions the latest available observations of a resource's current state. - type: array - items: - description: 'Condition defines a readiness condition for a Knative resource. See: https://github.com/kubernetes/community/blob/master/contributors/devel/sig-architecture/api-conventions.md#typical-status-properties' - type: object - required: - - status - - type - properties: - lastTransitionTime: - description: LastTransitionTime is the last time the condition transitioned from one status to another. We use VolatileTime in place of metav1.Time to exclude this from creating equality.Semantic differences (all other things held constant). - type: string - message: - description: A human readable message indicating details about the transition. - type: string - reason: - description: The reason for the condition's last transition. - type: string - severity: - description: Severity with which to treat failures of this type of condition. When this is not specified, it defaults to Error. - type: string - status: - description: Status of the condition, one of True, False, Unknown. - type: string - type: - description: Type of condition. - type: string - observedGeneration: - description: ObservedGeneration is the 'Generation' of the Service that was last processed by the controller. - type: integer - format: int64 - additionalPrinterColumns: - - name: Image - type: string - jsonPath: .spec.image - ---- -# Copyright 2020 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - name: certificates.networking.internal.knative.dev - labels: - app.kubernetes.io/name: knative-serving - app.kubernetes.io/component: networking - app.kubernetes.io/version: "1.8.0" - knative.dev/crd-install: "true" -spec: - group: networking.internal.knative.dev - versions: - - name: v1alpha1 - served: true - storage: true - subresources: - status: {} - schema: - openAPIV3Schema: - description: Certificate is responsible for provisioning a SSL certificate for the given hosts. It is a Knative abstraction for various SSL certificate provisioning solutions (such as cert-manager or self-signed SSL certificate). - type: object - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - description: 'Spec is the desired state of the Certificate. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status' - type: object - required: - - dnsNames - - secretName - properties: - dnsNames: - description: DNSNames is a list of DNS names the Certificate could support. The wildcard format of DNSNames (e.g. *.default.example.com) is supported. - type: array - items: - type: string - secretName: - description: SecretName is the name of the secret resource to store the SSL certificate in. - type: string - status: - description: 'Status is the current state of the Certificate. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status' - type: object - properties: - annotations: - description: Annotations is additional Status fields for the Resource to save some additional State as well as convey more information to the user. This is roughly akin to Annotations on any k8s resource, just the reconciler conveying richer information outwards. - type: object - additionalProperties: - type: string - conditions: - description: Conditions the latest available observations of a resource's current state. - type: array - items: - description: 'Condition defines a readiness condition for a Knative resource. See: https://github.com/kubernetes/community/blob/master/contributors/devel/sig-architecture/api-conventions.md#typical-status-properties' - type: object - required: - - status - - type - properties: - lastTransitionTime: - description: LastTransitionTime is the last time the condition transitioned from one status to another. We use VolatileTime in place of metav1.Time to exclude this from creating equality.Semantic differences (all other things held constant). - type: string - message: - description: A human readable message indicating details about the transition. - type: string - reason: - description: The reason for the condition's last transition. - type: string - severity: - description: Severity with which to treat failures of this type of condition. When this is not specified, it defaults to Error. - type: string - status: - description: Status of the condition, one of True, False, Unknown. - type: string - type: - description: Type of condition. - type: string - http01Challenges: - description: HTTP01Challenges is a list of HTTP01 challenges that need to be fulfilled in order to get the TLS certificate.. - type: array - items: - description: HTTP01Challenge defines the status of a HTTP01 challenge that a certificate needs to fulfill. - type: object - properties: - serviceName: - description: ServiceName is the name of the service to serve HTTP01 challenge requests. - type: string - serviceNamespace: - description: ServiceNamespace is the namespace of the service to serve HTTP01 challenge requests. - type: string - servicePort: - description: ServicePort is the port of the service to serve HTTP01 challenge requests. - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - url: - description: URL is the URL that the HTTP01 challenge is expected to serve on. - type: string - notAfter: - description: The expiration time of the TLS certificate stored in the secret named by this resource in spec.secretName. - type: string - format: date-time - observedGeneration: - description: ObservedGeneration is the 'Generation' of the Service that was last processed by the controller. - type: integer - format: int64 - additionalPrinterColumns: - - name: Ready - type: string - jsonPath: ".status.conditions[?(@.type==\"Ready\")].status" - - name: Reason - type: string - jsonPath: ".status.conditions[?(@.type==\"Ready\")].reason" - names: - kind: Certificate - plural: certificates - singular: certificate - categories: - - knative-internal - - networking - shortNames: - - kcert - scope: Namespaced - ---- -# Copyright 2019 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -# Note: The schema part of the spec is auto-generated by hack/update-schemas.sh. - -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - name: configurations.serving.knative.dev - labels: - app.kubernetes.io/name: knative-serving - app.kubernetes.io/version: "1.8.0" - knative.dev/crd-install: "true" - duck.knative.dev/podspecable: "true" -spec: - group: serving.knative.dev - names: - kind: Configuration - plural: configurations - singular: configuration - categories: - - all - - knative - - serving - shortNames: - - config - - cfg - scope: Namespaced - versions: - - name: v1 - served: true - storage: true - subresources: - status: {} - additionalPrinterColumns: - - name: LatestCreated - type: string - jsonPath: .status.latestCreatedRevisionName - - name: LatestReady - type: string - jsonPath: .status.latestReadyRevisionName - - name: Ready - type: string - jsonPath: ".status.conditions[?(@.type=='Ready')].status" - - name: Reason - type: string - jsonPath: ".status.conditions[?(@.type=='Ready')].reason" - schema: - openAPIV3Schema: - description: 'Configuration represents the "floating HEAD" of a linear history of Revisions. Users create new Revisions by updating the Configuration''s spec. The "latest created" revision''s name is available under status, as is the "latest ready" revision''s name. See also: https://github.com/knative/serving/blob/main/docs/spec/overview.md#configuration' - type: object - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - description: ConfigurationSpec holds the desired state of the Configuration (from the client). - type: object - properties: - template: - description: Template holds the latest specification for the Revision to be stamped out. - type: object - properties: - metadata: - type: object - properties: - annotations: - type: object - additionalProperties: - type: string - finalizers: - type: array - items: - type: string - labels: - type: object - additionalProperties: - type: string - name: - type: string - namespace: - type: string - x-kubernetes-preserve-unknown-fields: true - spec: - description: RevisionSpec holds the desired state of the Revision (from the client). - type: object - required: - - containers - properties: - affinity: - description: This is accessible behind a feature flag - kubernetes.podspec-affinity - type: object - x-kubernetes-preserve-unknown-fields: true - automountServiceAccountToken: - description: AutomountServiceAccountToken indicates whether a service account token should be automatically mounted. - type: boolean - containerConcurrency: - description: ContainerConcurrency specifies the maximum allowed in-flight (concurrent) requests per container of the Revision. Defaults to `0` which means concurrency to the application is not limited, and the system decides the target concurrency for the autoscaler. - type: integer - format: int64 - containers: - description: List of containers belonging to the pod. Containers cannot currently be added or removed. There must be at least one container in a Pod. Cannot be updated. - type: array - items: - description: A single application container that you want to run within a pod. - type: object - properties: - args: - description: 'Arguments to the entrypoint. The container image''s CMD is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container''s environment. If a variable cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)" will produce the string literal "$(VAR_NAME)". Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell' - type: array - items: - type: string - command: - description: 'Entrypoint array. Not executed within a shell. The container image''s ENTRYPOINT is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container''s environment. If a variable cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)" will produce the string literal "$(VAR_NAME)". Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell' - type: array - items: - type: string - env: - description: List of environment variables to set in the container. Cannot be updated. - type: array - items: - description: EnvVar represents an environment variable present in a Container. - type: object - required: - - name - properties: - name: - description: Name of the environment variable. Must be a C_IDENTIFIER. - type: string - value: - description: 'Variable references $(VAR_NAME) are expanded using the previously defined environment variables in the container and any service environment variables. If a variable cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)" will produce the string literal "$(VAR_NAME)". Escaped references will never be expanded, regardless of whether the variable exists or not. Defaults to "".' - type: string - valueFrom: - description: Source for the environment variable's value. Cannot be used if value is not empty. - type: object - properties: - configMapKeyRef: - description: Selects a key of a ConfigMap. - type: object - required: - - key - properties: - key: - description: The key to select. - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?' - type: string - optional: - description: Specify whether the ConfigMap or its key must be defined - type: boolean - x-kubernetes-map-type: atomic - fieldRef: - description: This is accessible behind a feature flag - kubernetes.podspec-fieldref - type: object - x-kubernetes-preserve-unknown-fields: true - x-kubernetes-map-type: atomic - resourceFieldRef: - description: This is accessible behind a feature flag - kubernetes.podspec-fieldref - type: object - x-kubernetes-preserve-unknown-fields: true - x-kubernetes-map-type: atomic - secretKeyRef: - description: Selects a key of a secret in the pod's namespace - type: object - required: - - key - properties: - key: - description: The key of the secret to select from. Must be a valid secret key. - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?' - type: string - optional: - description: Specify whether the Secret or its key must be defined - type: boolean - x-kubernetes-map-type: atomic - envFrom: - description: List of sources to populate environment variables in the container. The keys defined within a source must be a C_IDENTIFIER. All invalid keys will be reported as an event when the container is starting. When a key exists in multiple sources, the value associated with the last source will take precedence. Values defined by an Env with a duplicate key will take precedence. Cannot be updated. - type: array - items: - description: EnvFromSource represents the source of a set of ConfigMaps - type: object - properties: - configMapRef: - description: The ConfigMap to select from - type: object - properties: - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?' - type: string - optional: - description: Specify whether the ConfigMap must be defined - type: boolean - x-kubernetes-map-type: atomic - prefix: - description: An optional identifier to prepend to each key in the ConfigMap. Must be a C_IDENTIFIER. - type: string - secretRef: - description: The Secret to select from - type: object - properties: - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?' - type: string - optional: - description: Specify whether the Secret must be defined - type: boolean - x-kubernetes-map-type: atomic - image: - description: 'Container image name. More info: https://kubernetes.io/docs/concepts/containers/images This field is optional to allow higher level config management to default or override container images in workload controllers like Deployments and StatefulSets.' - type: string - imagePullPolicy: - description: 'Image pull policy. One of Always, Never, IfNotPresent. Defaults to Always if :latest tag is specified, or IfNotPresent otherwise. Cannot be updated. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images' - type: string - livenessProbe: - description: 'Periodic probe of container liveness. Container will be restarted if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' - type: object - properties: - exec: - description: Exec specifies the action to take. - type: object - properties: - command: - description: Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. - type: array - items: - type: string - failureThreshold: - description: Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1. - type: integer - format: int32 - httpGet: - description: HTTPGet specifies the http request to perform. - type: object - properties: - host: - description: Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. - type: string - httpHeaders: - description: Custom headers to set in the request. HTTP allows repeated headers. - type: array - items: - description: HTTPHeader describes a custom header to be used in HTTP probes - type: object - required: - - name - - value - properties: - name: - description: The header field name - type: string - value: - description: The header field value - type: string - path: - description: Path to access on the HTTP server. - type: string - port: - description: Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - scheme: - description: Scheme to use for connecting to the host. Defaults to HTTP. - type: string - initialDelaySeconds: - description: 'Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' - type: integer - format: int32 - periodSeconds: - description: How often (in seconds) to perform the probe. - type: integer - format: int32 - successThreshold: - description: Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1. - type: integer - format: int32 - tcpSocket: - description: TCPSocket specifies an action involving a TCP port. - type: object - properties: - host: - description: 'Optional: Host name to connect to, defaults to the pod IP.' - type: string - port: - description: Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - timeoutSeconds: - description: 'Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' - type: integer - format: int32 - name: - description: Name of the container specified as a DNS_LABEL. Each container in a pod must have a unique name (DNS_LABEL). Cannot be updated. - type: string - ports: - description: List of ports to expose from the container. Not specifying a port here DOES NOT prevent that port from being exposed. Any port which is listening on the default "0.0.0.0" address inside a container will be accessible from the network. Modifying this array with strategic merge patch may corrupt the data. For more information See https://github.com/kubernetes/kubernetes/issues/108255. Cannot be updated. - type: array - items: - description: ContainerPort represents a network port in a single container. - type: object - required: - - containerPort - properties: - containerPort: - description: Number of port to expose on the pod's IP address. This must be a valid port number, 0 < x < 65536. - type: integer - format: int32 - name: - description: If specified, this must be an IANA_SVC_NAME and unique within the pod. Each named port in a pod must have a unique name. Name for the port that can be referred to by services. - type: string - protocol: - description: Protocol for port. Must be UDP, TCP, or SCTP. Defaults to "TCP". - type: string - default: TCP - x-kubernetes-list-map-keys: - - containerPort - - protocol - x-kubernetes-list-type: map - readinessProbe: - description: 'Periodic probe of container service readiness. Container will be removed from service endpoints if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' - type: object - properties: - exec: - description: Exec specifies the action to take. - type: object - properties: - command: - description: Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. - type: array - items: - type: string - failureThreshold: - description: Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1. - type: integer - format: int32 - httpGet: - description: HTTPGet specifies the http request to perform. - type: object - properties: - host: - description: Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. - type: string - httpHeaders: - description: Custom headers to set in the request. HTTP allows repeated headers. - type: array - items: - description: HTTPHeader describes a custom header to be used in HTTP probes - type: object - required: - - name - - value - properties: - name: - description: The header field name - type: string - value: - description: The header field value - type: string - path: - description: Path to access on the HTTP server. - type: string - port: - description: Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - scheme: - description: Scheme to use for connecting to the host. Defaults to HTTP. - type: string - initialDelaySeconds: - description: 'Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' - type: integer - format: int32 - periodSeconds: - description: How often (in seconds) to perform the probe. - type: integer - format: int32 - successThreshold: - description: Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1. - type: integer - format: int32 - tcpSocket: - description: TCPSocket specifies an action involving a TCP port. - type: object - properties: - host: - description: 'Optional: Host name to connect to, defaults to the pod IP.' - type: string - port: - description: Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - timeoutSeconds: - description: 'Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' - type: integer - format: int32 - resources: - description: 'Compute Resources required by this container. Cannot be updated. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' - type: object - properties: - limits: - description: 'Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' - type: object - additionalProperties: - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - requests: - description: 'Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' - type: object - additionalProperties: - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - securityContext: - description: 'SecurityContext defines the security options the container should be run with. If set, the fields of SecurityContext override the equivalent fields of PodSecurityContext. More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/' - type: object - properties: - allowPrivilegeEscalation: - description: 'AllowPrivilegeEscalation controls whether a process can gain more privileges than its parent process. This bool directly controls if the no_new_privs flag will be set on the container process. AllowPrivilegeEscalation is true always when the container is: 1) run as Privileged 2) has CAP_SYS_ADMIN Note that this field cannot be set when spec.os.name is windows.' - type: boolean - capabilities: - description: The capabilities to add/drop when running containers. Defaults to the default set of capabilities granted by the container runtime. Note that this field cannot be set when spec.os.name is windows. - type: object - properties: - add: - description: This is accessible behind a feature flag - kubernetes.containerspec-addcapabilities - type: array - items: - description: Capability represent POSIX capabilities type - type: string - drop: - description: Removed capabilities - type: array - items: - description: Capability represent POSIX capabilities type - type: string - readOnlyRootFilesystem: - description: Whether this container has a read-only root filesystem. Default is false. Note that this field cannot be set when spec.os.name is windows. - type: boolean - runAsGroup: - description: The GID to run the entrypoint of the container process. Uses runtime default if unset. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is windows. - type: integer - format: int64 - runAsNonRoot: - description: Indicates that the container must run as a non-root user. If true, the Kubelet will validate the image at runtime to ensure that it does not run as UID 0 (root) and fail to start the container if it does. If unset or false, no such validation will be performed. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. - type: boolean - runAsUser: - description: The UID to run the entrypoint of the container process. Defaults to user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is windows. - type: integer - format: int64 - terminationMessagePath: - description: 'Optional: Path at which the file to which the container''s termination message will be written is mounted into the container''s filesystem. Message written is intended to be brief final status, such as an assertion failure message. Will be truncated by the node if greater than 4096 bytes. The total message length across all containers will be limited to 12kb. Defaults to /dev/termination-log. Cannot be updated.' - type: string - terminationMessagePolicy: - description: Indicate how the termination message should be populated. File will use the contents of terminationMessagePath to populate the container status message on both success and failure. FallbackToLogsOnError will use the last chunk of container log output if the termination message file is empty and the container exited with an error. The log output is limited to 2048 bytes or 80 lines, whichever is smaller. Defaults to File. Cannot be updated. - type: string - volumeMounts: - description: Pod volumes to mount into the container's filesystem. Cannot be updated. - type: array - items: - description: VolumeMount describes a mounting of a Volume within a container. - type: object - required: - - mountPath - - name - properties: - mountPath: - description: Path within the container at which the volume should be mounted. Must not contain ':'. - type: string - name: - description: This must match the Name of a Volume. - type: string - readOnly: - description: Mounted read-only if true, read-write otherwise (false or unspecified). Defaults to false. - type: boolean - subPath: - description: Path within the volume from which the container's volume should be mounted. Defaults to "" (volume's root). - type: string - workingDir: - description: Container's working directory. If not specified, the container runtime's default will be used, which might be configured in the container image. Cannot be updated. - type: string - dnsConfig: - description: This is accessible behind a feature flag - kubernetes.podspec-dnsconfig - type: object - x-kubernetes-preserve-unknown-fields: true - dnsPolicy: - description: This is accessible behind a feature flag - kubernetes.podspec-dnspolicy - type: string - enableServiceLinks: - description: 'EnableServiceLinks indicates whether information about services should be injected into pod''s environment variables, matching the syntax of Docker links. Optional: Knative defaults this to false.' - type: boolean - hostAliases: - description: This is accessible behind a feature flag - kubernetes.podspec-hostaliases - type: array - items: - description: This is accessible behind a feature flag - kubernetes.podspec-hostaliases - type: object - x-kubernetes-preserve-unknown-fields: true - idleTimeoutSeconds: - description: IdleTimeoutSeconds is the maximum duration in seconds a request will be allowed to stay open while not receiving any bytes from the user's application. If unspecified, a system default will be provided. - type: integer - format: int64 - imagePullSecrets: - description: 'ImagePullSecrets is an optional list of references to secrets in the same namespace to use for pulling any of the images used by this PodSpec. If specified, these secrets will be passed to individual puller implementations for them to use. More info: https://kubernetes.io/docs/concepts/containers/images#specifying-imagepullsecrets-on-a-pod' - type: array - items: - description: LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. - type: object - properties: - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?' - type: string - x-kubernetes-map-type: atomic - initContainers: - description: 'List of initialization containers belonging to the pod. Init containers are executed in order prior to containers being started. If any init container fails, the pod is considered to have failed and is handled according to its restartPolicy. The name for an init container or normal container must be unique among all containers. Init containers may not have Lifecycle actions, Readiness probes, Liveness probes, or Startup probes. The resourceRequirements of an init container are taken into account during scheduling by finding the highest request/limit for each resource type, and then using the max of of that value or the sum of the normal containers. Limits are applied to init containers in a similar fashion. Init containers cannot currently be added or removed. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/init-containers/' - type: array - items: - description: This is accessible behind a feature flag - kubernetes.podspec-init-containers - type: object - x-kubernetes-preserve-unknown-fields: true - nodeSelector: - description: This is accessible behind a feature flag - kubernetes.podspec-nodeselector - type: object - x-kubernetes-preserve-unknown-fields: true - x-kubernetes-map-type: atomic - priorityClassName: - description: This is accessible behind a feature flag - kubernetes.podspec-priorityclassname - type: string - x-kubernetes-preserve-unknown-fields: true - responseStartTimeoutSeconds: - description: ResponseStartTimeoutSeconds is the maximum duration in seconds that the request routing layer will wait for a request delivered to a container to begin sending any network traffic. - type: integer - format: int64 - runtimeClassName: - description: This is accessible behind a feature flag - kubernetes.podspec-runtimeclassname - type: string - x-kubernetes-preserve-unknown-fields: true - schedulerName: - description: This is accessible behind a feature flag - kubernetes.podspec-schedulername - type: string - x-kubernetes-preserve-unknown-fields: true - securityContext: - description: This is accessible behind a feature flag - kubernetes.podspec-securitycontext - type: object - x-kubernetes-preserve-unknown-fields: true - serviceAccountName: - description: 'ServiceAccountName is the name of the ServiceAccount to use to run this pod. More info: https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/' - type: string - timeoutSeconds: - description: TimeoutSeconds is the maximum duration in seconds that the request instance is allowed to respond to a request. If unspecified, a system default will be provided. - type: integer - format: int64 - tolerations: - description: This is accessible behind a feature flag - kubernetes.podspec-tolerations - type: array - items: - description: This is accessible behind a feature flag - kubernetes.podspec-tolerations - type: object - x-kubernetes-preserve-unknown-fields: true - topologySpreadConstraints: - description: This is accessible behind a feature flag - kubernetes.podspec-topologyspreadconstraints - type: array - items: - description: This is accessible behind a feature flag - kubernetes.podspec-topologyspreadconstraints - type: object - x-kubernetes-preserve-unknown-fields: true - volumes: - description: 'List of volumes that can be mounted by containers belonging to the pod. More info: https://kubernetes.io/docs/concepts/storage/volumes' - type: array - items: - description: Volume represents a named volume in a pod that may be accessed by any container in the pod. - type: object - required: - - name - properties: - configMap: - description: configMap represents a configMap that should populate this volume - type: object - properties: - defaultMode: - description: 'defaultMode is optional: mode bits used to set permissions on created files by default. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. Defaults to 0644. Directories within the path are not affected by this setting. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.' - type: integer - format: int32 - items: - description: items if unspecified, each key-value pair in the Data field of the referenced ConfigMap will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the ConfigMap, the volume setup will error unless it is marked optional. Paths must be relative and may not contain the '..' path or start with '..'. - type: array - items: - description: Maps a string key to a path within a volume. - type: object - required: - - key - - path - properties: - key: - description: key is the key to project. - type: string - mode: - description: 'mode is Optional: mode bits used to set permissions on this file. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.' - type: integer - format: int32 - path: - description: path is the relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'. - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?' - type: string - optional: - description: optional specify whether the ConfigMap or its keys must be defined - type: boolean - x-kubernetes-map-type: atomic - emptyDir: - description: This is accessible behind a feature flag - kubernetes.podspec-emptydir - type: object - x-kubernetes-preserve-unknown-fields: true - name: - description: 'name of the volume. Must be a DNS_LABEL and unique within the pod. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - persistentVolumeClaim: - description: This is accessible behind a feature flag - kubernetes.podspec-persistent-volume-claim - type: object - x-kubernetes-preserve-unknown-fields: true - projected: - description: projected items for all in one resources secrets, configmaps, and downward API - type: object - properties: - defaultMode: - description: defaultMode are the mode bits used to set permissions on created files by default. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. Directories within the path are not affected by this setting. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. - type: integer - format: int32 - sources: - description: sources is the list of volume projections - type: array - items: - description: Projection that may be projected along with other supported volume types - type: object - properties: - configMap: - description: configMap information about the configMap data to project - type: object - properties: - items: - description: items if unspecified, each key-value pair in the Data field of the referenced ConfigMap will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the ConfigMap, the volume setup will error unless it is marked optional. Paths must be relative and may not contain the '..' path or start with '..'. - type: array - items: - description: Maps a string key to a path within a volume. - type: object - required: - - key - - path - properties: - key: - description: key is the key to project. - type: string - mode: - description: 'mode is Optional: mode bits used to set permissions on this file. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.' - type: integer - format: int32 - path: - description: path is the relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'. - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?' - type: string - optional: - description: optional specify whether the ConfigMap or its keys must be defined - type: boolean - x-kubernetes-map-type: atomic - secret: - description: secret information about the secret data to project - type: object - properties: - items: - description: items if unspecified, each key-value pair in the Data field of the referenced Secret will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the Secret, the volume setup will error unless it is marked optional. Paths must be relative and may not contain the '..' path or start with '..'. - type: array - items: - description: Maps a string key to a path within a volume. - type: object - required: - - key - - path - properties: - key: - description: key is the key to project. - type: string - mode: - description: 'mode is Optional: mode bits used to set permissions on this file. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.' - type: integer - format: int32 - path: - description: path is the relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'. - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?' - type: string - optional: - description: optional field specify whether the Secret or its key must be defined - type: boolean - x-kubernetes-map-type: atomic - serviceAccountToken: - description: serviceAccountToken is information about the serviceAccountToken data to project - type: object - required: - - path - properties: - audience: - description: audience is the intended audience of the token. A recipient of a token must identify itself with an identifier specified in the audience of the token, and otherwise should reject the token. The audience defaults to the identifier of the apiserver. - type: string - expirationSeconds: - description: expirationSeconds is the requested duration of validity of the service account token. As the token approaches expiration, the kubelet volume plugin will proactively rotate the service account token. The kubelet will start trying to rotate the token if the token is older than 80 percent of its time to live or if the token is older than 24 hours.Defaults to 1 hour and must be at least 10 minutes. - type: integer - format: int64 - path: - description: path is the path relative to the mount point of the file to project the token into. - type: string - secret: - description: 'secret represents a secret that should populate this volume. More info: https://kubernetes.io/docs/concepts/storage/volumes#secret' - type: object - properties: - defaultMode: - description: 'defaultMode is Optional: mode bits used to set permissions on created files by default. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. Defaults to 0644. Directories within the path are not affected by this setting. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.' - type: integer - format: int32 - items: - description: items If unspecified, each key-value pair in the Data field of the referenced Secret will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the Secret, the volume setup will error unless it is marked optional. Paths must be relative and may not contain the '..' path or start with '..'. - type: array - items: - description: Maps a string key to a path within a volume. - type: object - required: - - key - - path - properties: - key: - description: key is the key to project. - type: string - mode: - description: 'mode is Optional: mode bits used to set permissions on this file. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.' - type: integer - format: int32 - path: - description: path is the relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'. - type: string - optional: - description: optional field specify whether the Secret or its keys must be defined - type: boolean - secretName: - description: 'secretName is the name of the secret in the pod''s namespace to use. More info: https://kubernetes.io/docs/concepts/storage/volumes#secret' - type: string - status: - description: ConfigurationStatus communicates the observed state of the Configuration (from the controller). - type: object - properties: - annotations: - description: Annotations is additional Status fields for the Resource to save some additional State as well as convey more information to the user. This is roughly akin to Annotations on any k8s resource, just the reconciler conveying richer information outwards. - type: object - additionalProperties: - type: string - conditions: - description: Conditions the latest available observations of a resource's current state. - type: array - items: - description: 'Condition defines a readiness condition for a Knative resource. See: https://github.com/kubernetes/community/blob/master/contributors/devel/sig-architecture/api-conventions.md#typical-status-properties' - type: object - required: - - status - - type - properties: - lastTransitionTime: - description: LastTransitionTime is the last time the condition transitioned from one status to another. We use VolatileTime in place of metav1.Time to exclude this from creating equality.Semantic differences (all other things held constant). - type: string - message: - description: A human readable message indicating details about the transition. - type: string - reason: - description: The reason for the condition's last transition. - type: string - severity: - description: Severity with which to treat failures of this type of condition. When this is not specified, it defaults to Error. - type: string - status: - description: Status of the condition, one of True, False, Unknown. - type: string - type: - description: Type of condition. - type: string - latestCreatedRevisionName: - description: LatestCreatedRevisionName is the last revision that was created from this Configuration. It might not be ready yet, for that use LatestReadyRevisionName. - type: string - latestReadyRevisionName: - description: LatestReadyRevisionName holds the name of the latest Revision stamped out from this Configuration that has had its "Ready" condition become "True". - type: string - observedGeneration: - description: ObservedGeneration is the 'Generation' of the Service that was last processed by the controller. - type: integer - format: int64 - ---- -# Copyright 2020 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - name: clusterdomainclaims.networking.internal.knative.dev - labels: - app.kubernetes.io/name: knative-serving - app.kubernetes.io/component: networking - app.kubernetes.io/version: "1.8.0" - knative.dev/crd-install: "true" -spec: - group: networking.internal.knative.dev - versions: - - name: v1alpha1 - served: true - storage: true - subresources: - status: {} - schema: - openAPIV3Schema: - description: ClusterDomainClaim is a cluster-wide reservation for a particular domain name. - type: object - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - description: 'Spec is the desired state of the ClusterDomainClaim. More info: https://github.com/kubernetes/community/blob/master/contributors/devel/sig-architecture/api-conventions.md#spec-and-status' - type: object - required: - - namespace - properties: - namespace: - description: Namespace is the namespace which is allowed to create a DomainMapping using this ClusterDomainClaim's name. - type: string - names: - kind: ClusterDomainClaim - plural: clusterdomainclaims - singular: clusterdomainclaim - categories: - - knative-internal - - networking - shortNames: - - cdc - scope: Cluster - ---- -# Copyright 2020 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - name: domainmappings.serving.knative.dev - labels: - app.kubernetes.io/name: knative-serving - app.kubernetes.io/version: "1.8.0" - knative.dev/crd-install: "true" -spec: - group: serving.knative.dev - versions: - - name: v1beta1 - served: true - storage: false - subresources: - status: {} - additionalPrinterColumns: - - name: URL - type: string - jsonPath: .status.url - - name: Ready - type: string - jsonPath: ".status.conditions[?(@.type=='Ready')].status" - - name: Reason - type: string - jsonPath: ".status.conditions[?(@.type=='Ready')].reason" - "schema": - "openAPIV3Schema": - description: DomainMapping is a mapping from a custom hostname to an Addressable. - type: object - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - description: 'Spec is the desired state of the DomainMapping. More info: https://github.com/kubernetes/community/blob/master/contributors/devel/sig-architecture/api-conventions.md#spec-and-status' - type: object - required: - - ref - properties: - ref: - description: "Ref specifies the target of the Domain Mapping. \n The object identified by the Ref must be an Addressable with a URL of the form `{name}.{namespace}.{domain}` where `{domain}` is the cluster domain, and `{name}` and `{namespace}` are the name and namespace of a Kubernetes Service. \n This contract is satisfied by Knative types such as Knative Services and Knative Routes, and by Kubernetes Services." - type: object - required: - - kind - - name - properties: - apiVersion: - description: API version of the referent. - type: string - group: - description: 'Group of the API, without the version of the group. This can be used as an alternative to the APIVersion, and then resolved using ResolveGroup. Note: This API is EXPERIMENTAL and might break anytime. For more details: https://github.com/knative/eventing/issues/5086' - type: string - kind: - description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - namespace: - description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ This is optional field, it gets defaulted to the object holding it if left out.' - type: string - tls: - description: TLS allows the DomainMapping to terminate TLS traffic with an existing secret. - type: object - required: - - secretName - properties: - secretName: - description: SecretName is the name of the existing secret used to terminate TLS traffic. - type: string - status: - description: 'Status is the current state of the DomainMapping. More info: https://github.com/kubernetes/community/blob/master/contributors/devel/sig-architecture/api-conventions.md#spec-and-status' - type: object - properties: - address: - description: Address holds the information needed for a DomainMapping to be the target of an event. - type: object - properties: - url: - type: string - annotations: - description: Annotations is additional Status fields for the Resource to save some additional State as well as convey more information to the user. This is roughly akin to Annotations on any k8s resource, just the reconciler conveying richer information outwards. - type: object - additionalProperties: - type: string - conditions: - description: Conditions the latest available observations of a resource's current state. - type: array - items: - description: 'Condition defines a readiness condition for a Knative resource. See: https://github.com/kubernetes/community/blob/master/contributors/devel/sig-architecture/api-conventions.md#typical-status-properties' - type: object - required: - - status - - type - properties: - lastTransitionTime: - description: LastTransitionTime is the last time the condition transitioned from one status to another. We use VolatileTime in place of metav1.Time to exclude this from creating equality.Semantic differences (all other things held constant). - type: string - message: - description: A human readable message indicating details about the transition. - type: string - reason: - description: The reason for the condition's last transition. - type: string - severity: - description: Severity with which to treat failures of this type of condition. When this is not specified, it defaults to Error. - type: string - status: - description: Status of the condition, one of True, False, Unknown. - type: string - type: - description: Type of condition. - type: string - observedGeneration: - description: ObservedGeneration is the 'Generation' of the Service that was last processed by the controller. - type: integer - format: int64 - url: - description: URL is the URL of this DomainMapping. - type: string - - name: v1alpha1 - served: true - storage: true - subresources: - status: {} - schema: - openAPIV3Schema: - description: DomainMapping is a mapping from a custom hostname to an Addressable. - type: object - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - description: 'Spec is the desired state of the DomainMapping. More info: https://github.com/kubernetes/community/blob/master/contributors/devel/sig-architecture/api-conventions.md#spec-and-status' - type: object - required: - - ref - properties: - ref: - description: "Ref specifies the target of the Domain Mapping. \n The object identified by the Ref must be an Addressable with a URL of the form `{name}.{namespace}.{domain}` where `{domain}` is the cluster domain, and `{name}` and `{namespace}` are the name and namespace of a Kubernetes Service. \n This contract is satisfied by Knative types such as Knative Services and Knative Routes, and by Kubernetes Services." - type: object - required: - - kind - - name - properties: - apiVersion: - description: API version of the referent. - type: string - group: - description: 'Group of the API, without the version of the group. This can be used as an alternative to the APIVersion, and then resolved using ResolveGroup. Note: This API is EXPERIMENTAL and might break anytime. For more details: https://github.com/knative/eventing/issues/5086' - type: string - kind: - description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - namespace: - description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ This is optional field, it gets defaulted to the object holding it if left out.' - type: string - tls: - description: TLS allows the DomainMapping to terminate TLS traffic with an existing secret. - type: object - required: - - secretName - properties: - secretName: - description: SecretName is the name of the existing secret used to terminate TLS traffic. - type: string - status: - description: 'Status is the current state of the DomainMapping. More info: https://github.com/kubernetes/community/blob/master/contributors/devel/sig-architecture/api-conventions.md#spec-and-status' - type: object - properties: - address: - description: Address holds the information needed for a DomainMapping to be the target of an event. - type: object - properties: - url: - type: string - annotations: - description: Annotations is additional Status fields for the Resource to save some additional State as well as convey more information to the user. This is roughly akin to Annotations on any k8s resource, just the reconciler conveying richer information outwards. - type: object - additionalProperties: - type: string - conditions: - description: Conditions the latest available observations of a resource's current state. - type: array - items: - description: 'Condition defines a readiness condition for a Knative resource. See: https://github.com/kubernetes/community/blob/master/contributors/devel/sig-architecture/api-conventions.md#typical-status-properties' - type: object - required: - - status - - type - properties: - lastTransitionTime: - description: LastTransitionTime is the last time the condition transitioned from one status to another. We use VolatileTime in place of metav1.Time to exclude this from creating equality.Semantic differences (all other things held constant). - type: string - message: - description: A human readable message indicating details about the transition. - type: string - reason: - description: The reason for the condition's last transition. - type: string - severity: - description: Severity with which to treat failures of this type of condition. When this is not specified, it defaults to Error. - type: string - status: - description: Status of the condition, one of True, False, Unknown. - type: string - type: - description: Type of condition. - type: string - observedGeneration: - description: ObservedGeneration is the 'Generation' of the Service that was last processed by the controller. - type: integer - format: int64 - url: - description: URL is the URL of this DomainMapping. - type: string - additionalPrinterColumns: - - name: URL - type: string - jsonPath: .status.url - - name: Ready - type: string - jsonPath: ".status.conditions[?(@.type=='Ready')].status" - - name: Reason - type: string - jsonPath: ".status.conditions[?(@.type=='Ready')].reason" - names: - kind: DomainMapping - plural: domainmappings - singular: domainmapping - categories: - - all - - knative - - serving - shortNames: - - dm - scope: Namespaced - ---- -# Copyright 2020 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - name: ingresses.networking.internal.knative.dev - labels: - app.kubernetes.io/name: knative-serving - app.kubernetes.io/component: networking - app.kubernetes.io/version: "1.8.0" - knative.dev/crd-install: "true" -spec: - group: networking.internal.knative.dev - versions: - - name: v1alpha1 - served: true - storage: true - subresources: - status: {} - schema: - openAPIV3Schema: - description: "Ingress is a collection of rules that allow inbound connections to reach the endpoints defined by a backend. An Ingress can be configured to give services externally-reachable URLs, load balance traffic, offer name based virtual hosting, etc. \n This is heavily based on K8s Ingress https://godoc.org/k8s.io/api/networking/v1beta1#Ingress which some highlighted modifications." - type: object - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - description: 'Spec is the desired state of the Ingress. More info: https://github.com/kubernetes/community/blob/master/contributors/devel/sig-architecture/api-conventions.md#spec-and-status' - type: object - properties: - httpOption: - description: 'HTTPOption is the option of HTTP. It has the following two values: `HTTPOptionEnabled`, `HTTPOptionRedirected`' - type: string - rules: - description: A list of host rules used to configure the Ingress. - type: array - items: - description: IngressRule represents the rules mapping the paths under a specified host to the related backend services. Incoming requests are first evaluated for a host match, then routed to the backend associated with the matching IngressRuleValue. - type: object - properties: - hosts: - description: 'Host is the fully qualified domain name of a network host, as defined by RFC 3986. Note the following deviations from the "host" part of the URI as defined in the RFC: 1. IPs are not allowed. Currently a rule value can only apply to the IP in the Spec of the parent . 2. The `:` delimiter is not respected because ports are not allowed. Currently the port of an Ingress is implicitly :80 for http and :443 for https. Both these may change in the future. If the host is unspecified, the Ingress routes all traffic based on the specified IngressRuleValue. If multiple matching Hosts were provided, the first rule will take precedent.' - type: array - items: - type: string - http: - description: HTTP represents a rule to apply against incoming requests. If the rule is satisfied, the request is routed to the specified backend. - type: object - required: - - paths - properties: - paths: - description: "A collection of paths that map requests to backends. \n If they are multiple matching paths, the first match takes precedence." - type: array - items: - description: HTTPIngressPath associates a path regex with a backend. Incoming URLs matching the path are forwarded to the backend. - type: object - required: - - splits - properties: - appendHeaders: - description: "AppendHeaders allow specifying additional HTTP headers to add before forwarding a request to the destination service. \n NOTE: This differs from K8s Ingress which doesn't allow header appending." - type: object - additionalProperties: - type: string - headers: - description: Headers defines header matching rules which is a map from a header name to HeaderMatch which specify a matching condition. When a request matched with all the header matching rules, the request is routed by the corresponding ingress rule. If it is empty, the headers are not used for matching - type: object - additionalProperties: - description: HeaderMatch represents a matching value of Headers in HTTPIngressPath. Currently, only the exact matching is supported. - type: object - required: - - exact - properties: - exact: - type: string - path: - description: Path represents a literal prefix to which this rule should apply. Currently it can contain characters disallowed from the conventional "path" part of a URL as defined by RFC 3986. Paths must begin with a '/'. If unspecified, the path defaults to a catch all sending traffic to the backend. - type: string - rewriteHost: - description: "RewriteHost rewrites the incoming request's host header. \n This field is currently experimental and not supported by all Ingress implementations." - type: string - splits: - description: Splits defines the referenced service endpoints to which the traffic will be forwarded to. - type: array - items: - description: IngressBackendSplit describes all endpoints for a given service and port. - type: object - required: - - serviceName - - serviceNamespace - - servicePort - properties: - appendHeaders: - description: "AppendHeaders allow specifying additional HTTP headers to add before forwarding a request to the destination service. \n NOTE: This differs from K8s Ingress which doesn't allow header appending." - type: object - additionalProperties: - type: string - percent: - description: "Specifies the split percentage, a number between 0 and 100. If only one split is specified, we default to 100. \n NOTE: This differs from K8s Ingress to allow percentage split." - type: integer - serviceName: - description: Specifies the name of the referenced service. - type: string - serviceNamespace: - description: "Specifies the namespace of the referenced service. \n NOTE: This differs from K8s Ingress to allow routing to different namespaces." - type: string - servicePort: - description: Specifies the port of the referenced service. - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - visibility: - description: Visibility signifies whether this rule should `ClusterLocal`. If it's not specified then it defaults to `ExternalIP`. - type: string - tls: - description: 'TLS configuration. Currently Ingress only supports a single TLS port: 443. If multiple members of this list specify different hosts, they will be multiplexed on the same port according to the hostname specified through the SNI TLS extension, if the ingress controller fulfilling the ingress supports SNI.' - type: array - items: - description: IngressTLS describes the transport layer security associated with an Ingress. - type: object - properties: - hosts: - description: Hosts is a list of hosts included in the TLS certificate. The values in this list must match the name/s used in the tlsSecret. Defaults to the wildcard host setting for the loadbalancer controller fulfilling this Ingress, if left unspecified. - type: array - items: - type: string - secretName: - description: SecretName is the name of the secret used to terminate SSL traffic. - type: string - secretNamespace: - description: SecretNamespace is the namespace of the secret used to terminate SSL traffic. If not set the namespace should be assumed to be the same as the Ingress. If set the secret should have the same namespace as the Ingress otherwise the behaviour is undefined and not supported. - type: string - status: - description: 'Status is the current state of the Ingress. More info: https://github.com/kubernetes/community/blob/master/contributors/devel/sig-architecture/api-conventions.md#spec-and-status' - type: object - properties: - annotations: - description: Annotations is additional Status fields for the Resource to save some additional State as well as convey more information to the user. This is roughly akin to Annotations on any k8s resource, just the reconciler conveying richer information outwards. - type: object - additionalProperties: - type: string - conditions: - description: Conditions the latest available observations of a resource's current state. - type: array - items: - description: 'Condition defines a readiness condition for a Knative resource. See: https://github.com/kubernetes/community/blob/master/contributors/devel/sig-architecture/api-conventions.md#typical-status-properties' - type: object - required: - - status - - type - properties: - lastTransitionTime: - description: LastTransitionTime is the last time the condition transitioned from one status to another. We use VolatileTime in place of metav1.Time to exclude this from creating equality.Semantic differences (all other things held constant). - type: string - message: - description: A human readable message indicating details about the transition. - type: string - reason: - description: The reason for the condition's last transition. - type: string - severity: - description: Severity with which to treat failures of this type of condition. When this is not specified, it defaults to Error. - type: string - status: - description: Status of the condition, one of True, False, Unknown. - type: string - type: - description: Type of condition. - type: string - observedGeneration: - description: ObservedGeneration is the 'Generation' of the Service that was last processed by the controller. - type: integer - format: int64 - privateLoadBalancer: - description: PrivateLoadBalancer contains the current status of the load-balancer. - type: object - properties: - ingress: - description: Ingress is a list containing ingress points for the load-balancer. Traffic intended for the service should be sent to these ingress points. - type: array - items: - description: 'LoadBalancerIngressStatus represents the status of a load-balancer ingress point: traffic intended for the service should be sent to an ingress point.' - type: object - properties: - domain: - description: Domain is set for load-balancer ingress points that are DNS based (typically AWS load-balancers) - type: string - domainInternal: - description: "DomainInternal is set if there is a cluster-local DNS name to access the Ingress. \n NOTE: This differs from K8s Ingress, since we also desire to have a cluster-local DNS name to allow routing in case of not having a mesh." - type: string - ip: - description: IP is set for load-balancer ingress points that are IP based (typically GCE or OpenStack load-balancers) - type: string - meshOnly: - description: MeshOnly is set if the Ingress is only load-balanced through a Service mesh. - type: boolean - publicLoadBalancer: - description: PublicLoadBalancer contains the current status of the load-balancer. - type: object - properties: - ingress: - description: Ingress is a list containing ingress points for the load-balancer. Traffic intended for the service should be sent to these ingress points. - type: array - items: - description: 'LoadBalancerIngressStatus represents the status of a load-balancer ingress point: traffic intended for the service should be sent to an ingress point.' - type: object - properties: - domain: - description: Domain is set for load-balancer ingress points that are DNS based (typically AWS load-balancers) - type: string - domainInternal: - description: "DomainInternal is set if there is a cluster-local DNS name to access the Ingress. \n NOTE: This differs from K8s Ingress, since we also desire to have a cluster-local DNS name to allow routing in case of not having a mesh." - type: string - ip: - description: IP is set for load-balancer ingress points that are IP based (typically GCE or OpenStack load-balancers) - type: string - meshOnly: - description: MeshOnly is set if the Ingress is only load-balanced through a Service mesh. - type: boolean - additionalPrinterColumns: - - name: Ready - type: string - jsonPath: ".status.conditions[?(@.type=='Ready')].status" - - name: Reason - type: string - jsonPath: ".status.conditions[?(@.type=='Ready')].reason" - names: - kind: Ingress - plural: ingresses - singular: ingress - categories: - - knative-internal - - networking - shortNames: - - kingress - - king - scope: Namespaced - ---- -# Copyright 2019 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -# Note: The schema part of the spec is auto-generated by hack/update-schemas.sh. - -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - name: metrics.autoscaling.internal.knative.dev - labels: - app.kubernetes.io/name: knative-serving - app.kubernetes.io/version: "1.8.0" - knative.dev/crd-install: "true" -spec: - group: autoscaling.internal.knative.dev - names: - kind: Metric - plural: metrics - singular: metric - categories: - - knative-internal - - autoscaling - scope: Namespaced - versions: - - name: v1alpha1 - served: true - storage: true - subresources: - status: {} - additionalPrinterColumns: - - name: Ready - type: string - jsonPath: ".status.conditions[?(@.type=='Ready')].status" - - name: Reason - type: string - jsonPath: ".status.conditions[?(@.type=='Ready')].reason" - schema: - openAPIV3Schema: - description: Metric represents a resource to configure the metric collector with. - type: object - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - description: Spec holds the desired state of the Metric (from the client). - type: object - required: - - panicWindow - - scrapeTarget - - stableWindow - properties: - panicWindow: - description: PanicWindow is the aggregation window for metrics where quick reactions are needed. - type: integer - format: int64 - scrapeTarget: - description: ScrapeTarget is the K8s service that publishes the metric endpoint. - type: string - stableWindow: - description: StableWindow is the aggregation window for metrics in a stable state. - type: integer - format: int64 - status: - description: Status communicates the observed state of the Metric (from the controller). - type: object - properties: - annotations: - description: Annotations is additional Status fields for the Resource to save some additional State as well as convey more information to the user. This is roughly akin to Annotations on any k8s resource, just the reconciler conveying richer information outwards. - type: object - additionalProperties: - type: string - conditions: - description: Conditions the latest available observations of a resource's current state. - type: array - items: - description: 'Condition defines a readiness condition for a Knative resource. See: https://github.com/kubernetes/community/blob/master/contributors/devel/sig-architecture/api-conventions.md#typical-status-properties' - type: object - required: - - status - - type - properties: - lastTransitionTime: - description: LastTransitionTime is the last time the condition transitioned from one status to another. We use VolatileTime in place of metav1.Time to exclude this from creating equality.Semantic differences (all other things held constant). - type: string - message: - description: A human readable message indicating details about the transition. - type: string - reason: - description: The reason for the condition's last transition. - type: string - severity: - description: Severity with which to treat failures of this type of condition. When this is not specified, it defaults to Error. - type: string - status: - description: Status of the condition, one of True, False, Unknown. - type: string - type: - description: Type of condition. - type: string - observedGeneration: - description: ObservedGeneration is the 'Generation' of the Service that was last processed by the controller. - type: integer - format: int64 - ---- -# Copyright 2018 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -# Note: The schema part of the spec is auto-generated by hack/update-schemas.sh. - -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - name: podautoscalers.autoscaling.internal.knative.dev - labels: - app.kubernetes.io/name: knative-serving - app.kubernetes.io/version: "1.8.0" - knative.dev/crd-install: "true" -spec: - group: autoscaling.internal.knative.dev - names: - kind: PodAutoscaler - plural: podautoscalers - singular: podautoscaler - categories: - - knative-internal - - autoscaling - shortNames: - - kpa - - pa - scope: Namespaced - versions: - - name: v1alpha1 - served: true - storage: true - subresources: - status: {} - additionalPrinterColumns: - - name: DesiredScale - type: integer - jsonPath: ".status.desiredScale" - - name: ActualScale - type: integer - jsonPath: ".status.actualScale" - - name: Ready - type: string - jsonPath: ".status.conditions[?(@.type=='Ready')].status" - - name: Reason - type: string - jsonPath: ".status.conditions[?(@.type=='Ready')].reason" - schema: - openAPIV3Schema: - description: 'PodAutoscaler is a Knative abstraction that encapsulates the interface by which Knative components instantiate autoscalers. This definition is an abstraction that may be backed by multiple definitions. For more information, see the Knative Pluggability presentation: https://docs.google.com/presentation/d/19vW9HFZ6Puxt31biNZF3uLRejDmu82rxJIk1cWmxF7w/edit' - type: object - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - description: Spec holds the desired state of the PodAutoscaler (from the client). - type: object - required: - - protocolType - - scaleTargetRef - properties: - containerConcurrency: - description: ContainerConcurrency specifies the maximum allowed in-flight (concurrent) requests per container of the Revision. Defaults to `0` which means unlimited concurrency. - type: integer - format: int64 - protocolType: - description: The application-layer protocol. Matches `ProtocolType` inferred from the revision spec. - type: string - reachability: - description: Reachability specifies whether or not the `ScaleTargetRef` can be reached (ie. has a route). Defaults to `ReachabilityUnknown` - type: string - scaleTargetRef: - description: ScaleTargetRef defines the /scale-able resource that this PodAutoscaler is responsible for quickly right-sizing. - type: object - properties: - apiVersion: - description: API version of the referent. - type: string - kind: - description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - x-kubernetes-map-type: atomic - status: - description: Status communicates the observed state of the PodAutoscaler (from the controller). - type: object - required: - - metricsServiceName - - serviceName - properties: - actualScale: - description: ActualScale shows the actual number of replicas for the revision. - type: integer - format: int32 - annotations: - description: Annotations is additional Status fields for the Resource to save some additional State as well as convey more information to the user. This is roughly akin to Annotations on any k8s resource, just the reconciler conveying richer information outwards. - type: object - additionalProperties: - type: string - conditions: - description: Conditions the latest available observations of a resource's current state. - type: array - items: - description: 'Condition defines a readiness condition for a Knative resource. See: https://github.com/kubernetes/community/blob/master/contributors/devel/sig-architecture/api-conventions.md#typical-status-properties' - type: object - required: - - status - - type - properties: - lastTransitionTime: - description: LastTransitionTime is the last time the condition transitioned from one status to another. We use VolatileTime in place of metav1.Time to exclude this from creating equality.Semantic differences (all other things held constant). - type: string - message: - description: A human readable message indicating details about the transition. - type: string - reason: - description: The reason for the condition's last transition. - type: string - severity: - description: Severity with which to treat failures of this type of condition. When this is not specified, it defaults to Error. - type: string - status: - description: Status of the condition, one of True, False, Unknown. - type: string - type: - description: Type of condition. - type: string - desiredScale: - description: DesiredScale shows the current desired number of replicas for the revision. - type: integer - format: int32 - metricsServiceName: - description: MetricsServiceName is the K8s Service name that provides revision metrics. The service is managed by the PA object. - type: string - observedGeneration: - description: ObservedGeneration is the 'Generation' of the Service that was last processed by the controller. - type: integer - format: int64 - serviceName: - description: ServiceName is the K8s Service name that serves the revision, scaled by this PA. The service is created and owned by the ServerlessService object owned by this PA. - type: string - ---- -# Copyright 2019 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -# Note: The schema part of the spec is auto-generated by hack/update-schemas.sh. - -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - name: revisions.serving.knative.dev - labels: - app.kubernetes.io/name: knative-serving - app.kubernetes.io/version: "1.8.0" - knative.dev/crd-install: "true" -spec: - group: serving.knative.dev - names: - kind: Revision - plural: revisions - singular: revision - categories: - - all - - knative - - serving - shortNames: - - rev - scope: Namespaced - versions: - - name: v1 - served: true - storage: true - subresources: - status: {} - additionalPrinterColumns: - - name: Config Name - type: string - jsonPath: ".metadata.labels['serving\\.knative\\.dev/configuration']" - - name: K8s Service Name - type: string - jsonPath: ".status.serviceName" - - name: Generation - type: string # int in string form :( - jsonPath: ".metadata.labels['serving\\.knative\\.dev/configurationGeneration']" - - name: Ready - type: string - jsonPath: ".status.conditions[?(@.type=='Ready')].status" - - name: Reason - type: string - jsonPath: ".status.conditions[?(@.type=='Ready')].reason" - - name: Actual Replicas - type: integer - jsonPath: ".status.actualReplicas" - - name: Desired Replicas - type: integer - jsonPath: ".status.desiredReplicas" - schema: - openAPIV3Schema: - description: "Revision is an immutable snapshot of code and configuration. A revision references a container image. Revisions are created by updates to a Configuration. \n See also: https://github.com/knative/serving/blob/main/docs/spec/overview.md#revision" - type: object - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - description: RevisionSpec holds the desired state of the Revision (from the client). - type: object - required: - - containers - properties: - affinity: - description: This is accessible behind a feature flag - kubernetes.podspec-affinity - type: object - x-kubernetes-preserve-unknown-fields: true - automountServiceAccountToken: - description: AutomountServiceAccountToken indicates whether a service account token should be automatically mounted. - type: boolean - containerConcurrency: - description: ContainerConcurrency specifies the maximum allowed in-flight (concurrent) requests per container of the Revision. Defaults to `0` which means concurrency to the application is not limited, and the system decides the target concurrency for the autoscaler. - type: integer - format: int64 - containers: - description: List of containers belonging to the pod. Containers cannot currently be added or removed. There must be at least one container in a Pod. Cannot be updated. - type: array - items: - description: A single application container that you want to run within a pod. - type: object - properties: - args: - description: 'Arguments to the entrypoint. The container image''s CMD is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container''s environment. If a variable cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)" will produce the string literal "$(VAR_NAME)". Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell' - type: array - items: - type: string - command: - description: 'Entrypoint array. Not executed within a shell. The container image''s ENTRYPOINT is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container''s environment. If a variable cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)" will produce the string literal "$(VAR_NAME)". Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell' - type: array - items: - type: string - env: - description: List of environment variables to set in the container. Cannot be updated. - type: array - items: - description: EnvVar represents an environment variable present in a Container. - type: object - required: - - name - properties: - name: - description: Name of the environment variable. Must be a C_IDENTIFIER. - type: string - value: - description: 'Variable references $(VAR_NAME) are expanded using the previously defined environment variables in the container and any service environment variables. If a variable cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)" will produce the string literal "$(VAR_NAME)". Escaped references will never be expanded, regardless of whether the variable exists or not. Defaults to "".' - type: string - valueFrom: - description: Source for the environment variable's value. Cannot be used if value is not empty. - type: object - properties: - configMapKeyRef: - description: Selects a key of a ConfigMap. - type: object - required: - - key - properties: - key: - description: The key to select. - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?' - type: string - optional: - description: Specify whether the ConfigMap or its key must be defined - type: boolean - x-kubernetes-map-type: atomic - fieldRef: - description: This is accessible behind a feature flag - kubernetes.podspec-fieldref - type: object - x-kubernetes-preserve-unknown-fields: true - x-kubernetes-map-type: atomic - resourceFieldRef: - description: This is accessible behind a feature flag - kubernetes.podspec-fieldref - type: object - x-kubernetes-preserve-unknown-fields: true - x-kubernetes-map-type: atomic - secretKeyRef: - description: Selects a key of a secret in the pod's namespace - type: object - required: - - key - properties: - key: - description: The key of the secret to select from. Must be a valid secret key. - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?' - type: string - optional: - description: Specify whether the Secret or its key must be defined - type: boolean - x-kubernetes-map-type: atomic - envFrom: - description: List of sources to populate environment variables in the container. The keys defined within a source must be a C_IDENTIFIER. All invalid keys will be reported as an event when the container is starting. When a key exists in multiple sources, the value associated with the last source will take precedence. Values defined by an Env with a duplicate key will take precedence. Cannot be updated. - type: array - items: - description: EnvFromSource represents the source of a set of ConfigMaps - type: object - properties: - configMapRef: - description: The ConfigMap to select from - type: object - properties: - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?' - type: string - optional: - description: Specify whether the ConfigMap must be defined - type: boolean - x-kubernetes-map-type: atomic - prefix: - description: An optional identifier to prepend to each key in the ConfigMap. Must be a C_IDENTIFIER. - type: string - secretRef: - description: The Secret to select from - type: object - properties: - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?' - type: string - optional: - description: Specify whether the Secret must be defined - type: boolean - x-kubernetes-map-type: atomic - image: - description: 'Container image name. More info: https://kubernetes.io/docs/concepts/containers/images This field is optional to allow higher level config management to default or override container images in workload controllers like Deployments and StatefulSets.' - type: string - imagePullPolicy: - description: 'Image pull policy. One of Always, Never, IfNotPresent. Defaults to Always if :latest tag is specified, or IfNotPresent otherwise. Cannot be updated. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images' - type: string - livenessProbe: - description: 'Periodic probe of container liveness. Container will be restarted if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' - type: object - properties: - exec: - description: Exec specifies the action to take. - type: object - properties: - command: - description: Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. - type: array - items: - type: string - failureThreshold: - description: Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1. - type: integer - format: int32 - httpGet: - description: HTTPGet specifies the http request to perform. - type: object - properties: - host: - description: Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. - type: string - httpHeaders: - description: Custom headers to set in the request. HTTP allows repeated headers. - type: array - items: - description: HTTPHeader describes a custom header to be used in HTTP probes - type: object - required: - - name - - value - properties: - name: - description: The header field name - type: string - value: - description: The header field value - type: string - path: - description: Path to access on the HTTP server. - type: string - port: - description: Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - scheme: - description: Scheme to use for connecting to the host. Defaults to HTTP. - type: string - initialDelaySeconds: - description: 'Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' - type: integer - format: int32 - periodSeconds: - description: How often (in seconds) to perform the probe. - type: integer - format: int32 - successThreshold: - description: Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1. - type: integer - format: int32 - tcpSocket: - description: TCPSocket specifies an action involving a TCP port. - type: object - properties: - host: - description: 'Optional: Host name to connect to, defaults to the pod IP.' - type: string - port: - description: Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - timeoutSeconds: - description: 'Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' - type: integer - format: int32 - name: - description: Name of the container specified as a DNS_LABEL. Each container in a pod must have a unique name (DNS_LABEL). Cannot be updated. - type: string - ports: - description: List of ports to expose from the container. Not specifying a port here DOES NOT prevent that port from being exposed. Any port which is listening on the default "0.0.0.0" address inside a container will be accessible from the network. Modifying this array with strategic merge patch may corrupt the data. For more information See https://github.com/kubernetes/kubernetes/issues/108255. Cannot be updated. - type: array - items: - description: ContainerPort represents a network port in a single container. - type: object - required: - - containerPort - properties: - containerPort: - description: Number of port to expose on the pod's IP address. This must be a valid port number, 0 < x < 65536. - type: integer - format: int32 - name: - description: If specified, this must be an IANA_SVC_NAME and unique within the pod. Each named port in a pod must have a unique name. Name for the port that can be referred to by services. - type: string - protocol: - description: Protocol for port. Must be UDP, TCP, or SCTP. Defaults to "TCP". - type: string - default: TCP - x-kubernetes-list-map-keys: - - containerPort - - protocol - x-kubernetes-list-type: map - readinessProbe: - description: 'Periodic probe of container service readiness. Container will be removed from service endpoints if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' - type: object - properties: - exec: - description: Exec specifies the action to take. - type: object - properties: - command: - description: Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. - type: array - items: - type: string - failureThreshold: - description: Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1. - type: integer - format: int32 - httpGet: - description: HTTPGet specifies the http request to perform. - type: object - properties: - host: - description: Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. - type: string - httpHeaders: - description: Custom headers to set in the request. HTTP allows repeated headers. - type: array - items: - description: HTTPHeader describes a custom header to be used in HTTP probes - type: object - required: - - name - - value - properties: - name: - description: The header field name - type: string - value: - description: The header field value - type: string - path: - description: Path to access on the HTTP server. - type: string - port: - description: Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - scheme: - description: Scheme to use for connecting to the host. Defaults to HTTP. - type: string - initialDelaySeconds: - description: 'Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' - type: integer - format: int32 - periodSeconds: - description: How often (in seconds) to perform the probe. - type: integer - format: int32 - successThreshold: - description: Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1. - type: integer - format: int32 - tcpSocket: - description: TCPSocket specifies an action involving a TCP port. - type: object - properties: - host: - description: 'Optional: Host name to connect to, defaults to the pod IP.' - type: string - port: - description: Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - timeoutSeconds: - description: 'Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' - type: integer - format: int32 - resources: - description: 'Compute Resources required by this container. Cannot be updated. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' - type: object - properties: - limits: - description: 'Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' - type: object - additionalProperties: - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - requests: - description: 'Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' - type: object - additionalProperties: - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - securityContext: - description: 'SecurityContext defines the security options the container should be run with. If set, the fields of SecurityContext override the equivalent fields of PodSecurityContext. More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/' - type: object - properties: - allowPrivilegeEscalation: - description: 'AllowPrivilegeEscalation controls whether a process can gain more privileges than its parent process. This bool directly controls if the no_new_privs flag will be set on the container process. AllowPrivilegeEscalation is true always when the container is: 1) run as Privileged 2) has CAP_SYS_ADMIN Note that this field cannot be set when spec.os.name is windows.' - type: boolean - capabilities: - description: The capabilities to add/drop when running containers. Defaults to the default set of capabilities granted by the container runtime. Note that this field cannot be set when spec.os.name is windows. - type: object - properties: - add: - description: This is accessible behind a feature flag - kubernetes.containerspec-addcapabilities - type: array - items: - description: Capability represent POSIX capabilities type - type: string - drop: - description: Removed capabilities - type: array - items: - description: Capability represent POSIX capabilities type - type: string - readOnlyRootFilesystem: - description: Whether this container has a read-only root filesystem. Default is false. Note that this field cannot be set when spec.os.name is windows. - type: boolean - runAsGroup: - description: The GID to run the entrypoint of the container process. Uses runtime default if unset. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is windows. - type: integer - format: int64 - runAsNonRoot: - description: Indicates that the container must run as a non-root user. If true, the Kubelet will validate the image at runtime to ensure that it does not run as UID 0 (root) and fail to start the container if it does. If unset or false, no such validation will be performed. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. - type: boolean - runAsUser: - description: The UID to run the entrypoint of the container process. Defaults to user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is windows. - type: integer - format: int64 - terminationMessagePath: - description: 'Optional: Path at which the file to which the container''s termination message will be written is mounted into the container''s filesystem. Message written is intended to be brief final status, such as an assertion failure message. Will be truncated by the node if greater than 4096 bytes. The total message length across all containers will be limited to 12kb. Defaults to /dev/termination-log. Cannot be updated.' - type: string - terminationMessagePolicy: - description: Indicate how the termination message should be populated. File will use the contents of terminationMessagePath to populate the container status message on both success and failure. FallbackToLogsOnError will use the last chunk of container log output if the termination message file is empty and the container exited with an error. The log output is limited to 2048 bytes or 80 lines, whichever is smaller. Defaults to File. Cannot be updated. - type: string - volumeMounts: - description: Pod volumes to mount into the container's filesystem. Cannot be updated. - type: array - items: - description: VolumeMount describes a mounting of a Volume within a container. - type: object - required: - - mountPath - - name - properties: - mountPath: - description: Path within the container at which the volume should be mounted. Must not contain ':'. - type: string - name: - description: This must match the Name of a Volume. - type: string - readOnly: - description: Mounted read-only if true, read-write otherwise (false or unspecified). Defaults to false. - type: boolean - subPath: - description: Path within the volume from which the container's volume should be mounted. Defaults to "" (volume's root). - type: string - workingDir: - description: Container's working directory. If not specified, the container runtime's default will be used, which might be configured in the container image. Cannot be updated. - type: string - dnsConfig: - description: This is accessible behind a feature flag - kubernetes.podspec-dnsconfig - type: object - x-kubernetes-preserve-unknown-fields: true - dnsPolicy: - description: This is accessible behind a feature flag - kubernetes.podspec-dnspolicy - type: string - enableServiceLinks: - description: 'EnableServiceLinks indicates whether information about services should be injected into pod''s environment variables, matching the syntax of Docker links. Optional: Knative defaults this to false.' - type: boolean - hostAliases: - description: This is accessible behind a feature flag - kubernetes.podspec-hostaliases - type: array - items: - description: This is accessible behind a feature flag - kubernetes.podspec-hostaliases - type: object - x-kubernetes-preserve-unknown-fields: true - idleTimeoutSeconds: - description: IdleTimeoutSeconds is the maximum duration in seconds a request will be allowed to stay open while not receiving any bytes from the user's application. If unspecified, a system default will be provided. - type: integer - format: int64 - imagePullSecrets: - description: 'ImagePullSecrets is an optional list of references to secrets in the same namespace to use for pulling any of the images used by this PodSpec. If specified, these secrets will be passed to individual puller implementations for them to use. More info: https://kubernetes.io/docs/concepts/containers/images#specifying-imagepullsecrets-on-a-pod' - type: array - items: - description: LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. - type: object - properties: - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?' - type: string - x-kubernetes-map-type: atomic - initContainers: - description: 'List of initialization containers belonging to the pod. Init containers are executed in order prior to containers being started. If any init container fails, the pod is considered to have failed and is handled according to its restartPolicy. The name for an init container or normal container must be unique among all containers. Init containers may not have Lifecycle actions, Readiness probes, Liveness probes, or Startup probes. The resourceRequirements of an init container are taken into account during scheduling by finding the highest request/limit for each resource type, and then using the max of of that value or the sum of the normal containers. Limits are applied to init containers in a similar fashion. Init containers cannot currently be added or removed. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/init-containers/' - type: array - items: - description: This is accessible behind a feature flag - kubernetes.podspec-init-containers - type: object - x-kubernetes-preserve-unknown-fields: true - nodeSelector: - description: This is accessible behind a feature flag - kubernetes.podspec-nodeselector - type: object - x-kubernetes-preserve-unknown-fields: true - x-kubernetes-map-type: atomic - priorityClassName: - description: This is accessible behind a feature flag - kubernetes.podspec-priorityclassname - type: string - x-kubernetes-preserve-unknown-fields: true - responseStartTimeoutSeconds: - description: ResponseStartTimeoutSeconds is the maximum duration in seconds that the request routing layer will wait for a request delivered to a container to begin sending any network traffic. - type: integer - format: int64 - runtimeClassName: - description: This is accessible behind a feature flag - kubernetes.podspec-runtimeclassname - type: string - x-kubernetes-preserve-unknown-fields: true - schedulerName: - description: This is accessible behind a feature flag - kubernetes.podspec-schedulername - type: string - x-kubernetes-preserve-unknown-fields: true - securityContext: - description: This is accessible behind a feature flag - kubernetes.podspec-securitycontext - type: object - x-kubernetes-preserve-unknown-fields: true - serviceAccountName: - description: 'ServiceAccountName is the name of the ServiceAccount to use to run this pod. More info: https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/' - type: string - timeoutSeconds: - description: TimeoutSeconds is the maximum duration in seconds that the request instance is allowed to respond to a request. If unspecified, a system default will be provided. - type: integer - format: int64 - tolerations: - description: This is accessible behind a feature flag - kubernetes.podspec-tolerations - type: array - items: - description: This is accessible behind a feature flag - kubernetes.podspec-tolerations - type: object - x-kubernetes-preserve-unknown-fields: true - topologySpreadConstraints: - description: This is accessible behind a feature flag - kubernetes.podspec-topologyspreadconstraints - type: array - items: - description: This is accessible behind a feature flag - kubernetes.podspec-topologyspreadconstraints - type: object - x-kubernetes-preserve-unknown-fields: true - volumes: - description: 'List of volumes that can be mounted by containers belonging to the pod. More info: https://kubernetes.io/docs/concepts/storage/volumes' - type: array - items: - description: Volume represents a named volume in a pod that may be accessed by any container in the pod. - type: object - required: - - name - properties: - configMap: - description: configMap represents a configMap that should populate this volume - type: object - properties: - defaultMode: - description: 'defaultMode is optional: mode bits used to set permissions on created files by default. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. Defaults to 0644. Directories within the path are not affected by this setting. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.' - type: integer - format: int32 - items: - description: items if unspecified, each key-value pair in the Data field of the referenced ConfigMap will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the ConfigMap, the volume setup will error unless it is marked optional. Paths must be relative and may not contain the '..' path or start with '..'. - type: array - items: - description: Maps a string key to a path within a volume. - type: object - required: - - key - - path - properties: - key: - description: key is the key to project. - type: string - mode: - description: 'mode is Optional: mode bits used to set permissions on this file. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.' - type: integer - format: int32 - path: - description: path is the relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'. - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?' - type: string - optional: - description: optional specify whether the ConfigMap or its keys must be defined - type: boolean - x-kubernetes-map-type: atomic - emptyDir: - description: This is accessible behind a feature flag - kubernetes.podspec-emptydir - type: object - x-kubernetes-preserve-unknown-fields: true - name: - description: 'name of the volume. Must be a DNS_LABEL and unique within the pod. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - persistentVolumeClaim: - description: This is accessible behind a feature flag - kubernetes.podspec-persistent-volume-claim - type: object - x-kubernetes-preserve-unknown-fields: true - projected: - description: projected items for all in one resources secrets, configmaps, and downward API - type: object - properties: - defaultMode: - description: defaultMode are the mode bits used to set permissions on created files by default. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. Directories within the path are not affected by this setting. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. - type: integer - format: int32 - sources: - description: sources is the list of volume projections - type: array - items: - description: Projection that may be projected along with other supported volume types - type: object - properties: - configMap: - description: configMap information about the configMap data to project - type: object - properties: - items: - description: items if unspecified, each key-value pair in the Data field of the referenced ConfigMap will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the ConfigMap, the volume setup will error unless it is marked optional. Paths must be relative and may not contain the '..' path or start with '..'. - type: array - items: - description: Maps a string key to a path within a volume. - type: object - required: - - key - - path - properties: - key: - description: key is the key to project. - type: string - mode: - description: 'mode is Optional: mode bits used to set permissions on this file. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.' - type: integer - format: int32 - path: - description: path is the relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'. - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?' - type: string - optional: - description: optional specify whether the ConfigMap or its keys must be defined - type: boolean - x-kubernetes-map-type: atomic - secret: - description: secret information about the secret data to project - type: object - properties: - items: - description: items if unspecified, each key-value pair in the Data field of the referenced Secret will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the Secret, the volume setup will error unless it is marked optional. Paths must be relative and may not contain the '..' path or start with '..'. - type: array - items: - description: Maps a string key to a path within a volume. - type: object - required: - - key - - path - properties: - key: - description: key is the key to project. - type: string - mode: - description: 'mode is Optional: mode bits used to set permissions on this file. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.' - type: integer - format: int32 - path: - description: path is the relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'. - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?' - type: string - optional: - description: optional field specify whether the Secret or its key must be defined - type: boolean - x-kubernetes-map-type: atomic - serviceAccountToken: - description: serviceAccountToken is information about the serviceAccountToken data to project - type: object - required: - - path - properties: - audience: - description: audience is the intended audience of the token. A recipient of a token must identify itself with an identifier specified in the audience of the token, and otherwise should reject the token. The audience defaults to the identifier of the apiserver. - type: string - expirationSeconds: - description: expirationSeconds is the requested duration of validity of the service account token. As the token approaches expiration, the kubelet volume plugin will proactively rotate the service account token. The kubelet will start trying to rotate the token if the token is older than 80 percent of its time to live or if the token is older than 24 hours.Defaults to 1 hour and must be at least 10 minutes. - type: integer - format: int64 - path: - description: path is the path relative to the mount point of the file to project the token into. - type: string - secret: - description: 'secret represents a secret that should populate this volume. More info: https://kubernetes.io/docs/concepts/storage/volumes#secret' - type: object - properties: - defaultMode: - description: 'defaultMode is Optional: mode bits used to set permissions on created files by default. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. Defaults to 0644. Directories within the path are not affected by this setting. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.' - type: integer - format: int32 - items: - description: items If unspecified, each key-value pair in the Data field of the referenced Secret will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the Secret, the volume setup will error unless it is marked optional. Paths must be relative and may not contain the '..' path or start with '..'. - type: array - items: - description: Maps a string key to a path within a volume. - type: object - required: - - key - - path - properties: - key: - description: key is the key to project. - type: string - mode: - description: 'mode is Optional: mode bits used to set permissions on this file. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.' - type: integer - format: int32 - path: - description: path is the relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'. - type: string - optional: - description: optional field specify whether the Secret or its keys must be defined - type: boolean - secretName: - description: 'secretName is the name of the secret in the pod''s namespace to use. More info: https://kubernetes.io/docs/concepts/storage/volumes#secret' - type: string - status: - description: RevisionStatus communicates the observed state of the Revision (from the controller). - type: object - properties: - actualReplicas: - description: ActualReplicas reflects the amount of ready pods running this revision. - type: integer - format: int32 - annotations: - description: Annotations is additional Status fields for the Resource to save some additional State as well as convey more information to the user. This is roughly akin to Annotations on any k8s resource, just the reconciler conveying richer information outwards. - type: object - additionalProperties: - type: string - conditions: - description: Conditions the latest available observations of a resource's current state. - type: array - items: - description: 'Condition defines a readiness condition for a Knative resource. See: https://github.com/kubernetes/community/blob/master/contributors/devel/sig-architecture/api-conventions.md#typical-status-properties' - type: object - required: - - status - - type - properties: - lastTransitionTime: - description: LastTransitionTime is the last time the condition transitioned from one status to another. We use VolatileTime in place of metav1.Time to exclude this from creating equality.Semantic differences (all other things held constant). - type: string - message: - description: A human readable message indicating details about the transition. - type: string - reason: - description: The reason for the condition's last transition. - type: string - severity: - description: Severity with which to treat failures of this type of condition. When this is not specified, it defaults to Error. - type: string - status: - description: Status of the condition, one of True, False, Unknown. - type: string - type: - description: Type of condition. - type: string - containerStatuses: - description: 'ContainerStatuses is a slice of images present in .Spec.Container[*].Image to their respective digests and their container name. The digests are resolved during the creation of Revision. ContainerStatuses holds the container name and image digests for both serving and non serving containers. ref: http://bit.ly/image-digests' - type: array - items: - description: ContainerStatus holds the information of container name and image digest value - type: object - properties: - imageDigest: - type: string - name: - type: string - desiredReplicas: - description: DesiredReplicas reflects the desired amount of pods running this revision. - type: integer - format: int32 - initContainerStatuses: - description: 'InitContainerStatuses is a slice of images present in .Spec.InitContainer[*].Image to their respective digests and their container name. The digests are resolved during the creation of Revision. ContainerStatuses holds the container name and image digests for both serving and non serving containers. ref: http://bit.ly/image-digests' - type: array - items: - description: ContainerStatus holds the information of container name and image digest value - type: object - properties: - imageDigest: - type: string - name: - type: string - logUrl: - description: LogURL specifies the generated logging url for this particular revision based on the revision url template specified in the controller's config. - type: string - observedGeneration: - description: ObservedGeneration is the 'Generation' of the Service that was last processed by the controller. - type: integer - format: int64 - ---- -# Copyright 2019 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -# Note: The schema part of the spec is auto-generated by hack/update-schemas.sh. - -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - name: routes.serving.knative.dev - labels: - app.kubernetes.io/name: knative-serving - app.kubernetes.io/version: "1.8.0" - knative.dev/crd-install: "true" - duck.knative.dev/addressable: "true" -spec: - group: serving.knative.dev - names: - kind: Route - plural: routes - singular: route - categories: - - all - - knative - - serving - shortNames: - - rt - scope: Namespaced - versions: - - name: v1 - served: true - storage: true - subresources: - status: {} - additionalPrinterColumns: - - name: URL - type: string - jsonPath: .status.url - - name: Ready - type: string - jsonPath: ".status.conditions[?(@.type=='Ready')].status" - - name: Reason - type: string - jsonPath: ".status.conditions[?(@.type=='Ready')].reason" - schema: - openAPIV3Schema: - description: 'Route is responsible for configuring ingress over a collection of Revisions. Some of the Revisions a Route distributes traffic over may be specified by referencing the Configuration responsible for creating them; in these cases the Route is additionally responsible for monitoring the Configuration for "latest ready revision" changes, and smoothly rolling out latest revisions. See also: https://github.com/knative/serving/blob/main/docs/spec/overview.md#route' - type: object - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - description: Spec holds the desired state of the Route (from the client). - type: object - properties: - traffic: - description: Traffic specifies how to distribute traffic over a collection of revisions and configurations. - type: array - items: - description: TrafficTarget holds a single entry of the routing table for a Route. - type: object - properties: - configurationName: - description: ConfigurationName of a configuration to whose latest revision we will send this portion of traffic. When the "status.latestReadyRevisionName" of the referenced configuration changes, we will automatically migrate traffic from the prior "latest ready" revision to the new one. This field is never set in Route's status, only its spec. This is mutually exclusive with RevisionName. - type: string - latestRevision: - description: LatestRevision may be optionally provided to indicate that the latest ready Revision of the Configuration should be used for this traffic target. When provided LatestRevision must be true if RevisionName is empty; it must be false when RevisionName is non-empty. - type: boolean - percent: - description: 'Percent indicates that percentage based routing should be used and the value indicates the percent of traffic that is be routed to this Revision or Configuration. `0` (zero) mean no traffic, `100` means all traffic. When percentage based routing is being used the follow rules apply: - the sum of all percent values must equal 100 - when not specified, the implied value for `percent` is zero for that particular Revision or Configuration' - type: integer - format: int64 - revisionName: - description: RevisionName of a specific revision to which to send this portion of traffic. This is mutually exclusive with ConfigurationName. - type: string - tag: - description: Tag is optionally used to expose a dedicated url for referencing this target exclusively. - type: string - url: - description: URL displays the URL for accessing named traffic targets. URL is displayed in status, and is disallowed on spec. URL must contain a scheme (e.g. http://) and a hostname, but may not contain anything else (e.g. basic auth, url path, etc.) - type: string - status: - description: Status communicates the observed state of the Route (from the controller). - type: object - properties: - address: - description: Address holds the information needed for a Route to be the target of an event. - type: object - properties: - url: - type: string - annotations: - description: Annotations is additional Status fields for the Resource to save some additional State as well as convey more information to the user. This is roughly akin to Annotations on any k8s resource, just the reconciler conveying richer information outwards. - type: object - additionalProperties: - type: string - conditions: - description: Conditions the latest available observations of a resource's current state. - type: array - items: - description: 'Condition defines a readiness condition for a Knative resource. See: https://github.com/kubernetes/community/blob/master/contributors/devel/sig-architecture/api-conventions.md#typical-status-properties' - type: object - required: - - status - - type - properties: - lastTransitionTime: - description: LastTransitionTime is the last time the condition transitioned from one status to another. We use VolatileTime in place of metav1.Time to exclude this from creating equality.Semantic differences (all other things held constant). - type: string - message: - description: A human readable message indicating details about the transition. - type: string - reason: - description: The reason for the condition's last transition. - type: string - severity: - description: Severity with which to treat failures of this type of condition. When this is not specified, it defaults to Error. - type: string - status: - description: Status of the condition, one of True, False, Unknown. - type: string - type: - description: Type of condition. - type: string - observedGeneration: - description: ObservedGeneration is the 'Generation' of the Service that was last processed by the controller. - type: integer - format: int64 - traffic: - description: Traffic holds the configured traffic distribution. These entries will always contain RevisionName references. When ConfigurationName appears in the spec, this will hold the LatestReadyRevisionName that we last observed. - type: array - items: - description: TrafficTarget holds a single entry of the routing table for a Route. - type: object - properties: - configurationName: - description: ConfigurationName of a configuration to whose latest revision we will send this portion of traffic. When the "status.latestReadyRevisionName" of the referenced configuration changes, we will automatically migrate traffic from the prior "latest ready" revision to the new one. This field is never set in Route's status, only its spec. This is mutually exclusive with RevisionName. - type: string - latestRevision: - description: LatestRevision may be optionally provided to indicate that the latest ready Revision of the Configuration should be used for this traffic target. When provided LatestRevision must be true if RevisionName is empty; it must be false when RevisionName is non-empty. - type: boolean - percent: - description: 'Percent indicates that percentage based routing should be used and the value indicates the percent of traffic that is be routed to this Revision or Configuration. `0` (zero) mean no traffic, `100` means all traffic. When percentage based routing is being used the follow rules apply: - the sum of all percent values must equal 100 - when not specified, the implied value for `percent` is zero for that particular Revision or Configuration' - type: integer - format: int64 - revisionName: - description: RevisionName of a specific revision to which to send this portion of traffic. This is mutually exclusive with ConfigurationName. - type: string - tag: - description: Tag is optionally used to expose a dedicated url for referencing this target exclusively. - type: string - url: - description: URL displays the URL for accessing named traffic targets. URL is displayed in status, and is disallowed on spec. URL must contain a scheme (e.g. http://) and a hostname, but may not contain anything else (e.g. basic auth, url path, etc.) - type: string - url: - description: URL holds the url that will distribute traffic over the provided traffic targets. It generally has the form http[s]://{route-name}.{route-namespace}.{cluster-level-suffix} - type: string - ---- -# Copyright 2019 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - name: serverlessservices.networking.internal.knative.dev - labels: - app.kubernetes.io/name: knative-serving - app.kubernetes.io/component: networking - app.kubernetes.io/version: "1.8.0" - knative.dev/crd-install: "true" -spec: - group: networking.internal.knative.dev - versions: - - name: v1alpha1 - served: true - storage: true - subresources: - status: {} - schema: - openAPIV3Schema: - description: 'ServerlessService is a proxy for the K8s service objects containing the endpoints for the revision, whether those are endpoints of the activator or revision pods. See: https://knative.page.link/naxz for details.' - type: object - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - description: 'Spec is the desired state of the ServerlessService. More info: https://github.com/kubernetes/community/blob/master/contributors/devel/sig-architecture/api-conventions.md#spec-and-status' - type: object - required: - - objectRef - - protocolType - properties: - mode: - description: Mode describes the mode of operation of the ServerlessService. - type: string - numActivators: - description: NumActivators contains number of Activators that this revision should be assigned. O means — assign all. - type: integer - format: int32 - objectRef: - description: ObjectRef defines the resource that this ServerlessService is responsible for making "serverless". - type: object - properties: - apiVersion: - description: API version of the referent. - type: string - fieldPath: - description: 'If referring to a piece of an object instead of an entire object, this string should contain a valid JSON/Go field access statement, such as desiredState.manifest.containers[2]. For example, if the object reference is to a container within a pod, this would take on a value like: "spec.containers{name}" (where "name" refers to the name of the container that triggered the event) or if no container name is specified "spec.containers[2]" (container with index 2 in this pod). This syntax is chosen only to have some well-defined way of referencing a part of an object. TODO: this design is not final and this field is subject to change in the future.' - type: string - kind: - description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - namespace: - description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' - type: string - resourceVersion: - description: 'Specific resourceVersion to which this reference is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency' - type: string - uid: - description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids' - type: string - x-kubernetes-map-type: atomic - protocolType: - description: The application-layer protocol. Matches `RevisionProtocolType` set on the owning pa/revision. serving imports networking, so just use string. - type: string - status: - description: 'Status is the current state of the ServerlessService. More info: https://github.com/kubernetes/community/blob/master/contributors/devel/sig-architecture/api-conventions.md#spec-and-status' - type: object - properties: - annotations: - description: Annotations is additional Status fields for the Resource to save some additional State as well as convey more information to the user. This is roughly akin to Annotations on any k8s resource, just the reconciler conveying richer information outwards. - type: object - additionalProperties: - type: string - conditions: - description: Conditions the latest available observations of a resource's current state. - type: array - items: - description: 'Condition defines a readiness condition for a Knative resource. See: https://github.com/kubernetes/community/blob/master/contributors/devel/sig-architecture/api-conventions.md#typical-status-properties' - type: object - required: - - status - - type - properties: - lastTransitionTime: - description: LastTransitionTime is the last time the condition transitioned from one status to another. We use VolatileTime in place of metav1.Time to exclude this from creating equality.Semantic differences (all other things held constant). - type: string - message: - description: A human readable message indicating details about the transition. - type: string - reason: - description: The reason for the condition's last transition. - type: string - severity: - description: Severity with which to treat failures of this type of condition. When this is not specified, it defaults to Error. - type: string - status: - description: Status of the condition, one of True, False, Unknown. - type: string - type: - description: Type of condition. - type: string - observedGeneration: - description: ObservedGeneration is the 'Generation' of the Service that was last processed by the controller. - type: integer - format: int64 - privateServiceName: - description: PrivateServiceName holds the name of a core K8s Service resource that load balances over the user service pods backing this Revision. - type: string - serviceName: - description: ServiceName holds the name of a core K8s Service resource that load balances over the pods backing this Revision (activator or revision). - type: string - additionalPrinterColumns: - - name: Mode - type: string - jsonPath: ".spec.mode" - - name: Activators - type: integer - jsonPath: ".spec.numActivators" - - name: ServiceName - type: string - jsonPath: ".status.serviceName" - - name: PrivateServiceName - type: string - jsonPath: ".status.privateServiceName" - - name: Ready - type: string - jsonPath: ".status.conditions[?(@.type=='Ready')].status" - - name: Reason - type: string - jsonPath: ".status.conditions[?(@.type=='Ready')].reason" - names: - kind: ServerlessService - plural: serverlessservices - singular: serverlessservice - categories: - - knative-internal - - networking - shortNames: - - sks - scope: Namespaced - ---- -# Copyright 2019 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -# Note: The schema part of the spec is auto-generated by hack/update-schemas.sh. - -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - name: services.serving.knative.dev - labels: - app.kubernetes.io/name: knative-serving - app.kubernetes.io/version: "1.8.0" - knative.dev/crd-install: "true" - duck.knative.dev/addressable: "true" - duck.knative.dev/podspecable: "true" -spec: - group: serving.knative.dev - names: - kind: Service - plural: services - singular: service - categories: - - all - - knative - - serving - shortNames: - - kservice - - ksvc - scope: Namespaced - versions: - - name: v1 - served: true - storage: true - subresources: - status: {} - additionalPrinterColumns: - - name: URL - type: string - jsonPath: .status.url - - name: LatestCreated - type: string - jsonPath: .status.latestCreatedRevisionName - - name: LatestReady - type: string - jsonPath: .status.latestReadyRevisionName - - name: Ready - type: string - jsonPath: ".status.conditions[?(@.type=='Ready')].status" - - name: Reason - type: string - jsonPath: ".status.conditions[?(@.type=='Ready')].reason" - schema: - openAPIV3Schema: - description: "Service acts as a top-level container that manages a Route and Configuration which implement a network service. Service exists to provide a singular abstraction which can be access controlled, reasoned about, and which encapsulates software lifecycle decisions such as rollout policy and team resource ownership. Service acts only as an orchestrator of the underlying Routes and Configurations (much as a kubernetes Deployment orchestrates ReplicaSets), and its usage is optional but recommended. \n The Service's controller will track the statuses of its owned Configuration and Route, reflecting their statuses and conditions as its own. \n See also: https://github.com/knative/serving/blob/main/docs/spec/overview.md#service" - type: object - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - description: ServiceSpec represents the configuration for the Service object. A Service's specification is the union of the specifications for a Route and Configuration. The Service restricts what can be expressed in these fields, e.g. the Route must reference the provided Configuration; however, these limitations also enable friendlier defaulting, e.g. Route never needs a Configuration name, and may be defaulted to the appropriate "run latest" spec. - type: object - properties: - template: - description: Template holds the latest specification for the Revision to be stamped out. - type: object - properties: - metadata: - type: object - properties: - annotations: - type: object - additionalProperties: - type: string - finalizers: - type: array - items: - type: string - labels: - type: object - additionalProperties: - type: string - name: - type: string - namespace: - type: string - x-kubernetes-preserve-unknown-fields: true - spec: - description: RevisionSpec holds the desired state of the Revision (from the client). - type: object - required: - - containers - properties: - affinity: - description: This is accessible behind a feature flag - kubernetes.podspec-affinity - type: object - x-kubernetes-preserve-unknown-fields: true - automountServiceAccountToken: - description: AutomountServiceAccountToken indicates whether a service account token should be automatically mounted. - type: boolean - containerConcurrency: - description: ContainerConcurrency specifies the maximum allowed in-flight (concurrent) requests per container of the Revision. Defaults to `0` which means concurrency to the application is not limited, and the system decides the target concurrency for the autoscaler. - type: integer - format: int64 - containers: - description: List of containers belonging to the pod. Containers cannot currently be added or removed. There must be at least one container in a Pod. Cannot be updated. - type: array - items: - description: A single application container that you want to run within a pod. - type: object - properties: - args: - description: 'Arguments to the entrypoint. The container image''s CMD is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container''s environment. If a variable cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)" will produce the string literal "$(VAR_NAME)". Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell' - type: array - items: - type: string - command: - description: 'Entrypoint array. Not executed within a shell. The container image''s ENTRYPOINT is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container''s environment. If a variable cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)" will produce the string literal "$(VAR_NAME)". Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell' - type: array - items: - type: string - env: - description: List of environment variables to set in the container. Cannot be updated. - type: array - items: - description: EnvVar represents an environment variable present in a Container. - type: object - required: - - name - properties: - name: - description: Name of the environment variable. Must be a C_IDENTIFIER. - type: string - value: - description: 'Variable references $(VAR_NAME) are expanded using the previously defined environment variables in the container and any service environment variables. If a variable cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)" will produce the string literal "$(VAR_NAME)". Escaped references will never be expanded, regardless of whether the variable exists or not. Defaults to "".' - type: string - valueFrom: - description: Source for the environment variable's value. Cannot be used if value is not empty. - type: object - properties: - configMapKeyRef: - description: Selects a key of a ConfigMap. - type: object - required: - - key - properties: - key: - description: The key to select. - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?' - type: string - optional: - description: Specify whether the ConfigMap or its key must be defined - type: boolean - x-kubernetes-map-type: atomic - fieldRef: - description: This is accessible behind a feature flag - kubernetes.podspec-fieldref - type: object - x-kubernetes-preserve-unknown-fields: true - x-kubernetes-map-type: atomic - resourceFieldRef: - description: This is accessible behind a feature flag - kubernetes.podspec-fieldref - type: object - x-kubernetes-preserve-unknown-fields: true - x-kubernetes-map-type: atomic - secretKeyRef: - description: Selects a key of a secret in the pod's namespace - type: object - required: - - key - properties: - key: - description: The key of the secret to select from. Must be a valid secret key. - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?' - type: string - optional: - description: Specify whether the Secret or its key must be defined - type: boolean - x-kubernetes-map-type: atomic - envFrom: - description: List of sources to populate environment variables in the container. The keys defined within a source must be a C_IDENTIFIER. All invalid keys will be reported as an event when the container is starting. When a key exists in multiple sources, the value associated with the last source will take precedence. Values defined by an Env with a duplicate key will take precedence. Cannot be updated. - type: array - items: - description: EnvFromSource represents the source of a set of ConfigMaps - type: object - properties: - configMapRef: - description: The ConfigMap to select from - type: object - properties: - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?' - type: string - optional: - description: Specify whether the ConfigMap must be defined - type: boolean - x-kubernetes-map-type: atomic - prefix: - description: An optional identifier to prepend to each key in the ConfigMap. Must be a C_IDENTIFIER. - type: string - secretRef: - description: The Secret to select from - type: object - properties: - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?' - type: string - optional: - description: Specify whether the Secret must be defined - type: boolean - x-kubernetes-map-type: atomic - image: - description: 'Container image name. More info: https://kubernetes.io/docs/concepts/containers/images This field is optional to allow higher level config management to default or override container images in workload controllers like Deployments and StatefulSets.' - type: string - imagePullPolicy: - description: 'Image pull policy. One of Always, Never, IfNotPresent. Defaults to Always if :latest tag is specified, or IfNotPresent otherwise. Cannot be updated. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images' - type: string - livenessProbe: - description: 'Periodic probe of container liveness. Container will be restarted if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' - type: object - properties: - exec: - description: Exec specifies the action to take. - type: object - properties: - command: - description: Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. - type: array - items: - type: string - failureThreshold: - description: Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1. - type: integer - format: int32 - httpGet: - description: HTTPGet specifies the http request to perform. - type: object - properties: - host: - description: Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. - type: string - httpHeaders: - description: Custom headers to set in the request. HTTP allows repeated headers. - type: array - items: - description: HTTPHeader describes a custom header to be used in HTTP probes - type: object - required: - - name - - value - properties: - name: - description: The header field name - type: string - value: - description: The header field value - type: string - path: - description: Path to access on the HTTP server. - type: string - port: - description: Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - scheme: - description: Scheme to use for connecting to the host. Defaults to HTTP. - type: string - initialDelaySeconds: - description: 'Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' - type: integer - format: int32 - periodSeconds: - description: How often (in seconds) to perform the probe. - type: integer - format: int32 - successThreshold: - description: Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1. - type: integer - format: int32 - tcpSocket: - description: TCPSocket specifies an action involving a TCP port. - type: object - properties: - host: - description: 'Optional: Host name to connect to, defaults to the pod IP.' - type: string - port: - description: Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - timeoutSeconds: - description: 'Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' - type: integer - format: int32 - name: - description: Name of the container specified as a DNS_LABEL. Each container in a pod must have a unique name (DNS_LABEL). Cannot be updated. - type: string - ports: - description: List of ports to expose from the container. Not specifying a port here DOES NOT prevent that port from being exposed. Any port which is listening on the default "0.0.0.0" address inside a container will be accessible from the network. Modifying this array with strategic merge patch may corrupt the data. For more information See https://github.com/kubernetes/kubernetes/issues/108255. Cannot be updated. - type: array - items: - description: ContainerPort represents a network port in a single container. - type: object - required: - - containerPort - properties: - containerPort: - description: Number of port to expose on the pod's IP address. This must be a valid port number, 0 < x < 65536. - type: integer - format: int32 - name: - description: If specified, this must be an IANA_SVC_NAME and unique within the pod. Each named port in a pod must have a unique name. Name for the port that can be referred to by services. - type: string - protocol: - description: Protocol for port. Must be UDP, TCP, or SCTP. Defaults to "TCP". - type: string - default: TCP - x-kubernetes-list-map-keys: - - containerPort - - protocol - x-kubernetes-list-type: map - readinessProbe: - description: 'Periodic probe of container service readiness. Container will be removed from service endpoints if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' - type: object - properties: - exec: - description: Exec specifies the action to take. - type: object - properties: - command: - description: Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. - type: array - items: - type: string - failureThreshold: - description: Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1. - type: integer - format: int32 - httpGet: - description: HTTPGet specifies the http request to perform. - type: object - properties: - host: - description: Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. - type: string - httpHeaders: - description: Custom headers to set in the request. HTTP allows repeated headers. - type: array - items: - description: HTTPHeader describes a custom header to be used in HTTP probes - type: object - required: - - name - - value - properties: - name: - description: The header field name - type: string - value: - description: The header field value - type: string - path: - description: Path to access on the HTTP server. - type: string - port: - description: Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - scheme: - description: Scheme to use for connecting to the host. Defaults to HTTP. - type: string - initialDelaySeconds: - description: 'Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' - type: integer - format: int32 - periodSeconds: - description: How often (in seconds) to perform the probe. - type: integer - format: int32 - successThreshold: - description: Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1. - type: integer - format: int32 - tcpSocket: - description: TCPSocket specifies an action involving a TCP port. - type: object - properties: - host: - description: 'Optional: Host name to connect to, defaults to the pod IP.' - type: string - port: - description: Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - timeoutSeconds: - description: 'Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' - type: integer - format: int32 - resources: - description: 'Compute Resources required by this container. Cannot be updated. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' - type: object - properties: - limits: - description: 'Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' - type: object - additionalProperties: - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - requests: - description: 'Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' - type: object - additionalProperties: - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - securityContext: - description: 'SecurityContext defines the security options the container should be run with. If set, the fields of SecurityContext override the equivalent fields of PodSecurityContext. More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/' - type: object - properties: - allowPrivilegeEscalation: - description: 'AllowPrivilegeEscalation controls whether a process can gain more privileges than its parent process. This bool directly controls if the no_new_privs flag will be set on the container process. AllowPrivilegeEscalation is true always when the container is: 1) run as Privileged 2) has CAP_SYS_ADMIN Note that this field cannot be set when spec.os.name is windows.' - type: boolean - capabilities: - description: The capabilities to add/drop when running containers. Defaults to the default set of capabilities granted by the container runtime. Note that this field cannot be set when spec.os.name is windows. - type: object - properties: - add: - description: This is accessible behind a feature flag - kubernetes.containerspec-addcapabilities - type: array - items: - description: Capability represent POSIX capabilities type - type: string - drop: - description: Removed capabilities - type: array - items: - description: Capability represent POSIX capabilities type - type: string - readOnlyRootFilesystem: - description: Whether this container has a read-only root filesystem. Default is false. Note that this field cannot be set when spec.os.name is windows. - type: boolean - runAsGroup: - description: The GID to run the entrypoint of the container process. Uses runtime default if unset. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is windows. - type: integer - format: int64 - runAsNonRoot: - description: Indicates that the container must run as a non-root user. If true, the Kubelet will validate the image at runtime to ensure that it does not run as UID 0 (root) and fail to start the container if it does. If unset or false, no such validation will be performed. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. - type: boolean - runAsUser: - description: The UID to run the entrypoint of the container process. Defaults to user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is windows. - type: integer - format: int64 - terminationMessagePath: - description: 'Optional: Path at which the file to which the container''s termination message will be written is mounted into the container''s filesystem. Message written is intended to be brief final status, such as an assertion failure message. Will be truncated by the node if greater than 4096 bytes. The total message length across all containers will be limited to 12kb. Defaults to /dev/termination-log. Cannot be updated.' - type: string - terminationMessagePolicy: - description: Indicate how the termination message should be populated. File will use the contents of terminationMessagePath to populate the container status message on both success and failure. FallbackToLogsOnError will use the last chunk of container log output if the termination message file is empty and the container exited with an error. The log output is limited to 2048 bytes or 80 lines, whichever is smaller. Defaults to File. Cannot be updated. - type: string - volumeMounts: - description: Pod volumes to mount into the container's filesystem. Cannot be updated. - type: array - items: - description: VolumeMount describes a mounting of a Volume within a container. - type: object - required: - - mountPath - - name - properties: - mountPath: - description: Path within the container at which the volume should be mounted. Must not contain ':'. - type: string - name: - description: This must match the Name of a Volume. - type: string - readOnly: - description: Mounted read-only if true, read-write otherwise (false or unspecified). Defaults to false. - type: boolean - subPath: - description: Path within the volume from which the container's volume should be mounted. Defaults to "" (volume's root). - type: string - workingDir: - description: Container's working directory. If not specified, the container runtime's default will be used, which might be configured in the container image. Cannot be updated. - type: string - dnsConfig: - description: This is accessible behind a feature flag - kubernetes.podspec-dnsconfig - type: object - x-kubernetes-preserve-unknown-fields: true - dnsPolicy: - description: This is accessible behind a feature flag - kubernetes.podspec-dnspolicy - type: string - enableServiceLinks: - description: 'EnableServiceLinks indicates whether information about services should be injected into pod''s environment variables, matching the syntax of Docker links. Optional: Knative defaults this to false.' - type: boolean - hostAliases: - description: This is accessible behind a feature flag - kubernetes.podspec-hostaliases - type: array - items: - description: This is accessible behind a feature flag - kubernetes.podspec-hostaliases - type: object - x-kubernetes-preserve-unknown-fields: true - idleTimeoutSeconds: - description: IdleTimeoutSeconds is the maximum duration in seconds a request will be allowed to stay open while not receiving any bytes from the user's application. If unspecified, a system default will be provided. - type: integer - format: int64 - imagePullSecrets: - description: 'ImagePullSecrets is an optional list of references to secrets in the same namespace to use for pulling any of the images used by this PodSpec. If specified, these secrets will be passed to individual puller implementations for them to use. More info: https://kubernetes.io/docs/concepts/containers/images#specifying-imagepullsecrets-on-a-pod' - type: array - items: - description: LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. - type: object - properties: - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?' - type: string - x-kubernetes-map-type: atomic - initContainers: - description: 'List of initialization containers belonging to the pod. Init containers are executed in order prior to containers being started. If any init container fails, the pod is considered to have failed and is handled according to its restartPolicy. The name for an init container or normal container must be unique among all containers. Init containers may not have Lifecycle actions, Readiness probes, Liveness probes, or Startup probes. The resourceRequirements of an init container are taken into account during scheduling by finding the highest request/limit for each resource type, and then using the max of of that value or the sum of the normal containers. Limits are applied to init containers in a similar fashion. Init containers cannot currently be added or removed. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/init-containers/' - type: array - items: - description: This is accessible behind a feature flag - kubernetes.podspec-init-containers - type: object - x-kubernetes-preserve-unknown-fields: true - nodeSelector: - description: This is accessible behind a feature flag - kubernetes.podspec-nodeselector - type: object - x-kubernetes-preserve-unknown-fields: true - x-kubernetes-map-type: atomic - priorityClassName: - description: This is accessible behind a feature flag - kubernetes.podspec-priorityclassname - type: string - x-kubernetes-preserve-unknown-fields: true - responseStartTimeoutSeconds: - description: ResponseStartTimeoutSeconds is the maximum duration in seconds that the request routing layer will wait for a request delivered to a container to begin sending any network traffic. - type: integer - format: int64 - runtimeClassName: - description: This is accessible behind a feature flag - kubernetes.podspec-runtimeclassname - type: string - x-kubernetes-preserve-unknown-fields: true - schedulerName: - description: This is accessible behind a feature flag - kubernetes.podspec-schedulername - type: string - x-kubernetes-preserve-unknown-fields: true - securityContext: - description: This is accessible behind a feature flag - kubernetes.podspec-securitycontext - type: object - x-kubernetes-preserve-unknown-fields: true - serviceAccountName: - description: 'ServiceAccountName is the name of the ServiceAccount to use to run this pod. More info: https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/' - type: string - timeoutSeconds: - description: TimeoutSeconds is the maximum duration in seconds that the request instance is allowed to respond to a request. If unspecified, a system default will be provided. - type: integer - format: int64 - tolerations: - description: This is accessible behind a feature flag - kubernetes.podspec-tolerations - type: array - items: - description: This is accessible behind a feature flag - kubernetes.podspec-tolerations - type: object - x-kubernetes-preserve-unknown-fields: true - topologySpreadConstraints: - description: This is accessible behind a feature flag - kubernetes.podspec-topologyspreadconstraints - type: array - items: - description: This is accessible behind a feature flag - kubernetes.podspec-topologyspreadconstraints - type: object - x-kubernetes-preserve-unknown-fields: true - volumes: - description: 'List of volumes that can be mounted by containers belonging to the pod. More info: https://kubernetes.io/docs/concepts/storage/volumes' - type: array - items: - description: Volume represents a named volume in a pod that may be accessed by any container in the pod. - type: object - required: - - name - properties: - configMap: - description: configMap represents a configMap that should populate this volume - type: object - properties: - defaultMode: - description: 'defaultMode is optional: mode bits used to set permissions on created files by default. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. Defaults to 0644. Directories within the path are not affected by this setting. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.' - type: integer - format: int32 - items: - description: items if unspecified, each key-value pair in the Data field of the referenced ConfigMap will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the ConfigMap, the volume setup will error unless it is marked optional. Paths must be relative and may not contain the '..' path or start with '..'. - type: array - items: - description: Maps a string key to a path within a volume. - type: object - required: - - key - - path - properties: - key: - description: key is the key to project. - type: string - mode: - description: 'mode is Optional: mode bits used to set permissions on this file. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.' - type: integer - format: int32 - path: - description: path is the relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'. - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?' - type: string - optional: - description: optional specify whether the ConfigMap or its keys must be defined - type: boolean - x-kubernetes-map-type: atomic - emptyDir: - description: This is accessible behind a feature flag - kubernetes.podspec-emptydir - type: object - x-kubernetes-preserve-unknown-fields: true - name: - description: 'name of the volume. Must be a DNS_LABEL and unique within the pod. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - persistentVolumeClaim: - description: This is accessible behind a feature flag - kubernetes.podspec-persistent-volume-claim - type: object - x-kubernetes-preserve-unknown-fields: true - projected: - description: projected items for all in one resources secrets, configmaps, and downward API - type: object - properties: - defaultMode: - description: defaultMode are the mode bits used to set permissions on created files by default. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. Directories within the path are not affected by this setting. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. - type: integer - format: int32 - sources: - description: sources is the list of volume projections - type: array - items: - description: Projection that may be projected along with other supported volume types - type: object - properties: - configMap: - description: configMap information about the configMap data to project - type: object - properties: - items: - description: items if unspecified, each key-value pair in the Data field of the referenced ConfigMap will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the ConfigMap, the volume setup will error unless it is marked optional. Paths must be relative and may not contain the '..' path or start with '..'. - type: array - items: - description: Maps a string key to a path within a volume. - type: object - required: - - key - - path - properties: - key: - description: key is the key to project. - type: string - mode: - description: 'mode is Optional: mode bits used to set permissions on this file. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.' - type: integer - format: int32 - path: - description: path is the relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'. - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?' - type: string - optional: - description: optional specify whether the ConfigMap or its keys must be defined - type: boolean - x-kubernetes-map-type: atomic - secret: - description: secret information about the secret data to project - type: object - properties: - items: - description: items if unspecified, each key-value pair in the Data field of the referenced Secret will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the Secret, the volume setup will error unless it is marked optional. Paths must be relative and may not contain the '..' path or start with '..'. - type: array - items: - description: Maps a string key to a path within a volume. - type: object - required: - - key - - path - properties: - key: - description: key is the key to project. - type: string - mode: - description: 'mode is Optional: mode bits used to set permissions on this file. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.' - type: integer - format: int32 - path: - description: path is the relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'. - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?' - type: string - optional: - description: optional field specify whether the Secret or its key must be defined - type: boolean - x-kubernetes-map-type: atomic - serviceAccountToken: - description: serviceAccountToken is information about the serviceAccountToken data to project - type: object - required: - - path - properties: - audience: - description: audience is the intended audience of the token. A recipient of a token must identify itself with an identifier specified in the audience of the token, and otherwise should reject the token. The audience defaults to the identifier of the apiserver. - type: string - expirationSeconds: - description: expirationSeconds is the requested duration of validity of the service account token. As the token approaches expiration, the kubelet volume plugin will proactively rotate the service account token. The kubelet will start trying to rotate the token if the token is older than 80 percent of its time to live or if the token is older than 24 hours.Defaults to 1 hour and must be at least 10 minutes. - type: integer - format: int64 - path: - description: path is the path relative to the mount point of the file to project the token into. - type: string - secret: - description: 'secret represents a secret that should populate this volume. More info: https://kubernetes.io/docs/concepts/storage/volumes#secret' - type: object - properties: - defaultMode: - description: 'defaultMode is Optional: mode bits used to set permissions on created files by default. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. Defaults to 0644. Directories within the path are not affected by this setting. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.' - type: integer - format: int32 - items: - description: items If unspecified, each key-value pair in the Data field of the referenced Secret will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the Secret, the volume setup will error unless it is marked optional. Paths must be relative and may not contain the '..' path or start with '..'. - type: array - items: - description: Maps a string key to a path within a volume. - type: object - required: - - key - - path - properties: - key: - description: key is the key to project. - type: string - mode: - description: 'mode is Optional: mode bits used to set permissions on this file. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.' - type: integer - format: int32 - path: - description: path is the relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'. - type: string - optional: - description: optional field specify whether the Secret or its keys must be defined - type: boolean - secretName: - description: 'secretName is the name of the secret in the pod''s namespace to use. More info: https://kubernetes.io/docs/concepts/storage/volumes#secret' - type: string - traffic: - description: Traffic specifies how to distribute traffic over a collection of revisions and configurations. - type: array - items: - description: TrafficTarget holds a single entry of the routing table for a Route. - type: object - properties: - configurationName: - description: ConfigurationName of a configuration to whose latest revision we will send this portion of traffic. When the "status.latestReadyRevisionName" of the referenced configuration changes, we will automatically migrate traffic from the prior "latest ready" revision to the new one. This field is never set in Route's status, only its spec. This is mutually exclusive with RevisionName. - type: string - latestRevision: - description: LatestRevision may be optionally provided to indicate that the latest ready Revision of the Configuration should be used for this traffic target. When provided LatestRevision must be true if RevisionName is empty; it must be false when RevisionName is non-empty. - type: boolean - percent: - description: 'Percent indicates that percentage based routing should be used and the value indicates the percent of traffic that is be routed to this Revision or Configuration. `0` (zero) mean no traffic, `100` means all traffic. When percentage based routing is being used the follow rules apply: - the sum of all percent values must equal 100 - when not specified, the implied value for `percent` is zero for that particular Revision or Configuration' - type: integer - format: int64 - revisionName: - description: RevisionName of a specific revision to which to send this portion of traffic. This is mutually exclusive with ConfigurationName. - type: string - tag: - description: Tag is optionally used to expose a dedicated url for referencing this target exclusively. - type: string - url: - description: URL displays the URL for accessing named traffic targets. URL is displayed in status, and is disallowed on spec. URL must contain a scheme (e.g. http://) and a hostname, but may not contain anything else (e.g. basic auth, url path, etc.) - type: string - status: - description: ServiceStatus represents the Status stanza of the Service resource. - type: object - properties: - address: - description: Address holds the information needed for a Route to be the target of an event. - type: object - properties: - url: - type: string - annotations: - description: Annotations is additional Status fields for the Resource to save some additional State as well as convey more information to the user. This is roughly akin to Annotations on any k8s resource, just the reconciler conveying richer information outwards. - type: object - additionalProperties: - type: string - conditions: - description: Conditions the latest available observations of a resource's current state. - type: array - items: - description: 'Condition defines a readiness condition for a Knative resource. See: https://github.com/kubernetes/community/blob/master/contributors/devel/sig-architecture/api-conventions.md#typical-status-properties' - type: object - required: - - status - - type - properties: - lastTransitionTime: - description: LastTransitionTime is the last time the condition transitioned from one status to another. We use VolatileTime in place of metav1.Time to exclude this from creating equality.Semantic differences (all other things held constant). - type: string - message: - description: A human readable message indicating details about the transition. - type: string - reason: - description: The reason for the condition's last transition. - type: string - severity: - description: Severity with which to treat failures of this type of condition. When this is not specified, it defaults to Error. - type: string - status: - description: Status of the condition, one of True, False, Unknown. - type: string - type: - description: Type of condition. - type: string - latestCreatedRevisionName: - description: LatestCreatedRevisionName is the last revision that was created from this Configuration. It might not be ready yet, for that use LatestReadyRevisionName. - type: string - latestReadyRevisionName: - description: LatestReadyRevisionName holds the name of the latest Revision stamped out from this Configuration that has had its "Ready" condition become "True". - type: string - observedGeneration: - description: ObservedGeneration is the 'Generation' of the Service that was last processed by the controller. - type: integer - format: int64 - traffic: - description: Traffic holds the configured traffic distribution. These entries will always contain RevisionName references. When ConfigurationName appears in the spec, this will hold the LatestReadyRevisionName that we last observed. - type: array - items: - description: TrafficTarget holds a single entry of the routing table for a Route. - type: object - properties: - configurationName: - description: ConfigurationName of a configuration to whose latest revision we will send this portion of traffic. When the "status.latestReadyRevisionName" of the referenced configuration changes, we will automatically migrate traffic from the prior "latest ready" revision to the new one. This field is never set in Route's status, only its spec. This is mutually exclusive with RevisionName. - type: string - latestRevision: - description: LatestRevision may be optionally provided to indicate that the latest ready Revision of the Configuration should be used for this traffic target. When provided LatestRevision must be true if RevisionName is empty; it must be false when RevisionName is non-empty. - type: boolean - percent: - description: 'Percent indicates that percentage based routing should be used and the value indicates the percent of traffic that is be routed to this Revision or Configuration. `0` (zero) mean no traffic, `100` means all traffic. When percentage based routing is being used the follow rules apply: - the sum of all percent values must equal 100 - when not specified, the implied value for `percent` is zero for that particular Revision or Configuration' - type: integer - format: int64 - revisionName: - description: RevisionName of a specific revision to which to send this portion of traffic. This is mutually exclusive with ConfigurationName. - type: string - tag: - description: Tag is optionally used to expose a dedicated url for referencing this target exclusively. - type: string - url: - description: URL displays the URL for accessing named traffic targets. URL is displayed in status, and is disallowed on spec. URL must contain a scheme (e.g. http://) and a hostname, but may not contain anything else (e.g. basic auth, url path, etc.) - type: string - url: - description: URL holds the url that will distribute traffic over the provided traffic targets. It generally has the form http[s]://{route-name}.{route-namespace}.{cluster-level-suffix} - type: string - ---- -# Copyright 2022 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: v1 -kind: Secret -metadata: - # Do not drop -ctrl-ca suffix as control-protocol requires it. - # https://github.com/knative-sandbox/control-protocol/blob/main/pkg/certificates/reconciler/controller.go - name: serving-certs-ctrl-ca - namespace: knative-serving - -# The data is populated when internal-encryption is enabled. ---- -apiVersion: v1 -kind: Secret -metadata: - name: knative-serving-certs - namespace: knative-serving - labels: - serving-certs-ctrl: "data-plane" - networking.internal.knative.dev/certificate-uid: "serving-certs" -# The data is populated when internal-encryption is enabled. - ---- -# Copyright 2018 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: caching.internal.knative.dev/v1alpha1 -kind: Image -metadata: - name: queue-proxy - namespace: knative-serving - labels: - app.kubernetes.io/component: queue-proxy - app.kubernetes.io/name: knative-serving - app.kubernetes.io/version: "1.8.0" -spec: - # This is the Go import path for the binary that is containerized - # and substituted here. - image: gcr.io/knative-releases/knative.dev/serving/cmd/queue@sha256:505179c0c4892ea4a70e78bc52ac21b03cd7f1a763d2ecc78e7bbaa1ae59c86c - ---- -# Copyright 2018 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: v1 -kind: ConfigMap -metadata: - name: config-autoscaler - namespace: knative-serving - labels: - app.kubernetes.io/component: autoscaler - app.kubernetes.io/name: knative-serving - app.kubernetes.io/version: "1.8.0" - annotations: - knative.dev/example-checksum: "47c2487f" -data: - _example: | - ################################ - # # - # EXAMPLE CONFIGURATION # - # # - ################################ - - # This block is not actually functional configuration, - # but serves to illustrate the available configuration - # options and document them in a way that is accessible - # to users that `kubectl edit` this config map. - # - # These sample configuration options may be copied out of - # this example block and unindented to be in the data block - # to actually change the configuration. - - # The Revision ContainerConcurrency field specifies the maximum number - # of requests the Container can handle at once. Container concurrency - # target percentage is how much of that maximum to use in a stable - # state. E.g. if a Revision specifies ContainerConcurrency of 10, then - # the Autoscaler will try to maintain 7 concurrent connections per pod - # on average. - # Note: this limit will be applied to container concurrency set at every - # level (ConfigMap, Revision Spec or Annotation). - # For legacy and backwards compatibility reasons, this value also accepts - # fractional values in (0, 1] interval (i.e. 0.7 ⇒ 70%). - # Thus minimal percentage value must be greater than 1.0, or it will be - # treated as a fraction. - # NOTE: that this value does not affect actual number of concurrent requests - # the user container may receive, but only the average number of requests - # that the revision pods will receive. - container-concurrency-target-percentage: "70" - - # The container concurrency target default is what the Autoscaler will - # try to maintain when concurrency is used as the scaling metric for the - # Revision and the Revision specifies unlimited concurrency. - # When revision explicitly specifies container concurrency, that value - # will be used as a scaling target for autoscaler. - # When specifying unlimited concurrency, the autoscaler will - # horizontally scale the application based on this target concurrency. - # This is what we call "soft limit" in the documentation, i.e. it only - # affects number of pods and does not affect the number of requests - # individual pod processes. - # The value must be a positive number such that the value multiplied - # by container-concurrency-target-percentage is greater than 0.01. - # NOTE: that this value will be adjusted by application of - # container-concurrency-target-percentage, i.e. by default - # the system will target on average 70 concurrent requests - # per revision pod. - # NOTE: Only one metric can be used for autoscaling a Revision. - container-concurrency-target-default: "100" - - # The requests per second (RPS) target default is what the Autoscaler will - # try to maintain when RPS is used as the scaling metric for a Revision and - # the Revision specifies unlimited RPS. Even when specifying unlimited RPS, - # the autoscaler will horizontally scale the application based on this - # target RPS. - # Must be greater than 1.0. - # NOTE: Only one metric can be used for autoscaling a Revision. - requests-per-second-target-default: "200" - - # The target burst capacity specifies the size of burst in concurrent - # requests that the system operator expects the system will receive. - # Autoscaler will try to protect the system from queueing by introducing - # Activator in the request path if the current spare capacity of the - # service is less than this setting. - # If this setting is 0, then Activator will be in the request path only - # when the revision is scaled to 0. - # If this setting is > 0 and container-concurrency-target-percentage is - # 100% or 1.0, then activator will always be in the request path. - # -1 denotes unlimited target-burst-capacity and activator will always - # be in the request path. - # Other negative values are invalid. - target-burst-capacity: "211" - - # When operating in a stable mode, the autoscaler operates on the - # average concurrency over the stable window. - # Stable window must be in whole seconds. - stable-window: "60s" - - # When observed average concurrency during the panic window reaches - # panic-threshold-percentage the target concurrency, the autoscaler - # enters panic mode. When operating in panic mode, the autoscaler - # scales on the average concurrency over the panic window which is - # panic-window-percentage of the stable-window. - # Must be in the [1, 100] range. - # When computing the panic window it will be rounded to the closest - # whole second, at least 1s. - panic-window-percentage: "10.0" - - # The percentage of the container concurrency target at which to - # enter panic mode when reached within the panic window. - panic-threshold-percentage: "200.0" - - # Max scale up rate limits the rate at which the autoscaler will - # increase pod count. It is the maximum ratio of desired pods versus - # observed pods. - # Cannot be less or equal to 1. - # I.e with value of 2.0 the number of pods can at most go N to 2N - # over single Autoscaler period (2s), but at least N to - # N+1, if Autoscaler needs to scale up. - max-scale-up-rate: "1000.0" - - # Max scale down rate limits the rate at which the autoscaler will - # decrease pod count. It is the maximum ratio of observed pods versus - # desired pods. - # Cannot be less or equal to 1. - # I.e. with value of 2.0 the number of pods can at most go N to N/2 - # over single Autoscaler evaluation period (2s), but at - # least N to N-1, if Autoscaler needs to scale down. - max-scale-down-rate: "2.0" - - # Scale to zero feature flag. - enable-scale-to-zero: "true" - - # Scale to zero grace period is the time an inactive revision is left - # running before it is scaled to zero (must be positive, but recommended - # at least a few seconds if running with mesh networking). - # This is the upper limit and is provided not to enforce timeout after - # the revision stopped receiving requests for stable window, but to - # ensure network reprogramming to put activator in the path has completed. - # If the system determines that a shorter period is satisfactory, - # then the system will only wait that amount of time before scaling to 0. - # NOTE: this period might actually be 0, if activator has been - # in the request path sufficiently long. - # If there is necessity for the last pod to linger longer use - # scale-to-zero-pod-retention-period flag. - scale-to-zero-grace-period: "30s" - - # Scale to zero pod retention period defines the minimum amount - # of time the last pod will remain after Autoscaler has decided to - # scale to zero. - # This flag is for the situations where the pod startup is very expensive - # and the traffic is bursty (requiring smaller windows for fast action), - # but patchy. - # The larger of this flag and `scale-to-zero-grace-period` will effectively - # determine how the last pod will hang around. - scale-to-zero-pod-retention-period: "0s" - - # pod-autoscaler-class specifies the default pod autoscaler class - # that should be used if none is specified. If omitted, - # the Knative Pod Autoscaler (KPA) is used by default. - pod-autoscaler-class: "kpa.autoscaling.knative.dev" - - # The capacity of a single activator task. - # The `unit` is one concurrent request proxied by the activator. - # activator-capacity must be at least 1. - # This value is used for computation of the Activator subset size. - # See the algorithm here: http://bit.ly/38XiCZ3. - # TODO(vagababov): tune after actual benchmarking. - activator-capacity: "100.0" - - # initial-scale is the cluster-wide default value for the initial target - # scale of a revision after creation, unless overridden by the - # "autoscaling.knative.dev/initialScale" annotation. - # This value must be greater than 0 unless allow-zero-initial-scale is true. - initial-scale: "1" - - # allow-zero-initial-scale controls whether either the cluster-wide initial-scale flag, - # or the "autoscaling.knative.dev/initialScale" annotation, can be set to 0. - allow-zero-initial-scale: "false" - - # min-scale is the cluster-wide default value for the min scale of a revision, - # unless overridden by the "autoscaling.knative.dev/minScale" annotation. - min-scale: "0" - - # max-scale is the cluster-wide default value for the max scale of a revision, - # unless overridden by the "autoscaling.knative.dev/maxScale" annotation. - # If set to 0, the revision has no maximum scale. - max-scale: "0" - - # scale-down-delay is the amount of time that must pass at reduced - # concurrency before a scale down decision is applied. This can be useful, - # for example, to maintain replica count and avoid a cold start penalty if - # more requests come in within the scale down delay period. - # The default, 0s, imposes no delay at all. - scale-down-delay: "0s" - - # max-scale-limit sets the maximum permitted value for the max scale of a revision. - # When this is set to a positive value, a revision with a maxScale above that value - # (including a maxScale of "0" = unlimited) is disallowed. - # A value of zero (the default) allows any limit, including unlimited. - max-scale-limit: "0" - ---- -# Copyright 2019 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: v1 -kind: ConfigMap -metadata: - name: config-defaults - namespace: knative-serving - labels: - app.kubernetes.io/name: knative-serving - app.kubernetes.io/component: controller - app.kubernetes.io/version: "1.8.0" - annotations: - knative.dev/example-checksum: "e7973912" -data: - _example: | - ################################ - # # - # EXAMPLE CONFIGURATION # - # # - ################################ - - # This block is not actually functional configuration, - # but serves to illustrate the available configuration - # options and document them in a way that is accessible - # to users that `kubectl edit` this config map. - # - # These sample configuration options may be copied out of - # this example block and unindented to be in the data block - # to actually change the configuration. - - # revision-timeout-seconds contains the default number of - # seconds to use for the revision's per-request timeout, if - # none is specified. - revision-timeout-seconds: "300" # 5 minutes - - # max-revision-timeout-seconds contains the maximum number of - # seconds that can be used for revision-timeout-seconds. - # This value must be greater than or equal to revision-timeout-seconds. - # If omitted, the system default is used (600 seconds). - # - # If this value is increased, the activator's terminationGraceTimeSeconds - # should also be increased to prevent in-flight requests being disrupted. - max-revision-timeout-seconds: "600" # 10 minutes - - # revision-response-start-timeout-seconds contains the default number of - # seconds a request will be allowed to stay open while waiting to - # receive any bytes from the user's application, if none is specified. - # - # This defaults to 'revision-timeout-seconds' - revision-response-start-timeout-seconds: "300" - - # revision-idle-timeout-seconds contains the default number of - # seconds a request will be allowed to stay open while not receiving any - # bytes from the user's application, if none is specified. - revision-idle-timeout-seconds: "0" # infinite - - # revision-cpu-request contains the cpu allocation to assign - # to revisions by default. If omitted, no value is specified - # and the system default is used. - # Below is an example of setting revision-cpu-request. - # By default, it is not set by Knative. - revision-cpu-request: "400m" # 0.4 of a CPU (aka 400 milli-CPU) - - # revision-memory-request contains the memory allocation to assign - # to revisions by default. If omitted, no value is specified - # and the system default is used. - # Below is an example of setting revision-memory-request. - # By default, it is not set by Knative. - revision-memory-request: "100M" # 100 megabytes of memory - - # revision-ephemeral-storage-request contains the ephemeral storage - # allocation to assign to revisions by default. If omitted, no value is - # specified and the system default is used. - revision-ephemeral-storage-request: "500M" # 500 megabytes of storage - - # revision-cpu-limit contains the cpu allocation to limit - # revisions to by default. If omitted, no value is specified - # and the system default is used. - # Below is an example of setting revision-cpu-limit. - # By default, it is not set by Knative. - revision-cpu-limit: "1000m" # 1 CPU (aka 1000 milli-CPU) - - # revision-memory-limit contains the memory allocation to limit - # revisions to by default. If omitted, no value is specified - # and the system default is used. - # Below is an example of setting revision-memory-limit. - # By default, it is not set by Knative. - revision-memory-limit: "200M" # 200 megabytes of memory - - # revision-ephemeral-storage-limit contains the ephemeral storage - # allocation to limit revisions to by default. If omitted, no value is - # specified and the system default is used. - revision-ephemeral-storage-limit: "750M" # 750 megabytes of storage - - # container-name-template contains a template for the default - # container name, if none is specified. This field supports - # Go templating and is supplied with the ObjectMeta of the - # enclosing Service or Configuration, so values such as - # {{.Name}} are also valid. - container-name-template: "user-container" - - # init-container-name-template contains a template for the default - # init container name, if none is specified. This field supports - # Go templating and is supplied with the ObjectMeta of the - # enclosing Service or Configuration, so values such as - # {{.Name}} are also valid. - init-container-name-template: "init-container" - - # container-concurrency specifies the maximum number - # of requests the Container can handle at once, and requests - # above this threshold are queued. Setting a value of zero - # disables this throttling and lets through as many requests as - # the pod receives. - container-concurrency: "0" - - # The container concurrency max limit is an operator setting ensuring that - # the individual revisions cannot have arbitrary large concurrency - # values, or autoscaling targets. `container-concurrency` default setting - # must be at or below this value. - # - # Must be greater than 1. - # - # Note: even with this set, a user can choose a containerConcurrency - # of 0 (i.e. unbounded) unless allow-container-concurrency-zero is - # set to "false". - container-concurrency-max-limit: "1000" - - # allow-container-concurrency-zero controls whether users can - # specify 0 (i.e. unbounded) for containerConcurrency. - allow-container-concurrency-zero: "true" - - # enable-service-links specifies the default value used for the - # enableServiceLinks field of the PodSpec, when it is omitted by the user. - # See: https://kubernetes.io/docs/concepts/services-networking/connect-applications-service/#accessing-the-service - # - # This is a tri-state flag with possible values of (true|false|default). - # - # In environments with large number of services it is suggested - # to set this value to `false`. - # See https://github.com/knative/serving/issues/8498. - enable-service-links: "false" - ---- -# Copyright 2019 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: v1 -kind: ConfigMap -metadata: - name: config-deployment - namespace: knative-serving - labels: - app.kubernetes.io/name: knative-serving - app.kubernetes.io/component: controller - app.kubernetes.io/version: "1.8.0" - annotations: - knative.dev/example-checksum: "dd7ee769" -data: - # This is the Go import path for the binary that is containerized - # and substituted here. - queue-sidecar-image: gcr.io/knative-releases/knative.dev/serving/cmd/queue@sha256:505179c0c4892ea4a70e78bc52ac21b03cd7f1a763d2ecc78e7bbaa1ae59c86c - _example: |- - ################################ - # # - # EXAMPLE CONFIGURATION # - # # - ################################ - - # This block is not actually functional configuration, - # but serves to illustrate the available configuration - # options and document them in a way that is accessible - # to users that `kubectl edit` this config map. - # - # These sample configuration options may be copied out of - # this example block and unindented to be in the data block - # to actually change the configuration. - - # List of repositories for which tag to digest resolving should be skipped - registries-skipping-tag-resolving: "kind.local,ko.local,dev.local" - - # Maximum time allowed for an image's digests to be resolved. - digest-resolution-timeout: "10s" - - # Duration we wait for the deployment to be ready before considering it failed. - progress-deadline: "600s" - - # Sets the queue proxy's CPU request. - # If omitted, a default value (currently "25m"), is used. - queue-sidecar-cpu-request: "25m" - - # Sets the queue proxy's CPU limit. - # If omitted, no value is specified and the system default is used. - queue-sidecar-cpu-limit: "1000m" - - # Sets the queue proxy's memory request. - # If omitted, no value is specified and the system default is used. - queue-sidecar-memory-request: "400Mi" - - # Sets the queue proxy's memory limit. - # If omitted, no value is specified and the system default is used. - queue-sidecar-memory-limit: "800Mi" - - # Sets the queue proxy's ephemeral storage request. - # If omitted, no value is specified and the system default is used. - queue-sidecar-ephemeral-storage-request: "512Mi" - - # Sets the queue proxy's ephemeral storage limit. - # If omitted, no value is specified and the system default is used. - queue-sidecar-ephemeral-storage-limit: "1024Mi" - - # The freezer service endpoint that queue-proxy calls when its traffic drops to zero or - # scales up from zero. - # - # Freezer service is available at: https://github.com/knative-sandbox/container-freezer - # or users may write their own service. - # - # The value will need to include both the host and the port that will be accessed. - # For the host, $HOST_IP can be passed, and the appropriate host IP value will be swapped - # in at runtime, which will enable the freezer daemonset to be reachable via the node IP. - # - # As an example: - # concurrency-state-endpoint: "http://$HOST_IP:9696" - # - # If not set, queue proxy takes no action (this is the default behavior). - # - # When enabled, a serviceAccountToken will be mounted to queue-proxy using - # a projected volume. This requires the Service Account Token Volume Projection feature - # to be enabled. For details, see this link: - # https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/#service-account-token-volume-projection - # - # NOTE THAT THIS IS AN EXPERIMENTAL / ALPHA FEATURE - concurrency-state-endpoint: "" - ---- -# Copyright 2018 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: v1 -kind: ConfigMap -metadata: - name: config-domain - namespace: knative-serving - labels: - app.kubernetes.io/name: knative-serving - app.kubernetes.io/component: controller - app.kubernetes.io/version: "1.8.0" - annotations: - knative.dev/example-checksum: "26c09de5" -data: - _example: | - ################################ - # # - # EXAMPLE CONFIGURATION # - # # - ################################ - - # This block is not actually functional configuration, - # but serves to illustrate the available configuration - # options and document them in a way that is accessible - # to users that `kubectl edit` this config map. - # - # These sample configuration options may be copied out of - # this example block and unindented to be in the data block - # to actually change the configuration. - - # Default value for domain. - # Routes having the cluster domain suffix (by default 'svc.cluster.local') - # will not be exposed through Ingress. You can define your own label - # selector to assign that domain suffix to your Route here, or you can set - # the label - # "networking.knative.dev/visibility=cluster-local" - # to achieve the same effect. This shows how to make routes having - # the label app=secret only exposed to the local cluster. - svc.cluster.local: | - selector: - app: secret - - # These are example settings of domain. - # example.com will be used for all routes, but it is the least-specific rule so it - # will only be used if no other domain matches. - example.com: | - - # example.org will be used for routes having app=nonprofit. - example.org: | - selector: - app: nonprofit - ---- -# Copyright 2020 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: v1 -kind: ConfigMap -metadata: - name: config-features - namespace: knative-serving - labels: - app.kubernetes.io/name: knative-serving - app.kubernetes.io/component: controller - app.kubernetes.io/version: "1.8.0" - annotations: - knative.dev/example-checksum: "691a192e" -data: - _example: |- - ################################ - # # - # EXAMPLE CONFIGURATION # - # # - ################################ - - # This block is not actually functional configuration, - # but serves to illustrate the available configuration - # options and document them in a way that is accessible - # to users that `kubectl edit` this config map. - # - # These sample configuration options may be copied out of - # this example block and unindented to be in the data block - # to actually change the configuration. - - # Indicates whether multi container support is enabled - # - # WARNING: Cannot safely be disabled once enabled. - # See: https://knative.dev/docs/serving/feature-flags/#multi-containers - multi-container: "enabled" - - # Indicates whether Kubernetes affinity support is enabled - # - # WARNING: Cannot safely be disabled once enabled. - # See: https://knative.dev/docs/serving/feature-flags/#kubernetes-node-affinity - kubernetes.podspec-affinity: "disabled" - - # Indicates whether Kubernetes topologySpreadConstraints support is enabled - # - # WARNING: Cannot safely be disabled once enabled. - # See: https://knative.dev/docs/serving/feature-flags/#kubernetes-topology-spread-constraints - kubernetes.podspec-topologyspreadconstraints: "disabled" - - # Indicates whether Kubernetes hostAliases support is enabled - # - # WARNING: Cannot safely be disabled once enabled. - # See: https://knative.dev/docs/serving/feature-flags/#kubernetes-host-aliases - kubernetes.podspec-hostaliases: "disabled" - - # Indicates whether Kubernetes nodeSelector support is enabled - # - # WARNING: Cannot safely be disabled once enabled. - # See: https://knative.dev/docs/serving/feature-flags/#kubernetes-node-selector - kubernetes.podspec-nodeselector: "disabled" - - # Indicates whether Kubernetes tolerations support is enabled - # - # WARNING: Cannot safely be disabled once enabled - # See: https://knative.dev/docs/serving/feature-flags/#kubernetes-toleration - kubernetes.podspec-tolerations: "disabled" - - # Indicates whether Kubernetes FieldRef support is enabled - # - # WARNING: Cannot safely be disabled once enabled. - # See: https://knative.dev/docs/serving/feature-flags/#kubernetes-fieldref - kubernetes.podspec-fieldref: "disabled" - - # Indicates whether Kubernetes RuntimeClassName support is enabled - # - # WARNING: Cannot safely be disabled once enabled. - # See: https://knative.dev/docs/serving/feature-flags/#kubernetes-runtime-class - kubernetes.podspec-runtimeclassname: "disabled" - - # Indicates whether Kubernetes DNSPolicy support is enabled - # - # WARNING: Cannot safely be disabled once enabled. - # See: https://knative.dev/docs/serving/feature-flags/#kubernetes-dnspolicy - kubernetes.podspec-dnspolicy: "disabled" - - # Indicates whether Kubernetes DNSConfig support is enabled - # - # WARNING: Cannot safely be disabled once enabled. - # See: https://knative.dev/docs/serving/feature-flags/#kubernetes-dnsconfig - kubernetes.podspec-dnsconfig: "disabled" - - # This feature allows end-users to set a subset of fields on the Pod's SecurityContext - # - # When set to "enabled" or "allowed" it allows the following - # PodSecurityContext properties: - # - FSGroup - # - RunAsGroup - # - RunAsNonRoot - # - SupplementalGroups - # - RunAsUser - # - SeccompProfile - # - # This feature flag should be used with caution as the PodSecurityContext - # properties may have a side-effect on non-user sidecar containers that come - # from Knative or your service mesh - # - # WARNING: Cannot safely be disabled once enabled. - # See: https://knative.dev/docs/serving/feature-flags/#kubernetes-security-context - kubernetes.podspec-securitycontext: "disabled" - - # Indicates whether Kubernetes PriorityClassName support is enabled - # - # WARNING: Cannot safely be disabled once enabled. - # See: https://knative.dev/docs/serving/feature-flags/#kubernetes-priority-class-name - kubernetes.podspec-priorityclassname: "disabled" - - # Indicates whether Kubernetes SchedulerName support is enabled - # - # WARNING: Cannot safely be disabled once enabled. - # See: https://knative.dev/docs/serving/feature-flags/#kubernetes-scheduler-name - kubernetes.podspec-schedulername: "disabled" - - # This feature flag allows end-users to add a subset of capabilities on the Pod's SecurityContext. - # - # When set to "enabled" or "allowed" it allows capabilities to be added to the container. - # For a list of possible capabilities, see https://man7.org/linux/man-pages/man7/capabilities.7.html - kubernetes.containerspec-addcapabilities: "disabled" - - # This feature validates PodSpecs from the validating webhook - # against the K8s API Server. - # - # When "enabled", the server will always run the extra validation. - # When "allowed", the server will not run the dry-run validation by default. - # However, clients may enable the behavior on an individual Service by - # attaching the following metadata annotation: "features.knative.dev/podspec-dryrun":"enabled". - # See: https://knative.dev/docs/serving/feature-flags/#kubernetes-dry-run - kubernetes.podspec-dryrun: "allowed" - - # Controls whether tag header based routing feature are enabled or not. - # 1. Enabled: enabling tag header based routing - # 2. Disabled: disabling tag header based routing - # See: https://knative.dev/docs/serving/feature-flags/#tag-header-based-routing - tag-header-based-routing: "disabled" - - # Controls whether http2 auto-detection should be enabled or not. - # 1. Enabled: http2 connection will be attempted via upgrade. - # 2. Disabled: http2 connection will only be attempted when port name is set to "h2c". - autodetect-http2: "disabled" - - # Controls whether volume support for EmptyDir is enabled or not. - # 1. Enabled: enabling EmptyDir volume support - # 2. Disabled: disabling EmptyDir volume support - kubernetes.podspec-volumes-emptydir: "enabled" - - # Controls whether init containers support is enabled or not. - # 1. Enabled: enabling init containers support - # 2. Disabled: disabling init containers support - kubernetes.podspec-init-containers: "disabled" - - # Controls whether persistent volume claim support is enabled or not. - # 1. Enabled: enabling persistent volume claim support - # 2. Disabled: disabling persistent volume claim support - kubernetes.podspec-persistent-volume-claim: "disabled" - - # Controls whether write access for persistent volumes is enabled or not. - # 1. Enabled: enabling write access for persistent volumes - # 2. Disabled: disabling write access for persistent volumes - kubernetes.podspec-persistent-volume-write: "disabled" - - # Controls if the queue proxy podInfo feature is enabled, allowed or disabled - # - # This feature should be enabled/allowed when using queue proxy Options (Extensions) - # Enabling will mount a podInfo volume to the queue proxy container. - # The volume will contains an 'annotations' file (from the pod's annotation field). - # The annotations in this file include the Service annotations set by the client creating the service. - # If mounted, the annotations can be accessed by queue proxy extensions at /etc/podinfo/annnotations - # - # 1. "enabled": always mount a podInfo volume - # 2. "disabled": never mount a podInfo volume - # 3. "allowed": by default, do not mount a podInfo volume - # However, a client may mount the podInfo volume on an individual Service by attaching - # the following metadata annotation to the Service: "features.knative.dev/queueproxy-podinfo":"enabled". - # - # NOTE THAT THIS IS AN EXPERIMENTAL / ALPHA FEATURE - queueproxy.mount-podinfo: "disabled" - ---- -# Copyright 2018 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: v1 -kind: ConfigMap -metadata: - name: config-gc - namespace: knative-serving - labels: - app.kubernetes.io/name: knative-serving - app.kubernetes.io/component: controller - app.kubernetes.io/version: "1.8.0" - annotations: - knative.dev/example-checksum: "aa3813a8" -data: - _example: | - ################################ - # # - # EXAMPLE CONFIGURATION # - # # - ################################ - - # This block is not actually functional configuration, - # but serves to illustrate the available configuration - # options and document them in a way that is accessible - # to users that `kubectl edit` this config map. - # - # These sample configuration options may be copied out of - # this example block and unindented to be in the data block - # to actually change the configuration. - - # --------------------------------------- - # Garbage Collector Settings - # --------------------------------------- - # - # Active - # * Revisions which are referenced by a Route are considered active. - # * Individual revisions may be marked with the annotation - # "serving.knative.dev/no-gc":"true" to be permanently considered active. - # * Active revisions are not considered for GC. - # Retention - # * Revisions are retained if they are any of the following: - # 1. Active - # 2. Were created within "retain-since-create-time" - # 3. Were last referenced by a route within - # "retain-since-last-active-time" - # 4. There are fewer than "min-non-active-revisions" - # If none of these conditions are met, or if the count of revisions exceed - # "max-non-active-revisions", they will be deleted by GC. - # The special value "disabled" may be used to turn off these limits. - # - # Example config to immediately collect any inactive revision: - # min-non-active-revisions: "0" - # max-non-active-revisions: "0" - # retain-since-create-time: "disabled" - # retain-since-last-active-time: "disabled" - # - # Example config to always keep around the last ten non-active revisions: - # retain-since-create-time: "disabled" - # retain-since-last-active-time: "disabled" - # max-non-active-revisions: "10" - # - # Example config to disable all garbage collection: - # retain-since-create-time: "disabled" - # retain-since-last-active-time: "disabled" - # max-non-active-revisions: "disabled" - # - # Example config to keep recently deployed or active revisions, - # always maintain the last two in case of rollback, and prevent - # burst activity from exploding the count of old revisions: - # retain-since-create-time: "48h" - # retain-since-last-active-time: "15h" - # min-non-active-revisions: "2" - # max-non-active-revisions: "1000" - - # Duration since creation before considering a revision for GC or "disabled". - retain-since-create-time: "48h" - - # Duration since active before considering a revision for GC or "disabled". - retain-since-last-active-time: "15h" - - # Minimum number of non-active revisions to retain. - min-non-active-revisions: "20" - - # Maximum number of non-active revisions to retain - # or "disabled" to disable any maximum limit. - max-non-active-revisions: "1000" - ---- -# Copyright 2020 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: v1 -kind: ConfigMap -metadata: - name: config-leader-election - namespace: knative-serving - labels: - app.kubernetes.io/name: knative-serving - app.kubernetes.io/component: controller - app.kubernetes.io/version: "1.8.0" - annotations: - knative.dev/example-checksum: "f4b71f57" -data: - _example: | - ################################ - # # - # EXAMPLE CONFIGURATION # - # # - ################################ - - # This block is not actually functional configuration, - # but serves to illustrate the available configuration - # options and document them in a way that is accessible - # to users that `kubectl edit` this config map. - # - # These sample configuration options may be copied out of - # this example block and unindented to be in the data block - # to actually change the configuration. - - # lease-duration is how long non-leaders will wait to try to acquire the - # lock; 15 seconds is the value used by core kubernetes controllers. - lease-duration: "60s" - - # renew-deadline is how long a leader will try to renew the lease before - # giving up; 10 seconds is the value used by core kubernetes controllers. - renew-deadline: "40s" - - # retry-period is how long the leader election client waits between tries of - # actions; 2 seconds is the value used by core kubernetes controllers. - retry-period: "10s" - - # buckets is the number of buckets used to partition key space of each - # Reconciler. If this number is M and the replica number of the controller - # is N, the N replicas will compete for the M buckets. The owner of a - # bucket will take care of the reconciling for the keys partitioned into - # that bucket. - buckets: "1" - ---- -# Copyright 2018 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: v1 -kind: ConfigMap -metadata: - name: config-logging - namespace: knative-serving - labels: - app.kubernetes.io/version: "1.8.0" - app.kubernetes.io/component: logging - app.kubernetes.io/name: knative-serving - annotations: - knative.dev/example-checksum: "b0f3c6f2" -data: - _example: | - ################################ - # # - # EXAMPLE CONFIGURATION # - # # - ################################ - - # This block is not actually functional configuration, - # but serves to illustrate the available configuration - # options and document them in a way that is accessible - # to users that `kubectl edit` this config map. - # - # These sample configuration options may be copied out of - # this example block and unindented to be in the data block - # to actually change the configuration. - - # Common configuration for all Knative codebase - zap-logger-config: | - { - "level": "info", - "development": false, - "outputPaths": ["stdout"], - "errorOutputPaths": ["stderr"], - "encoding": "json", - "encoderConfig": { - "timeKey": "timestamp", - "levelKey": "severity", - "nameKey": "logger", - "callerKey": "caller", - "messageKey": "message", - "stacktraceKey": "stacktrace", - "lineEnding": "", - "levelEncoder": "", - "timeEncoder": "iso8601", - "durationEncoder": "", - "callerEncoder": "" - } - } - - # Log level overrides - # For all components except the queue proxy, - # changes are picked up immediately. - # For queue proxy, changes require recreation of the pods. - loglevel.controller: "info" - loglevel.autoscaler: "info" - loglevel.queueproxy: "info" - loglevel.webhook: "info" - loglevel.activator: "info" - loglevel.hpaautoscaler: "info" - loglevel.net-certmanager-controller: "info" - loglevel.net-istio-controller: "info" - loglevel.net-contour-controller: "info" - ---- -# Copyright 2018 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: v1 -kind: ConfigMap -metadata: - name: config-network - namespace: knative-serving - labels: - app.kubernetes.io/name: knative-serving - app.kubernetes.io/component: networking - app.kubernetes.io/version: "1.8.0" - annotations: - knative.dev/example-checksum: "73d96d1b" -data: - _example: | - ################################ - # # - # EXAMPLE CONFIGURATION # - # # - ################################ - - # This block is not actually functional configuration, - # but serves to illustrate the available configuration - # options and document them in a way that is accessible - # to users that `kubectl edit` this config map. - # - # These sample configuration options may be copied out of - # this example block and unindented to be in the data block - # to actually change the configuration. - - # ingress-class specifies the default ingress class - # to use when not dictated by Route annotation. - # - # If not specified, will use the Istio ingress. - # - # Note that changing the Ingress class of an existing Route - # will result in undefined behavior. Therefore it is best to only - # update this value during the setup of Knative, to avoid getting - # undefined behavior. - ingress-class: "istio.ingress.networking.knative.dev" - - # certificate-class specifies the default Certificate class - # to use when not dictated by Route annotation. - # - # If not specified, will use the Cert-Manager Certificate. - # - # Note that changing the Certificate class of an existing Route - # will result in undefined behavior. Therefore it is best to only - # update this value during the setup of Knative, to avoid getting - # undefined behavior. - certificate-class: "cert-manager.certificate.networking.knative.dev" - - # namespace-wildcard-cert-selector specifies a LabelSelector which - # determines which namespaces should have a wildcard certificate - # provisioned. - # - # Use an empty value to disable the feature (this is the default): - # namespace-wildcard-cert-selector: "" - # - # Use an empty object to enable for all namespaces - # namespace-wildcard-cert-selector: {} - # - # Useful labels include the "kubernetes.io/metadata.name" label to - # avoid provisioning a certifcate for the "kube-system" namespaces. - # Use the following selector to match pre-1.0 behavior of using - # "networking.knative.dev/disableWildcardCert" to exclude namespaces: - # - # matchExpressions: - # - key: "networking.knative.dev/disableWildcardCert" - # operator: "NotIn" - # values: ["true"] - namespace-wildcard-cert-selector: "" - - # domain-template specifies the golang text template string to use - # when constructing the Knative service's DNS name. The default - # value is "{{.Name}}.{{.Namespace}}.{{.Domain}}". - # - # Valid variables defined in the template include Name, Namespace, Domain, - # Labels, and Annotations. Name will be the result of the tagTemplate - # below, if a tag is specified for the route. - # - # Changing this value might be necessary when the extra levels in - # the domain name generated is problematic for wildcard certificates - # that only support a single level of domain name added to the - # certificate's domain. In those cases you might consider using a value - # of "{{.Name}}-{{.Namespace}}.{{.Domain}}", or removing the Namespace - # entirely from the template. When choosing a new value be thoughtful - # of the potential for conflicts - for example, when users choose to use - # characters such as `-` in their service, or namespace, names. - # {{.Annotations}} or {{.Labels}} can be used for any customization in the - # go template if needed. - # We strongly recommend keeping namespace part of the template to avoid - # domain name clashes: - # eg. '{{.Name}}-{{.Namespace}}.{{ index .Annotations "sub"}}.{{.Domain}}' - # and you have an annotation {"sub":"foo"}, then the generated template - # would be {Name}-{Namespace}.foo.{Domain} - domain-template: "{{.Name}}.{{.Namespace}}.{{.Domain}}" - - # tagTemplate specifies the golang text template string to use - # when constructing the DNS name for "tags" within the traffic blocks - # of Routes and Configuration. This is used in conjunction with the - # domainTemplate above to determine the full URL for the tag. - tag-template: "{{.Tag}}-{{.Name}}" - - # Controls whether TLS certificates are automatically provisioned and - # installed in the Knative ingress to terminate external TLS connection. - # 1. Enabled: enabling auto-TLS feature. - # 2. Disabled: disabling auto-TLS feature. - auto-tls: "Disabled" - - # Controls the behavior of the HTTP endpoint for the Knative ingress. - # It requires autoTLS to be enabled. - # 1. Enabled: The Knative ingress will be able to serve HTTP connection. - # 2. Redirected: The Knative ingress will send a 301 redirect for all - # http connections, asking the clients to use HTTPS. - # - # "Disabled" option is deprecated. - http-protocol: "Enabled" - - # rollout-duration contains the minimal duration in seconds over which the - # Configuration traffic targets are rolled out to the newest revision. - rollout-duration: "0" - - # autocreate-cluster-domain-claims controls whether ClusterDomainClaims should - # be automatically created (and deleted) as needed when DomainMappings are - # reconciled. - # - # If this is "false" (the default), the cluster administrator is - # responsible for creating ClusterDomainClaims and delegating them to - # namespaces via their spec.Namespace field. This setting should be used in - # multitenant environments which need to control which namespace can use a - # particular domain name in a domain mapping. - # - # If this is "true", users are able to associate arbitrary names with their - # services via the DomainMapping feature. - autocreate-cluster-domain-claims: "false" - - # If true, networking plugins can add additional information to deployed - # applications to make their pods directly accessible via their IPs even if mesh is - # enabled and thus direct-addressability is usually not possible. - # Consumers like Knative Serving can use this setting to adjust their behavior - # accordingly, i.e. to drop fallback solutions for non-pod-addressable systems. - # - # NOTE: This flag is in an alpha state and is mostly here to enable internal testing - # for now. Use with caution. - enable-mesh-pod-addressability: "false" - - # mesh-compatibility-mode indicates whether consumers of network plugins - # should directly contact Pod IPs (most efficient), or should use the - # Cluster IP (less efficient, needed when mesh is enabled unless - # `enable-mesh-pod-addressability`, above, is set). - # Permitted values are: - # - "auto" (default): automatically determine which mesh mode to use by trying Pod IP and falling back to Cluster IP as needed. - # - "enabled": always use Cluster IP and do not attempt to use Pod IPs. - # - "disabled": always use Pod IPs and do not fall back to Cluster IP on failure. - mesh-compatibility-mode: "auto" - - # Defines the scheme used for external URLs if autoTLS is not enabled. - # This can be used for making Knative report all URLs as "HTTPS" for example, if you're - # fronting Knative with an external loadbalancer that deals with TLS termination and - # Knative doesn't know about that otherwise. - default-external-scheme: "http" - - # internal-encryption indicates whether internal traffic is encrypted or not. - # If this is "true", the following traffic are encrypted: - # - ingress to activator - # - ingress to queue-proxy - # - activator to queue-proxy - # - # NOTE: This flag is in an alpha state and is mostly here to enable internal testing - # for now. Use with caution. - internal-encryption: "false" - ---- -# Copyright 2018 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: v1 -kind: ConfigMap -metadata: - name: config-observability - namespace: knative-serving - labels: - app.kubernetes.io/name: knative-serving - app.kubernetes.io/component: observability - app.kubernetes.io/version: "1.8.0" - annotations: - knative.dev/example-checksum: "fed4756e" -data: - _example: | - ################################ - # # - # EXAMPLE CONFIGURATION # - # # - ################################ - - # This block is not actually functional configuration, - # but serves to illustrate the available configuration - # options and document them in a way that is accessible - # to users that `kubectl edit` this config map. - # - # These sample configuration options may be copied out of - # this example block and unindented to be in the data block - # to actually change the configuration. - - # logging.enable-var-log-collection defaults to false. - # The fluentd daemon set will be set up to collect /var/log if - # this flag is true. - logging.enable-var-log-collection: "false" - - # logging.revision-url-template provides a template to use for producing the - # logging URL that is injected into the status of each Revision. - logging.revision-url-template: "http://logging.example.com/?revisionUID=${REVISION_UID}" - - # If non-empty, this enables queue proxy writing user request logs to stdout, excluding probe - # requests. - # NB: after 0.18 release logging.enable-request-log must be explicitly set to true - # in order for request logging to be enabled. - # - # The value determines the shape of the request logs and it must be a valid go text/template. - # It is important to keep this as a single line. Multiple lines are parsed as separate entities - # by most collection agents and will split the request logs into multiple records. - # - # The following fields and functions are available to the template: - # - # Request: An http.Request (see https://golang.org/pkg/net/http/#Request) - # representing an HTTP request received by the server. - # - # Response: - # struct { - # Code int // HTTP status code (see https://www.iana.org/assignments/http-status-codes/http-status-codes.xhtml) - # Size int // An int representing the size of the response. - # Latency float64 // A float64 representing the latency of the response in seconds. - # } - # - # Revision: - # struct { - # Name string // Knative revision name - # Namespace string // Knative revision namespace - # Service string // Knative service name - # Configuration string // Knative configuration name - # PodName string // Name of the pod hosting the revision - # PodIP string // IP of the pod hosting the revision - # } - # - logging.request-log-template: '{"httpRequest": {"requestMethod": "{{.Request.Method}}", "requestUrl": "{{js .Request.RequestURI}}", "requestSize": "{{.Request.ContentLength}}", "status": {{.Response.Code}}, "responseSize": "{{.Response.Size}}", "userAgent": "{{js .Request.UserAgent}}", "remoteIp": "{{js .Request.RemoteAddr}}", "serverIp": "{{.Revision.PodIP}}", "referer": "{{js .Request.Referer}}", "latency": "{{.Response.Latency}}s", "protocol": "{{.Request.Proto}}"}, "traceId": "{{index .Request.Header "X-B3-Traceid"}}"}' - - # If true, the request logging will be enabled. - # NB: up to and including Knative version 0.18 if logging.request-log-template is non-empty, this value - # will be ignored. - logging.enable-request-log: "false" - - # If true, this enables queue proxy writing request logs for probe requests to stdout. - # It uses the same template for user requests, i.e. logging.request-log-template. - logging.enable-probe-request-log: "false" - - # metrics.backend-destination field specifies the system metrics destination. - # It supports either prometheus (the default) or opencensus. - metrics.backend-destination: prometheus - - # metrics.request-metrics-backend-destination specifies the request metrics - # destination. It enables queue proxy to send request metrics. - # Currently supported values: prometheus (the default), opencensus. - metrics.request-metrics-backend-destination: prometheus - - # profiling.enable indicates whether it is allowed to retrieve runtime profiling data from - # the pods via an HTTP server in the format expected by the pprof visualization tool. When - # enabled, the Knative Serving pods expose the profiling data on an alternate HTTP port 8008. - # The HTTP context root for profiling is then /debug/pprof/. - profiling.enable: "false" - ---- -# Copyright 2019 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: v1 -kind: ConfigMap -metadata: - name: config-tracing - namespace: knative-serving - labels: - app.kubernetes.io/name: knative-serving - app.kubernetes.io/component: tracing - app.kubernetes.io/version: "1.8.0" - annotations: - knative.dev/example-checksum: "26614636" -data: - _example: | - ################################ - # # - # EXAMPLE CONFIGURATION # - # # - ################################ - - # This block is not actually functional configuration, - # but serves to illustrate the available configuration - # options and document them in a way that is accessible - # to users that `kubectl edit` this config map. - # - # These sample configuration options may be copied out of - # this example block and unindented to be in the data block - # to actually change the configuration. - # - # This may be "zipkin" or "none" (default) - backend: "none" - - # URL to zipkin collector where traces are sent. - # This must be specified when backend is "zipkin" - zipkin-endpoint: "http://zipkin.istio-system.svc.cluster.local:9411/api/v2/spans" - - # Enable zipkin debug mode. This allows all spans to be sent to the server - # bypassing sampling. - debug: "false" - - # Percentage (0-1) of requests to trace - sample-rate: "0.1" - ---- -# Copyright 2020 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: autoscaling/v2 -kind: HorizontalPodAutoscaler -metadata: - name: activator - namespace: knative-serving - labels: - app.kubernetes.io/component: activator - app.kubernetes.io/name: knative-serving - app.kubernetes.io/version: "1.8.0" -spec: - minReplicas: 1 - maxReplicas: 20 - scaleTargetRef: - apiVersion: apps/v1 - kind: Deployment - name: activator - metrics: - - type: Resource - resource: - name: cpu - target: - type: Utilization - # Percentage of the requested CPU - averageUtilization: 100 ---- -# Activator PDB. Currently we permit unavailability of 20% of tasks at the same time. -# Given the subsetting and that the activators are partially stateful systems, we want -# a slow rollout of the new versions and slow migration during node upgrades. -apiVersion: policy/v1 -kind: PodDisruptionBudget -metadata: - name: activator-pdb - namespace: knative-serving - labels: - app.kubernetes.io/component: activator - app.kubernetes.io/name: knative-serving - app.kubernetes.io/version: "1.8.0" -spec: - minAvailable: 80% - selector: - matchLabels: - app: activator - ---- -# Copyright 2018 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: apps/v1 -kind: Deployment -metadata: - name: activator - namespace: knative-serving - labels: - app.kubernetes.io/component: activator - app.kubernetes.io/version: "1.8.0" - app.kubernetes.io/name: knative-serving -spec: - selector: - matchLabels: - app: activator - role: activator - template: - metadata: - annotations: - cluster-autoscaler.kubernetes.io/safe-to-evict: "false" - labels: - app: activator - role: activator - app.kubernetes.io/component: activator - app.kubernetes.io/name: knative-serving - app.kubernetes.io/version: "1.8.0" - spec: - serviceAccountName: controller - containers: - - name: activator - # This is the Go import path for the binary that is containerized - # and substituted here. - image: gcr.io/knative-releases/knative.dev/serving/cmd/activator@sha256:c3bbf3a96920048869dcab8e133e00f59855670b8a0bbca3d72ced2f512eb5e1 - # The numbers are based on performance test results from - # https://github.com/knative/serving/issues/1625#issuecomment-511930023 - resources: - requests: - cpu: 300m - memory: 60Mi - limits: - cpu: 1000m - memory: 600Mi - env: - # Run Activator with GC collection when newly generated memory is 500%. - - name: GOGC - value: "500" - - name: POD_NAME - valueFrom: - fieldRef: - fieldPath: metadata.name - - name: POD_IP - valueFrom: - fieldRef: - fieldPath: status.podIP - - name: SYSTEM_NAMESPACE - valueFrom: - fieldRef: - fieldPath: metadata.namespace - - name: CONFIG_LOGGING_NAME - value: config-logging - - name: CONFIG_OBSERVABILITY_NAME - value: config-observability - # TODO(https://github.com/knative/pkg/pull/953): Remove stackdriver specific config - - name: METRICS_DOMAIN - value: knative.dev/internal/serving - securityContext: - allowPrivilegeEscalation: false - readOnlyRootFilesystem: true - runAsNonRoot: true - capabilities: - drop: - - ALL - seccompProfile: - type: RuntimeDefault - ports: - - name: metrics - containerPort: 9090 - - name: profiling - containerPort: 8008 - - name: http1 - containerPort: 8012 - - name: h2c - containerPort: 8013 - readinessProbe: - httpGet: - port: 8012 - httpHeaders: - - name: k-kubelet-probe - value: "activator" - periodSeconds: 5 - failureThreshold: 5 - livenessProbe: - httpGet: - port: 8012 - httpHeaders: - - name: k-kubelet-probe - value: "activator" - periodSeconds: 10 - failureThreshold: 12 - initialDelaySeconds: 15 - # The activator (often) sits on the dataplane, and may proxy long (e.g. - # streaming, websockets) requests. We give a long grace period for the - # activator to "lame duck" and drain outstanding requests before we - # forcibly terminate the pod (and outstanding connections). This value - # should be at least as large as the upper bound on the Revision's - # timeoutSeconds property to avoid servicing events disrupting - # connections. - terminationGracePeriodSeconds: 600 ---- -apiVersion: v1 -kind: Service -metadata: - name: activator-service - namespace: knative-serving - labels: - app: activator - app.kubernetes.io/component: activator - app.kubernetes.io/version: "1.8.0" - app.kubernetes.io/name: knative-serving -spec: - selector: - app: activator - ports: - # Define metrics and profiling for them to be accessible within service meshes. - - name: http-metrics - port: 9090 - targetPort: 9090 - - name: http-profiling - port: 8008 - targetPort: 8008 - - name: http - port: 80 - targetPort: 8012 - - name: http2 - port: 81 - targetPort: 8013 - - name: https - port: 443 - targetPort: 8112 - type: ClusterIP - ---- -# Copyright 2018 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: apps/v1 -kind: Deployment -metadata: - name: autoscaler - namespace: knative-serving - labels: - app.kubernetes.io/component: autoscaler - app.kubernetes.io/name: knative-serving - app.kubernetes.io/version: "1.8.0" -spec: - replicas: 1 - selector: - matchLabels: - app: autoscaler - strategy: - type: RollingUpdate - rollingUpdate: - maxUnavailable: 0 - template: - metadata: - annotations: - cluster-autoscaler.kubernetes.io/safe-to-evict: "false" - labels: - app: autoscaler - app.kubernetes.io/component: autoscaler - app.kubernetes.io/name: knative-serving - app.kubernetes.io/version: "1.8.0" - spec: - # To avoid node becoming SPOF, spread our replicas to different nodes. - affinity: - podAntiAffinity: - preferredDuringSchedulingIgnoredDuringExecution: - - podAffinityTerm: - labelSelector: - matchLabels: - app: autoscaler - topologyKey: kubernetes.io/hostname - weight: 100 - serviceAccountName: controller - containers: - - name: autoscaler - # This is the Go import path for the binary that is containerized - # and substituted here. - image: gcr.io/knative-releases/knative.dev/serving/cmd/autoscaler@sha256:caae5e34b4cb311ed8551f2778cfca566a77a924a59b775bd516fa8b5e3c1d7f - resources: - requests: - cpu: 100m - memory: 100Mi - limits: - cpu: 1000m - memory: 1000Mi - env: - - name: POD_NAME - valueFrom: - fieldRef: - fieldPath: metadata.name - - name: POD_IP - valueFrom: - fieldRef: - fieldPath: status.podIP - - name: SYSTEM_NAMESPACE - valueFrom: - fieldRef: - fieldPath: metadata.namespace - - name: CONFIG_LOGGING_NAME - value: config-logging - - name: CONFIG_OBSERVABILITY_NAME - value: config-observability - # TODO(https://github.com/knative/pkg/pull/953): Remove stackdriver specific config - - name: METRICS_DOMAIN - value: knative.dev/serving - securityContext: - allowPrivilegeEscalation: false - readOnlyRootFilesystem: true - runAsNonRoot: true - capabilities: - drop: - - ALL - seccompProfile: - type: RuntimeDefault - ports: - - name: metrics - containerPort: 9090 - - name: profiling - containerPort: 8008 - - name: websocket - containerPort: 8080 - readinessProbe: - httpGet: - port: 8080 - httpHeaders: - - name: k-kubelet-probe - value: "autoscaler" - livenessProbe: - httpGet: - port: 8080 - httpHeaders: - - name: k-kubelet-probe - value: "autoscaler" - failureThreshold: 6 ---- -apiVersion: v1 -kind: Service -metadata: - labels: - app: autoscaler - app.kubernetes.io/component: autoscaler - app.kubernetes.io/name: knative-serving - app.kubernetes.io/version: "1.8.0" - name: autoscaler - namespace: knative-serving -spec: - ports: - # Define metrics and profiling for them to be accessible within service meshes. - - name: http-metrics - port: 9090 - targetPort: 9090 - - name: http-profiling - port: 8008 - targetPort: 8008 - - name: http - port: 8080 - targetPort: 8080 - selector: - app: autoscaler - ---- -# Copyright 2018 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: apps/v1 -kind: Deployment -metadata: - name: controller - namespace: knative-serving - labels: - app.kubernetes.io/component: controller - app.kubernetes.io/name: knative-serving - app.kubernetes.io/version: "1.8.0" -spec: - selector: - matchLabels: - app: controller - template: - metadata: - annotations: - cluster-autoscaler.kubernetes.io/safe-to-evict: "true" - labels: - app: controller - app.kubernetes.io/component: controller - app.kubernetes.io/name: knative-serving - app.kubernetes.io/version: "1.8.0" - spec: - # To avoid node becoming SPOF, spread our replicas to different nodes. - affinity: - podAntiAffinity: - preferredDuringSchedulingIgnoredDuringExecution: - - podAffinityTerm: - labelSelector: - matchLabels: - app: controller - topologyKey: kubernetes.io/hostname - weight: 100 - serviceAccountName: controller - containers: - - name: controller - # This is the Go import path for the binary that is containerized - # and substituted here. - image: gcr.io/knative-releases/knative.dev/serving/cmd/controller@sha256:38f9557f4d61ec79cc2cdbe76da8df6c6ae5f978a50a2847c22cc61aa240da95 - resources: - requests: - cpu: 100m - memory: 100Mi - limits: - cpu: 1000m - memory: 1000Mi - env: - - name: POD_NAME - valueFrom: - fieldRef: - fieldPath: metadata.name - - name: SYSTEM_NAMESPACE - valueFrom: - fieldRef: - fieldPath: metadata.namespace - - name: CONFIG_LOGGING_NAME - value: config-logging - - name: CONFIG_OBSERVABILITY_NAME - value: config-observability - # TODO(https://github.com/knative/pkg/pull/953): Remove stackdriver specific config - - name: METRICS_DOMAIN - value: knative.dev/internal/serving - securityContext: - allowPrivilegeEscalation: false - readOnlyRootFilesystem: true - runAsNonRoot: true - capabilities: - drop: - - ALL - seccompProfile: - type: RuntimeDefault - ports: - - name: metrics - containerPort: 9090 - - name: profiling - containerPort: 8008 ---- -apiVersion: v1 -kind: Service -metadata: - labels: - app: controller - app.kubernetes.io/component: controller - app.kubernetes.io/name: knative-serving - app.kubernetes.io/version: "1.8.0" - name: controller - namespace: knative-serving -spec: - ports: - # Define metrics and profiling for them to be accessible within service meshes. - - name: http-metrics - port: 9090 - targetPort: 9090 - - name: http-profiling - port: 8008 - targetPort: 8008 - selector: - app: controller - ---- -# Copyright 2020 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: apps/v1 -kind: Deployment -metadata: - name: domain-mapping - namespace: knative-serving - labels: - app.kubernetes.io/component: domain-mapping - app.kubernetes.io/name: knative-serving - app.kubernetes.io/version: "1.8.0" -spec: - selector: - matchLabels: - app: domain-mapping - template: - metadata: - annotations: - cluster-autoscaler.kubernetes.io/safe-to-evict: "true" - labels: - app: domain-mapping - app.kubernetes.io/component: domain-mapping - app.kubernetes.io/name: knative-serving - app.kubernetes.io/version: "1.8.0" - spec: - # To avoid node becoming SPOF, spread our replicas to different nodes. - affinity: - podAntiAffinity: - preferredDuringSchedulingIgnoredDuringExecution: - - podAffinityTerm: - labelSelector: - matchLabels: - app: domain-mapping - topologyKey: kubernetes.io/hostname - weight: 100 - serviceAccountName: controller - containers: - - name: domain-mapping - # This is the Go import path for the binary that is containerized - # and substituted here. - image: gcr.io/knative-releases/knative.dev/serving/cmd/domain-mapping@sha256:763d648bf1edee2b4471b0e211dbc53ba2d28f92e4dae28ccd39af7185ef2c96 - resources: - requests: - cpu: 30m - memory: 40Mi - limits: - cpu: 300m - memory: 400Mi - env: - - name: SYSTEM_NAMESPACE - valueFrom: - fieldRef: - fieldPath: metadata.namespace - - name: CONFIG_LOGGING_NAME - value: config-logging - - name: CONFIG_OBSERVABILITY_NAME - value: config-observability - # TODO(https://github.com/knative/pkg/pull/953): Remove stackdriver specific config - - name: METRICS_DOMAIN - value: knative.dev/serving - securityContext: - allowPrivilegeEscalation: false - readOnlyRootFilesystem: true - runAsNonRoot: true - capabilities: - drop: - - ALL - seccompProfile: - type: RuntimeDefault - ports: - - name: metrics - containerPort: 9090 - - name: profiling - containerPort: 8008 - ---- -# Copyright 2020 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: apps/v1 -kind: Deployment -metadata: - name: domainmapping-webhook - namespace: knative-serving - labels: - app.kubernetes.io/component: domain-mapping - app.kubernetes.io/name: knative-serving - app.kubernetes.io/version: "1.8.0" -spec: - selector: - matchLabels: - app: domainmapping-webhook - role: domainmapping-webhook - template: - metadata: - annotations: - cluster-autoscaler.kubernetes.io/safe-to-evict: "false" - labels: - app: domainmapping-webhook - role: domainmapping-webhook - app.kubernetes.io/component: domain-mapping - app.kubernetes.io/name: knative-serving - app.kubernetes.io/version: "1.8.0" - spec: - # To avoid node becoming SPOF, spread our replicas to different nodes. - affinity: - podAntiAffinity: - preferredDuringSchedulingIgnoredDuringExecution: - - podAffinityTerm: - labelSelector: - matchLabels: - app: domainmapping-webhook - topologyKey: kubernetes.io/hostname - weight: 100 - serviceAccountName: controller - containers: - - name: domainmapping-webhook - # This is the Go import path for the binary that is containerized - # and substituted here. - image: gcr.io/knative-releases/knative.dev/serving/cmd/domain-mapping-webhook@sha256:a4ba0076df2efaca2eed561339e21b3a4ca9d90167befd31de882bff69639470 - resources: - requests: - cpu: 100m - memory: 100Mi - limits: - cpu: 500m - memory: 500Mi - env: - - name: POD_NAME - valueFrom: - fieldRef: - fieldPath: metadata.name - - name: SYSTEM_NAMESPACE - valueFrom: - fieldRef: - fieldPath: metadata.namespace - - name: CONFIG_LOGGING_NAME - value: config-logging - - name: CONFIG_OBSERVABILITY_NAME - value: config-observability - - name: WEBHOOK_PORT - value: "8443" - # TODO(https://github.com/knative/pkg/pull/953): Remove stackdriver specific config - - name: METRICS_DOMAIN - value: knative.dev/serving - securityContext: - allowPrivilegeEscalation: false - readOnlyRootFilesystem: true - runAsNonRoot: true - capabilities: - drop: - - ALL - seccompProfile: - type: RuntimeDefault - ports: - - name: metrics - containerPort: 9090 - - name: profiling - containerPort: 8008 - - name: https-webhook - containerPort: 8443 - readinessProbe: - periodSeconds: 1 - httpGet: - scheme: HTTPS - port: 8443 - httpHeaders: - - name: k-kubelet-probe - value: "webhook" - livenessProbe: - periodSeconds: 1 - httpGet: - scheme: HTTPS - port: 8443 - httpHeaders: - - name: k-kubelet-probe - value: "webhook" - failureThreshold: 6 - initialDelaySeconds: 20 - # Our webhook should gracefully terminate by lame ducking first, set this to a sufficiently - # high value that we respect whatever value it has configured for the lame duck grace period. - terminationGracePeriodSeconds: 300 ---- -apiVersion: v1 -kind: Service -metadata: - labels: - role: domainmapping-webhook - app.kubernetes.io/component: domain-mapping - app.kubernetes.io/name: knative-serving - app.kubernetes.io/version: "1.8.0" - name: domainmapping-webhook - namespace: knative-serving -spec: - ports: - # Define metrics and profiling for them to be accessible within service meshes. - - name: http-metrics - port: 9090 - targetPort: 9090 - - name: http-profiling - port: 8008 - targetPort: 8008 - - name: https-webhook - port: 443 - targetPort: 8443 - selector: - role: domainmapping-webhook - ---- -# Copyright 2020 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: autoscaling/v2beta2 -kind: HorizontalPodAutoscaler -metadata: - name: webhook - namespace: knative-serving - labels: - app.kubernetes.io/component: webhook - app.kubernetes.io/name: knative-serving - app.kubernetes.io/version: "1.8.0" -spec: - minReplicas: 1 - maxReplicas: 5 - scaleTargetRef: - apiVersion: apps/v1 - kind: Deployment - name: webhook - metrics: - - type: Resource - resource: - name: cpu - target: - type: Utilization - # Percentage of the requested CPU - averageUtilization: 100 ---- -# Webhook PDB. -apiVersion: policy/v1 -kind: PodDisruptionBudget -metadata: - name: webhook-pdb - namespace: knative-serving - labels: - app.kubernetes.io/component: webhook - app.kubernetes.io/name: knative-serving - app.kubernetes.io/version: "1.8.0" -spec: - minAvailable: 80% - selector: - matchLabels: - app: webhook - ---- -# Copyright 2018 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: apps/v1 -kind: Deployment -metadata: - name: webhook - namespace: knative-serving - labels: - app.kubernetes.io/component: webhook - app.kubernetes.io/version: "1.8.0" - app.kubernetes.io/name: knative-serving -spec: - selector: - matchLabels: - app: webhook - role: webhook - template: - metadata: - annotations: - cluster-autoscaler.kubernetes.io/safe-to-evict: "false" - labels: - app: webhook - role: webhook - app.kubernetes.io/version: "1.8.0" - app.kubernetes.io/name: knative-serving - spec: - # To avoid node becoming SPOF, spread our replicas to different nodes. - affinity: - podAntiAffinity: - preferredDuringSchedulingIgnoredDuringExecution: - - podAffinityTerm: - labelSelector: - matchLabels: - app: webhook - topologyKey: kubernetes.io/hostname - weight: 100 - serviceAccountName: controller - containers: - - name: webhook - # This is the Go import path for the binary that is containerized - # and substituted here. - image: gcr.io/knative-releases/knative.dev/serving/cmd/webhook@sha256:bc13765ba4895c0fa318a065392d05d0adc0e20415c739e0aacb3f56140bf9ae - resources: - requests: - cpu: 100m - memory: 100Mi - limits: - cpu: 500m - memory: 500Mi - env: - - name: POD_NAME - valueFrom: - fieldRef: - fieldPath: metadata.name - - name: SYSTEM_NAMESPACE - valueFrom: - fieldRef: - fieldPath: metadata.namespace - - name: CONFIG_LOGGING_NAME - value: config-logging - - name: CONFIG_OBSERVABILITY_NAME - value: config-observability - - name: WEBHOOK_NAME - value: webhook - - name: WEBHOOK_PORT - value: "8443" - # TODO(https://github.com/knative/pkg/pull/953): Remove stackdriver specific config - - name: METRICS_DOMAIN - value: knative.dev/internal/serving - securityContext: - allowPrivilegeEscalation: false - readOnlyRootFilesystem: true - runAsNonRoot: true - capabilities: - drop: - - ALL - seccompProfile: - type: RuntimeDefault - ports: - - name: metrics - containerPort: 9090 - - name: profiling - containerPort: 8008 - - name: https-webhook - containerPort: 8443 - readinessProbe: - periodSeconds: 1 - httpGet: - scheme: HTTPS - port: 8443 - httpHeaders: - - name: k-kubelet-probe - value: "webhook" - livenessProbe: - periodSeconds: 1 - httpGet: - scheme: HTTPS - port: 8443 - httpHeaders: - - name: k-kubelet-probe - value: "webhook" - failureThreshold: 6 - initialDelaySeconds: 20 - # Our webhook should gracefully terminate by lame ducking first, set this to a sufficiently - # high value that we respect whatever value it has configured for the lame duck grace period. - terminationGracePeriodSeconds: 300 ---- -apiVersion: v1 -kind: Service -metadata: - labels: - role: webhook - app.kubernetes.io/component: webhook - app.kubernetes.io/version: "1.8.0" - app.kubernetes.io/name: knative-serving - name: webhook - namespace: knative-serving -spec: - ports: - # Define metrics and profiling for them to be accessible within service meshes. - - name: http-metrics - port: 9090 - targetPort: 9090 - - name: http-profiling - port: 8008 - targetPort: 8008 - - name: https-webhook - port: 443 - targetPort: 8443 - selector: - role: webhook - ---- -# Copyright 2020 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: admissionregistration.k8s.io/v1 -kind: ValidatingWebhookConfiguration -metadata: - name: config.webhook.serving.knative.dev - labels: - app.kubernetes.io/component: webhook - app.kubernetes.io/name: knative-serving - app.kubernetes.io/version: "1.8.0" -webhooks: - - admissionReviewVersions: ["v1", "v1beta1"] - clientConfig: - service: - name: webhook - namespace: knative-serving - failurePolicy: Fail - sideEffects: None - name: config.webhook.serving.knative.dev - objectSelector: - matchExpressions: - - key: app.kubernetes.io/name - operator: In - values: ["knative-serving"] - - key: app.kubernetes.io/component - operator: In - values: ["autoscaler", "controller", "logging", "networking", "observability", "tracing"] - timeoutSeconds: 10 - ---- -# Copyright 2020 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: admissionregistration.k8s.io/v1 -kind: MutatingWebhookConfiguration -metadata: - name: webhook.serving.knative.dev - labels: - app.kubernetes.io/component: webhook - app.kubernetes.io/name: knative-serving - app.kubernetes.io/version: "1.8.0" -webhooks: - - admissionReviewVersions: ["v1", "v1beta1"] - clientConfig: - service: - name: webhook - namespace: knative-serving - failurePolicy: Fail - sideEffects: None - name: webhook.serving.knative.dev - timeoutSeconds: 10 - rules: - - apiGroups: - - autoscaling.internal.knative.dev - - networking.internal.knative.dev - - serving.knative.dev - apiVersions: - - "*" - operations: - - CREATE - - UPDATE - scope: "*" - resources: - - metrics - - podautoscalers - - certificates - - ingresses - - serverlessservices - - configurations - - revisions - - routes - - services - ---- -# Copyright 2020 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: admissionregistration.k8s.io/v1 -kind: MutatingWebhookConfiguration -metadata: - name: webhook.domainmapping.serving.knative.dev - labels: - app.kubernetes.io/component: domain-mapping - app.kubernetes.io/name: knative-serving - app.kubernetes.io/version: "1.8.0" -webhooks: - - admissionReviewVersions: ["v1", "v1beta1"] - clientConfig: - service: - name: domainmapping-webhook - namespace: knative-serving - failurePolicy: Fail - sideEffects: None - name: webhook.domainmapping.serving.knative.dev - timeoutSeconds: 10 - rules: - - apiGroups: - - serving.knative.dev - apiVersions: - - "*" - operations: - - CREATE - - UPDATE - scope: "*" - resources: - - domainmappings - - domainmappings/status - ---- -# Copyright 2020 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: v1 -kind: Secret -metadata: - name: domainmapping-webhook-certs - namespace: knative-serving - labels: - app.kubernetes.io/component: domain-mapping - app.kubernetes.io/name: knative-serving - app.kubernetes.io/version: "1.8.0" -# The data is populated at install time. - ---- -# Copyright 2020 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: admissionregistration.k8s.io/v1 -kind: ValidatingWebhookConfiguration -metadata: - name: validation.webhook.domainmapping.serving.knative.dev - labels: - app.kubernetes.io/component: domain-mapping - app.kubernetes.io/name: knative-serving - app.kubernetes.io/version: "1.8.0" -webhooks: - - admissionReviewVersions: ["v1", "v1beta1"] - clientConfig: - service: - name: domainmapping-webhook - namespace: knative-serving - failurePolicy: Fail - sideEffects: None - name: validation.webhook.domainmapping.serving.knative.dev - timeoutSeconds: 10 - rules: - - apiGroups: - - serving.knative.dev - apiVersions: - - "*" - operations: - - CREATE - - UPDATE - - DELETE - scope: "*" - resources: - - domainmappings - - domainmappings/status - ---- -# Copyright 2020 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: admissionregistration.k8s.io/v1 -kind: ValidatingWebhookConfiguration -metadata: - name: validation.webhook.serving.knative.dev - labels: - app.kubernetes.io/component: webhook - app.kubernetes.io/name: knative-serving - app.kubernetes.io/version: "1.8.0" -webhooks: - - admissionReviewVersions: ["v1", "v1beta1"] - clientConfig: - service: - name: webhook - namespace: knative-serving - failurePolicy: Fail - sideEffects: None - name: validation.webhook.serving.knative.dev - timeoutSeconds: 10 - rules: - - apiGroups: - - autoscaling.internal.knative.dev - - networking.internal.knative.dev - - serving.knative.dev - apiVersions: - - "*" - operations: - - CREATE - - UPDATE - - DELETE - scope: "*" - resources: - - metrics - - podautoscalers - - certificates - - ingresses - - serverlessservices - - configurations - - revisions - - routes - - services - ---- -# Copyright 2020 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: v1 -kind: Secret -metadata: - name: webhook-certs - namespace: knative-serving - labels: - app.kubernetes.io/component: webhook - app.kubernetes.io/name: knative-serving - app.kubernetes.io/version: "1.8.0" -# The data is populated at install time. - ---- diff --git a/cmd/operator/kodata/knative-serving/1.8.0/4-serving-post-install-jobs.yaml b/cmd/operator/kodata/knative-serving/1.8.0/4-serving-post-install-jobs.yaml deleted file mode 100644 index dbfee5f175..0000000000 --- a/cmd/operator/kodata/knative-serving/1.8.0/4-serving-post-install-jobs.yaml +++ /dev/null @@ -1,70 +0,0 @@ - ---- -# /tmp/knative.Zgc8hyAf/tmp.tiuivWHXJa/serving-storage-version-migration.yaml -# Copyright 2020 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: batch/v1 -kind: Job -metadata: - generateName: storage-version-migration-serving- - namespace: knative-serving - labels: - app: storage-version-migration-serving - app.kubernetes.io/name: knative-serving - app.kubernetes.io/component: storage-version-migration-job - app.kubernetes.io/version: "1.8.0" -spec: - ttlSecondsAfterFinished: 600 - backoffLimit: 10 - template: - metadata: - annotations: - sidecar.istio.io/inject: "false" - labels: - app: storage-version-migration-serving - app.kubernetes.io/name: knative-serving - app.kubernetes.io/component: storage-version-migration-job - app.kubernetes.io/version: "1.8.0" - spec: - serviceAccountName: controller - restartPolicy: OnFailure - containers: - - name: migrate - # This is the Go import path for the binary that is containerized - # and substituted here. - image: gcr.io/knative-releases/knative.dev/pkg/apiextensions/storageversion/cmd/migrate@sha256:d0095787bc1687e2d8180b36a66997733a52f8c49c3e7751f067813e3fb54b66 - args: - - "services.serving.knative.dev" - - "configurations.serving.knative.dev" - - "revisions.serving.knative.dev" - - "routes.serving.knative.dev" - resources: - requests: - cpu: 100m - memory: 100Mi - limits: - cpu: 1000m - memory: 1000Mi - securityContext: - allowPrivilegeEscalation: false - readOnlyRootFilesystem: true - runAsNonRoot: true - capabilities: - drop: - - ALL - seccompProfile: - type: RuntimeDefault - ---- diff --git a/cmd/operator/kodata/knative-serving/1.8.1/1-serving-crds.yaml b/cmd/operator/kodata/knative-serving/1.8.1/1-serving-crds.yaml deleted file mode 100644 index 22b9a35113..0000000000 --- a/cmd/operator/kodata/knative-serving/1.8.1/1-serving-crds.yaml +++ /dev/null @@ -1,4032 +0,0 @@ -# Copyright 2020 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - name: certificates.networking.internal.knative.dev - labels: - app.kubernetes.io/name: knative-serving - app.kubernetes.io/component: networking - app.kubernetes.io/version: "1.8.1" - knative.dev/crd-install: "true" -spec: - group: networking.internal.knative.dev - versions: - - name: v1alpha1 - served: true - storage: true - subresources: - status: {} - schema: - openAPIV3Schema: - description: Certificate is responsible for provisioning a SSL certificate for the given hosts. It is a Knative abstraction for various SSL certificate provisioning solutions (such as cert-manager or self-signed SSL certificate). - type: object - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - description: 'Spec is the desired state of the Certificate. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status' - type: object - required: - - dnsNames - - secretName - properties: - dnsNames: - description: DNSNames is a list of DNS names the Certificate could support. The wildcard format of DNSNames (e.g. *.default.example.com) is supported. - type: array - items: - type: string - secretName: - description: SecretName is the name of the secret resource to store the SSL certificate in. - type: string - status: - description: 'Status is the current state of the Certificate. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status' - type: object - properties: - annotations: - description: Annotations is additional Status fields for the Resource to save some additional State as well as convey more information to the user. This is roughly akin to Annotations on any k8s resource, just the reconciler conveying richer information outwards. - type: object - additionalProperties: - type: string - conditions: - description: Conditions the latest available observations of a resource's current state. - type: array - items: - description: 'Condition defines a readiness condition for a Knative resource. See: https://github.com/kubernetes/community/blob/master/contributors/devel/sig-architecture/api-conventions.md#typical-status-properties' - type: object - required: - - status - - type - properties: - lastTransitionTime: - description: LastTransitionTime is the last time the condition transitioned from one status to another. We use VolatileTime in place of metav1.Time to exclude this from creating equality.Semantic differences (all other things held constant). - type: string - message: - description: A human readable message indicating details about the transition. - type: string - reason: - description: The reason for the condition's last transition. - type: string - severity: - description: Severity with which to treat failures of this type of condition. When this is not specified, it defaults to Error. - type: string - status: - description: Status of the condition, one of True, False, Unknown. - type: string - type: - description: Type of condition. - type: string - http01Challenges: - description: HTTP01Challenges is a list of HTTP01 challenges that need to be fulfilled in order to get the TLS certificate.. - type: array - items: - description: HTTP01Challenge defines the status of a HTTP01 challenge that a certificate needs to fulfill. - type: object - properties: - serviceName: - description: ServiceName is the name of the service to serve HTTP01 challenge requests. - type: string - serviceNamespace: - description: ServiceNamespace is the namespace of the service to serve HTTP01 challenge requests. - type: string - servicePort: - description: ServicePort is the port of the service to serve HTTP01 challenge requests. - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - url: - description: URL is the URL that the HTTP01 challenge is expected to serve on. - type: string - notAfter: - description: The expiration time of the TLS certificate stored in the secret named by this resource in spec.secretName. - type: string - format: date-time - observedGeneration: - description: ObservedGeneration is the 'Generation' of the Service that was last processed by the controller. - type: integer - format: int64 - additionalPrinterColumns: - - name: Ready - type: string - jsonPath: ".status.conditions[?(@.type==\"Ready\")].status" - - name: Reason - type: string - jsonPath: ".status.conditions[?(@.type==\"Ready\")].reason" - names: - kind: Certificate - plural: certificates - singular: certificate - categories: - - knative-internal - - networking - shortNames: - - kcert - scope: Namespaced - ---- -# Copyright 2019 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -# Note: The schema part of the spec is auto-generated by hack/update-schemas.sh. - -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - name: configurations.serving.knative.dev - labels: - app.kubernetes.io/name: knative-serving - app.kubernetes.io/version: "1.8.1" - knative.dev/crd-install: "true" - duck.knative.dev/podspecable: "true" -spec: - group: serving.knative.dev - names: - kind: Configuration - plural: configurations - singular: configuration - categories: - - all - - knative - - serving - shortNames: - - config - - cfg - scope: Namespaced - versions: - - name: v1 - served: true - storage: true - subresources: - status: {} - additionalPrinterColumns: - - name: LatestCreated - type: string - jsonPath: .status.latestCreatedRevisionName - - name: LatestReady - type: string - jsonPath: .status.latestReadyRevisionName - - name: Ready - type: string - jsonPath: ".status.conditions[?(@.type=='Ready')].status" - - name: Reason - type: string - jsonPath: ".status.conditions[?(@.type=='Ready')].reason" - schema: - openAPIV3Schema: - description: 'Configuration represents the "floating HEAD" of a linear history of Revisions. Users create new Revisions by updating the Configuration''s spec. The "latest created" revision''s name is available under status, as is the "latest ready" revision''s name. See also: https://github.com/knative/serving/blob/main/docs/spec/overview.md#configuration' - type: object - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - description: ConfigurationSpec holds the desired state of the Configuration (from the client). - type: object - properties: - template: - description: Template holds the latest specification for the Revision to be stamped out. - type: object - properties: - metadata: - type: object - properties: - annotations: - type: object - additionalProperties: - type: string - finalizers: - type: array - items: - type: string - labels: - type: object - additionalProperties: - type: string - name: - type: string - namespace: - type: string - x-kubernetes-preserve-unknown-fields: true - spec: - description: RevisionSpec holds the desired state of the Revision (from the client). - type: object - required: - - containers - properties: - affinity: - description: This is accessible behind a feature flag - kubernetes.podspec-affinity - type: object - x-kubernetes-preserve-unknown-fields: true - automountServiceAccountToken: - description: AutomountServiceAccountToken indicates whether a service account token should be automatically mounted. - type: boolean - containerConcurrency: - description: ContainerConcurrency specifies the maximum allowed in-flight (concurrent) requests per container of the Revision. Defaults to `0` which means concurrency to the application is not limited, and the system decides the target concurrency for the autoscaler. - type: integer - format: int64 - containers: - description: List of containers belonging to the pod. Containers cannot currently be added or removed. There must be at least one container in a Pod. Cannot be updated. - type: array - items: - description: A single application container that you want to run within a pod. - type: object - properties: - args: - description: 'Arguments to the entrypoint. The container image''s CMD is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container''s environment. If a variable cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)" will produce the string literal "$(VAR_NAME)". Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell' - type: array - items: - type: string - command: - description: 'Entrypoint array. Not executed within a shell. The container image''s ENTRYPOINT is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container''s environment. If a variable cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)" will produce the string literal "$(VAR_NAME)". Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell' - type: array - items: - type: string - env: - description: List of environment variables to set in the container. Cannot be updated. - type: array - items: - description: EnvVar represents an environment variable present in a Container. - type: object - required: - - name - properties: - name: - description: Name of the environment variable. Must be a C_IDENTIFIER. - type: string - value: - description: 'Variable references $(VAR_NAME) are expanded using the previously defined environment variables in the container and any service environment variables. If a variable cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)" will produce the string literal "$(VAR_NAME)". Escaped references will never be expanded, regardless of whether the variable exists or not. Defaults to "".' - type: string - valueFrom: - description: Source for the environment variable's value. Cannot be used if value is not empty. - type: object - properties: - configMapKeyRef: - description: Selects a key of a ConfigMap. - type: object - required: - - key - properties: - key: - description: The key to select. - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?' - type: string - optional: - description: Specify whether the ConfigMap or its key must be defined - type: boolean - x-kubernetes-map-type: atomic - fieldRef: - description: This is accessible behind a feature flag - kubernetes.podspec-fieldref - type: object - x-kubernetes-preserve-unknown-fields: true - x-kubernetes-map-type: atomic - resourceFieldRef: - description: This is accessible behind a feature flag - kubernetes.podspec-fieldref - type: object - x-kubernetes-preserve-unknown-fields: true - x-kubernetes-map-type: atomic - secretKeyRef: - description: Selects a key of a secret in the pod's namespace - type: object - required: - - key - properties: - key: - description: The key of the secret to select from. Must be a valid secret key. - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?' - type: string - optional: - description: Specify whether the Secret or its key must be defined - type: boolean - x-kubernetes-map-type: atomic - envFrom: - description: List of sources to populate environment variables in the container. The keys defined within a source must be a C_IDENTIFIER. All invalid keys will be reported as an event when the container is starting. When a key exists in multiple sources, the value associated with the last source will take precedence. Values defined by an Env with a duplicate key will take precedence. Cannot be updated. - type: array - items: - description: EnvFromSource represents the source of a set of ConfigMaps - type: object - properties: - configMapRef: - description: The ConfigMap to select from - type: object - properties: - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?' - type: string - optional: - description: Specify whether the ConfigMap must be defined - type: boolean - x-kubernetes-map-type: atomic - prefix: - description: An optional identifier to prepend to each key in the ConfigMap. Must be a C_IDENTIFIER. - type: string - secretRef: - description: The Secret to select from - type: object - properties: - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?' - type: string - optional: - description: Specify whether the Secret must be defined - type: boolean - x-kubernetes-map-type: atomic - image: - description: 'Container image name. More info: https://kubernetes.io/docs/concepts/containers/images This field is optional to allow higher level config management to default or override container images in workload controllers like Deployments and StatefulSets.' - type: string - imagePullPolicy: - description: 'Image pull policy. One of Always, Never, IfNotPresent. Defaults to Always if :latest tag is specified, or IfNotPresent otherwise. Cannot be updated. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images' - type: string - livenessProbe: - description: 'Periodic probe of container liveness. Container will be restarted if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' - type: object - properties: - exec: - description: Exec specifies the action to take. - type: object - properties: - command: - description: Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. - type: array - items: - type: string - failureThreshold: - description: Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1. - type: integer - format: int32 - httpGet: - description: HTTPGet specifies the http request to perform. - type: object - properties: - host: - description: Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. - type: string - httpHeaders: - description: Custom headers to set in the request. HTTP allows repeated headers. - type: array - items: - description: HTTPHeader describes a custom header to be used in HTTP probes - type: object - required: - - name - - value - properties: - name: - description: The header field name - type: string - value: - description: The header field value - type: string - path: - description: Path to access on the HTTP server. - type: string - port: - description: Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - scheme: - description: Scheme to use for connecting to the host. Defaults to HTTP. - type: string - initialDelaySeconds: - description: 'Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' - type: integer - format: int32 - periodSeconds: - description: How often (in seconds) to perform the probe. - type: integer - format: int32 - successThreshold: - description: Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1. - type: integer - format: int32 - tcpSocket: - description: TCPSocket specifies an action involving a TCP port. - type: object - properties: - host: - description: 'Optional: Host name to connect to, defaults to the pod IP.' - type: string - port: - description: Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - timeoutSeconds: - description: 'Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' - type: integer - format: int32 - name: - description: Name of the container specified as a DNS_LABEL. Each container in a pod must have a unique name (DNS_LABEL). Cannot be updated. - type: string - ports: - description: List of ports to expose from the container. Not specifying a port here DOES NOT prevent that port from being exposed. Any port which is listening on the default "0.0.0.0" address inside a container will be accessible from the network. Modifying this array with strategic merge patch may corrupt the data. For more information See https://github.com/kubernetes/kubernetes/issues/108255. Cannot be updated. - type: array - items: - description: ContainerPort represents a network port in a single container. - type: object - required: - - containerPort - properties: - containerPort: - description: Number of port to expose on the pod's IP address. This must be a valid port number, 0 < x < 65536. - type: integer - format: int32 - name: - description: If specified, this must be an IANA_SVC_NAME and unique within the pod. Each named port in a pod must have a unique name. Name for the port that can be referred to by services. - type: string - protocol: - description: Protocol for port. Must be UDP, TCP, or SCTP. Defaults to "TCP". - type: string - default: TCP - x-kubernetes-list-map-keys: - - containerPort - - protocol - x-kubernetes-list-type: map - readinessProbe: - description: 'Periodic probe of container service readiness. Container will be removed from service endpoints if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' - type: object - properties: - exec: - description: Exec specifies the action to take. - type: object - properties: - command: - description: Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. - type: array - items: - type: string - failureThreshold: - description: Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1. - type: integer - format: int32 - httpGet: - description: HTTPGet specifies the http request to perform. - type: object - properties: - host: - description: Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. - type: string - httpHeaders: - description: Custom headers to set in the request. HTTP allows repeated headers. - type: array - items: - description: HTTPHeader describes a custom header to be used in HTTP probes - type: object - required: - - name - - value - properties: - name: - description: The header field name - type: string - value: - description: The header field value - type: string - path: - description: Path to access on the HTTP server. - type: string - port: - description: Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - scheme: - description: Scheme to use for connecting to the host. Defaults to HTTP. - type: string - initialDelaySeconds: - description: 'Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' - type: integer - format: int32 - periodSeconds: - description: How often (in seconds) to perform the probe. - type: integer - format: int32 - successThreshold: - description: Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1. - type: integer - format: int32 - tcpSocket: - description: TCPSocket specifies an action involving a TCP port. - type: object - properties: - host: - description: 'Optional: Host name to connect to, defaults to the pod IP.' - type: string - port: - description: Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - timeoutSeconds: - description: 'Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' - type: integer - format: int32 - resources: - description: 'Compute Resources required by this container. Cannot be updated. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' - type: object - properties: - limits: - description: 'Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' - type: object - additionalProperties: - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - requests: - description: 'Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' - type: object - additionalProperties: - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - securityContext: - description: 'SecurityContext defines the security options the container should be run with. If set, the fields of SecurityContext override the equivalent fields of PodSecurityContext. More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/' - type: object - properties: - allowPrivilegeEscalation: - description: 'AllowPrivilegeEscalation controls whether a process can gain more privileges than its parent process. This bool directly controls if the no_new_privs flag will be set on the container process. AllowPrivilegeEscalation is true always when the container is: 1) run as Privileged 2) has CAP_SYS_ADMIN Note that this field cannot be set when spec.os.name is windows.' - type: boolean - capabilities: - description: The capabilities to add/drop when running containers. Defaults to the default set of capabilities granted by the container runtime. Note that this field cannot be set when spec.os.name is windows. - type: object - properties: - add: - description: This is accessible behind a feature flag - kubernetes.containerspec-addcapabilities - type: array - items: - description: Capability represent POSIX capabilities type - type: string - drop: - description: Removed capabilities - type: array - items: - description: Capability represent POSIX capabilities type - type: string - readOnlyRootFilesystem: - description: Whether this container has a read-only root filesystem. Default is false. Note that this field cannot be set when spec.os.name is windows. - type: boolean - runAsGroup: - description: The GID to run the entrypoint of the container process. Uses runtime default if unset. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is windows. - type: integer - format: int64 - runAsNonRoot: - description: Indicates that the container must run as a non-root user. If true, the Kubelet will validate the image at runtime to ensure that it does not run as UID 0 (root) and fail to start the container if it does. If unset or false, no such validation will be performed. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. - type: boolean - runAsUser: - description: The UID to run the entrypoint of the container process. Defaults to user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is windows. - type: integer - format: int64 - terminationMessagePath: - description: 'Optional: Path at which the file to which the container''s termination message will be written is mounted into the container''s filesystem. Message written is intended to be brief final status, such as an assertion failure message. Will be truncated by the node if greater than 4096 bytes. The total message length across all containers will be limited to 12kb. Defaults to /dev/termination-log. Cannot be updated.' - type: string - terminationMessagePolicy: - description: Indicate how the termination message should be populated. File will use the contents of terminationMessagePath to populate the container status message on both success and failure. FallbackToLogsOnError will use the last chunk of container log output if the termination message file is empty and the container exited with an error. The log output is limited to 2048 bytes or 80 lines, whichever is smaller. Defaults to File. Cannot be updated. - type: string - volumeMounts: - description: Pod volumes to mount into the container's filesystem. Cannot be updated. - type: array - items: - description: VolumeMount describes a mounting of a Volume within a container. - type: object - required: - - mountPath - - name - properties: - mountPath: - description: Path within the container at which the volume should be mounted. Must not contain ':'. - type: string - name: - description: This must match the Name of a Volume. - type: string - readOnly: - description: Mounted read-only if true, read-write otherwise (false or unspecified). Defaults to false. - type: boolean - subPath: - description: Path within the volume from which the container's volume should be mounted. Defaults to "" (volume's root). - type: string - workingDir: - description: Container's working directory. If not specified, the container runtime's default will be used, which might be configured in the container image. Cannot be updated. - type: string - dnsConfig: - description: This is accessible behind a feature flag - kubernetes.podspec-dnsconfig - type: object - x-kubernetes-preserve-unknown-fields: true - dnsPolicy: - description: This is accessible behind a feature flag - kubernetes.podspec-dnspolicy - type: string - enableServiceLinks: - description: 'EnableServiceLinks indicates whether information about services should be injected into pod''s environment variables, matching the syntax of Docker links. Optional: Knative defaults this to false.' - type: boolean - hostAliases: - description: This is accessible behind a feature flag - kubernetes.podspec-hostaliases - type: array - items: - description: This is accessible behind a feature flag - kubernetes.podspec-hostaliases - type: object - x-kubernetes-preserve-unknown-fields: true - idleTimeoutSeconds: - description: IdleTimeoutSeconds is the maximum duration in seconds a request will be allowed to stay open while not receiving any bytes from the user's application. If unspecified, a system default will be provided. - type: integer - format: int64 - imagePullSecrets: - description: 'ImagePullSecrets is an optional list of references to secrets in the same namespace to use for pulling any of the images used by this PodSpec. If specified, these secrets will be passed to individual puller implementations for them to use. More info: https://kubernetes.io/docs/concepts/containers/images#specifying-imagepullsecrets-on-a-pod' - type: array - items: - description: LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. - type: object - properties: - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?' - type: string - x-kubernetes-map-type: atomic - initContainers: - description: 'List of initialization containers belonging to the pod. Init containers are executed in order prior to containers being started. If any init container fails, the pod is considered to have failed and is handled according to its restartPolicy. The name for an init container or normal container must be unique among all containers. Init containers may not have Lifecycle actions, Readiness probes, Liveness probes, or Startup probes. The resourceRequirements of an init container are taken into account during scheduling by finding the highest request/limit for each resource type, and then using the max of of that value or the sum of the normal containers. Limits are applied to init containers in a similar fashion. Init containers cannot currently be added or removed. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/init-containers/' - type: array - items: - description: This is accessible behind a feature flag - kubernetes.podspec-init-containers - type: object - x-kubernetes-preserve-unknown-fields: true - nodeSelector: - description: This is accessible behind a feature flag - kubernetes.podspec-nodeselector - type: object - x-kubernetes-preserve-unknown-fields: true - x-kubernetes-map-type: atomic - priorityClassName: - description: This is accessible behind a feature flag - kubernetes.podspec-priorityclassname - type: string - x-kubernetes-preserve-unknown-fields: true - responseStartTimeoutSeconds: - description: ResponseStartTimeoutSeconds is the maximum duration in seconds that the request routing layer will wait for a request delivered to a container to begin sending any network traffic. - type: integer - format: int64 - runtimeClassName: - description: This is accessible behind a feature flag - kubernetes.podspec-runtimeclassname - type: string - x-kubernetes-preserve-unknown-fields: true - schedulerName: - description: This is accessible behind a feature flag - kubernetes.podspec-schedulername - type: string - x-kubernetes-preserve-unknown-fields: true - securityContext: - description: This is accessible behind a feature flag - kubernetes.podspec-securitycontext - type: object - x-kubernetes-preserve-unknown-fields: true - serviceAccountName: - description: 'ServiceAccountName is the name of the ServiceAccount to use to run this pod. More info: https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/' - type: string - timeoutSeconds: - description: TimeoutSeconds is the maximum duration in seconds that the request instance is allowed to respond to a request. If unspecified, a system default will be provided. - type: integer - format: int64 - tolerations: - description: This is accessible behind a feature flag - kubernetes.podspec-tolerations - type: array - items: - description: This is accessible behind a feature flag - kubernetes.podspec-tolerations - type: object - x-kubernetes-preserve-unknown-fields: true - topologySpreadConstraints: - description: This is accessible behind a feature flag - kubernetes.podspec-topologyspreadconstraints - type: array - items: - description: This is accessible behind a feature flag - kubernetes.podspec-topologyspreadconstraints - type: object - x-kubernetes-preserve-unknown-fields: true - volumes: - description: 'List of volumes that can be mounted by containers belonging to the pod. More info: https://kubernetes.io/docs/concepts/storage/volumes' - type: array - items: - description: Volume represents a named volume in a pod that may be accessed by any container in the pod. - type: object - required: - - name - properties: - configMap: - description: configMap represents a configMap that should populate this volume - type: object - properties: - defaultMode: - description: 'defaultMode is optional: mode bits used to set permissions on created files by default. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. Defaults to 0644. Directories within the path are not affected by this setting. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.' - type: integer - format: int32 - items: - description: items if unspecified, each key-value pair in the Data field of the referenced ConfigMap will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the ConfigMap, the volume setup will error unless it is marked optional. Paths must be relative and may not contain the '..' path or start with '..'. - type: array - items: - description: Maps a string key to a path within a volume. - type: object - required: - - key - - path - properties: - key: - description: key is the key to project. - type: string - mode: - description: 'mode is Optional: mode bits used to set permissions on this file. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.' - type: integer - format: int32 - path: - description: path is the relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'. - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?' - type: string - optional: - description: optional specify whether the ConfigMap or its keys must be defined - type: boolean - x-kubernetes-map-type: atomic - emptyDir: - description: This is accessible behind a feature flag - kubernetes.podspec-emptydir - type: object - x-kubernetes-preserve-unknown-fields: true - name: - description: 'name of the volume. Must be a DNS_LABEL and unique within the pod. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - persistentVolumeClaim: - description: This is accessible behind a feature flag - kubernetes.podspec-persistent-volume-claim - type: object - x-kubernetes-preserve-unknown-fields: true - projected: - description: projected items for all in one resources secrets, configmaps, and downward API - type: object - properties: - defaultMode: - description: defaultMode are the mode bits used to set permissions on created files by default. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. Directories within the path are not affected by this setting. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. - type: integer - format: int32 - sources: - description: sources is the list of volume projections - type: array - items: - description: Projection that may be projected along with other supported volume types - type: object - properties: - configMap: - description: configMap information about the configMap data to project - type: object - properties: - items: - description: items if unspecified, each key-value pair in the Data field of the referenced ConfigMap will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the ConfigMap, the volume setup will error unless it is marked optional. Paths must be relative and may not contain the '..' path or start with '..'. - type: array - items: - description: Maps a string key to a path within a volume. - type: object - required: - - key - - path - properties: - key: - description: key is the key to project. - type: string - mode: - description: 'mode is Optional: mode bits used to set permissions on this file. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.' - type: integer - format: int32 - path: - description: path is the relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'. - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?' - type: string - optional: - description: optional specify whether the ConfigMap or its keys must be defined - type: boolean - x-kubernetes-map-type: atomic - secret: - description: secret information about the secret data to project - type: object - properties: - items: - description: items if unspecified, each key-value pair in the Data field of the referenced Secret will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the Secret, the volume setup will error unless it is marked optional. Paths must be relative and may not contain the '..' path or start with '..'. - type: array - items: - description: Maps a string key to a path within a volume. - type: object - required: - - key - - path - properties: - key: - description: key is the key to project. - type: string - mode: - description: 'mode is Optional: mode bits used to set permissions on this file. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.' - type: integer - format: int32 - path: - description: path is the relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'. - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?' - type: string - optional: - description: optional field specify whether the Secret or its key must be defined - type: boolean - x-kubernetes-map-type: atomic - serviceAccountToken: - description: serviceAccountToken is information about the serviceAccountToken data to project - type: object - required: - - path - properties: - audience: - description: audience is the intended audience of the token. A recipient of a token must identify itself with an identifier specified in the audience of the token, and otherwise should reject the token. The audience defaults to the identifier of the apiserver. - type: string - expirationSeconds: - description: expirationSeconds is the requested duration of validity of the service account token. As the token approaches expiration, the kubelet volume plugin will proactively rotate the service account token. The kubelet will start trying to rotate the token if the token is older than 80 percent of its time to live or if the token is older than 24 hours.Defaults to 1 hour and must be at least 10 minutes. - type: integer - format: int64 - path: - description: path is the path relative to the mount point of the file to project the token into. - type: string - secret: - description: 'secret represents a secret that should populate this volume. More info: https://kubernetes.io/docs/concepts/storage/volumes#secret' - type: object - properties: - defaultMode: - description: 'defaultMode is Optional: mode bits used to set permissions on created files by default. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. Defaults to 0644. Directories within the path are not affected by this setting. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.' - type: integer - format: int32 - items: - description: items If unspecified, each key-value pair in the Data field of the referenced Secret will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the Secret, the volume setup will error unless it is marked optional. Paths must be relative and may not contain the '..' path or start with '..'. - type: array - items: - description: Maps a string key to a path within a volume. - type: object - required: - - key - - path - properties: - key: - description: key is the key to project. - type: string - mode: - description: 'mode is Optional: mode bits used to set permissions on this file. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.' - type: integer - format: int32 - path: - description: path is the relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'. - type: string - optional: - description: optional field specify whether the Secret or its keys must be defined - type: boolean - secretName: - description: 'secretName is the name of the secret in the pod''s namespace to use. More info: https://kubernetes.io/docs/concepts/storage/volumes#secret' - type: string - status: - description: ConfigurationStatus communicates the observed state of the Configuration (from the controller). - type: object - properties: - annotations: - description: Annotations is additional Status fields for the Resource to save some additional State as well as convey more information to the user. This is roughly akin to Annotations on any k8s resource, just the reconciler conveying richer information outwards. - type: object - additionalProperties: - type: string - conditions: - description: Conditions the latest available observations of a resource's current state. - type: array - items: - description: 'Condition defines a readiness condition for a Knative resource. See: https://github.com/kubernetes/community/blob/master/contributors/devel/sig-architecture/api-conventions.md#typical-status-properties' - type: object - required: - - status - - type - properties: - lastTransitionTime: - description: LastTransitionTime is the last time the condition transitioned from one status to another. We use VolatileTime in place of metav1.Time to exclude this from creating equality.Semantic differences (all other things held constant). - type: string - message: - description: A human readable message indicating details about the transition. - type: string - reason: - description: The reason for the condition's last transition. - type: string - severity: - description: Severity with which to treat failures of this type of condition. When this is not specified, it defaults to Error. - type: string - status: - description: Status of the condition, one of True, False, Unknown. - type: string - type: - description: Type of condition. - type: string - latestCreatedRevisionName: - description: LatestCreatedRevisionName is the last revision that was created from this Configuration. It might not be ready yet, for that use LatestReadyRevisionName. - type: string - latestReadyRevisionName: - description: LatestReadyRevisionName holds the name of the latest Revision stamped out from this Configuration that has had its "Ready" condition become "True". - type: string - observedGeneration: - description: ObservedGeneration is the 'Generation' of the Service that was last processed by the controller. - type: integer - format: int64 - ---- -# Copyright 2020 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - name: clusterdomainclaims.networking.internal.knative.dev - labels: - app.kubernetes.io/name: knative-serving - app.kubernetes.io/component: networking - app.kubernetes.io/version: "1.8.1" - knative.dev/crd-install: "true" -spec: - group: networking.internal.knative.dev - versions: - - name: v1alpha1 - served: true - storage: true - subresources: - status: {} - schema: - openAPIV3Schema: - description: ClusterDomainClaim is a cluster-wide reservation for a particular domain name. - type: object - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - description: 'Spec is the desired state of the ClusterDomainClaim. More info: https://github.com/kubernetes/community/blob/master/contributors/devel/sig-architecture/api-conventions.md#spec-and-status' - type: object - required: - - namespace - properties: - namespace: - description: Namespace is the namespace which is allowed to create a DomainMapping using this ClusterDomainClaim's name. - type: string - names: - kind: ClusterDomainClaim - plural: clusterdomainclaims - singular: clusterdomainclaim - categories: - - knative-internal - - networking - shortNames: - - cdc - scope: Cluster - ---- -# Copyright 2020 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - name: domainmappings.serving.knative.dev - labels: - app.kubernetes.io/name: knative-serving - app.kubernetes.io/version: "1.8.1" - knative.dev/crd-install: "true" -spec: - group: serving.knative.dev - versions: - - name: v1beta1 - served: true - storage: false - subresources: - status: {} - additionalPrinterColumns: - - name: URL - type: string - jsonPath: .status.url - - name: Ready - type: string - jsonPath: ".status.conditions[?(@.type=='Ready')].status" - - name: Reason - type: string - jsonPath: ".status.conditions[?(@.type=='Ready')].reason" - "schema": - "openAPIV3Schema": - description: DomainMapping is a mapping from a custom hostname to an Addressable. - type: object - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - description: 'Spec is the desired state of the DomainMapping. More info: https://github.com/kubernetes/community/blob/master/contributors/devel/sig-architecture/api-conventions.md#spec-and-status' - type: object - required: - - ref - properties: - ref: - description: "Ref specifies the target of the Domain Mapping. \n The object identified by the Ref must be an Addressable with a URL of the form `{name}.{namespace}.{domain}` where `{domain}` is the cluster domain, and `{name}` and `{namespace}` are the name and namespace of a Kubernetes Service. \n This contract is satisfied by Knative types such as Knative Services and Knative Routes, and by Kubernetes Services." - type: object - required: - - kind - - name - properties: - apiVersion: - description: API version of the referent. - type: string - group: - description: 'Group of the API, without the version of the group. This can be used as an alternative to the APIVersion, and then resolved using ResolveGroup. Note: This API is EXPERIMENTAL and might break anytime. For more details: https://github.com/knative/eventing/issues/5086' - type: string - kind: - description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - namespace: - description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ This is optional field, it gets defaulted to the object holding it if left out.' - type: string - tls: - description: TLS allows the DomainMapping to terminate TLS traffic with an existing secret. - type: object - required: - - secretName - properties: - secretName: - description: SecretName is the name of the existing secret used to terminate TLS traffic. - type: string - status: - description: 'Status is the current state of the DomainMapping. More info: https://github.com/kubernetes/community/blob/master/contributors/devel/sig-architecture/api-conventions.md#spec-and-status' - type: object - properties: - address: - description: Address holds the information needed for a DomainMapping to be the target of an event. - type: object - properties: - url: - type: string - annotations: - description: Annotations is additional Status fields for the Resource to save some additional State as well as convey more information to the user. This is roughly akin to Annotations on any k8s resource, just the reconciler conveying richer information outwards. - type: object - additionalProperties: - type: string - conditions: - description: Conditions the latest available observations of a resource's current state. - type: array - items: - description: 'Condition defines a readiness condition for a Knative resource. See: https://github.com/kubernetes/community/blob/master/contributors/devel/sig-architecture/api-conventions.md#typical-status-properties' - type: object - required: - - status - - type - properties: - lastTransitionTime: - description: LastTransitionTime is the last time the condition transitioned from one status to another. We use VolatileTime in place of metav1.Time to exclude this from creating equality.Semantic differences (all other things held constant). - type: string - message: - description: A human readable message indicating details about the transition. - type: string - reason: - description: The reason for the condition's last transition. - type: string - severity: - description: Severity with which to treat failures of this type of condition. When this is not specified, it defaults to Error. - type: string - status: - description: Status of the condition, one of True, False, Unknown. - type: string - type: - description: Type of condition. - type: string - observedGeneration: - description: ObservedGeneration is the 'Generation' of the Service that was last processed by the controller. - type: integer - format: int64 - url: - description: URL is the URL of this DomainMapping. - type: string - - name: v1alpha1 - served: true - storage: true - subresources: - status: {} - schema: - openAPIV3Schema: - description: DomainMapping is a mapping from a custom hostname to an Addressable. - type: object - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - description: 'Spec is the desired state of the DomainMapping. More info: https://github.com/kubernetes/community/blob/master/contributors/devel/sig-architecture/api-conventions.md#spec-and-status' - type: object - required: - - ref - properties: - ref: - description: "Ref specifies the target of the Domain Mapping. \n The object identified by the Ref must be an Addressable with a URL of the form `{name}.{namespace}.{domain}` where `{domain}` is the cluster domain, and `{name}` and `{namespace}` are the name and namespace of a Kubernetes Service. \n This contract is satisfied by Knative types such as Knative Services and Knative Routes, and by Kubernetes Services." - type: object - required: - - kind - - name - properties: - apiVersion: - description: API version of the referent. - type: string - group: - description: 'Group of the API, without the version of the group. This can be used as an alternative to the APIVersion, and then resolved using ResolveGroup. Note: This API is EXPERIMENTAL and might break anytime. For more details: https://github.com/knative/eventing/issues/5086' - type: string - kind: - description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - namespace: - description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ This is optional field, it gets defaulted to the object holding it if left out.' - type: string - tls: - description: TLS allows the DomainMapping to terminate TLS traffic with an existing secret. - type: object - required: - - secretName - properties: - secretName: - description: SecretName is the name of the existing secret used to terminate TLS traffic. - type: string - status: - description: 'Status is the current state of the DomainMapping. More info: https://github.com/kubernetes/community/blob/master/contributors/devel/sig-architecture/api-conventions.md#spec-and-status' - type: object - properties: - address: - description: Address holds the information needed for a DomainMapping to be the target of an event. - type: object - properties: - url: - type: string - annotations: - description: Annotations is additional Status fields for the Resource to save some additional State as well as convey more information to the user. This is roughly akin to Annotations on any k8s resource, just the reconciler conveying richer information outwards. - type: object - additionalProperties: - type: string - conditions: - description: Conditions the latest available observations of a resource's current state. - type: array - items: - description: 'Condition defines a readiness condition for a Knative resource. See: https://github.com/kubernetes/community/blob/master/contributors/devel/sig-architecture/api-conventions.md#typical-status-properties' - type: object - required: - - status - - type - properties: - lastTransitionTime: - description: LastTransitionTime is the last time the condition transitioned from one status to another. We use VolatileTime in place of metav1.Time to exclude this from creating equality.Semantic differences (all other things held constant). - type: string - message: - description: A human readable message indicating details about the transition. - type: string - reason: - description: The reason for the condition's last transition. - type: string - severity: - description: Severity with which to treat failures of this type of condition. When this is not specified, it defaults to Error. - type: string - status: - description: Status of the condition, one of True, False, Unknown. - type: string - type: - description: Type of condition. - type: string - observedGeneration: - description: ObservedGeneration is the 'Generation' of the Service that was last processed by the controller. - type: integer - format: int64 - url: - description: URL is the URL of this DomainMapping. - type: string - additionalPrinterColumns: - - name: URL - type: string - jsonPath: .status.url - - name: Ready - type: string - jsonPath: ".status.conditions[?(@.type=='Ready')].status" - - name: Reason - type: string - jsonPath: ".status.conditions[?(@.type=='Ready')].reason" - names: - kind: DomainMapping - plural: domainmappings - singular: domainmapping - categories: - - all - - knative - - serving - shortNames: - - dm - scope: Namespaced - ---- -# Copyright 2020 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - name: ingresses.networking.internal.knative.dev - labels: - app.kubernetes.io/name: knative-serving - app.kubernetes.io/component: networking - app.kubernetes.io/version: "1.8.1" - knative.dev/crd-install: "true" -spec: - group: networking.internal.knative.dev - versions: - - name: v1alpha1 - served: true - storage: true - subresources: - status: {} - schema: - openAPIV3Schema: - description: "Ingress is a collection of rules that allow inbound connections to reach the endpoints defined by a backend. An Ingress can be configured to give services externally-reachable URLs, load balance traffic, offer name based virtual hosting, etc. \n This is heavily based on K8s Ingress https://godoc.org/k8s.io/api/networking/v1beta1#Ingress which some highlighted modifications." - type: object - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - description: 'Spec is the desired state of the Ingress. More info: https://github.com/kubernetes/community/blob/master/contributors/devel/sig-architecture/api-conventions.md#spec-and-status' - type: object - properties: - httpOption: - description: 'HTTPOption is the option of HTTP. It has the following two values: `HTTPOptionEnabled`, `HTTPOptionRedirected`' - type: string - rules: - description: A list of host rules used to configure the Ingress. - type: array - items: - description: IngressRule represents the rules mapping the paths under a specified host to the related backend services. Incoming requests are first evaluated for a host match, then routed to the backend associated with the matching IngressRuleValue. - type: object - properties: - hosts: - description: 'Host is the fully qualified domain name of a network host, as defined by RFC 3986. Note the following deviations from the "host" part of the URI as defined in the RFC: 1. IPs are not allowed. Currently a rule value can only apply to the IP in the Spec of the parent . 2. The `:` delimiter is not respected because ports are not allowed. Currently the port of an Ingress is implicitly :80 for http and :443 for https. Both these may change in the future. If the host is unspecified, the Ingress routes all traffic based on the specified IngressRuleValue. If multiple matching Hosts were provided, the first rule will take precedent.' - type: array - items: - type: string - http: - description: HTTP represents a rule to apply against incoming requests. If the rule is satisfied, the request is routed to the specified backend. - type: object - required: - - paths - properties: - paths: - description: "A collection of paths that map requests to backends. \n If they are multiple matching paths, the first match takes precedence." - type: array - items: - description: HTTPIngressPath associates a path regex with a backend. Incoming URLs matching the path are forwarded to the backend. - type: object - required: - - splits - properties: - appendHeaders: - description: "AppendHeaders allow specifying additional HTTP headers to add before forwarding a request to the destination service. \n NOTE: This differs from K8s Ingress which doesn't allow header appending." - type: object - additionalProperties: - type: string - headers: - description: Headers defines header matching rules which is a map from a header name to HeaderMatch which specify a matching condition. When a request matched with all the header matching rules, the request is routed by the corresponding ingress rule. If it is empty, the headers are not used for matching - type: object - additionalProperties: - description: HeaderMatch represents a matching value of Headers in HTTPIngressPath. Currently, only the exact matching is supported. - type: object - required: - - exact - properties: - exact: - type: string - path: - description: Path represents a literal prefix to which this rule should apply. Currently it can contain characters disallowed from the conventional "path" part of a URL as defined by RFC 3986. Paths must begin with a '/'. If unspecified, the path defaults to a catch all sending traffic to the backend. - type: string - rewriteHost: - description: "RewriteHost rewrites the incoming request's host header. \n This field is currently experimental and not supported by all Ingress implementations." - type: string - splits: - description: Splits defines the referenced service endpoints to which the traffic will be forwarded to. - type: array - items: - description: IngressBackendSplit describes all endpoints for a given service and port. - type: object - required: - - serviceName - - serviceNamespace - - servicePort - properties: - appendHeaders: - description: "AppendHeaders allow specifying additional HTTP headers to add before forwarding a request to the destination service. \n NOTE: This differs from K8s Ingress which doesn't allow header appending." - type: object - additionalProperties: - type: string - percent: - description: "Specifies the split percentage, a number between 0 and 100. If only one split is specified, we default to 100. \n NOTE: This differs from K8s Ingress to allow percentage split." - type: integer - serviceName: - description: Specifies the name of the referenced service. - type: string - serviceNamespace: - description: "Specifies the namespace of the referenced service. \n NOTE: This differs from K8s Ingress to allow routing to different namespaces." - type: string - servicePort: - description: Specifies the port of the referenced service. - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - visibility: - description: Visibility signifies whether this rule should `ClusterLocal`. If it's not specified then it defaults to `ExternalIP`. - type: string - tls: - description: 'TLS configuration. Currently Ingress only supports a single TLS port: 443. If multiple members of this list specify different hosts, they will be multiplexed on the same port according to the hostname specified through the SNI TLS extension, if the ingress controller fulfilling the ingress supports SNI.' - type: array - items: - description: IngressTLS describes the transport layer security associated with an Ingress. - type: object - properties: - hosts: - description: Hosts is a list of hosts included in the TLS certificate. The values in this list must match the name/s used in the tlsSecret. Defaults to the wildcard host setting for the loadbalancer controller fulfilling this Ingress, if left unspecified. - type: array - items: - type: string - secretName: - description: SecretName is the name of the secret used to terminate SSL traffic. - type: string - secretNamespace: - description: SecretNamespace is the namespace of the secret used to terminate SSL traffic. If not set the namespace should be assumed to be the same as the Ingress. If set the secret should have the same namespace as the Ingress otherwise the behaviour is undefined and not supported. - type: string - status: - description: 'Status is the current state of the Ingress. More info: https://github.com/kubernetes/community/blob/master/contributors/devel/sig-architecture/api-conventions.md#spec-and-status' - type: object - properties: - annotations: - description: Annotations is additional Status fields for the Resource to save some additional State as well as convey more information to the user. This is roughly akin to Annotations on any k8s resource, just the reconciler conveying richer information outwards. - type: object - additionalProperties: - type: string - conditions: - description: Conditions the latest available observations of a resource's current state. - type: array - items: - description: 'Condition defines a readiness condition for a Knative resource. See: https://github.com/kubernetes/community/blob/master/contributors/devel/sig-architecture/api-conventions.md#typical-status-properties' - type: object - required: - - status - - type - properties: - lastTransitionTime: - description: LastTransitionTime is the last time the condition transitioned from one status to another. We use VolatileTime in place of metav1.Time to exclude this from creating equality.Semantic differences (all other things held constant). - type: string - message: - description: A human readable message indicating details about the transition. - type: string - reason: - description: The reason for the condition's last transition. - type: string - severity: - description: Severity with which to treat failures of this type of condition. When this is not specified, it defaults to Error. - type: string - status: - description: Status of the condition, one of True, False, Unknown. - type: string - type: - description: Type of condition. - type: string - observedGeneration: - description: ObservedGeneration is the 'Generation' of the Service that was last processed by the controller. - type: integer - format: int64 - privateLoadBalancer: - description: PrivateLoadBalancer contains the current status of the load-balancer. - type: object - properties: - ingress: - description: Ingress is a list containing ingress points for the load-balancer. Traffic intended for the service should be sent to these ingress points. - type: array - items: - description: 'LoadBalancerIngressStatus represents the status of a load-balancer ingress point: traffic intended for the service should be sent to an ingress point.' - type: object - properties: - domain: - description: Domain is set for load-balancer ingress points that are DNS based (typically AWS load-balancers) - type: string - domainInternal: - description: "DomainInternal is set if there is a cluster-local DNS name to access the Ingress. \n NOTE: This differs from K8s Ingress, since we also desire to have a cluster-local DNS name to allow routing in case of not having a mesh." - type: string - ip: - description: IP is set for load-balancer ingress points that are IP based (typically GCE or OpenStack load-balancers) - type: string - meshOnly: - description: MeshOnly is set if the Ingress is only load-balanced through a Service mesh. - type: boolean - publicLoadBalancer: - description: PublicLoadBalancer contains the current status of the load-balancer. - type: object - properties: - ingress: - description: Ingress is a list containing ingress points for the load-balancer. Traffic intended for the service should be sent to these ingress points. - type: array - items: - description: 'LoadBalancerIngressStatus represents the status of a load-balancer ingress point: traffic intended for the service should be sent to an ingress point.' - type: object - properties: - domain: - description: Domain is set for load-balancer ingress points that are DNS based (typically AWS load-balancers) - type: string - domainInternal: - description: "DomainInternal is set if there is a cluster-local DNS name to access the Ingress. \n NOTE: This differs from K8s Ingress, since we also desire to have a cluster-local DNS name to allow routing in case of not having a mesh." - type: string - ip: - description: IP is set for load-balancer ingress points that are IP based (typically GCE or OpenStack load-balancers) - type: string - meshOnly: - description: MeshOnly is set if the Ingress is only load-balanced through a Service mesh. - type: boolean - additionalPrinterColumns: - - name: Ready - type: string - jsonPath: ".status.conditions[?(@.type=='Ready')].status" - - name: Reason - type: string - jsonPath: ".status.conditions[?(@.type=='Ready')].reason" - names: - kind: Ingress - plural: ingresses - singular: ingress - categories: - - knative-internal - - networking - shortNames: - - kingress - - king - scope: Namespaced - ---- -# Copyright 2019 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -# Note: The schema part of the spec is auto-generated by hack/update-schemas.sh. - -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - name: metrics.autoscaling.internal.knative.dev - labels: - app.kubernetes.io/name: knative-serving - app.kubernetes.io/version: "1.8.1" - knative.dev/crd-install: "true" -spec: - group: autoscaling.internal.knative.dev - names: - kind: Metric - plural: metrics - singular: metric - categories: - - knative-internal - - autoscaling - scope: Namespaced - versions: - - name: v1alpha1 - served: true - storage: true - subresources: - status: {} - additionalPrinterColumns: - - name: Ready - type: string - jsonPath: ".status.conditions[?(@.type=='Ready')].status" - - name: Reason - type: string - jsonPath: ".status.conditions[?(@.type=='Ready')].reason" - schema: - openAPIV3Schema: - description: Metric represents a resource to configure the metric collector with. - type: object - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - description: Spec holds the desired state of the Metric (from the client). - type: object - required: - - panicWindow - - scrapeTarget - - stableWindow - properties: - panicWindow: - description: PanicWindow is the aggregation window for metrics where quick reactions are needed. - type: integer - format: int64 - scrapeTarget: - description: ScrapeTarget is the K8s service that publishes the metric endpoint. - type: string - stableWindow: - description: StableWindow is the aggregation window for metrics in a stable state. - type: integer - format: int64 - status: - description: Status communicates the observed state of the Metric (from the controller). - type: object - properties: - annotations: - description: Annotations is additional Status fields for the Resource to save some additional State as well as convey more information to the user. This is roughly akin to Annotations on any k8s resource, just the reconciler conveying richer information outwards. - type: object - additionalProperties: - type: string - conditions: - description: Conditions the latest available observations of a resource's current state. - type: array - items: - description: 'Condition defines a readiness condition for a Knative resource. See: https://github.com/kubernetes/community/blob/master/contributors/devel/sig-architecture/api-conventions.md#typical-status-properties' - type: object - required: - - status - - type - properties: - lastTransitionTime: - description: LastTransitionTime is the last time the condition transitioned from one status to another. We use VolatileTime in place of metav1.Time to exclude this from creating equality.Semantic differences (all other things held constant). - type: string - message: - description: A human readable message indicating details about the transition. - type: string - reason: - description: The reason for the condition's last transition. - type: string - severity: - description: Severity with which to treat failures of this type of condition. When this is not specified, it defaults to Error. - type: string - status: - description: Status of the condition, one of True, False, Unknown. - type: string - type: - description: Type of condition. - type: string - observedGeneration: - description: ObservedGeneration is the 'Generation' of the Service that was last processed by the controller. - type: integer - format: int64 - ---- -# Copyright 2018 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -# Note: The schema part of the spec is auto-generated by hack/update-schemas.sh. - -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - name: podautoscalers.autoscaling.internal.knative.dev - labels: - app.kubernetes.io/name: knative-serving - app.kubernetes.io/version: "1.8.1" - knative.dev/crd-install: "true" -spec: - group: autoscaling.internal.knative.dev - names: - kind: PodAutoscaler - plural: podautoscalers - singular: podautoscaler - categories: - - knative-internal - - autoscaling - shortNames: - - kpa - - pa - scope: Namespaced - versions: - - name: v1alpha1 - served: true - storage: true - subresources: - status: {} - additionalPrinterColumns: - - name: DesiredScale - type: integer - jsonPath: ".status.desiredScale" - - name: ActualScale - type: integer - jsonPath: ".status.actualScale" - - name: Ready - type: string - jsonPath: ".status.conditions[?(@.type=='Ready')].status" - - name: Reason - type: string - jsonPath: ".status.conditions[?(@.type=='Ready')].reason" - schema: - openAPIV3Schema: - description: 'PodAutoscaler is a Knative abstraction that encapsulates the interface by which Knative components instantiate autoscalers. This definition is an abstraction that may be backed by multiple definitions. For more information, see the Knative Pluggability presentation: https://docs.google.com/presentation/d/19vW9HFZ6Puxt31biNZF3uLRejDmu82rxJIk1cWmxF7w/edit' - type: object - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - description: Spec holds the desired state of the PodAutoscaler (from the client). - type: object - required: - - protocolType - - scaleTargetRef - properties: - containerConcurrency: - description: ContainerConcurrency specifies the maximum allowed in-flight (concurrent) requests per container of the Revision. Defaults to `0` which means unlimited concurrency. - type: integer - format: int64 - protocolType: - description: The application-layer protocol. Matches `ProtocolType` inferred from the revision spec. - type: string - reachability: - description: Reachability specifies whether or not the `ScaleTargetRef` can be reached (ie. has a route). Defaults to `ReachabilityUnknown` - type: string - scaleTargetRef: - description: ScaleTargetRef defines the /scale-able resource that this PodAutoscaler is responsible for quickly right-sizing. - type: object - properties: - apiVersion: - description: API version of the referent. - type: string - kind: - description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - x-kubernetes-map-type: atomic - status: - description: Status communicates the observed state of the PodAutoscaler (from the controller). - type: object - required: - - metricsServiceName - - serviceName - properties: - actualScale: - description: ActualScale shows the actual number of replicas for the revision. - type: integer - format: int32 - annotations: - description: Annotations is additional Status fields for the Resource to save some additional State as well as convey more information to the user. This is roughly akin to Annotations on any k8s resource, just the reconciler conveying richer information outwards. - type: object - additionalProperties: - type: string - conditions: - description: Conditions the latest available observations of a resource's current state. - type: array - items: - description: 'Condition defines a readiness condition for a Knative resource. See: https://github.com/kubernetes/community/blob/master/contributors/devel/sig-architecture/api-conventions.md#typical-status-properties' - type: object - required: - - status - - type - properties: - lastTransitionTime: - description: LastTransitionTime is the last time the condition transitioned from one status to another. We use VolatileTime in place of metav1.Time to exclude this from creating equality.Semantic differences (all other things held constant). - type: string - message: - description: A human readable message indicating details about the transition. - type: string - reason: - description: The reason for the condition's last transition. - type: string - severity: - description: Severity with which to treat failures of this type of condition. When this is not specified, it defaults to Error. - type: string - status: - description: Status of the condition, one of True, False, Unknown. - type: string - type: - description: Type of condition. - type: string - desiredScale: - description: DesiredScale shows the current desired number of replicas for the revision. - type: integer - format: int32 - metricsServiceName: - description: MetricsServiceName is the K8s Service name that provides revision metrics. The service is managed by the PA object. - type: string - observedGeneration: - description: ObservedGeneration is the 'Generation' of the Service that was last processed by the controller. - type: integer - format: int64 - serviceName: - description: ServiceName is the K8s Service name that serves the revision, scaled by this PA. The service is created and owned by the ServerlessService object owned by this PA. - type: string - ---- -# Copyright 2019 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -# Note: The schema part of the spec is auto-generated by hack/update-schemas.sh. - -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - name: revisions.serving.knative.dev - labels: - app.kubernetes.io/name: knative-serving - app.kubernetes.io/version: "1.8.1" - knative.dev/crd-install: "true" -spec: - group: serving.knative.dev - names: - kind: Revision - plural: revisions - singular: revision - categories: - - all - - knative - - serving - shortNames: - - rev - scope: Namespaced - versions: - - name: v1 - served: true - storage: true - subresources: - status: {} - additionalPrinterColumns: - - name: Config Name - type: string - jsonPath: ".metadata.labels['serving\\.knative\\.dev/configuration']" - - name: K8s Service Name - type: string - jsonPath: ".status.serviceName" - - name: Generation - type: string # int in string form :( - jsonPath: ".metadata.labels['serving\\.knative\\.dev/configurationGeneration']" - - name: Ready - type: string - jsonPath: ".status.conditions[?(@.type=='Ready')].status" - - name: Reason - type: string - jsonPath: ".status.conditions[?(@.type=='Ready')].reason" - - name: Actual Replicas - type: integer - jsonPath: ".status.actualReplicas" - - name: Desired Replicas - type: integer - jsonPath: ".status.desiredReplicas" - schema: - openAPIV3Schema: - description: "Revision is an immutable snapshot of code and configuration. A revision references a container image. Revisions are created by updates to a Configuration. \n See also: https://github.com/knative/serving/blob/main/docs/spec/overview.md#revision" - type: object - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - description: RevisionSpec holds the desired state of the Revision (from the client). - type: object - required: - - containers - properties: - affinity: - description: This is accessible behind a feature flag - kubernetes.podspec-affinity - type: object - x-kubernetes-preserve-unknown-fields: true - automountServiceAccountToken: - description: AutomountServiceAccountToken indicates whether a service account token should be automatically mounted. - type: boolean - containerConcurrency: - description: ContainerConcurrency specifies the maximum allowed in-flight (concurrent) requests per container of the Revision. Defaults to `0` which means concurrency to the application is not limited, and the system decides the target concurrency for the autoscaler. - type: integer - format: int64 - containers: - description: List of containers belonging to the pod. Containers cannot currently be added or removed. There must be at least one container in a Pod. Cannot be updated. - type: array - items: - description: A single application container that you want to run within a pod. - type: object - properties: - args: - description: 'Arguments to the entrypoint. The container image''s CMD is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container''s environment. If a variable cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)" will produce the string literal "$(VAR_NAME)". Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell' - type: array - items: - type: string - command: - description: 'Entrypoint array. Not executed within a shell. The container image''s ENTRYPOINT is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container''s environment. If a variable cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)" will produce the string literal "$(VAR_NAME)". Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell' - type: array - items: - type: string - env: - description: List of environment variables to set in the container. Cannot be updated. - type: array - items: - description: EnvVar represents an environment variable present in a Container. - type: object - required: - - name - properties: - name: - description: Name of the environment variable. Must be a C_IDENTIFIER. - type: string - value: - description: 'Variable references $(VAR_NAME) are expanded using the previously defined environment variables in the container and any service environment variables. If a variable cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)" will produce the string literal "$(VAR_NAME)". Escaped references will never be expanded, regardless of whether the variable exists or not. Defaults to "".' - type: string - valueFrom: - description: Source for the environment variable's value. Cannot be used if value is not empty. - type: object - properties: - configMapKeyRef: - description: Selects a key of a ConfigMap. - type: object - required: - - key - properties: - key: - description: The key to select. - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?' - type: string - optional: - description: Specify whether the ConfigMap or its key must be defined - type: boolean - x-kubernetes-map-type: atomic - fieldRef: - description: This is accessible behind a feature flag - kubernetes.podspec-fieldref - type: object - x-kubernetes-preserve-unknown-fields: true - x-kubernetes-map-type: atomic - resourceFieldRef: - description: This is accessible behind a feature flag - kubernetes.podspec-fieldref - type: object - x-kubernetes-preserve-unknown-fields: true - x-kubernetes-map-type: atomic - secretKeyRef: - description: Selects a key of a secret in the pod's namespace - type: object - required: - - key - properties: - key: - description: The key of the secret to select from. Must be a valid secret key. - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?' - type: string - optional: - description: Specify whether the Secret or its key must be defined - type: boolean - x-kubernetes-map-type: atomic - envFrom: - description: List of sources to populate environment variables in the container. The keys defined within a source must be a C_IDENTIFIER. All invalid keys will be reported as an event when the container is starting. When a key exists in multiple sources, the value associated with the last source will take precedence. Values defined by an Env with a duplicate key will take precedence. Cannot be updated. - type: array - items: - description: EnvFromSource represents the source of a set of ConfigMaps - type: object - properties: - configMapRef: - description: The ConfigMap to select from - type: object - properties: - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?' - type: string - optional: - description: Specify whether the ConfigMap must be defined - type: boolean - x-kubernetes-map-type: atomic - prefix: - description: An optional identifier to prepend to each key in the ConfigMap. Must be a C_IDENTIFIER. - type: string - secretRef: - description: The Secret to select from - type: object - properties: - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?' - type: string - optional: - description: Specify whether the Secret must be defined - type: boolean - x-kubernetes-map-type: atomic - image: - description: 'Container image name. More info: https://kubernetes.io/docs/concepts/containers/images This field is optional to allow higher level config management to default or override container images in workload controllers like Deployments and StatefulSets.' - type: string - imagePullPolicy: - description: 'Image pull policy. One of Always, Never, IfNotPresent. Defaults to Always if :latest tag is specified, or IfNotPresent otherwise. Cannot be updated. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images' - type: string - livenessProbe: - description: 'Periodic probe of container liveness. Container will be restarted if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' - type: object - properties: - exec: - description: Exec specifies the action to take. - type: object - properties: - command: - description: Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. - type: array - items: - type: string - failureThreshold: - description: Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1. - type: integer - format: int32 - httpGet: - description: HTTPGet specifies the http request to perform. - type: object - properties: - host: - description: Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. - type: string - httpHeaders: - description: Custom headers to set in the request. HTTP allows repeated headers. - type: array - items: - description: HTTPHeader describes a custom header to be used in HTTP probes - type: object - required: - - name - - value - properties: - name: - description: The header field name - type: string - value: - description: The header field value - type: string - path: - description: Path to access on the HTTP server. - type: string - port: - description: Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - scheme: - description: Scheme to use for connecting to the host. Defaults to HTTP. - type: string - initialDelaySeconds: - description: 'Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' - type: integer - format: int32 - periodSeconds: - description: How often (in seconds) to perform the probe. - type: integer - format: int32 - successThreshold: - description: Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1. - type: integer - format: int32 - tcpSocket: - description: TCPSocket specifies an action involving a TCP port. - type: object - properties: - host: - description: 'Optional: Host name to connect to, defaults to the pod IP.' - type: string - port: - description: Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - timeoutSeconds: - description: 'Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' - type: integer - format: int32 - name: - description: Name of the container specified as a DNS_LABEL. Each container in a pod must have a unique name (DNS_LABEL). Cannot be updated. - type: string - ports: - description: List of ports to expose from the container. Not specifying a port here DOES NOT prevent that port from being exposed. Any port which is listening on the default "0.0.0.0" address inside a container will be accessible from the network. Modifying this array with strategic merge patch may corrupt the data. For more information See https://github.com/kubernetes/kubernetes/issues/108255. Cannot be updated. - type: array - items: - description: ContainerPort represents a network port in a single container. - type: object - required: - - containerPort - properties: - containerPort: - description: Number of port to expose on the pod's IP address. This must be a valid port number, 0 < x < 65536. - type: integer - format: int32 - name: - description: If specified, this must be an IANA_SVC_NAME and unique within the pod. Each named port in a pod must have a unique name. Name for the port that can be referred to by services. - type: string - protocol: - description: Protocol for port. Must be UDP, TCP, or SCTP. Defaults to "TCP". - type: string - default: TCP - x-kubernetes-list-map-keys: - - containerPort - - protocol - x-kubernetes-list-type: map - readinessProbe: - description: 'Periodic probe of container service readiness. Container will be removed from service endpoints if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' - type: object - properties: - exec: - description: Exec specifies the action to take. - type: object - properties: - command: - description: Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. - type: array - items: - type: string - failureThreshold: - description: Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1. - type: integer - format: int32 - httpGet: - description: HTTPGet specifies the http request to perform. - type: object - properties: - host: - description: Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. - type: string - httpHeaders: - description: Custom headers to set in the request. HTTP allows repeated headers. - type: array - items: - description: HTTPHeader describes a custom header to be used in HTTP probes - type: object - required: - - name - - value - properties: - name: - description: The header field name - type: string - value: - description: The header field value - type: string - path: - description: Path to access on the HTTP server. - type: string - port: - description: Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - scheme: - description: Scheme to use for connecting to the host. Defaults to HTTP. - type: string - initialDelaySeconds: - description: 'Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' - type: integer - format: int32 - periodSeconds: - description: How often (in seconds) to perform the probe. - type: integer - format: int32 - successThreshold: - description: Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1. - type: integer - format: int32 - tcpSocket: - description: TCPSocket specifies an action involving a TCP port. - type: object - properties: - host: - description: 'Optional: Host name to connect to, defaults to the pod IP.' - type: string - port: - description: Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - timeoutSeconds: - description: 'Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' - type: integer - format: int32 - resources: - description: 'Compute Resources required by this container. Cannot be updated. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' - type: object - properties: - limits: - description: 'Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' - type: object - additionalProperties: - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - requests: - description: 'Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' - type: object - additionalProperties: - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - securityContext: - description: 'SecurityContext defines the security options the container should be run with. If set, the fields of SecurityContext override the equivalent fields of PodSecurityContext. More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/' - type: object - properties: - allowPrivilegeEscalation: - description: 'AllowPrivilegeEscalation controls whether a process can gain more privileges than its parent process. This bool directly controls if the no_new_privs flag will be set on the container process. AllowPrivilegeEscalation is true always when the container is: 1) run as Privileged 2) has CAP_SYS_ADMIN Note that this field cannot be set when spec.os.name is windows.' - type: boolean - capabilities: - description: The capabilities to add/drop when running containers. Defaults to the default set of capabilities granted by the container runtime. Note that this field cannot be set when spec.os.name is windows. - type: object - properties: - add: - description: This is accessible behind a feature flag - kubernetes.containerspec-addcapabilities - type: array - items: - description: Capability represent POSIX capabilities type - type: string - drop: - description: Removed capabilities - type: array - items: - description: Capability represent POSIX capabilities type - type: string - readOnlyRootFilesystem: - description: Whether this container has a read-only root filesystem. Default is false. Note that this field cannot be set when spec.os.name is windows. - type: boolean - runAsGroup: - description: The GID to run the entrypoint of the container process. Uses runtime default if unset. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is windows. - type: integer - format: int64 - runAsNonRoot: - description: Indicates that the container must run as a non-root user. If true, the Kubelet will validate the image at runtime to ensure that it does not run as UID 0 (root) and fail to start the container if it does. If unset or false, no such validation will be performed. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. - type: boolean - runAsUser: - description: The UID to run the entrypoint of the container process. Defaults to user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is windows. - type: integer - format: int64 - terminationMessagePath: - description: 'Optional: Path at which the file to which the container''s termination message will be written is mounted into the container''s filesystem. Message written is intended to be brief final status, such as an assertion failure message. Will be truncated by the node if greater than 4096 bytes. The total message length across all containers will be limited to 12kb. Defaults to /dev/termination-log. Cannot be updated.' - type: string - terminationMessagePolicy: - description: Indicate how the termination message should be populated. File will use the contents of terminationMessagePath to populate the container status message on both success and failure. FallbackToLogsOnError will use the last chunk of container log output if the termination message file is empty and the container exited with an error. The log output is limited to 2048 bytes or 80 lines, whichever is smaller. Defaults to File. Cannot be updated. - type: string - volumeMounts: - description: Pod volumes to mount into the container's filesystem. Cannot be updated. - type: array - items: - description: VolumeMount describes a mounting of a Volume within a container. - type: object - required: - - mountPath - - name - properties: - mountPath: - description: Path within the container at which the volume should be mounted. Must not contain ':'. - type: string - name: - description: This must match the Name of a Volume. - type: string - readOnly: - description: Mounted read-only if true, read-write otherwise (false or unspecified). Defaults to false. - type: boolean - subPath: - description: Path within the volume from which the container's volume should be mounted. Defaults to "" (volume's root). - type: string - workingDir: - description: Container's working directory. If not specified, the container runtime's default will be used, which might be configured in the container image. Cannot be updated. - type: string - dnsConfig: - description: This is accessible behind a feature flag - kubernetes.podspec-dnsconfig - type: object - x-kubernetes-preserve-unknown-fields: true - dnsPolicy: - description: This is accessible behind a feature flag - kubernetes.podspec-dnspolicy - type: string - enableServiceLinks: - description: 'EnableServiceLinks indicates whether information about services should be injected into pod''s environment variables, matching the syntax of Docker links. Optional: Knative defaults this to false.' - type: boolean - hostAliases: - description: This is accessible behind a feature flag - kubernetes.podspec-hostaliases - type: array - items: - description: This is accessible behind a feature flag - kubernetes.podspec-hostaliases - type: object - x-kubernetes-preserve-unknown-fields: true - idleTimeoutSeconds: - description: IdleTimeoutSeconds is the maximum duration in seconds a request will be allowed to stay open while not receiving any bytes from the user's application. If unspecified, a system default will be provided. - type: integer - format: int64 - imagePullSecrets: - description: 'ImagePullSecrets is an optional list of references to secrets in the same namespace to use for pulling any of the images used by this PodSpec. If specified, these secrets will be passed to individual puller implementations for them to use. More info: https://kubernetes.io/docs/concepts/containers/images#specifying-imagepullsecrets-on-a-pod' - type: array - items: - description: LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. - type: object - properties: - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?' - type: string - x-kubernetes-map-type: atomic - initContainers: - description: 'List of initialization containers belonging to the pod. Init containers are executed in order prior to containers being started. If any init container fails, the pod is considered to have failed and is handled according to its restartPolicy. The name for an init container or normal container must be unique among all containers. Init containers may not have Lifecycle actions, Readiness probes, Liveness probes, or Startup probes. The resourceRequirements of an init container are taken into account during scheduling by finding the highest request/limit for each resource type, and then using the max of of that value or the sum of the normal containers. Limits are applied to init containers in a similar fashion. Init containers cannot currently be added or removed. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/init-containers/' - type: array - items: - description: This is accessible behind a feature flag - kubernetes.podspec-init-containers - type: object - x-kubernetes-preserve-unknown-fields: true - nodeSelector: - description: This is accessible behind a feature flag - kubernetes.podspec-nodeselector - type: object - x-kubernetes-preserve-unknown-fields: true - x-kubernetes-map-type: atomic - priorityClassName: - description: This is accessible behind a feature flag - kubernetes.podspec-priorityclassname - type: string - x-kubernetes-preserve-unknown-fields: true - responseStartTimeoutSeconds: - description: ResponseStartTimeoutSeconds is the maximum duration in seconds that the request routing layer will wait for a request delivered to a container to begin sending any network traffic. - type: integer - format: int64 - runtimeClassName: - description: This is accessible behind a feature flag - kubernetes.podspec-runtimeclassname - type: string - x-kubernetes-preserve-unknown-fields: true - schedulerName: - description: This is accessible behind a feature flag - kubernetes.podspec-schedulername - type: string - x-kubernetes-preserve-unknown-fields: true - securityContext: - description: This is accessible behind a feature flag - kubernetes.podspec-securitycontext - type: object - x-kubernetes-preserve-unknown-fields: true - serviceAccountName: - description: 'ServiceAccountName is the name of the ServiceAccount to use to run this pod. More info: https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/' - type: string - timeoutSeconds: - description: TimeoutSeconds is the maximum duration in seconds that the request instance is allowed to respond to a request. If unspecified, a system default will be provided. - type: integer - format: int64 - tolerations: - description: This is accessible behind a feature flag - kubernetes.podspec-tolerations - type: array - items: - description: This is accessible behind a feature flag - kubernetes.podspec-tolerations - type: object - x-kubernetes-preserve-unknown-fields: true - topologySpreadConstraints: - description: This is accessible behind a feature flag - kubernetes.podspec-topologyspreadconstraints - type: array - items: - description: This is accessible behind a feature flag - kubernetes.podspec-topologyspreadconstraints - type: object - x-kubernetes-preserve-unknown-fields: true - volumes: - description: 'List of volumes that can be mounted by containers belonging to the pod. More info: https://kubernetes.io/docs/concepts/storage/volumes' - type: array - items: - description: Volume represents a named volume in a pod that may be accessed by any container in the pod. - type: object - required: - - name - properties: - configMap: - description: configMap represents a configMap that should populate this volume - type: object - properties: - defaultMode: - description: 'defaultMode is optional: mode bits used to set permissions on created files by default. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. Defaults to 0644. Directories within the path are not affected by this setting. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.' - type: integer - format: int32 - items: - description: items if unspecified, each key-value pair in the Data field of the referenced ConfigMap will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the ConfigMap, the volume setup will error unless it is marked optional. Paths must be relative and may not contain the '..' path or start with '..'. - type: array - items: - description: Maps a string key to a path within a volume. - type: object - required: - - key - - path - properties: - key: - description: key is the key to project. - type: string - mode: - description: 'mode is Optional: mode bits used to set permissions on this file. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.' - type: integer - format: int32 - path: - description: path is the relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'. - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?' - type: string - optional: - description: optional specify whether the ConfigMap or its keys must be defined - type: boolean - x-kubernetes-map-type: atomic - emptyDir: - description: This is accessible behind a feature flag - kubernetes.podspec-emptydir - type: object - x-kubernetes-preserve-unknown-fields: true - name: - description: 'name of the volume. Must be a DNS_LABEL and unique within the pod. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - persistentVolumeClaim: - description: This is accessible behind a feature flag - kubernetes.podspec-persistent-volume-claim - type: object - x-kubernetes-preserve-unknown-fields: true - projected: - description: projected items for all in one resources secrets, configmaps, and downward API - type: object - properties: - defaultMode: - description: defaultMode are the mode bits used to set permissions on created files by default. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. Directories within the path are not affected by this setting. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. - type: integer - format: int32 - sources: - description: sources is the list of volume projections - type: array - items: - description: Projection that may be projected along with other supported volume types - type: object - properties: - configMap: - description: configMap information about the configMap data to project - type: object - properties: - items: - description: items if unspecified, each key-value pair in the Data field of the referenced ConfigMap will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the ConfigMap, the volume setup will error unless it is marked optional. Paths must be relative and may not contain the '..' path or start with '..'. - type: array - items: - description: Maps a string key to a path within a volume. - type: object - required: - - key - - path - properties: - key: - description: key is the key to project. - type: string - mode: - description: 'mode is Optional: mode bits used to set permissions on this file. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.' - type: integer - format: int32 - path: - description: path is the relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'. - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?' - type: string - optional: - description: optional specify whether the ConfigMap or its keys must be defined - type: boolean - x-kubernetes-map-type: atomic - secret: - description: secret information about the secret data to project - type: object - properties: - items: - description: items if unspecified, each key-value pair in the Data field of the referenced Secret will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the Secret, the volume setup will error unless it is marked optional. Paths must be relative and may not contain the '..' path or start with '..'. - type: array - items: - description: Maps a string key to a path within a volume. - type: object - required: - - key - - path - properties: - key: - description: key is the key to project. - type: string - mode: - description: 'mode is Optional: mode bits used to set permissions on this file. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.' - type: integer - format: int32 - path: - description: path is the relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'. - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?' - type: string - optional: - description: optional field specify whether the Secret or its key must be defined - type: boolean - x-kubernetes-map-type: atomic - serviceAccountToken: - description: serviceAccountToken is information about the serviceAccountToken data to project - type: object - required: - - path - properties: - audience: - description: audience is the intended audience of the token. A recipient of a token must identify itself with an identifier specified in the audience of the token, and otherwise should reject the token. The audience defaults to the identifier of the apiserver. - type: string - expirationSeconds: - description: expirationSeconds is the requested duration of validity of the service account token. As the token approaches expiration, the kubelet volume plugin will proactively rotate the service account token. The kubelet will start trying to rotate the token if the token is older than 80 percent of its time to live or if the token is older than 24 hours.Defaults to 1 hour and must be at least 10 minutes. - type: integer - format: int64 - path: - description: path is the path relative to the mount point of the file to project the token into. - type: string - secret: - description: 'secret represents a secret that should populate this volume. More info: https://kubernetes.io/docs/concepts/storage/volumes#secret' - type: object - properties: - defaultMode: - description: 'defaultMode is Optional: mode bits used to set permissions on created files by default. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. Defaults to 0644. Directories within the path are not affected by this setting. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.' - type: integer - format: int32 - items: - description: items If unspecified, each key-value pair in the Data field of the referenced Secret will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the Secret, the volume setup will error unless it is marked optional. Paths must be relative and may not contain the '..' path or start with '..'. - type: array - items: - description: Maps a string key to a path within a volume. - type: object - required: - - key - - path - properties: - key: - description: key is the key to project. - type: string - mode: - description: 'mode is Optional: mode bits used to set permissions on this file. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.' - type: integer - format: int32 - path: - description: path is the relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'. - type: string - optional: - description: optional field specify whether the Secret or its keys must be defined - type: boolean - secretName: - description: 'secretName is the name of the secret in the pod''s namespace to use. More info: https://kubernetes.io/docs/concepts/storage/volumes#secret' - type: string - status: - description: RevisionStatus communicates the observed state of the Revision (from the controller). - type: object - properties: - actualReplicas: - description: ActualReplicas reflects the amount of ready pods running this revision. - type: integer - format: int32 - annotations: - description: Annotations is additional Status fields for the Resource to save some additional State as well as convey more information to the user. This is roughly akin to Annotations on any k8s resource, just the reconciler conveying richer information outwards. - type: object - additionalProperties: - type: string - conditions: - description: Conditions the latest available observations of a resource's current state. - type: array - items: - description: 'Condition defines a readiness condition for a Knative resource. See: https://github.com/kubernetes/community/blob/master/contributors/devel/sig-architecture/api-conventions.md#typical-status-properties' - type: object - required: - - status - - type - properties: - lastTransitionTime: - description: LastTransitionTime is the last time the condition transitioned from one status to another. We use VolatileTime in place of metav1.Time to exclude this from creating equality.Semantic differences (all other things held constant). - type: string - message: - description: A human readable message indicating details about the transition. - type: string - reason: - description: The reason for the condition's last transition. - type: string - severity: - description: Severity with which to treat failures of this type of condition. When this is not specified, it defaults to Error. - type: string - status: - description: Status of the condition, one of True, False, Unknown. - type: string - type: - description: Type of condition. - type: string - containerStatuses: - description: 'ContainerStatuses is a slice of images present in .Spec.Container[*].Image to their respective digests and their container name. The digests are resolved during the creation of Revision. ContainerStatuses holds the container name and image digests for both serving and non serving containers. ref: http://bit.ly/image-digests' - type: array - items: - description: ContainerStatus holds the information of container name and image digest value - type: object - properties: - imageDigest: - type: string - name: - type: string - desiredReplicas: - description: DesiredReplicas reflects the desired amount of pods running this revision. - type: integer - format: int32 - initContainerStatuses: - description: 'InitContainerStatuses is a slice of images present in .Spec.InitContainer[*].Image to their respective digests and their container name. The digests are resolved during the creation of Revision. ContainerStatuses holds the container name and image digests for both serving and non serving containers. ref: http://bit.ly/image-digests' - type: array - items: - description: ContainerStatus holds the information of container name and image digest value - type: object - properties: - imageDigest: - type: string - name: - type: string - logUrl: - description: LogURL specifies the generated logging url for this particular revision based on the revision url template specified in the controller's config. - type: string - observedGeneration: - description: ObservedGeneration is the 'Generation' of the Service that was last processed by the controller. - type: integer - format: int64 - ---- -# Copyright 2019 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -# Note: The schema part of the spec is auto-generated by hack/update-schemas.sh. - -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - name: routes.serving.knative.dev - labels: - app.kubernetes.io/name: knative-serving - app.kubernetes.io/version: "1.8.1" - knative.dev/crd-install: "true" - duck.knative.dev/addressable: "true" -spec: - group: serving.knative.dev - names: - kind: Route - plural: routes - singular: route - categories: - - all - - knative - - serving - shortNames: - - rt - scope: Namespaced - versions: - - name: v1 - served: true - storage: true - subresources: - status: {} - additionalPrinterColumns: - - name: URL - type: string - jsonPath: .status.url - - name: Ready - type: string - jsonPath: ".status.conditions[?(@.type=='Ready')].status" - - name: Reason - type: string - jsonPath: ".status.conditions[?(@.type=='Ready')].reason" - schema: - openAPIV3Schema: - description: 'Route is responsible for configuring ingress over a collection of Revisions. Some of the Revisions a Route distributes traffic over may be specified by referencing the Configuration responsible for creating them; in these cases the Route is additionally responsible for monitoring the Configuration for "latest ready revision" changes, and smoothly rolling out latest revisions. See also: https://github.com/knative/serving/blob/main/docs/spec/overview.md#route' - type: object - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - description: Spec holds the desired state of the Route (from the client). - type: object - properties: - traffic: - description: Traffic specifies how to distribute traffic over a collection of revisions and configurations. - type: array - items: - description: TrafficTarget holds a single entry of the routing table for a Route. - type: object - properties: - configurationName: - description: ConfigurationName of a configuration to whose latest revision we will send this portion of traffic. When the "status.latestReadyRevisionName" of the referenced configuration changes, we will automatically migrate traffic from the prior "latest ready" revision to the new one. This field is never set in Route's status, only its spec. This is mutually exclusive with RevisionName. - type: string - latestRevision: - description: LatestRevision may be optionally provided to indicate that the latest ready Revision of the Configuration should be used for this traffic target. When provided LatestRevision must be true if RevisionName is empty; it must be false when RevisionName is non-empty. - type: boolean - percent: - description: 'Percent indicates that percentage based routing should be used and the value indicates the percent of traffic that is be routed to this Revision or Configuration. `0` (zero) mean no traffic, `100` means all traffic. When percentage based routing is being used the follow rules apply: - the sum of all percent values must equal 100 - when not specified, the implied value for `percent` is zero for that particular Revision or Configuration' - type: integer - format: int64 - revisionName: - description: RevisionName of a specific revision to which to send this portion of traffic. This is mutually exclusive with ConfigurationName. - type: string - tag: - description: Tag is optionally used to expose a dedicated url for referencing this target exclusively. - type: string - url: - description: URL displays the URL for accessing named traffic targets. URL is displayed in status, and is disallowed on spec. URL must contain a scheme (e.g. http://) and a hostname, but may not contain anything else (e.g. basic auth, url path, etc.) - type: string - status: - description: Status communicates the observed state of the Route (from the controller). - type: object - properties: - address: - description: Address holds the information needed for a Route to be the target of an event. - type: object - properties: - url: - type: string - annotations: - description: Annotations is additional Status fields for the Resource to save some additional State as well as convey more information to the user. This is roughly akin to Annotations on any k8s resource, just the reconciler conveying richer information outwards. - type: object - additionalProperties: - type: string - conditions: - description: Conditions the latest available observations of a resource's current state. - type: array - items: - description: 'Condition defines a readiness condition for a Knative resource. See: https://github.com/kubernetes/community/blob/master/contributors/devel/sig-architecture/api-conventions.md#typical-status-properties' - type: object - required: - - status - - type - properties: - lastTransitionTime: - description: LastTransitionTime is the last time the condition transitioned from one status to another. We use VolatileTime in place of metav1.Time to exclude this from creating equality.Semantic differences (all other things held constant). - type: string - message: - description: A human readable message indicating details about the transition. - type: string - reason: - description: The reason for the condition's last transition. - type: string - severity: - description: Severity with which to treat failures of this type of condition. When this is not specified, it defaults to Error. - type: string - status: - description: Status of the condition, one of True, False, Unknown. - type: string - type: - description: Type of condition. - type: string - observedGeneration: - description: ObservedGeneration is the 'Generation' of the Service that was last processed by the controller. - type: integer - format: int64 - traffic: - description: Traffic holds the configured traffic distribution. These entries will always contain RevisionName references. When ConfigurationName appears in the spec, this will hold the LatestReadyRevisionName that we last observed. - type: array - items: - description: TrafficTarget holds a single entry of the routing table for a Route. - type: object - properties: - configurationName: - description: ConfigurationName of a configuration to whose latest revision we will send this portion of traffic. When the "status.latestReadyRevisionName" of the referenced configuration changes, we will automatically migrate traffic from the prior "latest ready" revision to the new one. This field is never set in Route's status, only its spec. This is mutually exclusive with RevisionName. - type: string - latestRevision: - description: LatestRevision may be optionally provided to indicate that the latest ready Revision of the Configuration should be used for this traffic target. When provided LatestRevision must be true if RevisionName is empty; it must be false when RevisionName is non-empty. - type: boolean - percent: - description: 'Percent indicates that percentage based routing should be used and the value indicates the percent of traffic that is be routed to this Revision or Configuration. `0` (zero) mean no traffic, `100` means all traffic. When percentage based routing is being used the follow rules apply: - the sum of all percent values must equal 100 - when not specified, the implied value for `percent` is zero for that particular Revision or Configuration' - type: integer - format: int64 - revisionName: - description: RevisionName of a specific revision to which to send this portion of traffic. This is mutually exclusive with ConfigurationName. - type: string - tag: - description: Tag is optionally used to expose a dedicated url for referencing this target exclusively. - type: string - url: - description: URL displays the URL for accessing named traffic targets. URL is displayed in status, and is disallowed on spec. URL must contain a scheme (e.g. http://) and a hostname, but may not contain anything else (e.g. basic auth, url path, etc.) - type: string - url: - description: URL holds the url that will distribute traffic over the provided traffic targets. It generally has the form http[s]://{route-name}.{route-namespace}.{cluster-level-suffix} - type: string - ---- -# Copyright 2019 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - name: serverlessservices.networking.internal.knative.dev - labels: - app.kubernetes.io/name: knative-serving - app.kubernetes.io/component: networking - app.kubernetes.io/version: "1.8.1" - knative.dev/crd-install: "true" -spec: - group: networking.internal.knative.dev - versions: - - name: v1alpha1 - served: true - storage: true - subresources: - status: {} - schema: - openAPIV3Schema: - description: 'ServerlessService is a proxy for the K8s service objects containing the endpoints for the revision, whether those are endpoints of the activator or revision pods. See: https://knative.page.link/naxz for details.' - type: object - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - description: 'Spec is the desired state of the ServerlessService. More info: https://github.com/kubernetes/community/blob/master/contributors/devel/sig-architecture/api-conventions.md#spec-and-status' - type: object - required: - - objectRef - - protocolType - properties: - mode: - description: Mode describes the mode of operation of the ServerlessService. - type: string - numActivators: - description: NumActivators contains number of Activators that this revision should be assigned. O means — assign all. - type: integer - format: int32 - objectRef: - description: ObjectRef defines the resource that this ServerlessService is responsible for making "serverless". - type: object - properties: - apiVersion: - description: API version of the referent. - type: string - fieldPath: - description: 'If referring to a piece of an object instead of an entire object, this string should contain a valid JSON/Go field access statement, such as desiredState.manifest.containers[2]. For example, if the object reference is to a container within a pod, this would take on a value like: "spec.containers{name}" (where "name" refers to the name of the container that triggered the event) or if no container name is specified "spec.containers[2]" (container with index 2 in this pod). This syntax is chosen only to have some well-defined way of referencing a part of an object. TODO: this design is not final and this field is subject to change in the future.' - type: string - kind: - description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - namespace: - description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' - type: string - resourceVersion: - description: 'Specific resourceVersion to which this reference is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency' - type: string - uid: - description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids' - type: string - x-kubernetes-map-type: atomic - protocolType: - description: The application-layer protocol. Matches `RevisionProtocolType` set on the owning pa/revision. serving imports networking, so just use string. - type: string - status: - description: 'Status is the current state of the ServerlessService. More info: https://github.com/kubernetes/community/blob/master/contributors/devel/sig-architecture/api-conventions.md#spec-and-status' - type: object - properties: - annotations: - description: Annotations is additional Status fields for the Resource to save some additional State as well as convey more information to the user. This is roughly akin to Annotations on any k8s resource, just the reconciler conveying richer information outwards. - type: object - additionalProperties: - type: string - conditions: - description: Conditions the latest available observations of a resource's current state. - type: array - items: - description: 'Condition defines a readiness condition for a Knative resource. See: https://github.com/kubernetes/community/blob/master/contributors/devel/sig-architecture/api-conventions.md#typical-status-properties' - type: object - required: - - status - - type - properties: - lastTransitionTime: - description: LastTransitionTime is the last time the condition transitioned from one status to another. We use VolatileTime in place of metav1.Time to exclude this from creating equality.Semantic differences (all other things held constant). - type: string - message: - description: A human readable message indicating details about the transition. - type: string - reason: - description: The reason for the condition's last transition. - type: string - severity: - description: Severity with which to treat failures of this type of condition. When this is not specified, it defaults to Error. - type: string - status: - description: Status of the condition, one of True, False, Unknown. - type: string - type: - description: Type of condition. - type: string - observedGeneration: - description: ObservedGeneration is the 'Generation' of the Service that was last processed by the controller. - type: integer - format: int64 - privateServiceName: - description: PrivateServiceName holds the name of a core K8s Service resource that load balances over the user service pods backing this Revision. - type: string - serviceName: - description: ServiceName holds the name of a core K8s Service resource that load balances over the pods backing this Revision (activator or revision). - type: string - additionalPrinterColumns: - - name: Mode - type: string - jsonPath: ".spec.mode" - - name: Activators - type: integer - jsonPath: ".spec.numActivators" - - name: ServiceName - type: string - jsonPath: ".status.serviceName" - - name: PrivateServiceName - type: string - jsonPath: ".status.privateServiceName" - - name: Ready - type: string - jsonPath: ".status.conditions[?(@.type=='Ready')].status" - - name: Reason - type: string - jsonPath: ".status.conditions[?(@.type=='Ready')].reason" - names: - kind: ServerlessService - plural: serverlessservices - singular: serverlessservice - categories: - - knative-internal - - networking - shortNames: - - sks - scope: Namespaced - ---- -# Copyright 2019 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -# Note: The schema part of the spec is auto-generated by hack/update-schemas.sh. - -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - name: services.serving.knative.dev - labels: - app.kubernetes.io/name: knative-serving - app.kubernetes.io/version: "1.8.1" - knative.dev/crd-install: "true" - duck.knative.dev/addressable: "true" - duck.knative.dev/podspecable: "true" -spec: - group: serving.knative.dev - names: - kind: Service - plural: services - singular: service - categories: - - all - - knative - - serving - shortNames: - - kservice - - ksvc - scope: Namespaced - versions: - - name: v1 - served: true - storage: true - subresources: - status: {} - additionalPrinterColumns: - - name: URL - type: string - jsonPath: .status.url - - name: LatestCreated - type: string - jsonPath: .status.latestCreatedRevisionName - - name: LatestReady - type: string - jsonPath: .status.latestReadyRevisionName - - name: Ready - type: string - jsonPath: ".status.conditions[?(@.type=='Ready')].status" - - name: Reason - type: string - jsonPath: ".status.conditions[?(@.type=='Ready')].reason" - schema: - openAPIV3Schema: - description: "Service acts as a top-level container that manages a Route and Configuration which implement a network service. Service exists to provide a singular abstraction which can be access controlled, reasoned about, and which encapsulates software lifecycle decisions such as rollout policy and team resource ownership. Service acts only as an orchestrator of the underlying Routes and Configurations (much as a kubernetes Deployment orchestrates ReplicaSets), and its usage is optional but recommended. \n The Service's controller will track the statuses of its owned Configuration and Route, reflecting their statuses and conditions as its own. \n See also: https://github.com/knative/serving/blob/main/docs/spec/overview.md#service" - type: object - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - description: ServiceSpec represents the configuration for the Service object. A Service's specification is the union of the specifications for a Route and Configuration. The Service restricts what can be expressed in these fields, e.g. the Route must reference the provided Configuration; however, these limitations also enable friendlier defaulting, e.g. Route never needs a Configuration name, and may be defaulted to the appropriate "run latest" spec. - type: object - properties: - template: - description: Template holds the latest specification for the Revision to be stamped out. - type: object - properties: - metadata: - type: object - properties: - annotations: - type: object - additionalProperties: - type: string - finalizers: - type: array - items: - type: string - labels: - type: object - additionalProperties: - type: string - name: - type: string - namespace: - type: string - x-kubernetes-preserve-unknown-fields: true - spec: - description: RevisionSpec holds the desired state of the Revision (from the client). - type: object - required: - - containers - properties: - affinity: - description: This is accessible behind a feature flag - kubernetes.podspec-affinity - type: object - x-kubernetes-preserve-unknown-fields: true - automountServiceAccountToken: - description: AutomountServiceAccountToken indicates whether a service account token should be automatically mounted. - type: boolean - containerConcurrency: - description: ContainerConcurrency specifies the maximum allowed in-flight (concurrent) requests per container of the Revision. Defaults to `0` which means concurrency to the application is not limited, and the system decides the target concurrency for the autoscaler. - type: integer - format: int64 - containers: - description: List of containers belonging to the pod. Containers cannot currently be added or removed. There must be at least one container in a Pod. Cannot be updated. - type: array - items: - description: A single application container that you want to run within a pod. - type: object - properties: - args: - description: 'Arguments to the entrypoint. The container image''s CMD is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container''s environment. If a variable cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)" will produce the string literal "$(VAR_NAME)". Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell' - type: array - items: - type: string - command: - description: 'Entrypoint array. Not executed within a shell. The container image''s ENTRYPOINT is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container''s environment. If a variable cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)" will produce the string literal "$(VAR_NAME)". Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell' - type: array - items: - type: string - env: - description: List of environment variables to set in the container. Cannot be updated. - type: array - items: - description: EnvVar represents an environment variable present in a Container. - type: object - required: - - name - properties: - name: - description: Name of the environment variable. Must be a C_IDENTIFIER. - type: string - value: - description: 'Variable references $(VAR_NAME) are expanded using the previously defined environment variables in the container and any service environment variables. If a variable cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)" will produce the string literal "$(VAR_NAME)". Escaped references will never be expanded, regardless of whether the variable exists or not. Defaults to "".' - type: string - valueFrom: - description: Source for the environment variable's value. Cannot be used if value is not empty. - type: object - properties: - configMapKeyRef: - description: Selects a key of a ConfigMap. - type: object - required: - - key - properties: - key: - description: The key to select. - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?' - type: string - optional: - description: Specify whether the ConfigMap or its key must be defined - type: boolean - x-kubernetes-map-type: atomic - fieldRef: - description: This is accessible behind a feature flag - kubernetes.podspec-fieldref - type: object - x-kubernetes-preserve-unknown-fields: true - x-kubernetes-map-type: atomic - resourceFieldRef: - description: This is accessible behind a feature flag - kubernetes.podspec-fieldref - type: object - x-kubernetes-preserve-unknown-fields: true - x-kubernetes-map-type: atomic - secretKeyRef: - description: Selects a key of a secret in the pod's namespace - type: object - required: - - key - properties: - key: - description: The key of the secret to select from. Must be a valid secret key. - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?' - type: string - optional: - description: Specify whether the Secret or its key must be defined - type: boolean - x-kubernetes-map-type: atomic - envFrom: - description: List of sources to populate environment variables in the container. The keys defined within a source must be a C_IDENTIFIER. All invalid keys will be reported as an event when the container is starting. When a key exists in multiple sources, the value associated with the last source will take precedence. Values defined by an Env with a duplicate key will take precedence. Cannot be updated. - type: array - items: - description: EnvFromSource represents the source of a set of ConfigMaps - type: object - properties: - configMapRef: - description: The ConfigMap to select from - type: object - properties: - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?' - type: string - optional: - description: Specify whether the ConfigMap must be defined - type: boolean - x-kubernetes-map-type: atomic - prefix: - description: An optional identifier to prepend to each key in the ConfigMap. Must be a C_IDENTIFIER. - type: string - secretRef: - description: The Secret to select from - type: object - properties: - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?' - type: string - optional: - description: Specify whether the Secret must be defined - type: boolean - x-kubernetes-map-type: atomic - image: - description: 'Container image name. More info: https://kubernetes.io/docs/concepts/containers/images This field is optional to allow higher level config management to default or override container images in workload controllers like Deployments and StatefulSets.' - type: string - imagePullPolicy: - description: 'Image pull policy. One of Always, Never, IfNotPresent. Defaults to Always if :latest tag is specified, or IfNotPresent otherwise. Cannot be updated. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images' - type: string - livenessProbe: - description: 'Periodic probe of container liveness. Container will be restarted if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' - type: object - properties: - exec: - description: Exec specifies the action to take. - type: object - properties: - command: - description: Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. - type: array - items: - type: string - failureThreshold: - description: Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1. - type: integer - format: int32 - httpGet: - description: HTTPGet specifies the http request to perform. - type: object - properties: - host: - description: Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. - type: string - httpHeaders: - description: Custom headers to set in the request. HTTP allows repeated headers. - type: array - items: - description: HTTPHeader describes a custom header to be used in HTTP probes - type: object - required: - - name - - value - properties: - name: - description: The header field name - type: string - value: - description: The header field value - type: string - path: - description: Path to access on the HTTP server. - type: string - port: - description: Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - scheme: - description: Scheme to use for connecting to the host. Defaults to HTTP. - type: string - initialDelaySeconds: - description: 'Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' - type: integer - format: int32 - periodSeconds: - description: How often (in seconds) to perform the probe. - type: integer - format: int32 - successThreshold: - description: Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1. - type: integer - format: int32 - tcpSocket: - description: TCPSocket specifies an action involving a TCP port. - type: object - properties: - host: - description: 'Optional: Host name to connect to, defaults to the pod IP.' - type: string - port: - description: Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - timeoutSeconds: - description: 'Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' - type: integer - format: int32 - name: - description: Name of the container specified as a DNS_LABEL. Each container in a pod must have a unique name (DNS_LABEL). Cannot be updated. - type: string - ports: - description: List of ports to expose from the container. Not specifying a port here DOES NOT prevent that port from being exposed. Any port which is listening on the default "0.0.0.0" address inside a container will be accessible from the network. Modifying this array with strategic merge patch may corrupt the data. For more information See https://github.com/kubernetes/kubernetes/issues/108255. Cannot be updated. - type: array - items: - description: ContainerPort represents a network port in a single container. - type: object - required: - - containerPort - properties: - containerPort: - description: Number of port to expose on the pod's IP address. This must be a valid port number, 0 < x < 65536. - type: integer - format: int32 - name: - description: If specified, this must be an IANA_SVC_NAME and unique within the pod. Each named port in a pod must have a unique name. Name for the port that can be referred to by services. - type: string - protocol: - description: Protocol for port. Must be UDP, TCP, or SCTP. Defaults to "TCP". - type: string - default: TCP - x-kubernetes-list-map-keys: - - containerPort - - protocol - x-kubernetes-list-type: map - readinessProbe: - description: 'Periodic probe of container service readiness. Container will be removed from service endpoints if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' - type: object - properties: - exec: - description: Exec specifies the action to take. - type: object - properties: - command: - description: Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. - type: array - items: - type: string - failureThreshold: - description: Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1. - type: integer - format: int32 - httpGet: - description: HTTPGet specifies the http request to perform. - type: object - properties: - host: - description: Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. - type: string - httpHeaders: - description: Custom headers to set in the request. HTTP allows repeated headers. - type: array - items: - description: HTTPHeader describes a custom header to be used in HTTP probes - type: object - required: - - name - - value - properties: - name: - description: The header field name - type: string - value: - description: The header field value - type: string - path: - description: Path to access on the HTTP server. - type: string - port: - description: Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - scheme: - description: Scheme to use for connecting to the host. Defaults to HTTP. - type: string - initialDelaySeconds: - description: 'Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' - type: integer - format: int32 - periodSeconds: - description: How often (in seconds) to perform the probe. - type: integer - format: int32 - successThreshold: - description: Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1. - type: integer - format: int32 - tcpSocket: - description: TCPSocket specifies an action involving a TCP port. - type: object - properties: - host: - description: 'Optional: Host name to connect to, defaults to the pod IP.' - type: string - port: - description: Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - timeoutSeconds: - description: 'Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' - type: integer - format: int32 - resources: - description: 'Compute Resources required by this container. Cannot be updated. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' - type: object - properties: - limits: - description: 'Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' - type: object - additionalProperties: - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - requests: - description: 'Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' - type: object - additionalProperties: - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - securityContext: - description: 'SecurityContext defines the security options the container should be run with. If set, the fields of SecurityContext override the equivalent fields of PodSecurityContext. More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/' - type: object - properties: - allowPrivilegeEscalation: - description: 'AllowPrivilegeEscalation controls whether a process can gain more privileges than its parent process. This bool directly controls if the no_new_privs flag will be set on the container process. AllowPrivilegeEscalation is true always when the container is: 1) run as Privileged 2) has CAP_SYS_ADMIN Note that this field cannot be set when spec.os.name is windows.' - type: boolean - capabilities: - description: The capabilities to add/drop when running containers. Defaults to the default set of capabilities granted by the container runtime. Note that this field cannot be set when spec.os.name is windows. - type: object - properties: - add: - description: This is accessible behind a feature flag - kubernetes.containerspec-addcapabilities - type: array - items: - description: Capability represent POSIX capabilities type - type: string - drop: - description: Removed capabilities - type: array - items: - description: Capability represent POSIX capabilities type - type: string - readOnlyRootFilesystem: - description: Whether this container has a read-only root filesystem. Default is false. Note that this field cannot be set when spec.os.name is windows. - type: boolean - runAsGroup: - description: The GID to run the entrypoint of the container process. Uses runtime default if unset. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is windows. - type: integer - format: int64 - runAsNonRoot: - description: Indicates that the container must run as a non-root user. If true, the Kubelet will validate the image at runtime to ensure that it does not run as UID 0 (root) and fail to start the container if it does. If unset or false, no such validation will be performed. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. - type: boolean - runAsUser: - description: The UID to run the entrypoint of the container process. Defaults to user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is windows. - type: integer - format: int64 - terminationMessagePath: - description: 'Optional: Path at which the file to which the container''s termination message will be written is mounted into the container''s filesystem. Message written is intended to be brief final status, such as an assertion failure message. Will be truncated by the node if greater than 4096 bytes. The total message length across all containers will be limited to 12kb. Defaults to /dev/termination-log. Cannot be updated.' - type: string - terminationMessagePolicy: - description: Indicate how the termination message should be populated. File will use the contents of terminationMessagePath to populate the container status message on both success and failure. FallbackToLogsOnError will use the last chunk of container log output if the termination message file is empty and the container exited with an error. The log output is limited to 2048 bytes or 80 lines, whichever is smaller. Defaults to File. Cannot be updated. - type: string - volumeMounts: - description: Pod volumes to mount into the container's filesystem. Cannot be updated. - type: array - items: - description: VolumeMount describes a mounting of a Volume within a container. - type: object - required: - - mountPath - - name - properties: - mountPath: - description: Path within the container at which the volume should be mounted. Must not contain ':'. - type: string - name: - description: This must match the Name of a Volume. - type: string - readOnly: - description: Mounted read-only if true, read-write otherwise (false or unspecified). Defaults to false. - type: boolean - subPath: - description: Path within the volume from which the container's volume should be mounted. Defaults to "" (volume's root). - type: string - workingDir: - description: Container's working directory. If not specified, the container runtime's default will be used, which might be configured in the container image. Cannot be updated. - type: string - dnsConfig: - description: This is accessible behind a feature flag - kubernetes.podspec-dnsconfig - type: object - x-kubernetes-preserve-unknown-fields: true - dnsPolicy: - description: This is accessible behind a feature flag - kubernetes.podspec-dnspolicy - type: string - enableServiceLinks: - description: 'EnableServiceLinks indicates whether information about services should be injected into pod''s environment variables, matching the syntax of Docker links. Optional: Knative defaults this to false.' - type: boolean - hostAliases: - description: This is accessible behind a feature flag - kubernetes.podspec-hostaliases - type: array - items: - description: This is accessible behind a feature flag - kubernetes.podspec-hostaliases - type: object - x-kubernetes-preserve-unknown-fields: true - idleTimeoutSeconds: - description: IdleTimeoutSeconds is the maximum duration in seconds a request will be allowed to stay open while not receiving any bytes from the user's application. If unspecified, a system default will be provided. - type: integer - format: int64 - imagePullSecrets: - description: 'ImagePullSecrets is an optional list of references to secrets in the same namespace to use for pulling any of the images used by this PodSpec. If specified, these secrets will be passed to individual puller implementations for them to use. More info: https://kubernetes.io/docs/concepts/containers/images#specifying-imagepullsecrets-on-a-pod' - type: array - items: - description: LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. - type: object - properties: - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?' - type: string - x-kubernetes-map-type: atomic - initContainers: - description: 'List of initialization containers belonging to the pod. Init containers are executed in order prior to containers being started. If any init container fails, the pod is considered to have failed and is handled according to its restartPolicy. The name for an init container or normal container must be unique among all containers. Init containers may not have Lifecycle actions, Readiness probes, Liveness probes, or Startup probes. The resourceRequirements of an init container are taken into account during scheduling by finding the highest request/limit for each resource type, and then using the max of of that value or the sum of the normal containers. Limits are applied to init containers in a similar fashion. Init containers cannot currently be added or removed. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/init-containers/' - type: array - items: - description: This is accessible behind a feature flag - kubernetes.podspec-init-containers - type: object - x-kubernetes-preserve-unknown-fields: true - nodeSelector: - description: This is accessible behind a feature flag - kubernetes.podspec-nodeselector - type: object - x-kubernetes-preserve-unknown-fields: true - x-kubernetes-map-type: atomic - priorityClassName: - description: This is accessible behind a feature flag - kubernetes.podspec-priorityclassname - type: string - x-kubernetes-preserve-unknown-fields: true - responseStartTimeoutSeconds: - description: ResponseStartTimeoutSeconds is the maximum duration in seconds that the request routing layer will wait for a request delivered to a container to begin sending any network traffic. - type: integer - format: int64 - runtimeClassName: - description: This is accessible behind a feature flag - kubernetes.podspec-runtimeclassname - type: string - x-kubernetes-preserve-unknown-fields: true - schedulerName: - description: This is accessible behind a feature flag - kubernetes.podspec-schedulername - type: string - x-kubernetes-preserve-unknown-fields: true - securityContext: - description: This is accessible behind a feature flag - kubernetes.podspec-securitycontext - type: object - x-kubernetes-preserve-unknown-fields: true - serviceAccountName: - description: 'ServiceAccountName is the name of the ServiceAccount to use to run this pod. More info: https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/' - type: string - timeoutSeconds: - description: TimeoutSeconds is the maximum duration in seconds that the request instance is allowed to respond to a request. If unspecified, a system default will be provided. - type: integer - format: int64 - tolerations: - description: This is accessible behind a feature flag - kubernetes.podspec-tolerations - type: array - items: - description: This is accessible behind a feature flag - kubernetes.podspec-tolerations - type: object - x-kubernetes-preserve-unknown-fields: true - topologySpreadConstraints: - description: This is accessible behind a feature flag - kubernetes.podspec-topologyspreadconstraints - type: array - items: - description: This is accessible behind a feature flag - kubernetes.podspec-topologyspreadconstraints - type: object - x-kubernetes-preserve-unknown-fields: true - volumes: - description: 'List of volumes that can be mounted by containers belonging to the pod. More info: https://kubernetes.io/docs/concepts/storage/volumes' - type: array - items: - description: Volume represents a named volume in a pod that may be accessed by any container in the pod. - type: object - required: - - name - properties: - configMap: - description: configMap represents a configMap that should populate this volume - type: object - properties: - defaultMode: - description: 'defaultMode is optional: mode bits used to set permissions on created files by default. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. Defaults to 0644. Directories within the path are not affected by this setting. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.' - type: integer - format: int32 - items: - description: items if unspecified, each key-value pair in the Data field of the referenced ConfigMap will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the ConfigMap, the volume setup will error unless it is marked optional. Paths must be relative and may not contain the '..' path or start with '..'. - type: array - items: - description: Maps a string key to a path within a volume. - type: object - required: - - key - - path - properties: - key: - description: key is the key to project. - type: string - mode: - description: 'mode is Optional: mode bits used to set permissions on this file. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.' - type: integer - format: int32 - path: - description: path is the relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'. - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?' - type: string - optional: - description: optional specify whether the ConfigMap or its keys must be defined - type: boolean - x-kubernetes-map-type: atomic - emptyDir: - description: This is accessible behind a feature flag - kubernetes.podspec-emptydir - type: object - x-kubernetes-preserve-unknown-fields: true - name: - description: 'name of the volume. Must be a DNS_LABEL and unique within the pod. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - persistentVolumeClaim: - description: This is accessible behind a feature flag - kubernetes.podspec-persistent-volume-claim - type: object - x-kubernetes-preserve-unknown-fields: true - projected: - description: projected items for all in one resources secrets, configmaps, and downward API - type: object - properties: - defaultMode: - description: defaultMode are the mode bits used to set permissions on created files by default. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. Directories within the path are not affected by this setting. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. - type: integer - format: int32 - sources: - description: sources is the list of volume projections - type: array - items: - description: Projection that may be projected along with other supported volume types - type: object - properties: - configMap: - description: configMap information about the configMap data to project - type: object - properties: - items: - description: items if unspecified, each key-value pair in the Data field of the referenced ConfigMap will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the ConfigMap, the volume setup will error unless it is marked optional. Paths must be relative and may not contain the '..' path or start with '..'. - type: array - items: - description: Maps a string key to a path within a volume. - type: object - required: - - key - - path - properties: - key: - description: key is the key to project. - type: string - mode: - description: 'mode is Optional: mode bits used to set permissions on this file. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.' - type: integer - format: int32 - path: - description: path is the relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'. - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?' - type: string - optional: - description: optional specify whether the ConfigMap or its keys must be defined - type: boolean - x-kubernetes-map-type: atomic - secret: - description: secret information about the secret data to project - type: object - properties: - items: - description: items if unspecified, each key-value pair in the Data field of the referenced Secret will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the Secret, the volume setup will error unless it is marked optional. Paths must be relative and may not contain the '..' path or start with '..'. - type: array - items: - description: Maps a string key to a path within a volume. - type: object - required: - - key - - path - properties: - key: - description: key is the key to project. - type: string - mode: - description: 'mode is Optional: mode bits used to set permissions on this file. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.' - type: integer - format: int32 - path: - description: path is the relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'. - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?' - type: string - optional: - description: optional field specify whether the Secret or its key must be defined - type: boolean - x-kubernetes-map-type: atomic - serviceAccountToken: - description: serviceAccountToken is information about the serviceAccountToken data to project - type: object - required: - - path - properties: - audience: - description: audience is the intended audience of the token. A recipient of a token must identify itself with an identifier specified in the audience of the token, and otherwise should reject the token. The audience defaults to the identifier of the apiserver. - type: string - expirationSeconds: - description: expirationSeconds is the requested duration of validity of the service account token. As the token approaches expiration, the kubelet volume plugin will proactively rotate the service account token. The kubelet will start trying to rotate the token if the token is older than 80 percent of its time to live or if the token is older than 24 hours.Defaults to 1 hour and must be at least 10 minutes. - type: integer - format: int64 - path: - description: path is the path relative to the mount point of the file to project the token into. - type: string - secret: - description: 'secret represents a secret that should populate this volume. More info: https://kubernetes.io/docs/concepts/storage/volumes#secret' - type: object - properties: - defaultMode: - description: 'defaultMode is Optional: mode bits used to set permissions on created files by default. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. Defaults to 0644. Directories within the path are not affected by this setting. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.' - type: integer - format: int32 - items: - description: items If unspecified, each key-value pair in the Data field of the referenced Secret will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the Secret, the volume setup will error unless it is marked optional. Paths must be relative and may not contain the '..' path or start with '..'. - type: array - items: - description: Maps a string key to a path within a volume. - type: object - required: - - key - - path - properties: - key: - description: key is the key to project. - type: string - mode: - description: 'mode is Optional: mode bits used to set permissions on this file. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.' - type: integer - format: int32 - path: - description: path is the relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'. - type: string - optional: - description: optional field specify whether the Secret or its keys must be defined - type: boolean - secretName: - description: 'secretName is the name of the secret in the pod''s namespace to use. More info: https://kubernetes.io/docs/concepts/storage/volumes#secret' - type: string - traffic: - description: Traffic specifies how to distribute traffic over a collection of revisions and configurations. - type: array - items: - description: TrafficTarget holds a single entry of the routing table for a Route. - type: object - properties: - configurationName: - description: ConfigurationName of a configuration to whose latest revision we will send this portion of traffic. When the "status.latestReadyRevisionName" of the referenced configuration changes, we will automatically migrate traffic from the prior "latest ready" revision to the new one. This field is never set in Route's status, only its spec. This is mutually exclusive with RevisionName. - type: string - latestRevision: - description: LatestRevision may be optionally provided to indicate that the latest ready Revision of the Configuration should be used for this traffic target. When provided LatestRevision must be true if RevisionName is empty; it must be false when RevisionName is non-empty. - type: boolean - percent: - description: 'Percent indicates that percentage based routing should be used and the value indicates the percent of traffic that is be routed to this Revision or Configuration. `0` (zero) mean no traffic, `100` means all traffic. When percentage based routing is being used the follow rules apply: - the sum of all percent values must equal 100 - when not specified, the implied value for `percent` is zero for that particular Revision or Configuration' - type: integer - format: int64 - revisionName: - description: RevisionName of a specific revision to which to send this portion of traffic. This is mutually exclusive with ConfigurationName. - type: string - tag: - description: Tag is optionally used to expose a dedicated url for referencing this target exclusively. - type: string - url: - description: URL displays the URL for accessing named traffic targets. URL is displayed in status, and is disallowed on spec. URL must contain a scheme (e.g. http://) and a hostname, but may not contain anything else (e.g. basic auth, url path, etc.) - type: string - status: - description: ServiceStatus represents the Status stanza of the Service resource. - type: object - properties: - address: - description: Address holds the information needed for a Route to be the target of an event. - type: object - properties: - url: - type: string - annotations: - description: Annotations is additional Status fields for the Resource to save some additional State as well as convey more information to the user. This is roughly akin to Annotations on any k8s resource, just the reconciler conveying richer information outwards. - type: object - additionalProperties: - type: string - conditions: - description: Conditions the latest available observations of a resource's current state. - type: array - items: - description: 'Condition defines a readiness condition for a Knative resource. See: https://github.com/kubernetes/community/blob/master/contributors/devel/sig-architecture/api-conventions.md#typical-status-properties' - type: object - required: - - status - - type - properties: - lastTransitionTime: - description: LastTransitionTime is the last time the condition transitioned from one status to another. We use VolatileTime in place of metav1.Time to exclude this from creating equality.Semantic differences (all other things held constant). - type: string - message: - description: A human readable message indicating details about the transition. - type: string - reason: - description: The reason for the condition's last transition. - type: string - severity: - description: Severity with which to treat failures of this type of condition. When this is not specified, it defaults to Error. - type: string - status: - description: Status of the condition, one of True, False, Unknown. - type: string - type: - description: Type of condition. - type: string - latestCreatedRevisionName: - description: LatestCreatedRevisionName is the last revision that was created from this Configuration. It might not be ready yet, for that use LatestReadyRevisionName. - type: string - latestReadyRevisionName: - description: LatestReadyRevisionName holds the name of the latest Revision stamped out from this Configuration that has had its "Ready" condition become "True". - type: string - observedGeneration: - description: ObservedGeneration is the 'Generation' of the Service that was last processed by the controller. - type: integer - format: int64 - traffic: - description: Traffic holds the configured traffic distribution. These entries will always contain RevisionName references. When ConfigurationName appears in the spec, this will hold the LatestReadyRevisionName that we last observed. - type: array - items: - description: TrafficTarget holds a single entry of the routing table for a Route. - type: object - properties: - configurationName: - description: ConfigurationName of a configuration to whose latest revision we will send this portion of traffic. When the "status.latestReadyRevisionName" of the referenced configuration changes, we will automatically migrate traffic from the prior "latest ready" revision to the new one. This field is never set in Route's status, only its spec. This is mutually exclusive with RevisionName. - type: string - latestRevision: - description: LatestRevision may be optionally provided to indicate that the latest ready Revision of the Configuration should be used for this traffic target. When provided LatestRevision must be true if RevisionName is empty; it must be false when RevisionName is non-empty. - type: boolean - percent: - description: 'Percent indicates that percentage based routing should be used and the value indicates the percent of traffic that is be routed to this Revision or Configuration. `0` (zero) mean no traffic, `100` means all traffic. When percentage based routing is being used the follow rules apply: - the sum of all percent values must equal 100 - when not specified, the implied value for `percent` is zero for that particular Revision or Configuration' - type: integer - format: int64 - revisionName: - description: RevisionName of a specific revision to which to send this portion of traffic. This is mutually exclusive with ConfigurationName. - type: string - tag: - description: Tag is optionally used to expose a dedicated url for referencing this target exclusively. - type: string - url: - description: URL displays the URL for accessing named traffic targets. URL is displayed in status, and is disallowed on spec. URL must contain a scheme (e.g. http://) and a hostname, but may not contain anything else (e.g. basic auth, url path, etc.) - type: string - url: - description: URL holds the url that will distribute traffic over the provided traffic targets. It generally has the form http[s]://{route-name}.{route-namespace}.{cluster-level-suffix} - type: string - ---- -# Copyright 2018 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - name: images.caching.internal.knative.dev - labels: - app.kubernetes.io/name: knative-serving - app.kubernetes.io/version: "1.8.1" - knative.dev/crd-install: "true" -spec: - group: caching.internal.knative.dev - names: - kind: Image - plural: images - singular: image - categories: - - knative-internal - - caching - scope: Namespaced - versions: - - name: v1alpha1 - served: true - storage: true - subresources: - status: {} - schema: - openAPIV3Schema: - description: Image is a Knative abstraction that encapsulates the interface by which Knative components express a desire to have a particular image cached. - type: object - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - description: Spec holds the desired state of the Image (from the client). - type: object - required: - - image - properties: - image: - description: Image is the name of the container image url to cache across the cluster. - type: string - imagePullSecrets: - description: ImagePullSecrets contains the names of the Kubernetes Secrets containing login information used by the Pods which will run this container. - type: array - items: - description: LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. - type: object - properties: - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?' - type: string - x-kubernetes-map-type: atomic - serviceAccountName: - description: 'ServiceAccountName is the name of the Kubernetes ServiceAccount as which the Pods will run this container. This is potentially used to authenticate the image pull if the service account has attached pull secrets. For more information: https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/#add-imagepullsecrets-to-a-service-account' - type: string - status: - description: Status communicates the observed state of the Image (from the controller). - type: object - properties: - annotations: - description: Annotations is additional Status fields for the Resource to save some additional State as well as convey more information to the user. This is roughly akin to Annotations on any k8s resource, just the reconciler conveying richer information outwards. - type: object - additionalProperties: - type: string - conditions: - description: Conditions the latest available observations of a resource's current state. - type: array - items: - description: 'Condition defines a readiness condition for a Knative resource. See: https://github.com/kubernetes/community/blob/master/contributors/devel/sig-architecture/api-conventions.md#typical-status-properties' - type: object - required: - - status - - type - properties: - lastTransitionTime: - description: LastTransitionTime is the last time the condition transitioned from one status to another. We use VolatileTime in place of metav1.Time to exclude this from creating equality.Semantic differences (all other things held constant). - type: string - message: - description: A human readable message indicating details about the transition. - type: string - reason: - description: The reason for the condition's last transition. - type: string - severity: - description: Severity with which to treat failures of this type of condition. When this is not specified, it defaults to Error. - type: string - status: - description: Status of the condition, one of True, False, Unknown. - type: string - type: - description: Type of condition. - type: string - observedGeneration: - description: ObservedGeneration is the 'Generation' of the Service that was last processed by the controller. - type: integer - format: int64 - additionalPrinterColumns: - - name: Image - type: string - jsonPath: .spec.image - ---- diff --git a/cmd/operator/kodata/knative-serving/1.8.1/2-serving-core.yaml b/cmd/operator/kodata/knative-serving/1.8.1/2-serving-core.yaml deleted file mode 100644 index 677f35b496..0000000000 --- a/cmd/operator/kodata/knative-serving/1.8.1/2-serving-core.yaml +++ /dev/null @@ -1,6917 +0,0 @@ -# Copyright 2018 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: v1 -kind: Namespace -metadata: - name: knative-serving - labels: - app.kubernetes.io/name: knative-serving - app.kubernetes.io/version: "1.8.1" - ---- -# Copyright 2019 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -# Use this aggregated ClusterRole when you need readonly access to "Addressables" -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRole -metadata: - # Named like this to avoid clashing with eventing's existing `addressable-resolver` role - # (which should be identical, but isn't guaranteed to be installed alongside serving). - name: knative-serving-aggregated-addressable-resolver - labels: - app.kubernetes.io/version: "1.8.1" - app.kubernetes.io/name: knative-serving -aggregationRule: - clusterRoleSelectors: - - matchLabels: - duck.knative.dev/addressable: "true" ---- -kind: ClusterRole -apiVersion: rbac.authorization.k8s.io/v1 -metadata: - name: knative-serving-addressable-resolver - labels: - app.kubernetes.io/version: "1.8.1" - app.kubernetes.io/name: knative-serving - # Labeled to facilitate aggregated cluster roles that act on Addressables. - duck.knative.dev/addressable: "true" -# Do not use this role directly. These rules will be added to the "addressable-resolver" role. -rules: - - apiGroups: - - serving.knative.dev - resources: - - routes - - routes/status - - services - - services/status - verbs: - - get - - list - - watch - ---- -# Copyright 2019 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -kind: ClusterRole -apiVersion: rbac.authorization.k8s.io/v1 -metadata: - name: knative-serving-namespaced-admin - labels: - rbac.authorization.k8s.io/aggregate-to-admin: "true" - app.kubernetes.io/version: "1.8.1" - app.kubernetes.io/name: knative-serving -rules: - - apiGroups: ["serving.knative.dev"] - resources: ["*"] - verbs: ["*"] - - apiGroups: ["networking.internal.knative.dev", "autoscaling.internal.knative.dev", "caching.internal.knative.dev"] - resources: ["*"] - verbs: ["get", "list", "watch"] ---- -kind: ClusterRole -apiVersion: rbac.authorization.k8s.io/v1 -metadata: - name: knative-serving-namespaced-edit - labels: - rbac.authorization.k8s.io/aggregate-to-edit: "true" - app.kubernetes.io/version: "1.8.1" - app.kubernetes.io/name: knative-serving -rules: - - apiGroups: ["serving.knative.dev"] - resources: ["*"] - verbs: ["create", "update", "patch", "delete"] - - apiGroups: ["networking.internal.knative.dev", "autoscaling.internal.knative.dev", "caching.internal.knative.dev"] - resources: ["*"] - verbs: ["get", "list", "watch"] ---- -kind: ClusterRole -apiVersion: rbac.authorization.k8s.io/v1 -metadata: - name: knative-serving-namespaced-view - labels: - rbac.authorization.k8s.io/aggregate-to-view: "true" - app.kubernetes.io/version: "1.8.1" - app.kubernetes.io/name: knative-serving -rules: - - apiGroups: ["serving.knative.dev", "networking.internal.knative.dev", "autoscaling.internal.knative.dev", "caching.internal.knative.dev"] - resources: ["*"] - verbs: ["get", "list", "watch"] - ---- -# Copyright 2019 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -kind: ClusterRole -apiVersion: rbac.authorization.k8s.io/v1 -metadata: - name: knative-serving-core - labels: - serving.knative.dev/controller: "true" - app.kubernetes.io/version: "1.8.1" - app.kubernetes.io/name: knative-serving -rules: - - apiGroups: [""] - resources: ["pods", "namespaces", "secrets", "configmaps", "endpoints", "services", "events", "serviceaccounts"] - verbs: ["get", "list", "create", "update", "delete", "patch", "watch"] - - apiGroups: [""] - resources: ["endpoints/restricted"] # Permission for RestrictedEndpointsAdmission - verbs: ["create"] - - apiGroups: [""] - resources: ["namespaces/finalizers"] # finalizers are needed for the owner reference of the webhook - verbs: ["update"] - - apiGroups: ["apps"] - resources: ["deployments", "deployments/finalizers"] # finalizers are needed for the owner reference of the webhook - verbs: ["get", "list", "create", "update", "delete", "patch", "watch"] - - apiGroups: ["admissionregistration.k8s.io"] - resources: ["mutatingwebhookconfigurations", "validatingwebhookconfigurations"] - verbs: ["get", "list", "create", "update", "delete", "patch", "watch"] - - apiGroups: ["apiextensions.k8s.io"] - resources: ["customresourcedefinitions", "customresourcedefinitions/status"] - verbs: ["get", "list", "create", "update", "delete", "patch", "watch"] - - apiGroups: ["autoscaling"] - resources: ["horizontalpodautoscalers"] - verbs: ["get", "list", "create", "update", "delete", "patch", "watch"] - - apiGroups: ["coordination.k8s.io"] - resources: ["leases"] - verbs: ["get", "list", "create", "update", "delete", "patch", "watch"] - - apiGroups: ["serving.knative.dev", "autoscaling.internal.knative.dev", "networking.internal.knative.dev"] - resources: ["*", "*/status", "*/finalizers"] - verbs: ["get", "list", "create", "update", "delete", "deletecollection", "patch", "watch"] - - apiGroups: ["caching.internal.knative.dev"] - resources: ["images"] - verbs: ["get", "list", "create", "update", "delete", "patch", "watch"] - ---- -# Copyright 2019 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -kind: ClusterRole -apiVersion: rbac.authorization.k8s.io/v1 -metadata: - name: knative-serving-podspecable-binding - labels: - app.kubernetes.io/version: "1.8.1" - app.kubernetes.io/name: knative-serving - # Labeled to facilitate aggregated cluster roles that act on PodSpecables. - duck.knative.dev/podspecable: "true" -# Do not use this role directly. These rules will be added to the "podspecable-binder" role. -rules: - - apiGroups: - - serving.knative.dev - resources: - - configurations - - services - verbs: - - list - - watch - - patch - ---- -# Copyright 2018 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: v1 -kind: ServiceAccount -metadata: - name: controller - namespace: knative-serving - labels: - app.kubernetes.io/component: controller - app.kubernetes.io/name: knative-serving - app.kubernetes.io/version: "1.8.1" ---- -kind: ClusterRole -apiVersion: rbac.authorization.k8s.io/v1 -metadata: - name: knative-serving-admin - labels: - app.kubernetes.io/name: knative-serving - app.kubernetes.io/version: "1.8.1" -aggregationRule: - clusterRoleSelectors: - - matchLabels: - serving.knative.dev/controller: "true" ---- -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRoleBinding -metadata: - name: knative-serving-controller-admin - labels: - app.kubernetes.io/component: controller - app.kubernetes.io/name: knative-serving - app.kubernetes.io/version: "1.8.1" -subjects: - - kind: ServiceAccount - name: controller - namespace: knative-serving -roleRef: - kind: ClusterRole - name: knative-serving-admin - apiGroup: rbac.authorization.k8s.io ---- -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRoleBinding -metadata: - name: knative-serving-controller-addressable-resolver - labels: - app.kubernetes.io/component: controller - app.kubernetes.io/name: knative-serving - app.kubernetes.io/version: "1.8.1" -subjects: - - kind: ServiceAccount - name: controller - namespace: knative-serving -roleRef: - kind: ClusterRole - name: knative-serving-aggregated-addressable-resolver - apiGroup: rbac.authorization.k8s.io - ---- -# Copyright 2018 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - name: images.caching.internal.knative.dev - labels: - app.kubernetes.io/name: knative-serving - app.kubernetes.io/version: "1.8.1" - knative.dev/crd-install: "true" -spec: - group: caching.internal.knative.dev - names: - kind: Image - plural: images - singular: image - categories: - - knative-internal - - caching - scope: Namespaced - versions: - - name: v1alpha1 - served: true - storage: true - subresources: - status: {} - schema: - openAPIV3Schema: - description: Image is a Knative abstraction that encapsulates the interface by which Knative components express a desire to have a particular image cached. - type: object - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - description: Spec holds the desired state of the Image (from the client). - type: object - required: - - image - properties: - image: - description: Image is the name of the container image url to cache across the cluster. - type: string - imagePullSecrets: - description: ImagePullSecrets contains the names of the Kubernetes Secrets containing login information used by the Pods which will run this container. - type: array - items: - description: LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. - type: object - properties: - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?' - type: string - x-kubernetes-map-type: atomic - serviceAccountName: - description: 'ServiceAccountName is the name of the Kubernetes ServiceAccount as which the Pods will run this container. This is potentially used to authenticate the image pull if the service account has attached pull secrets. For more information: https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/#add-imagepullsecrets-to-a-service-account' - type: string - status: - description: Status communicates the observed state of the Image (from the controller). - type: object - properties: - annotations: - description: Annotations is additional Status fields for the Resource to save some additional State as well as convey more information to the user. This is roughly akin to Annotations on any k8s resource, just the reconciler conveying richer information outwards. - type: object - additionalProperties: - type: string - conditions: - description: Conditions the latest available observations of a resource's current state. - type: array - items: - description: 'Condition defines a readiness condition for a Knative resource. See: https://github.com/kubernetes/community/blob/master/contributors/devel/sig-architecture/api-conventions.md#typical-status-properties' - type: object - required: - - status - - type - properties: - lastTransitionTime: - description: LastTransitionTime is the last time the condition transitioned from one status to another. We use VolatileTime in place of metav1.Time to exclude this from creating equality.Semantic differences (all other things held constant). - type: string - message: - description: A human readable message indicating details about the transition. - type: string - reason: - description: The reason for the condition's last transition. - type: string - severity: - description: Severity with which to treat failures of this type of condition. When this is not specified, it defaults to Error. - type: string - status: - description: Status of the condition, one of True, False, Unknown. - type: string - type: - description: Type of condition. - type: string - observedGeneration: - description: ObservedGeneration is the 'Generation' of the Service that was last processed by the controller. - type: integer - format: int64 - additionalPrinterColumns: - - name: Image - type: string - jsonPath: .spec.image - ---- -# Copyright 2020 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - name: certificates.networking.internal.knative.dev - labels: - app.kubernetes.io/name: knative-serving - app.kubernetes.io/component: networking - app.kubernetes.io/version: "1.8.1" - knative.dev/crd-install: "true" -spec: - group: networking.internal.knative.dev - versions: - - name: v1alpha1 - served: true - storage: true - subresources: - status: {} - schema: - openAPIV3Schema: - description: Certificate is responsible for provisioning a SSL certificate for the given hosts. It is a Knative abstraction for various SSL certificate provisioning solutions (such as cert-manager or self-signed SSL certificate). - type: object - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - description: 'Spec is the desired state of the Certificate. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status' - type: object - required: - - dnsNames - - secretName - properties: - dnsNames: - description: DNSNames is a list of DNS names the Certificate could support. The wildcard format of DNSNames (e.g. *.default.example.com) is supported. - type: array - items: - type: string - secretName: - description: SecretName is the name of the secret resource to store the SSL certificate in. - type: string - status: - description: 'Status is the current state of the Certificate. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status' - type: object - properties: - annotations: - description: Annotations is additional Status fields for the Resource to save some additional State as well as convey more information to the user. This is roughly akin to Annotations on any k8s resource, just the reconciler conveying richer information outwards. - type: object - additionalProperties: - type: string - conditions: - description: Conditions the latest available observations of a resource's current state. - type: array - items: - description: 'Condition defines a readiness condition for a Knative resource. See: https://github.com/kubernetes/community/blob/master/contributors/devel/sig-architecture/api-conventions.md#typical-status-properties' - type: object - required: - - status - - type - properties: - lastTransitionTime: - description: LastTransitionTime is the last time the condition transitioned from one status to another. We use VolatileTime in place of metav1.Time to exclude this from creating equality.Semantic differences (all other things held constant). - type: string - message: - description: A human readable message indicating details about the transition. - type: string - reason: - description: The reason for the condition's last transition. - type: string - severity: - description: Severity with which to treat failures of this type of condition. When this is not specified, it defaults to Error. - type: string - status: - description: Status of the condition, one of True, False, Unknown. - type: string - type: - description: Type of condition. - type: string - http01Challenges: - description: HTTP01Challenges is a list of HTTP01 challenges that need to be fulfilled in order to get the TLS certificate.. - type: array - items: - description: HTTP01Challenge defines the status of a HTTP01 challenge that a certificate needs to fulfill. - type: object - properties: - serviceName: - description: ServiceName is the name of the service to serve HTTP01 challenge requests. - type: string - serviceNamespace: - description: ServiceNamespace is the namespace of the service to serve HTTP01 challenge requests. - type: string - servicePort: - description: ServicePort is the port of the service to serve HTTP01 challenge requests. - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - url: - description: URL is the URL that the HTTP01 challenge is expected to serve on. - type: string - notAfter: - description: The expiration time of the TLS certificate stored in the secret named by this resource in spec.secretName. - type: string - format: date-time - observedGeneration: - description: ObservedGeneration is the 'Generation' of the Service that was last processed by the controller. - type: integer - format: int64 - additionalPrinterColumns: - - name: Ready - type: string - jsonPath: ".status.conditions[?(@.type==\"Ready\")].status" - - name: Reason - type: string - jsonPath: ".status.conditions[?(@.type==\"Ready\")].reason" - names: - kind: Certificate - plural: certificates - singular: certificate - categories: - - knative-internal - - networking - shortNames: - - kcert - scope: Namespaced - ---- -# Copyright 2019 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -# Note: The schema part of the spec is auto-generated by hack/update-schemas.sh. - -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - name: configurations.serving.knative.dev - labels: - app.kubernetes.io/name: knative-serving - app.kubernetes.io/version: "1.8.1" - knative.dev/crd-install: "true" - duck.knative.dev/podspecable: "true" -spec: - group: serving.knative.dev - names: - kind: Configuration - plural: configurations - singular: configuration - categories: - - all - - knative - - serving - shortNames: - - config - - cfg - scope: Namespaced - versions: - - name: v1 - served: true - storage: true - subresources: - status: {} - additionalPrinterColumns: - - name: LatestCreated - type: string - jsonPath: .status.latestCreatedRevisionName - - name: LatestReady - type: string - jsonPath: .status.latestReadyRevisionName - - name: Ready - type: string - jsonPath: ".status.conditions[?(@.type=='Ready')].status" - - name: Reason - type: string - jsonPath: ".status.conditions[?(@.type=='Ready')].reason" - schema: - openAPIV3Schema: - description: 'Configuration represents the "floating HEAD" of a linear history of Revisions. Users create new Revisions by updating the Configuration''s spec. The "latest created" revision''s name is available under status, as is the "latest ready" revision''s name. See also: https://github.com/knative/serving/blob/main/docs/spec/overview.md#configuration' - type: object - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - description: ConfigurationSpec holds the desired state of the Configuration (from the client). - type: object - properties: - template: - description: Template holds the latest specification for the Revision to be stamped out. - type: object - properties: - metadata: - type: object - properties: - annotations: - type: object - additionalProperties: - type: string - finalizers: - type: array - items: - type: string - labels: - type: object - additionalProperties: - type: string - name: - type: string - namespace: - type: string - x-kubernetes-preserve-unknown-fields: true - spec: - description: RevisionSpec holds the desired state of the Revision (from the client). - type: object - required: - - containers - properties: - affinity: - description: This is accessible behind a feature flag - kubernetes.podspec-affinity - type: object - x-kubernetes-preserve-unknown-fields: true - automountServiceAccountToken: - description: AutomountServiceAccountToken indicates whether a service account token should be automatically mounted. - type: boolean - containerConcurrency: - description: ContainerConcurrency specifies the maximum allowed in-flight (concurrent) requests per container of the Revision. Defaults to `0` which means concurrency to the application is not limited, and the system decides the target concurrency for the autoscaler. - type: integer - format: int64 - containers: - description: List of containers belonging to the pod. Containers cannot currently be added or removed. There must be at least one container in a Pod. Cannot be updated. - type: array - items: - description: A single application container that you want to run within a pod. - type: object - properties: - args: - description: 'Arguments to the entrypoint. The container image''s CMD is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container''s environment. If a variable cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)" will produce the string literal "$(VAR_NAME)". Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell' - type: array - items: - type: string - command: - description: 'Entrypoint array. Not executed within a shell. The container image''s ENTRYPOINT is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container''s environment. If a variable cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)" will produce the string literal "$(VAR_NAME)". Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell' - type: array - items: - type: string - env: - description: List of environment variables to set in the container. Cannot be updated. - type: array - items: - description: EnvVar represents an environment variable present in a Container. - type: object - required: - - name - properties: - name: - description: Name of the environment variable. Must be a C_IDENTIFIER. - type: string - value: - description: 'Variable references $(VAR_NAME) are expanded using the previously defined environment variables in the container and any service environment variables. If a variable cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)" will produce the string literal "$(VAR_NAME)". Escaped references will never be expanded, regardless of whether the variable exists or not. Defaults to "".' - type: string - valueFrom: - description: Source for the environment variable's value. Cannot be used if value is not empty. - type: object - properties: - configMapKeyRef: - description: Selects a key of a ConfigMap. - type: object - required: - - key - properties: - key: - description: The key to select. - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?' - type: string - optional: - description: Specify whether the ConfigMap or its key must be defined - type: boolean - x-kubernetes-map-type: atomic - fieldRef: - description: This is accessible behind a feature flag - kubernetes.podspec-fieldref - type: object - x-kubernetes-preserve-unknown-fields: true - x-kubernetes-map-type: atomic - resourceFieldRef: - description: This is accessible behind a feature flag - kubernetes.podspec-fieldref - type: object - x-kubernetes-preserve-unknown-fields: true - x-kubernetes-map-type: atomic - secretKeyRef: - description: Selects a key of a secret in the pod's namespace - type: object - required: - - key - properties: - key: - description: The key of the secret to select from. Must be a valid secret key. - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?' - type: string - optional: - description: Specify whether the Secret or its key must be defined - type: boolean - x-kubernetes-map-type: atomic - envFrom: - description: List of sources to populate environment variables in the container. The keys defined within a source must be a C_IDENTIFIER. All invalid keys will be reported as an event when the container is starting. When a key exists in multiple sources, the value associated with the last source will take precedence. Values defined by an Env with a duplicate key will take precedence. Cannot be updated. - type: array - items: - description: EnvFromSource represents the source of a set of ConfigMaps - type: object - properties: - configMapRef: - description: The ConfigMap to select from - type: object - properties: - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?' - type: string - optional: - description: Specify whether the ConfigMap must be defined - type: boolean - x-kubernetes-map-type: atomic - prefix: - description: An optional identifier to prepend to each key in the ConfigMap. Must be a C_IDENTIFIER. - type: string - secretRef: - description: The Secret to select from - type: object - properties: - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?' - type: string - optional: - description: Specify whether the Secret must be defined - type: boolean - x-kubernetes-map-type: atomic - image: - description: 'Container image name. More info: https://kubernetes.io/docs/concepts/containers/images This field is optional to allow higher level config management to default or override container images in workload controllers like Deployments and StatefulSets.' - type: string - imagePullPolicy: - description: 'Image pull policy. One of Always, Never, IfNotPresent. Defaults to Always if :latest tag is specified, or IfNotPresent otherwise. Cannot be updated. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images' - type: string - livenessProbe: - description: 'Periodic probe of container liveness. Container will be restarted if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' - type: object - properties: - exec: - description: Exec specifies the action to take. - type: object - properties: - command: - description: Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. - type: array - items: - type: string - failureThreshold: - description: Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1. - type: integer - format: int32 - httpGet: - description: HTTPGet specifies the http request to perform. - type: object - properties: - host: - description: Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. - type: string - httpHeaders: - description: Custom headers to set in the request. HTTP allows repeated headers. - type: array - items: - description: HTTPHeader describes a custom header to be used in HTTP probes - type: object - required: - - name - - value - properties: - name: - description: The header field name - type: string - value: - description: The header field value - type: string - path: - description: Path to access on the HTTP server. - type: string - port: - description: Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - scheme: - description: Scheme to use for connecting to the host. Defaults to HTTP. - type: string - initialDelaySeconds: - description: 'Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' - type: integer - format: int32 - periodSeconds: - description: How often (in seconds) to perform the probe. - type: integer - format: int32 - successThreshold: - description: Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1. - type: integer - format: int32 - tcpSocket: - description: TCPSocket specifies an action involving a TCP port. - type: object - properties: - host: - description: 'Optional: Host name to connect to, defaults to the pod IP.' - type: string - port: - description: Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - timeoutSeconds: - description: 'Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' - type: integer - format: int32 - name: - description: Name of the container specified as a DNS_LABEL. Each container in a pod must have a unique name (DNS_LABEL). Cannot be updated. - type: string - ports: - description: List of ports to expose from the container. Not specifying a port here DOES NOT prevent that port from being exposed. Any port which is listening on the default "0.0.0.0" address inside a container will be accessible from the network. Modifying this array with strategic merge patch may corrupt the data. For more information See https://github.com/kubernetes/kubernetes/issues/108255. Cannot be updated. - type: array - items: - description: ContainerPort represents a network port in a single container. - type: object - required: - - containerPort - properties: - containerPort: - description: Number of port to expose on the pod's IP address. This must be a valid port number, 0 < x < 65536. - type: integer - format: int32 - name: - description: If specified, this must be an IANA_SVC_NAME and unique within the pod. Each named port in a pod must have a unique name. Name for the port that can be referred to by services. - type: string - protocol: - description: Protocol for port. Must be UDP, TCP, or SCTP. Defaults to "TCP". - type: string - default: TCP - x-kubernetes-list-map-keys: - - containerPort - - protocol - x-kubernetes-list-type: map - readinessProbe: - description: 'Periodic probe of container service readiness. Container will be removed from service endpoints if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' - type: object - properties: - exec: - description: Exec specifies the action to take. - type: object - properties: - command: - description: Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. - type: array - items: - type: string - failureThreshold: - description: Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1. - type: integer - format: int32 - httpGet: - description: HTTPGet specifies the http request to perform. - type: object - properties: - host: - description: Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. - type: string - httpHeaders: - description: Custom headers to set in the request. HTTP allows repeated headers. - type: array - items: - description: HTTPHeader describes a custom header to be used in HTTP probes - type: object - required: - - name - - value - properties: - name: - description: The header field name - type: string - value: - description: The header field value - type: string - path: - description: Path to access on the HTTP server. - type: string - port: - description: Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - scheme: - description: Scheme to use for connecting to the host. Defaults to HTTP. - type: string - initialDelaySeconds: - description: 'Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' - type: integer - format: int32 - periodSeconds: - description: How often (in seconds) to perform the probe. - type: integer - format: int32 - successThreshold: - description: Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1. - type: integer - format: int32 - tcpSocket: - description: TCPSocket specifies an action involving a TCP port. - type: object - properties: - host: - description: 'Optional: Host name to connect to, defaults to the pod IP.' - type: string - port: - description: Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - timeoutSeconds: - description: 'Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' - type: integer - format: int32 - resources: - description: 'Compute Resources required by this container. Cannot be updated. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' - type: object - properties: - limits: - description: 'Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' - type: object - additionalProperties: - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - requests: - description: 'Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' - type: object - additionalProperties: - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - securityContext: - description: 'SecurityContext defines the security options the container should be run with. If set, the fields of SecurityContext override the equivalent fields of PodSecurityContext. More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/' - type: object - properties: - allowPrivilegeEscalation: - description: 'AllowPrivilegeEscalation controls whether a process can gain more privileges than its parent process. This bool directly controls if the no_new_privs flag will be set on the container process. AllowPrivilegeEscalation is true always when the container is: 1) run as Privileged 2) has CAP_SYS_ADMIN Note that this field cannot be set when spec.os.name is windows.' - type: boolean - capabilities: - description: The capabilities to add/drop when running containers. Defaults to the default set of capabilities granted by the container runtime. Note that this field cannot be set when spec.os.name is windows. - type: object - properties: - add: - description: This is accessible behind a feature flag - kubernetes.containerspec-addcapabilities - type: array - items: - description: Capability represent POSIX capabilities type - type: string - drop: - description: Removed capabilities - type: array - items: - description: Capability represent POSIX capabilities type - type: string - readOnlyRootFilesystem: - description: Whether this container has a read-only root filesystem. Default is false. Note that this field cannot be set when spec.os.name is windows. - type: boolean - runAsGroup: - description: The GID to run the entrypoint of the container process. Uses runtime default if unset. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is windows. - type: integer - format: int64 - runAsNonRoot: - description: Indicates that the container must run as a non-root user. If true, the Kubelet will validate the image at runtime to ensure that it does not run as UID 0 (root) and fail to start the container if it does. If unset or false, no such validation will be performed. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. - type: boolean - runAsUser: - description: The UID to run the entrypoint of the container process. Defaults to user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is windows. - type: integer - format: int64 - terminationMessagePath: - description: 'Optional: Path at which the file to which the container''s termination message will be written is mounted into the container''s filesystem. Message written is intended to be brief final status, such as an assertion failure message. Will be truncated by the node if greater than 4096 bytes. The total message length across all containers will be limited to 12kb. Defaults to /dev/termination-log. Cannot be updated.' - type: string - terminationMessagePolicy: - description: Indicate how the termination message should be populated. File will use the contents of terminationMessagePath to populate the container status message on both success and failure. FallbackToLogsOnError will use the last chunk of container log output if the termination message file is empty and the container exited with an error. The log output is limited to 2048 bytes or 80 lines, whichever is smaller. Defaults to File. Cannot be updated. - type: string - volumeMounts: - description: Pod volumes to mount into the container's filesystem. Cannot be updated. - type: array - items: - description: VolumeMount describes a mounting of a Volume within a container. - type: object - required: - - mountPath - - name - properties: - mountPath: - description: Path within the container at which the volume should be mounted. Must not contain ':'. - type: string - name: - description: This must match the Name of a Volume. - type: string - readOnly: - description: Mounted read-only if true, read-write otherwise (false or unspecified). Defaults to false. - type: boolean - subPath: - description: Path within the volume from which the container's volume should be mounted. Defaults to "" (volume's root). - type: string - workingDir: - description: Container's working directory. If not specified, the container runtime's default will be used, which might be configured in the container image. Cannot be updated. - type: string - dnsConfig: - description: This is accessible behind a feature flag - kubernetes.podspec-dnsconfig - type: object - x-kubernetes-preserve-unknown-fields: true - dnsPolicy: - description: This is accessible behind a feature flag - kubernetes.podspec-dnspolicy - type: string - enableServiceLinks: - description: 'EnableServiceLinks indicates whether information about services should be injected into pod''s environment variables, matching the syntax of Docker links. Optional: Knative defaults this to false.' - type: boolean - hostAliases: - description: This is accessible behind a feature flag - kubernetes.podspec-hostaliases - type: array - items: - description: This is accessible behind a feature flag - kubernetes.podspec-hostaliases - type: object - x-kubernetes-preserve-unknown-fields: true - idleTimeoutSeconds: - description: IdleTimeoutSeconds is the maximum duration in seconds a request will be allowed to stay open while not receiving any bytes from the user's application. If unspecified, a system default will be provided. - type: integer - format: int64 - imagePullSecrets: - description: 'ImagePullSecrets is an optional list of references to secrets in the same namespace to use for pulling any of the images used by this PodSpec. If specified, these secrets will be passed to individual puller implementations for them to use. More info: https://kubernetes.io/docs/concepts/containers/images#specifying-imagepullsecrets-on-a-pod' - type: array - items: - description: LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. - type: object - properties: - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?' - type: string - x-kubernetes-map-type: atomic - initContainers: - description: 'List of initialization containers belonging to the pod. Init containers are executed in order prior to containers being started. If any init container fails, the pod is considered to have failed and is handled according to its restartPolicy. The name for an init container or normal container must be unique among all containers. Init containers may not have Lifecycle actions, Readiness probes, Liveness probes, or Startup probes. The resourceRequirements of an init container are taken into account during scheduling by finding the highest request/limit for each resource type, and then using the max of of that value or the sum of the normal containers. Limits are applied to init containers in a similar fashion. Init containers cannot currently be added or removed. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/init-containers/' - type: array - items: - description: This is accessible behind a feature flag - kubernetes.podspec-init-containers - type: object - x-kubernetes-preserve-unknown-fields: true - nodeSelector: - description: This is accessible behind a feature flag - kubernetes.podspec-nodeselector - type: object - x-kubernetes-preserve-unknown-fields: true - x-kubernetes-map-type: atomic - priorityClassName: - description: This is accessible behind a feature flag - kubernetes.podspec-priorityclassname - type: string - x-kubernetes-preserve-unknown-fields: true - responseStartTimeoutSeconds: - description: ResponseStartTimeoutSeconds is the maximum duration in seconds that the request routing layer will wait for a request delivered to a container to begin sending any network traffic. - type: integer - format: int64 - runtimeClassName: - description: This is accessible behind a feature flag - kubernetes.podspec-runtimeclassname - type: string - x-kubernetes-preserve-unknown-fields: true - schedulerName: - description: This is accessible behind a feature flag - kubernetes.podspec-schedulername - type: string - x-kubernetes-preserve-unknown-fields: true - securityContext: - description: This is accessible behind a feature flag - kubernetes.podspec-securitycontext - type: object - x-kubernetes-preserve-unknown-fields: true - serviceAccountName: - description: 'ServiceAccountName is the name of the ServiceAccount to use to run this pod. More info: https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/' - type: string - timeoutSeconds: - description: TimeoutSeconds is the maximum duration in seconds that the request instance is allowed to respond to a request. If unspecified, a system default will be provided. - type: integer - format: int64 - tolerations: - description: This is accessible behind a feature flag - kubernetes.podspec-tolerations - type: array - items: - description: This is accessible behind a feature flag - kubernetes.podspec-tolerations - type: object - x-kubernetes-preserve-unknown-fields: true - topologySpreadConstraints: - description: This is accessible behind a feature flag - kubernetes.podspec-topologyspreadconstraints - type: array - items: - description: This is accessible behind a feature flag - kubernetes.podspec-topologyspreadconstraints - type: object - x-kubernetes-preserve-unknown-fields: true - volumes: - description: 'List of volumes that can be mounted by containers belonging to the pod. More info: https://kubernetes.io/docs/concepts/storage/volumes' - type: array - items: - description: Volume represents a named volume in a pod that may be accessed by any container in the pod. - type: object - required: - - name - properties: - configMap: - description: configMap represents a configMap that should populate this volume - type: object - properties: - defaultMode: - description: 'defaultMode is optional: mode bits used to set permissions on created files by default. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. Defaults to 0644. Directories within the path are not affected by this setting. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.' - type: integer - format: int32 - items: - description: items if unspecified, each key-value pair in the Data field of the referenced ConfigMap will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the ConfigMap, the volume setup will error unless it is marked optional. Paths must be relative and may not contain the '..' path or start with '..'. - type: array - items: - description: Maps a string key to a path within a volume. - type: object - required: - - key - - path - properties: - key: - description: key is the key to project. - type: string - mode: - description: 'mode is Optional: mode bits used to set permissions on this file. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.' - type: integer - format: int32 - path: - description: path is the relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'. - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?' - type: string - optional: - description: optional specify whether the ConfigMap or its keys must be defined - type: boolean - x-kubernetes-map-type: atomic - emptyDir: - description: This is accessible behind a feature flag - kubernetes.podspec-emptydir - type: object - x-kubernetes-preserve-unknown-fields: true - name: - description: 'name of the volume. Must be a DNS_LABEL and unique within the pod. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - persistentVolumeClaim: - description: This is accessible behind a feature flag - kubernetes.podspec-persistent-volume-claim - type: object - x-kubernetes-preserve-unknown-fields: true - projected: - description: projected items for all in one resources secrets, configmaps, and downward API - type: object - properties: - defaultMode: - description: defaultMode are the mode bits used to set permissions on created files by default. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. Directories within the path are not affected by this setting. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. - type: integer - format: int32 - sources: - description: sources is the list of volume projections - type: array - items: - description: Projection that may be projected along with other supported volume types - type: object - properties: - configMap: - description: configMap information about the configMap data to project - type: object - properties: - items: - description: items if unspecified, each key-value pair in the Data field of the referenced ConfigMap will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the ConfigMap, the volume setup will error unless it is marked optional. Paths must be relative and may not contain the '..' path or start with '..'. - type: array - items: - description: Maps a string key to a path within a volume. - type: object - required: - - key - - path - properties: - key: - description: key is the key to project. - type: string - mode: - description: 'mode is Optional: mode bits used to set permissions on this file. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.' - type: integer - format: int32 - path: - description: path is the relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'. - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?' - type: string - optional: - description: optional specify whether the ConfigMap or its keys must be defined - type: boolean - x-kubernetes-map-type: atomic - secret: - description: secret information about the secret data to project - type: object - properties: - items: - description: items if unspecified, each key-value pair in the Data field of the referenced Secret will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the Secret, the volume setup will error unless it is marked optional. Paths must be relative and may not contain the '..' path or start with '..'. - type: array - items: - description: Maps a string key to a path within a volume. - type: object - required: - - key - - path - properties: - key: - description: key is the key to project. - type: string - mode: - description: 'mode is Optional: mode bits used to set permissions on this file. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.' - type: integer - format: int32 - path: - description: path is the relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'. - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?' - type: string - optional: - description: optional field specify whether the Secret or its key must be defined - type: boolean - x-kubernetes-map-type: atomic - serviceAccountToken: - description: serviceAccountToken is information about the serviceAccountToken data to project - type: object - required: - - path - properties: - audience: - description: audience is the intended audience of the token. A recipient of a token must identify itself with an identifier specified in the audience of the token, and otherwise should reject the token. The audience defaults to the identifier of the apiserver. - type: string - expirationSeconds: - description: expirationSeconds is the requested duration of validity of the service account token. As the token approaches expiration, the kubelet volume plugin will proactively rotate the service account token. The kubelet will start trying to rotate the token if the token is older than 80 percent of its time to live or if the token is older than 24 hours.Defaults to 1 hour and must be at least 10 minutes. - type: integer - format: int64 - path: - description: path is the path relative to the mount point of the file to project the token into. - type: string - secret: - description: 'secret represents a secret that should populate this volume. More info: https://kubernetes.io/docs/concepts/storage/volumes#secret' - type: object - properties: - defaultMode: - description: 'defaultMode is Optional: mode bits used to set permissions on created files by default. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. Defaults to 0644. Directories within the path are not affected by this setting. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.' - type: integer - format: int32 - items: - description: items If unspecified, each key-value pair in the Data field of the referenced Secret will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the Secret, the volume setup will error unless it is marked optional. Paths must be relative and may not contain the '..' path or start with '..'. - type: array - items: - description: Maps a string key to a path within a volume. - type: object - required: - - key - - path - properties: - key: - description: key is the key to project. - type: string - mode: - description: 'mode is Optional: mode bits used to set permissions on this file. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.' - type: integer - format: int32 - path: - description: path is the relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'. - type: string - optional: - description: optional field specify whether the Secret or its keys must be defined - type: boolean - secretName: - description: 'secretName is the name of the secret in the pod''s namespace to use. More info: https://kubernetes.io/docs/concepts/storage/volumes#secret' - type: string - status: - description: ConfigurationStatus communicates the observed state of the Configuration (from the controller). - type: object - properties: - annotations: - description: Annotations is additional Status fields for the Resource to save some additional State as well as convey more information to the user. This is roughly akin to Annotations on any k8s resource, just the reconciler conveying richer information outwards. - type: object - additionalProperties: - type: string - conditions: - description: Conditions the latest available observations of a resource's current state. - type: array - items: - description: 'Condition defines a readiness condition for a Knative resource. See: https://github.com/kubernetes/community/blob/master/contributors/devel/sig-architecture/api-conventions.md#typical-status-properties' - type: object - required: - - status - - type - properties: - lastTransitionTime: - description: LastTransitionTime is the last time the condition transitioned from one status to another. We use VolatileTime in place of metav1.Time to exclude this from creating equality.Semantic differences (all other things held constant). - type: string - message: - description: A human readable message indicating details about the transition. - type: string - reason: - description: The reason for the condition's last transition. - type: string - severity: - description: Severity with which to treat failures of this type of condition. When this is not specified, it defaults to Error. - type: string - status: - description: Status of the condition, one of True, False, Unknown. - type: string - type: - description: Type of condition. - type: string - latestCreatedRevisionName: - description: LatestCreatedRevisionName is the last revision that was created from this Configuration. It might not be ready yet, for that use LatestReadyRevisionName. - type: string - latestReadyRevisionName: - description: LatestReadyRevisionName holds the name of the latest Revision stamped out from this Configuration that has had its "Ready" condition become "True". - type: string - observedGeneration: - description: ObservedGeneration is the 'Generation' of the Service that was last processed by the controller. - type: integer - format: int64 - ---- -# Copyright 2020 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - name: clusterdomainclaims.networking.internal.knative.dev - labels: - app.kubernetes.io/name: knative-serving - app.kubernetes.io/component: networking - app.kubernetes.io/version: "1.8.1" - knative.dev/crd-install: "true" -spec: - group: networking.internal.knative.dev - versions: - - name: v1alpha1 - served: true - storage: true - subresources: - status: {} - schema: - openAPIV3Schema: - description: ClusterDomainClaim is a cluster-wide reservation for a particular domain name. - type: object - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - description: 'Spec is the desired state of the ClusterDomainClaim. More info: https://github.com/kubernetes/community/blob/master/contributors/devel/sig-architecture/api-conventions.md#spec-and-status' - type: object - required: - - namespace - properties: - namespace: - description: Namespace is the namespace which is allowed to create a DomainMapping using this ClusterDomainClaim's name. - type: string - names: - kind: ClusterDomainClaim - plural: clusterdomainclaims - singular: clusterdomainclaim - categories: - - knative-internal - - networking - shortNames: - - cdc - scope: Cluster - ---- -# Copyright 2020 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - name: domainmappings.serving.knative.dev - labels: - app.kubernetes.io/name: knative-serving - app.kubernetes.io/version: "1.8.1" - knative.dev/crd-install: "true" -spec: - group: serving.knative.dev - versions: - - name: v1beta1 - served: true - storage: false - subresources: - status: {} - additionalPrinterColumns: - - name: URL - type: string - jsonPath: .status.url - - name: Ready - type: string - jsonPath: ".status.conditions[?(@.type=='Ready')].status" - - name: Reason - type: string - jsonPath: ".status.conditions[?(@.type=='Ready')].reason" - "schema": - "openAPIV3Schema": - description: DomainMapping is a mapping from a custom hostname to an Addressable. - type: object - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - description: 'Spec is the desired state of the DomainMapping. More info: https://github.com/kubernetes/community/blob/master/contributors/devel/sig-architecture/api-conventions.md#spec-and-status' - type: object - required: - - ref - properties: - ref: - description: "Ref specifies the target of the Domain Mapping. \n The object identified by the Ref must be an Addressable with a URL of the form `{name}.{namespace}.{domain}` where `{domain}` is the cluster domain, and `{name}` and `{namespace}` are the name and namespace of a Kubernetes Service. \n This contract is satisfied by Knative types such as Knative Services and Knative Routes, and by Kubernetes Services." - type: object - required: - - kind - - name - properties: - apiVersion: - description: API version of the referent. - type: string - group: - description: 'Group of the API, without the version of the group. This can be used as an alternative to the APIVersion, and then resolved using ResolveGroup. Note: This API is EXPERIMENTAL and might break anytime. For more details: https://github.com/knative/eventing/issues/5086' - type: string - kind: - description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - namespace: - description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ This is optional field, it gets defaulted to the object holding it if left out.' - type: string - tls: - description: TLS allows the DomainMapping to terminate TLS traffic with an existing secret. - type: object - required: - - secretName - properties: - secretName: - description: SecretName is the name of the existing secret used to terminate TLS traffic. - type: string - status: - description: 'Status is the current state of the DomainMapping. More info: https://github.com/kubernetes/community/blob/master/contributors/devel/sig-architecture/api-conventions.md#spec-and-status' - type: object - properties: - address: - description: Address holds the information needed for a DomainMapping to be the target of an event. - type: object - properties: - url: - type: string - annotations: - description: Annotations is additional Status fields for the Resource to save some additional State as well as convey more information to the user. This is roughly akin to Annotations on any k8s resource, just the reconciler conveying richer information outwards. - type: object - additionalProperties: - type: string - conditions: - description: Conditions the latest available observations of a resource's current state. - type: array - items: - description: 'Condition defines a readiness condition for a Knative resource. See: https://github.com/kubernetes/community/blob/master/contributors/devel/sig-architecture/api-conventions.md#typical-status-properties' - type: object - required: - - status - - type - properties: - lastTransitionTime: - description: LastTransitionTime is the last time the condition transitioned from one status to another. We use VolatileTime in place of metav1.Time to exclude this from creating equality.Semantic differences (all other things held constant). - type: string - message: - description: A human readable message indicating details about the transition. - type: string - reason: - description: The reason for the condition's last transition. - type: string - severity: - description: Severity with which to treat failures of this type of condition. When this is not specified, it defaults to Error. - type: string - status: - description: Status of the condition, one of True, False, Unknown. - type: string - type: - description: Type of condition. - type: string - observedGeneration: - description: ObservedGeneration is the 'Generation' of the Service that was last processed by the controller. - type: integer - format: int64 - url: - description: URL is the URL of this DomainMapping. - type: string - - name: v1alpha1 - served: true - storage: true - subresources: - status: {} - schema: - openAPIV3Schema: - description: DomainMapping is a mapping from a custom hostname to an Addressable. - type: object - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - description: 'Spec is the desired state of the DomainMapping. More info: https://github.com/kubernetes/community/blob/master/contributors/devel/sig-architecture/api-conventions.md#spec-and-status' - type: object - required: - - ref - properties: - ref: - description: "Ref specifies the target of the Domain Mapping. \n The object identified by the Ref must be an Addressable with a URL of the form `{name}.{namespace}.{domain}` where `{domain}` is the cluster domain, and `{name}` and `{namespace}` are the name and namespace of a Kubernetes Service. \n This contract is satisfied by Knative types such as Knative Services and Knative Routes, and by Kubernetes Services." - type: object - required: - - kind - - name - properties: - apiVersion: - description: API version of the referent. - type: string - group: - description: 'Group of the API, without the version of the group. This can be used as an alternative to the APIVersion, and then resolved using ResolveGroup. Note: This API is EXPERIMENTAL and might break anytime. For more details: https://github.com/knative/eventing/issues/5086' - type: string - kind: - description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - namespace: - description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ This is optional field, it gets defaulted to the object holding it if left out.' - type: string - tls: - description: TLS allows the DomainMapping to terminate TLS traffic with an existing secret. - type: object - required: - - secretName - properties: - secretName: - description: SecretName is the name of the existing secret used to terminate TLS traffic. - type: string - status: - description: 'Status is the current state of the DomainMapping. More info: https://github.com/kubernetes/community/blob/master/contributors/devel/sig-architecture/api-conventions.md#spec-and-status' - type: object - properties: - address: - description: Address holds the information needed for a DomainMapping to be the target of an event. - type: object - properties: - url: - type: string - annotations: - description: Annotations is additional Status fields for the Resource to save some additional State as well as convey more information to the user. This is roughly akin to Annotations on any k8s resource, just the reconciler conveying richer information outwards. - type: object - additionalProperties: - type: string - conditions: - description: Conditions the latest available observations of a resource's current state. - type: array - items: - description: 'Condition defines a readiness condition for a Knative resource. See: https://github.com/kubernetes/community/blob/master/contributors/devel/sig-architecture/api-conventions.md#typical-status-properties' - type: object - required: - - status - - type - properties: - lastTransitionTime: - description: LastTransitionTime is the last time the condition transitioned from one status to another. We use VolatileTime in place of metav1.Time to exclude this from creating equality.Semantic differences (all other things held constant). - type: string - message: - description: A human readable message indicating details about the transition. - type: string - reason: - description: The reason for the condition's last transition. - type: string - severity: - description: Severity with which to treat failures of this type of condition. When this is not specified, it defaults to Error. - type: string - status: - description: Status of the condition, one of True, False, Unknown. - type: string - type: - description: Type of condition. - type: string - observedGeneration: - description: ObservedGeneration is the 'Generation' of the Service that was last processed by the controller. - type: integer - format: int64 - url: - description: URL is the URL of this DomainMapping. - type: string - additionalPrinterColumns: - - name: URL - type: string - jsonPath: .status.url - - name: Ready - type: string - jsonPath: ".status.conditions[?(@.type=='Ready')].status" - - name: Reason - type: string - jsonPath: ".status.conditions[?(@.type=='Ready')].reason" - names: - kind: DomainMapping - plural: domainmappings - singular: domainmapping - categories: - - all - - knative - - serving - shortNames: - - dm - scope: Namespaced - ---- -# Copyright 2020 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - name: ingresses.networking.internal.knative.dev - labels: - app.kubernetes.io/name: knative-serving - app.kubernetes.io/component: networking - app.kubernetes.io/version: "1.8.1" - knative.dev/crd-install: "true" -spec: - group: networking.internal.knative.dev - versions: - - name: v1alpha1 - served: true - storage: true - subresources: - status: {} - schema: - openAPIV3Schema: - description: "Ingress is a collection of rules that allow inbound connections to reach the endpoints defined by a backend. An Ingress can be configured to give services externally-reachable URLs, load balance traffic, offer name based virtual hosting, etc. \n This is heavily based on K8s Ingress https://godoc.org/k8s.io/api/networking/v1beta1#Ingress which some highlighted modifications." - type: object - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - description: 'Spec is the desired state of the Ingress. More info: https://github.com/kubernetes/community/blob/master/contributors/devel/sig-architecture/api-conventions.md#spec-and-status' - type: object - properties: - httpOption: - description: 'HTTPOption is the option of HTTP. It has the following two values: `HTTPOptionEnabled`, `HTTPOptionRedirected`' - type: string - rules: - description: A list of host rules used to configure the Ingress. - type: array - items: - description: IngressRule represents the rules mapping the paths under a specified host to the related backend services. Incoming requests are first evaluated for a host match, then routed to the backend associated with the matching IngressRuleValue. - type: object - properties: - hosts: - description: 'Host is the fully qualified domain name of a network host, as defined by RFC 3986. Note the following deviations from the "host" part of the URI as defined in the RFC: 1. IPs are not allowed. Currently a rule value can only apply to the IP in the Spec of the parent . 2. The `:` delimiter is not respected because ports are not allowed. Currently the port of an Ingress is implicitly :80 for http and :443 for https. Both these may change in the future. If the host is unspecified, the Ingress routes all traffic based on the specified IngressRuleValue. If multiple matching Hosts were provided, the first rule will take precedent.' - type: array - items: - type: string - http: - description: HTTP represents a rule to apply against incoming requests. If the rule is satisfied, the request is routed to the specified backend. - type: object - required: - - paths - properties: - paths: - description: "A collection of paths that map requests to backends. \n If they are multiple matching paths, the first match takes precedence." - type: array - items: - description: HTTPIngressPath associates a path regex with a backend. Incoming URLs matching the path are forwarded to the backend. - type: object - required: - - splits - properties: - appendHeaders: - description: "AppendHeaders allow specifying additional HTTP headers to add before forwarding a request to the destination service. \n NOTE: This differs from K8s Ingress which doesn't allow header appending." - type: object - additionalProperties: - type: string - headers: - description: Headers defines header matching rules which is a map from a header name to HeaderMatch which specify a matching condition. When a request matched with all the header matching rules, the request is routed by the corresponding ingress rule. If it is empty, the headers are not used for matching - type: object - additionalProperties: - description: HeaderMatch represents a matching value of Headers in HTTPIngressPath. Currently, only the exact matching is supported. - type: object - required: - - exact - properties: - exact: - type: string - path: - description: Path represents a literal prefix to which this rule should apply. Currently it can contain characters disallowed from the conventional "path" part of a URL as defined by RFC 3986. Paths must begin with a '/'. If unspecified, the path defaults to a catch all sending traffic to the backend. - type: string - rewriteHost: - description: "RewriteHost rewrites the incoming request's host header. \n This field is currently experimental and not supported by all Ingress implementations." - type: string - splits: - description: Splits defines the referenced service endpoints to which the traffic will be forwarded to. - type: array - items: - description: IngressBackendSplit describes all endpoints for a given service and port. - type: object - required: - - serviceName - - serviceNamespace - - servicePort - properties: - appendHeaders: - description: "AppendHeaders allow specifying additional HTTP headers to add before forwarding a request to the destination service. \n NOTE: This differs from K8s Ingress which doesn't allow header appending." - type: object - additionalProperties: - type: string - percent: - description: "Specifies the split percentage, a number between 0 and 100. If only one split is specified, we default to 100. \n NOTE: This differs from K8s Ingress to allow percentage split." - type: integer - serviceName: - description: Specifies the name of the referenced service. - type: string - serviceNamespace: - description: "Specifies the namespace of the referenced service. \n NOTE: This differs from K8s Ingress to allow routing to different namespaces." - type: string - servicePort: - description: Specifies the port of the referenced service. - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - visibility: - description: Visibility signifies whether this rule should `ClusterLocal`. If it's not specified then it defaults to `ExternalIP`. - type: string - tls: - description: 'TLS configuration. Currently Ingress only supports a single TLS port: 443. If multiple members of this list specify different hosts, they will be multiplexed on the same port according to the hostname specified through the SNI TLS extension, if the ingress controller fulfilling the ingress supports SNI.' - type: array - items: - description: IngressTLS describes the transport layer security associated with an Ingress. - type: object - properties: - hosts: - description: Hosts is a list of hosts included in the TLS certificate. The values in this list must match the name/s used in the tlsSecret. Defaults to the wildcard host setting for the loadbalancer controller fulfilling this Ingress, if left unspecified. - type: array - items: - type: string - secretName: - description: SecretName is the name of the secret used to terminate SSL traffic. - type: string - secretNamespace: - description: SecretNamespace is the namespace of the secret used to terminate SSL traffic. If not set the namespace should be assumed to be the same as the Ingress. If set the secret should have the same namespace as the Ingress otherwise the behaviour is undefined and not supported. - type: string - status: - description: 'Status is the current state of the Ingress. More info: https://github.com/kubernetes/community/blob/master/contributors/devel/sig-architecture/api-conventions.md#spec-and-status' - type: object - properties: - annotations: - description: Annotations is additional Status fields for the Resource to save some additional State as well as convey more information to the user. This is roughly akin to Annotations on any k8s resource, just the reconciler conveying richer information outwards. - type: object - additionalProperties: - type: string - conditions: - description: Conditions the latest available observations of a resource's current state. - type: array - items: - description: 'Condition defines a readiness condition for a Knative resource. See: https://github.com/kubernetes/community/blob/master/contributors/devel/sig-architecture/api-conventions.md#typical-status-properties' - type: object - required: - - status - - type - properties: - lastTransitionTime: - description: LastTransitionTime is the last time the condition transitioned from one status to another. We use VolatileTime in place of metav1.Time to exclude this from creating equality.Semantic differences (all other things held constant). - type: string - message: - description: A human readable message indicating details about the transition. - type: string - reason: - description: The reason for the condition's last transition. - type: string - severity: - description: Severity with which to treat failures of this type of condition. When this is not specified, it defaults to Error. - type: string - status: - description: Status of the condition, one of True, False, Unknown. - type: string - type: - description: Type of condition. - type: string - observedGeneration: - description: ObservedGeneration is the 'Generation' of the Service that was last processed by the controller. - type: integer - format: int64 - privateLoadBalancer: - description: PrivateLoadBalancer contains the current status of the load-balancer. - type: object - properties: - ingress: - description: Ingress is a list containing ingress points for the load-balancer. Traffic intended for the service should be sent to these ingress points. - type: array - items: - description: 'LoadBalancerIngressStatus represents the status of a load-balancer ingress point: traffic intended for the service should be sent to an ingress point.' - type: object - properties: - domain: - description: Domain is set for load-balancer ingress points that are DNS based (typically AWS load-balancers) - type: string - domainInternal: - description: "DomainInternal is set if there is a cluster-local DNS name to access the Ingress. \n NOTE: This differs from K8s Ingress, since we also desire to have a cluster-local DNS name to allow routing in case of not having a mesh." - type: string - ip: - description: IP is set for load-balancer ingress points that are IP based (typically GCE or OpenStack load-balancers) - type: string - meshOnly: - description: MeshOnly is set if the Ingress is only load-balanced through a Service mesh. - type: boolean - publicLoadBalancer: - description: PublicLoadBalancer contains the current status of the load-balancer. - type: object - properties: - ingress: - description: Ingress is a list containing ingress points for the load-balancer. Traffic intended for the service should be sent to these ingress points. - type: array - items: - description: 'LoadBalancerIngressStatus represents the status of a load-balancer ingress point: traffic intended for the service should be sent to an ingress point.' - type: object - properties: - domain: - description: Domain is set for load-balancer ingress points that are DNS based (typically AWS load-balancers) - type: string - domainInternal: - description: "DomainInternal is set if there is a cluster-local DNS name to access the Ingress. \n NOTE: This differs from K8s Ingress, since we also desire to have a cluster-local DNS name to allow routing in case of not having a mesh." - type: string - ip: - description: IP is set for load-balancer ingress points that are IP based (typically GCE or OpenStack load-balancers) - type: string - meshOnly: - description: MeshOnly is set if the Ingress is only load-balanced through a Service mesh. - type: boolean - additionalPrinterColumns: - - name: Ready - type: string - jsonPath: ".status.conditions[?(@.type=='Ready')].status" - - name: Reason - type: string - jsonPath: ".status.conditions[?(@.type=='Ready')].reason" - names: - kind: Ingress - plural: ingresses - singular: ingress - categories: - - knative-internal - - networking - shortNames: - - kingress - - king - scope: Namespaced - ---- -# Copyright 2019 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -# Note: The schema part of the spec is auto-generated by hack/update-schemas.sh. - -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - name: metrics.autoscaling.internal.knative.dev - labels: - app.kubernetes.io/name: knative-serving - app.kubernetes.io/version: "1.8.1" - knative.dev/crd-install: "true" -spec: - group: autoscaling.internal.knative.dev - names: - kind: Metric - plural: metrics - singular: metric - categories: - - knative-internal - - autoscaling - scope: Namespaced - versions: - - name: v1alpha1 - served: true - storage: true - subresources: - status: {} - additionalPrinterColumns: - - name: Ready - type: string - jsonPath: ".status.conditions[?(@.type=='Ready')].status" - - name: Reason - type: string - jsonPath: ".status.conditions[?(@.type=='Ready')].reason" - schema: - openAPIV3Schema: - description: Metric represents a resource to configure the metric collector with. - type: object - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - description: Spec holds the desired state of the Metric (from the client). - type: object - required: - - panicWindow - - scrapeTarget - - stableWindow - properties: - panicWindow: - description: PanicWindow is the aggregation window for metrics where quick reactions are needed. - type: integer - format: int64 - scrapeTarget: - description: ScrapeTarget is the K8s service that publishes the metric endpoint. - type: string - stableWindow: - description: StableWindow is the aggregation window for metrics in a stable state. - type: integer - format: int64 - status: - description: Status communicates the observed state of the Metric (from the controller). - type: object - properties: - annotations: - description: Annotations is additional Status fields for the Resource to save some additional State as well as convey more information to the user. This is roughly akin to Annotations on any k8s resource, just the reconciler conveying richer information outwards. - type: object - additionalProperties: - type: string - conditions: - description: Conditions the latest available observations of a resource's current state. - type: array - items: - description: 'Condition defines a readiness condition for a Knative resource. See: https://github.com/kubernetes/community/blob/master/contributors/devel/sig-architecture/api-conventions.md#typical-status-properties' - type: object - required: - - status - - type - properties: - lastTransitionTime: - description: LastTransitionTime is the last time the condition transitioned from one status to another. We use VolatileTime in place of metav1.Time to exclude this from creating equality.Semantic differences (all other things held constant). - type: string - message: - description: A human readable message indicating details about the transition. - type: string - reason: - description: The reason for the condition's last transition. - type: string - severity: - description: Severity with which to treat failures of this type of condition. When this is not specified, it defaults to Error. - type: string - status: - description: Status of the condition, one of True, False, Unknown. - type: string - type: - description: Type of condition. - type: string - observedGeneration: - description: ObservedGeneration is the 'Generation' of the Service that was last processed by the controller. - type: integer - format: int64 - ---- -# Copyright 2018 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -# Note: The schema part of the spec is auto-generated by hack/update-schemas.sh. - -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - name: podautoscalers.autoscaling.internal.knative.dev - labels: - app.kubernetes.io/name: knative-serving - app.kubernetes.io/version: "1.8.1" - knative.dev/crd-install: "true" -spec: - group: autoscaling.internal.knative.dev - names: - kind: PodAutoscaler - plural: podautoscalers - singular: podautoscaler - categories: - - knative-internal - - autoscaling - shortNames: - - kpa - - pa - scope: Namespaced - versions: - - name: v1alpha1 - served: true - storage: true - subresources: - status: {} - additionalPrinterColumns: - - name: DesiredScale - type: integer - jsonPath: ".status.desiredScale" - - name: ActualScale - type: integer - jsonPath: ".status.actualScale" - - name: Ready - type: string - jsonPath: ".status.conditions[?(@.type=='Ready')].status" - - name: Reason - type: string - jsonPath: ".status.conditions[?(@.type=='Ready')].reason" - schema: - openAPIV3Schema: - description: 'PodAutoscaler is a Knative abstraction that encapsulates the interface by which Knative components instantiate autoscalers. This definition is an abstraction that may be backed by multiple definitions. For more information, see the Knative Pluggability presentation: https://docs.google.com/presentation/d/19vW9HFZ6Puxt31biNZF3uLRejDmu82rxJIk1cWmxF7w/edit' - type: object - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - description: Spec holds the desired state of the PodAutoscaler (from the client). - type: object - required: - - protocolType - - scaleTargetRef - properties: - containerConcurrency: - description: ContainerConcurrency specifies the maximum allowed in-flight (concurrent) requests per container of the Revision. Defaults to `0` which means unlimited concurrency. - type: integer - format: int64 - protocolType: - description: The application-layer protocol. Matches `ProtocolType` inferred from the revision spec. - type: string - reachability: - description: Reachability specifies whether or not the `ScaleTargetRef` can be reached (ie. has a route). Defaults to `ReachabilityUnknown` - type: string - scaleTargetRef: - description: ScaleTargetRef defines the /scale-able resource that this PodAutoscaler is responsible for quickly right-sizing. - type: object - properties: - apiVersion: - description: API version of the referent. - type: string - kind: - description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - x-kubernetes-map-type: atomic - status: - description: Status communicates the observed state of the PodAutoscaler (from the controller). - type: object - required: - - metricsServiceName - - serviceName - properties: - actualScale: - description: ActualScale shows the actual number of replicas for the revision. - type: integer - format: int32 - annotations: - description: Annotations is additional Status fields for the Resource to save some additional State as well as convey more information to the user. This is roughly akin to Annotations on any k8s resource, just the reconciler conveying richer information outwards. - type: object - additionalProperties: - type: string - conditions: - description: Conditions the latest available observations of a resource's current state. - type: array - items: - description: 'Condition defines a readiness condition for a Knative resource. See: https://github.com/kubernetes/community/blob/master/contributors/devel/sig-architecture/api-conventions.md#typical-status-properties' - type: object - required: - - status - - type - properties: - lastTransitionTime: - description: LastTransitionTime is the last time the condition transitioned from one status to another. We use VolatileTime in place of metav1.Time to exclude this from creating equality.Semantic differences (all other things held constant). - type: string - message: - description: A human readable message indicating details about the transition. - type: string - reason: - description: The reason for the condition's last transition. - type: string - severity: - description: Severity with which to treat failures of this type of condition. When this is not specified, it defaults to Error. - type: string - status: - description: Status of the condition, one of True, False, Unknown. - type: string - type: - description: Type of condition. - type: string - desiredScale: - description: DesiredScale shows the current desired number of replicas for the revision. - type: integer - format: int32 - metricsServiceName: - description: MetricsServiceName is the K8s Service name that provides revision metrics. The service is managed by the PA object. - type: string - observedGeneration: - description: ObservedGeneration is the 'Generation' of the Service that was last processed by the controller. - type: integer - format: int64 - serviceName: - description: ServiceName is the K8s Service name that serves the revision, scaled by this PA. The service is created and owned by the ServerlessService object owned by this PA. - type: string - ---- -# Copyright 2019 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -# Note: The schema part of the spec is auto-generated by hack/update-schemas.sh. - -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - name: revisions.serving.knative.dev - labels: - app.kubernetes.io/name: knative-serving - app.kubernetes.io/version: "1.8.1" - knative.dev/crd-install: "true" -spec: - group: serving.knative.dev - names: - kind: Revision - plural: revisions - singular: revision - categories: - - all - - knative - - serving - shortNames: - - rev - scope: Namespaced - versions: - - name: v1 - served: true - storage: true - subresources: - status: {} - additionalPrinterColumns: - - name: Config Name - type: string - jsonPath: ".metadata.labels['serving\\.knative\\.dev/configuration']" - - name: K8s Service Name - type: string - jsonPath: ".status.serviceName" - - name: Generation - type: string # int in string form :( - jsonPath: ".metadata.labels['serving\\.knative\\.dev/configurationGeneration']" - - name: Ready - type: string - jsonPath: ".status.conditions[?(@.type=='Ready')].status" - - name: Reason - type: string - jsonPath: ".status.conditions[?(@.type=='Ready')].reason" - - name: Actual Replicas - type: integer - jsonPath: ".status.actualReplicas" - - name: Desired Replicas - type: integer - jsonPath: ".status.desiredReplicas" - schema: - openAPIV3Schema: - description: "Revision is an immutable snapshot of code and configuration. A revision references a container image. Revisions are created by updates to a Configuration. \n See also: https://github.com/knative/serving/blob/main/docs/spec/overview.md#revision" - type: object - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - description: RevisionSpec holds the desired state of the Revision (from the client). - type: object - required: - - containers - properties: - affinity: - description: This is accessible behind a feature flag - kubernetes.podspec-affinity - type: object - x-kubernetes-preserve-unknown-fields: true - automountServiceAccountToken: - description: AutomountServiceAccountToken indicates whether a service account token should be automatically mounted. - type: boolean - containerConcurrency: - description: ContainerConcurrency specifies the maximum allowed in-flight (concurrent) requests per container of the Revision. Defaults to `0` which means concurrency to the application is not limited, and the system decides the target concurrency for the autoscaler. - type: integer - format: int64 - containers: - description: List of containers belonging to the pod. Containers cannot currently be added or removed. There must be at least one container in a Pod. Cannot be updated. - type: array - items: - description: A single application container that you want to run within a pod. - type: object - properties: - args: - description: 'Arguments to the entrypoint. The container image''s CMD is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container''s environment. If a variable cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)" will produce the string literal "$(VAR_NAME)". Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell' - type: array - items: - type: string - command: - description: 'Entrypoint array. Not executed within a shell. The container image''s ENTRYPOINT is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container''s environment. If a variable cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)" will produce the string literal "$(VAR_NAME)". Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell' - type: array - items: - type: string - env: - description: List of environment variables to set in the container. Cannot be updated. - type: array - items: - description: EnvVar represents an environment variable present in a Container. - type: object - required: - - name - properties: - name: - description: Name of the environment variable. Must be a C_IDENTIFIER. - type: string - value: - description: 'Variable references $(VAR_NAME) are expanded using the previously defined environment variables in the container and any service environment variables. If a variable cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)" will produce the string literal "$(VAR_NAME)". Escaped references will never be expanded, regardless of whether the variable exists or not. Defaults to "".' - type: string - valueFrom: - description: Source for the environment variable's value. Cannot be used if value is not empty. - type: object - properties: - configMapKeyRef: - description: Selects a key of a ConfigMap. - type: object - required: - - key - properties: - key: - description: The key to select. - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?' - type: string - optional: - description: Specify whether the ConfigMap or its key must be defined - type: boolean - x-kubernetes-map-type: atomic - fieldRef: - description: This is accessible behind a feature flag - kubernetes.podspec-fieldref - type: object - x-kubernetes-preserve-unknown-fields: true - x-kubernetes-map-type: atomic - resourceFieldRef: - description: This is accessible behind a feature flag - kubernetes.podspec-fieldref - type: object - x-kubernetes-preserve-unknown-fields: true - x-kubernetes-map-type: atomic - secretKeyRef: - description: Selects a key of a secret in the pod's namespace - type: object - required: - - key - properties: - key: - description: The key of the secret to select from. Must be a valid secret key. - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?' - type: string - optional: - description: Specify whether the Secret or its key must be defined - type: boolean - x-kubernetes-map-type: atomic - envFrom: - description: List of sources to populate environment variables in the container. The keys defined within a source must be a C_IDENTIFIER. All invalid keys will be reported as an event when the container is starting. When a key exists in multiple sources, the value associated with the last source will take precedence. Values defined by an Env with a duplicate key will take precedence. Cannot be updated. - type: array - items: - description: EnvFromSource represents the source of a set of ConfigMaps - type: object - properties: - configMapRef: - description: The ConfigMap to select from - type: object - properties: - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?' - type: string - optional: - description: Specify whether the ConfigMap must be defined - type: boolean - x-kubernetes-map-type: atomic - prefix: - description: An optional identifier to prepend to each key in the ConfigMap. Must be a C_IDENTIFIER. - type: string - secretRef: - description: The Secret to select from - type: object - properties: - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?' - type: string - optional: - description: Specify whether the Secret must be defined - type: boolean - x-kubernetes-map-type: atomic - image: - description: 'Container image name. More info: https://kubernetes.io/docs/concepts/containers/images This field is optional to allow higher level config management to default or override container images in workload controllers like Deployments and StatefulSets.' - type: string - imagePullPolicy: - description: 'Image pull policy. One of Always, Never, IfNotPresent. Defaults to Always if :latest tag is specified, or IfNotPresent otherwise. Cannot be updated. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images' - type: string - livenessProbe: - description: 'Periodic probe of container liveness. Container will be restarted if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' - type: object - properties: - exec: - description: Exec specifies the action to take. - type: object - properties: - command: - description: Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. - type: array - items: - type: string - failureThreshold: - description: Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1. - type: integer - format: int32 - httpGet: - description: HTTPGet specifies the http request to perform. - type: object - properties: - host: - description: Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. - type: string - httpHeaders: - description: Custom headers to set in the request. HTTP allows repeated headers. - type: array - items: - description: HTTPHeader describes a custom header to be used in HTTP probes - type: object - required: - - name - - value - properties: - name: - description: The header field name - type: string - value: - description: The header field value - type: string - path: - description: Path to access on the HTTP server. - type: string - port: - description: Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - scheme: - description: Scheme to use for connecting to the host. Defaults to HTTP. - type: string - initialDelaySeconds: - description: 'Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' - type: integer - format: int32 - periodSeconds: - description: How often (in seconds) to perform the probe. - type: integer - format: int32 - successThreshold: - description: Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1. - type: integer - format: int32 - tcpSocket: - description: TCPSocket specifies an action involving a TCP port. - type: object - properties: - host: - description: 'Optional: Host name to connect to, defaults to the pod IP.' - type: string - port: - description: Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - timeoutSeconds: - description: 'Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' - type: integer - format: int32 - name: - description: Name of the container specified as a DNS_LABEL. Each container in a pod must have a unique name (DNS_LABEL). Cannot be updated. - type: string - ports: - description: List of ports to expose from the container. Not specifying a port here DOES NOT prevent that port from being exposed. Any port which is listening on the default "0.0.0.0" address inside a container will be accessible from the network. Modifying this array with strategic merge patch may corrupt the data. For more information See https://github.com/kubernetes/kubernetes/issues/108255. Cannot be updated. - type: array - items: - description: ContainerPort represents a network port in a single container. - type: object - required: - - containerPort - properties: - containerPort: - description: Number of port to expose on the pod's IP address. This must be a valid port number, 0 < x < 65536. - type: integer - format: int32 - name: - description: If specified, this must be an IANA_SVC_NAME and unique within the pod. Each named port in a pod must have a unique name. Name for the port that can be referred to by services. - type: string - protocol: - description: Protocol for port. Must be UDP, TCP, or SCTP. Defaults to "TCP". - type: string - default: TCP - x-kubernetes-list-map-keys: - - containerPort - - protocol - x-kubernetes-list-type: map - readinessProbe: - description: 'Periodic probe of container service readiness. Container will be removed from service endpoints if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' - type: object - properties: - exec: - description: Exec specifies the action to take. - type: object - properties: - command: - description: Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. - type: array - items: - type: string - failureThreshold: - description: Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1. - type: integer - format: int32 - httpGet: - description: HTTPGet specifies the http request to perform. - type: object - properties: - host: - description: Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. - type: string - httpHeaders: - description: Custom headers to set in the request. HTTP allows repeated headers. - type: array - items: - description: HTTPHeader describes a custom header to be used in HTTP probes - type: object - required: - - name - - value - properties: - name: - description: The header field name - type: string - value: - description: The header field value - type: string - path: - description: Path to access on the HTTP server. - type: string - port: - description: Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - scheme: - description: Scheme to use for connecting to the host. Defaults to HTTP. - type: string - initialDelaySeconds: - description: 'Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' - type: integer - format: int32 - periodSeconds: - description: How often (in seconds) to perform the probe. - type: integer - format: int32 - successThreshold: - description: Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1. - type: integer - format: int32 - tcpSocket: - description: TCPSocket specifies an action involving a TCP port. - type: object - properties: - host: - description: 'Optional: Host name to connect to, defaults to the pod IP.' - type: string - port: - description: Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - timeoutSeconds: - description: 'Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' - type: integer - format: int32 - resources: - description: 'Compute Resources required by this container. Cannot be updated. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' - type: object - properties: - limits: - description: 'Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' - type: object - additionalProperties: - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - requests: - description: 'Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' - type: object - additionalProperties: - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - securityContext: - description: 'SecurityContext defines the security options the container should be run with. If set, the fields of SecurityContext override the equivalent fields of PodSecurityContext. More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/' - type: object - properties: - allowPrivilegeEscalation: - description: 'AllowPrivilegeEscalation controls whether a process can gain more privileges than its parent process. This bool directly controls if the no_new_privs flag will be set on the container process. AllowPrivilegeEscalation is true always when the container is: 1) run as Privileged 2) has CAP_SYS_ADMIN Note that this field cannot be set when spec.os.name is windows.' - type: boolean - capabilities: - description: The capabilities to add/drop when running containers. Defaults to the default set of capabilities granted by the container runtime. Note that this field cannot be set when spec.os.name is windows. - type: object - properties: - add: - description: This is accessible behind a feature flag - kubernetes.containerspec-addcapabilities - type: array - items: - description: Capability represent POSIX capabilities type - type: string - drop: - description: Removed capabilities - type: array - items: - description: Capability represent POSIX capabilities type - type: string - readOnlyRootFilesystem: - description: Whether this container has a read-only root filesystem. Default is false. Note that this field cannot be set when spec.os.name is windows. - type: boolean - runAsGroup: - description: The GID to run the entrypoint of the container process. Uses runtime default if unset. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is windows. - type: integer - format: int64 - runAsNonRoot: - description: Indicates that the container must run as a non-root user. If true, the Kubelet will validate the image at runtime to ensure that it does not run as UID 0 (root) and fail to start the container if it does. If unset or false, no such validation will be performed. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. - type: boolean - runAsUser: - description: The UID to run the entrypoint of the container process. Defaults to user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is windows. - type: integer - format: int64 - terminationMessagePath: - description: 'Optional: Path at which the file to which the container''s termination message will be written is mounted into the container''s filesystem. Message written is intended to be brief final status, such as an assertion failure message. Will be truncated by the node if greater than 4096 bytes. The total message length across all containers will be limited to 12kb. Defaults to /dev/termination-log. Cannot be updated.' - type: string - terminationMessagePolicy: - description: Indicate how the termination message should be populated. File will use the contents of terminationMessagePath to populate the container status message on both success and failure. FallbackToLogsOnError will use the last chunk of container log output if the termination message file is empty and the container exited with an error. The log output is limited to 2048 bytes or 80 lines, whichever is smaller. Defaults to File. Cannot be updated. - type: string - volumeMounts: - description: Pod volumes to mount into the container's filesystem. Cannot be updated. - type: array - items: - description: VolumeMount describes a mounting of a Volume within a container. - type: object - required: - - mountPath - - name - properties: - mountPath: - description: Path within the container at which the volume should be mounted. Must not contain ':'. - type: string - name: - description: This must match the Name of a Volume. - type: string - readOnly: - description: Mounted read-only if true, read-write otherwise (false or unspecified). Defaults to false. - type: boolean - subPath: - description: Path within the volume from which the container's volume should be mounted. Defaults to "" (volume's root). - type: string - workingDir: - description: Container's working directory. If not specified, the container runtime's default will be used, which might be configured in the container image. Cannot be updated. - type: string - dnsConfig: - description: This is accessible behind a feature flag - kubernetes.podspec-dnsconfig - type: object - x-kubernetes-preserve-unknown-fields: true - dnsPolicy: - description: This is accessible behind a feature flag - kubernetes.podspec-dnspolicy - type: string - enableServiceLinks: - description: 'EnableServiceLinks indicates whether information about services should be injected into pod''s environment variables, matching the syntax of Docker links. Optional: Knative defaults this to false.' - type: boolean - hostAliases: - description: This is accessible behind a feature flag - kubernetes.podspec-hostaliases - type: array - items: - description: This is accessible behind a feature flag - kubernetes.podspec-hostaliases - type: object - x-kubernetes-preserve-unknown-fields: true - idleTimeoutSeconds: - description: IdleTimeoutSeconds is the maximum duration in seconds a request will be allowed to stay open while not receiving any bytes from the user's application. If unspecified, a system default will be provided. - type: integer - format: int64 - imagePullSecrets: - description: 'ImagePullSecrets is an optional list of references to secrets in the same namespace to use for pulling any of the images used by this PodSpec. If specified, these secrets will be passed to individual puller implementations for them to use. More info: https://kubernetes.io/docs/concepts/containers/images#specifying-imagepullsecrets-on-a-pod' - type: array - items: - description: LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. - type: object - properties: - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?' - type: string - x-kubernetes-map-type: atomic - initContainers: - description: 'List of initialization containers belonging to the pod. Init containers are executed in order prior to containers being started. If any init container fails, the pod is considered to have failed and is handled according to its restartPolicy. The name for an init container or normal container must be unique among all containers. Init containers may not have Lifecycle actions, Readiness probes, Liveness probes, or Startup probes. The resourceRequirements of an init container are taken into account during scheduling by finding the highest request/limit for each resource type, and then using the max of of that value or the sum of the normal containers. Limits are applied to init containers in a similar fashion. Init containers cannot currently be added or removed. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/init-containers/' - type: array - items: - description: This is accessible behind a feature flag - kubernetes.podspec-init-containers - type: object - x-kubernetes-preserve-unknown-fields: true - nodeSelector: - description: This is accessible behind a feature flag - kubernetes.podspec-nodeselector - type: object - x-kubernetes-preserve-unknown-fields: true - x-kubernetes-map-type: atomic - priorityClassName: - description: This is accessible behind a feature flag - kubernetes.podspec-priorityclassname - type: string - x-kubernetes-preserve-unknown-fields: true - responseStartTimeoutSeconds: - description: ResponseStartTimeoutSeconds is the maximum duration in seconds that the request routing layer will wait for a request delivered to a container to begin sending any network traffic. - type: integer - format: int64 - runtimeClassName: - description: This is accessible behind a feature flag - kubernetes.podspec-runtimeclassname - type: string - x-kubernetes-preserve-unknown-fields: true - schedulerName: - description: This is accessible behind a feature flag - kubernetes.podspec-schedulername - type: string - x-kubernetes-preserve-unknown-fields: true - securityContext: - description: This is accessible behind a feature flag - kubernetes.podspec-securitycontext - type: object - x-kubernetes-preserve-unknown-fields: true - serviceAccountName: - description: 'ServiceAccountName is the name of the ServiceAccount to use to run this pod. More info: https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/' - type: string - timeoutSeconds: - description: TimeoutSeconds is the maximum duration in seconds that the request instance is allowed to respond to a request. If unspecified, a system default will be provided. - type: integer - format: int64 - tolerations: - description: This is accessible behind a feature flag - kubernetes.podspec-tolerations - type: array - items: - description: This is accessible behind a feature flag - kubernetes.podspec-tolerations - type: object - x-kubernetes-preserve-unknown-fields: true - topologySpreadConstraints: - description: This is accessible behind a feature flag - kubernetes.podspec-topologyspreadconstraints - type: array - items: - description: This is accessible behind a feature flag - kubernetes.podspec-topologyspreadconstraints - type: object - x-kubernetes-preserve-unknown-fields: true - volumes: - description: 'List of volumes that can be mounted by containers belonging to the pod. More info: https://kubernetes.io/docs/concepts/storage/volumes' - type: array - items: - description: Volume represents a named volume in a pod that may be accessed by any container in the pod. - type: object - required: - - name - properties: - configMap: - description: configMap represents a configMap that should populate this volume - type: object - properties: - defaultMode: - description: 'defaultMode is optional: mode bits used to set permissions on created files by default. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. Defaults to 0644. Directories within the path are not affected by this setting. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.' - type: integer - format: int32 - items: - description: items if unspecified, each key-value pair in the Data field of the referenced ConfigMap will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the ConfigMap, the volume setup will error unless it is marked optional. Paths must be relative and may not contain the '..' path or start with '..'. - type: array - items: - description: Maps a string key to a path within a volume. - type: object - required: - - key - - path - properties: - key: - description: key is the key to project. - type: string - mode: - description: 'mode is Optional: mode bits used to set permissions on this file. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.' - type: integer - format: int32 - path: - description: path is the relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'. - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?' - type: string - optional: - description: optional specify whether the ConfigMap or its keys must be defined - type: boolean - x-kubernetes-map-type: atomic - emptyDir: - description: This is accessible behind a feature flag - kubernetes.podspec-emptydir - type: object - x-kubernetes-preserve-unknown-fields: true - name: - description: 'name of the volume. Must be a DNS_LABEL and unique within the pod. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - persistentVolumeClaim: - description: This is accessible behind a feature flag - kubernetes.podspec-persistent-volume-claim - type: object - x-kubernetes-preserve-unknown-fields: true - projected: - description: projected items for all in one resources secrets, configmaps, and downward API - type: object - properties: - defaultMode: - description: defaultMode are the mode bits used to set permissions on created files by default. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. Directories within the path are not affected by this setting. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. - type: integer - format: int32 - sources: - description: sources is the list of volume projections - type: array - items: - description: Projection that may be projected along with other supported volume types - type: object - properties: - configMap: - description: configMap information about the configMap data to project - type: object - properties: - items: - description: items if unspecified, each key-value pair in the Data field of the referenced ConfigMap will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the ConfigMap, the volume setup will error unless it is marked optional. Paths must be relative and may not contain the '..' path or start with '..'. - type: array - items: - description: Maps a string key to a path within a volume. - type: object - required: - - key - - path - properties: - key: - description: key is the key to project. - type: string - mode: - description: 'mode is Optional: mode bits used to set permissions on this file. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.' - type: integer - format: int32 - path: - description: path is the relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'. - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?' - type: string - optional: - description: optional specify whether the ConfigMap or its keys must be defined - type: boolean - x-kubernetes-map-type: atomic - secret: - description: secret information about the secret data to project - type: object - properties: - items: - description: items if unspecified, each key-value pair in the Data field of the referenced Secret will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the Secret, the volume setup will error unless it is marked optional. Paths must be relative and may not contain the '..' path or start with '..'. - type: array - items: - description: Maps a string key to a path within a volume. - type: object - required: - - key - - path - properties: - key: - description: key is the key to project. - type: string - mode: - description: 'mode is Optional: mode bits used to set permissions on this file. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.' - type: integer - format: int32 - path: - description: path is the relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'. - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?' - type: string - optional: - description: optional field specify whether the Secret or its key must be defined - type: boolean - x-kubernetes-map-type: atomic - serviceAccountToken: - description: serviceAccountToken is information about the serviceAccountToken data to project - type: object - required: - - path - properties: - audience: - description: audience is the intended audience of the token. A recipient of a token must identify itself with an identifier specified in the audience of the token, and otherwise should reject the token. The audience defaults to the identifier of the apiserver. - type: string - expirationSeconds: - description: expirationSeconds is the requested duration of validity of the service account token. As the token approaches expiration, the kubelet volume plugin will proactively rotate the service account token. The kubelet will start trying to rotate the token if the token is older than 80 percent of its time to live or if the token is older than 24 hours.Defaults to 1 hour and must be at least 10 minutes. - type: integer - format: int64 - path: - description: path is the path relative to the mount point of the file to project the token into. - type: string - secret: - description: 'secret represents a secret that should populate this volume. More info: https://kubernetes.io/docs/concepts/storage/volumes#secret' - type: object - properties: - defaultMode: - description: 'defaultMode is Optional: mode bits used to set permissions on created files by default. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. Defaults to 0644. Directories within the path are not affected by this setting. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.' - type: integer - format: int32 - items: - description: items If unspecified, each key-value pair in the Data field of the referenced Secret will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the Secret, the volume setup will error unless it is marked optional. Paths must be relative and may not contain the '..' path or start with '..'. - type: array - items: - description: Maps a string key to a path within a volume. - type: object - required: - - key - - path - properties: - key: - description: key is the key to project. - type: string - mode: - description: 'mode is Optional: mode bits used to set permissions on this file. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.' - type: integer - format: int32 - path: - description: path is the relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'. - type: string - optional: - description: optional field specify whether the Secret or its keys must be defined - type: boolean - secretName: - description: 'secretName is the name of the secret in the pod''s namespace to use. More info: https://kubernetes.io/docs/concepts/storage/volumes#secret' - type: string - status: - description: RevisionStatus communicates the observed state of the Revision (from the controller). - type: object - properties: - actualReplicas: - description: ActualReplicas reflects the amount of ready pods running this revision. - type: integer - format: int32 - annotations: - description: Annotations is additional Status fields for the Resource to save some additional State as well as convey more information to the user. This is roughly akin to Annotations on any k8s resource, just the reconciler conveying richer information outwards. - type: object - additionalProperties: - type: string - conditions: - description: Conditions the latest available observations of a resource's current state. - type: array - items: - description: 'Condition defines a readiness condition for a Knative resource. See: https://github.com/kubernetes/community/blob/master/contributors/devel/sig-architecture/api-conventions.md#typical-status-properties' - type: object - required: - - status - - type - properties: - lastTransitionTime: - description: LastTransitionTime is the last time the condition transitioned from one status to another. We use VolatileTime in place of metav1.Time to exclude this from creating equality.Semantic differences (all other things held constant). - type: string - message: - description: A human readable message indicating details about the transition. - type: string - reason: - description: The reason for the condition's last transition. - type: string - severity: - description: Severity with which to treat failures of this type of condition. When this is not specified, it defaults to Error. - type: string - status: - description: Status of the condition, one of True, False, Unknown. - type: string - type: - description: Type of condition. - type: string - containerStatuses: - description: 'ContainerStatuses is a slice of images present in .Spec.Container[*].Image to their respective digests and their container name. The digests are resolved during the creation of Revision. ContainerStatuses holds the container name and image digests for both serving and non serving containers. ref: http://bit.ly/image-digests' - type: array - items: - description: ContainerStatus holds the information of container name and image digest value - type: object - properties: - imageDigest: - type: string - name: - type: string - desiredReplicas: - description: DesiredReplicas reflects the desired amount of pods running this revision. - type: integer - format: int32 - initContainerStatuses: - description: 'InitContainerStatuses is a slice of images present in .Spec.InitContainer[*].Image to their respective digests and their container name. The digests are resolved during the creation of Revision. ContainerStatuses holds the container name and image digests for both serving and non serving containers. ref: http://bit.ly/image-digests' - type: array - items: - description: ContainerStatus holds the information of container name and image digest value - type: object - properties: - imageDigest: - type: string - name: - type: string - logUrl: - description: LogURL specifies the generated logging url for this particular revision based on the revision url template specified in the controller's config. - type: string - observedGeneration: - description: ObservedGeneration is the 'Generation' of the Service that was last processed by the controller. - type: integer - format: int64 - ---- -# Copyright 2019 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -# Note: The schema part of the spec is auto-generated by hack/update-schemas.sh. - -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - name: routes.serving.knative.dev - labels: - app.kubernetes.io/name: knative-serving - app.kubernetes.io/version: "1.8.1" - knative.dev/crd-install: "true" - duck.knative.dev/addressable: "true" -spec: - group: serving.knative.dev - names: - kind: Route - plural: routes - singular: route - categories: - - all - - knative - - serving - shortNames: - - rt - scope: Namespaced - versions: - - name: v1 - served: true - storage: true - subresources: - status: {} - additionalPrinterColumns: - - name: URL - type: string - jsonPath: .status.url - - name: Ready - type: string - jsonPath: ".status.conditions[?(@.type=='Ready')].status" - - name: Reason - type: string - jsonPath: ".status.conditions[?(@.type=='Ready')].reason" - schema: - openAPIV3Schema: - description: 'Route is responsible for configuring ingress over a collection of Revisions. Some of the Revisions a Route distributes traffic over may be specified by referencing the Configuration responsible for creating them; in these cases the Route is additionally responsible for monitoring the Configuration for "latest ready revision" changes, and smoothly rolling out latest revisions. See also: https://github.com/knative/serving/blob/main/docs/spec/overview.md#route' - type: object - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - description: Spec holds the desired state of the Route (from the client). - type: object - properties: - traffic: - description: Traffic specifies how to distribute traffic over a collection of revisions and configurations. - type: array - items: - description: TrafficTarget holds a single entry of the routing table for a Route. - type: object - properties: - configurationName: - description: ConfigurationName of a configuration to whose latest revision we will send this portion of traffic. When the "status.latestReadyRevisionName" of the referenced configuration changes, we will automatically migrate traffic from the prior "latest ready" revision to the new one. This field is never set in Route's status, only its spec. This is mutually exclusive with RevisionName. - type: string - latestRevision: - description: LatestRevision may be optionally provided to indicate that the latest ready Revision of the Configuration should be used for this traffic target. When provided LatestRevision must be true if RevisionName is empty; it must be false when RevisionName is non-empty. - type: boolean - percent: - description: 'Percent indicates that percentage based routing should be used and the value indicates the percent of traffic that is be routed to this Revision or Configuration. `0` (zero) mean no traffic, `100` means all traffic. When percentage based routing is being used the follow rules apply: - the sum of all percent values must equal 100 - when not specified, the implied value for `percent` is zero for that particular Revision or Configuration' - type: integer - format: int64 - revisionName: - description: RevisionName of a specific revision to which to send this portion of traffic. This is mutually exclusive with ConfigurationName. - type: string - tag: - description: Tag is optionally used to expose a dedicated url for referencing this target exclusively. - type: string - url: - description: URL displays the URL for accessing named traffic targets. URL is displayed in status, and is disallowed on spec. URL must contain a scheme (e.g. http://) and a hostname, but may not contain anything else (e.g. basic auth, url path, etc.) - type: string - status: - description: Status communicates the observed state of the Route (from the controller). - type: object - properties: - address: - description: Address holds the information needed for a Route to be the target of an event. - type: object - properties: - url: - type: string - annotations: - description: Annotations is additional Status fields for the Resource to save some additional State as well as convey more information to the user. This is roughly akin to Annotations on any k8s resource, just the reconciler conveying richer information outwards. - type: object - additionalProperties: - type: string - conditions: - description: Conditions the latest available observations of a resource's current state. - type: array - items: - description: 'Condition defines a readiness condition for a Knative resource. See: https://github.com/kubernetes/community/blob/master/contributors/devel/sig-architecture/api-conventions.md#typical-status-properties' - type: object - required: - - status - - type - properties: - lastTransitionTime: - description: LastTransitionTime is the last time the condition transitioned from one status to another. We use VolatileTime in place of metav1.Time to exclude this from creating equality.Semantic differences (all other things held constant). - type: string - message: - description: A human readable message indicating details about the transition. - type: string - reason: - description: The reason for the condition's last transition. - type: string - severity: - description: Severity with which to treat failures of this type of condition. When this is not specified, it defaults to Error. - type: string - status: - description: Status of the condition, one of True, False, Unknown. - type: string - type: - description: Type of condition. - type: string - observedGeneration: - description: ObservedGeneration is the 'Generation' of the Service that was last processed by the controller. - type: integer - format: int64 - traffic: - description: Traffic holds the configured traffic distribution. These entries will always contain RevisionName references. When ConfigurationName appears in the spec, this will hold the LatestReadyRevisionName that we last observed. - type: array - items: - description: TrafficTarget holds a single entry of the routing table for a Route. - type: object - properties: - configurationName: - description: ConfigurationName of a configuration to whose latest revision we will send this portion of traffic. When the "status.latestReadyRevisionName" of the referenced configuration changes, we will automatically migrate traffic from the prior "latest ready" revision to the new one. This field is never set in Route's status, only its spec. This is mutually exclusive with RevisionName. - type: string - latestRevision: - description: LatestRevision may be optionally provided to indicate that the latest ready Revision of the Configuration should be used for this traffic target. When provided LatestRevision must be true if RevisionName is empty; it must be false when RevisionName is non-empty. - type: boolean - percent: - description: 'Percent indicates that percentage based routing should be used and the value indicates the percent of traffic that is be routed to this Revision or Configuration. `0` (zero) mean no traffic, `100` means all traffic. When percentage based routing is being used the follow rules apply: - the sum of all percent values must equal 100 - when not specified, the implied value for `percent` is zero for that particular Revision or Configuration' - type: integer - format: int64 - revisionName: - description: RevisionName of a specific revision to which to send this portion of traffic. This is mutually exclusive with ConfigurationName. - type: string - tag: - description: Tag is optionally used to expose a dedicated url for referencing this target exclusively. - type: string - url: - description: URL displays the URL for accessing named traffic targets. URL is displayed in status, and is disallowed on spec. URL must contain a scheme (e.g. http://) and a hostname, but may not contain anything else (e.g. basic auth, url path, etc.) - type: string - url: - description: URL holds the url that will distribute traffic over the provided traffic targets. It generally has the form http[s]://{route-name}.{route-namespace}.{cluster-level-suffix} - type: string - ---- -# Copyright 2019 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - name: serverlessservices.networking.internal.knative.dev - labels: - app.kubernetes.io/name: knative-serving - app.kubernetes.io/component: networking - app.kubernetes.io/version: "1.8.1" - knative.dev/crd-install: "true" -spec: - group: networking.internal.knative.dev - versions: - - name: v1alpha1 - served: true - storage: true - subresources: - status: {} - schema: - openAPIV3Schema: - description: 'ServerlessService is a proxy for the K8s service objects containing the endpoints for the revision, whether those are endpoints of the activator or revision pods. See: https://knative.page.link/naxz for details.' - type: object - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - description: 'Spec is the desired state of the ServerlessService. More info: https://github.com/kubernetes/community/blob/master/contributors/devel/sig-architecture/api-conventions.md#spec-and-status' - type: object - required: - - objectRef - - protocolType - properties: - mode: - description: Mode describes the mode of operation of the ServerlessService. - type: string - numActivators: - description: NumActivators contains number of Activators that this revision should be assigned. O means — assign all. - type: integer - format: int32 - objectRef: - description: ObjectRef defines the resource that this ServerlessService is responsible for making "serverless". - type: object - properties: - apiVersion: - description: API version of the referent. - type: string - fieldPath: - description: 'If referring to a piece of an object instead of an entire object, this string should contain a valid JSON/Go field access statement, such as desiredState.manifest.containers[2]. For example, if the object reference is to a container within a pod, this would take on a value like: "spec.containers{name}" (where "name" refers to the name of the container that triggered the event) or if no container name is specified "spec.containers[2]" (container with index 2 in this pod). This syntax is chosen only to have some well-defined way of referencing a part of an object. TODO: this design is not final and this field is subject to change in the future.' - type: string - kind: - description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - namespace: - description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' - type: string - resourceVersion: - description: 'Specific resourceVersion to which this reference is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency' - type: string - uid: - description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids' - type: string - x-kubernetes-map-type: atomic - protocolType: - description: The application-layer protocol. Matches `RevisionProtocolType` set on the owning pa/revision. serving imports networking, so just use string. - type: string - status: - description: 'Status is the current state of the ServerlessService. More info: https://github.com/kubernetes/community/blob/master/contributors/devel/sig-architecture/api-conventions.md#spec-and-status' - type: object - properties: - annotations: - description: Annotations is additional Status fields for the Resource to save some additional State as well as convey more information to the user. This is roughly akin to Annotations on any k8s resource, just the reconciler conveying richer information outwards. - type: object - additionalProperties: - type: string - conditions: - description: Conditions the latest available observations of a resource's current state. - type: array - items: - description: 'Condition defines a readiness condition for a Knative resource. See: https://github.com/kubernetes/community/blob/master/contributors/devel/sig-architecture/api-conventions.md#typical-status-properties' - type: object - required: - - status - - type - properties: - lastTransitionTime: - description: LastTransitionTime is the last time the condition transitioned from one status to another. We use VolatileTime in place of metav1.Time to exclude this from creating equality.Semantic differences (all other things held constant). - type: string - message: - description: A human readable message indicating details about the transition. - type: string - reason: - description: The reason for the condition's last transition. - type: string - severity: - description: Severity with which to treat failures of this type of condition. When this is not specified, it defaults to Error. - type: string - status: - description: Status of the condition, one of True, False, Unknown. - type: string - type: - description: Type of condition. - type: string - observedGeneration: - description: ObservedGeneration is the 'Generation' of the Service that was last processed by the controller. - type: integer - format: int64 - privateServiceName: - description: PrivateServiceName holds the name of a core K8s Service resource that load balances over the user service pods backing this Revision. - type: string - serviceName: - description: ServiceName holds the name of a core K8s Service resource that load balances over the pods backing this Revision (activator or revision). - type: string - additionalPrinterColumns: - - name: Mode - type: string - jsonPath: ".spec.mode" - - name: Activators - type: integer - jsonPath: ".spec.numActivators" - - name: ServiceName - type: string - jsonPath: ".status.serviceName" - - name: PrivateServiceName - type: string - jsonPath: ".status.privateServiceName" - - name: Ready - type: string - jsonPath: ".status.conditions[?(@.type=='Ready')].status" - - name: Reason - type: string - jsonPath: ".status.conditions[?(@.type=='Ready')].reason" - names: - kind: ServerlessService - plural: serverlessservices - singular: serverlessservice - categories: - - knative-internal - - networking - shortNames: - - sks - scope: Namespaced - ---- -# Copyright 2019 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -# Note: The schema part of the spec is auto-generated by hack/update-schemas.sh. - -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - name: services.serving.knative.dev - labels: - app.kubernetes.io/name: knative-serving - app.kubernetes.io/version: "1.8.1" - knative.dev/crd-install: "true" - duck.knative.dev/addressable: "true" - duck.knative.dev/podspecable: "true" -spec: - group: serving.knative.dev - names: - kind: Service - plural: services - singular: service - categories: - - all - - knative - - serving - shortNames: - - kservice - - ksvc - scope: Namespaced - versions: - - name: v1 - served: true - storage: true - subresources: - status: {} - additionalPrinterColumns: - - name: URL - type: string - jsonPath: .status.url - - name: LatestCreated - type: string - jsonPath: .status.latestCreatedRevisionName - - name: LatestReady - type: string - jsonPath: .status.latestReadyRevisionName - - name: Ready - type: string - jsonPath: ".status.conditions[?(@.type=='Ready')].status" - - name: Reason - type: string - jsonPath: ".status.conditions[?(@.type=='Ready')].reason" - schema: - openAPIV3Schema: - description: "Service acts as a top-level container that manages a Route and Configuration which implement a network service. Service exists to provide a singular abstraction which can be access controlled, reasoned about, and which encapsulates software lifecycle decisions such as rollout policy and team resource ownership. Service acts only as an orchestrator of the underlying Routes and Configurations (much as a kubernetes Deployment orchestrates ReplicaSets), and its usage is optional but recommended. \n The Service's controller will track the statuses of its owned Configuration and Route, reflecting their statuses and conditions as its own. \n See also: https://github.com/knative/serving/blob/main/docs/spec/overview.md#service" - type: object - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - description: ServiceSpec represents the configuration for the Service object. A Service's specification is the union of the specifications for a Route and Configuration. The Service restricts what can be expressed in these fields, e.g. the Route must reference the provided Configuration; however, these limitations also enable friendlier defaulting, e.g. Route never needs a Configuration name, and may be defaulted to the appropriate "run latest" spec. - type: object - properties: - template: - description: Template holds the latest specification for the Revision to be stamped out. - type: object - properties: - metadata: - type: object - properties: - annotations: - type: object - additionalProperties: - type: string - finalizers: - type: array - items: - type: string - labels: - type: object - additionalProperties: - type: string - name: - type: string - namespace: - type: string - x-kubernetes-preserve-unknown-fields: true - spec: - description: RevisionSpec holds the desired state of the Revision (from the client). - type: object - required: - - containers - properties: - affinity: - description: This is accessible behind a feature flag - kubernetes.podspec-affinity - type: object - x-kubernetes-preserve-unknown-fields: true - automountServiceAccountToken: - description: AutomountServiceAccountToken indicates whether a service account token should be automatically mounted. - type: boolean - containerConcurrency: - description: ContainerConcurrency specifies the maximum allowed in-flight (concurrent) requests per container of the Revision. Defaults to `0` which means concurrency to the application is not limited, and the system decides the target concurrency for the autoscaler. - type: integer - format: int64 - containers: - description: List of containers belonging to the pod. Containers cannot currently be added or removed. There must be at least one container in a Pod. Cannot be updated. - type: array - items: - description: A single application container that you want to run within a pod. - type: object - properties: - args: - description: 'Arguments to the entrypoint. The container image''s CMD is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container''s environment. If a variable cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)" will produce the string literal "$(VAR_NAME)". Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell' - type: array - items: - type: string - command: - description: 'Entrypoint array. Not executed within a shell. The container image''s ENTRYPOINT is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container''s environment. If a variable cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)" will produce the string literal "$(VAR_NAME)". Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell' - type: array - items: - type: string - env: - description: List of environment variables to set in the container. Cannot be updated. - type: array - items: - description: EnvVar represents an environment variable present in a Container. - type: object - required: - - name - properties: - name: - description: Name of the environment variable. Must be a C_IDENTIFIER. - type: string - value: - description: 'Variable references $(VAR_NAME) are expanded using the previously defined environment variables in the container and any service environment variables. If a variable cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)" will produce the string literal "$(VAR_NAME)". Escaped references will never be expanded, regardless of whether the variable exists or not. Defaults to "".' - type: string - valueFrom: - description: Source for the environment variable's value. Cannot be used if value is not empty. - type: object - properties: - configMapKeyRef: - description: Selects a key of a ConfigMap. - type: object - required: - - key - properties: - key: - description: The key to select. - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?' - type: string - optional: - description: Specify whether the ConfigMap or its key must be defined - type: boolean - x-kubernetes-map-type: atomic - fieldRef: - description: This is accessible behind a feature flag - kubernetes.podspec-fieldref - type: object - x-kubernetes-preserve-unknown-fields: true - x-kubernetes-map-type: atomic - resourceFieldRef: - description: This is accessible behind a feature flag - kubernetes.podspec-fieldref - type: object - x-kubernetes-preserve-unknown-fields: true - x-kubernetes-map-type: atomic - secretKeyRef: - description: Selects a key of a secret in the pod's namespace - type: object - required: - - key - properties: - key: - description: The key of the secret to select from. Must be a valid secret key. - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?' - type: string - optional: - description: Specify whether the Secret or its key must be defined - type: boolean - x-kubernetes-map-type: atomic - envFrom: - description: List of sources to populate environment variables in the container. The keys defined within a source must be a C_IDENTIFIER. All invalid keys will be reported as an event when the container is starting. When a key exists in multiple sources, the value associated with the last source will take precedence. Values defined by an Env with a duplicate key will take precedence. Cannot be updated. - type: array - items: - description: EnvFromSource represents the source of a set of ConfigMaps - type: object - properties: - configMapRef: - description: The ConfigMap to select from - type: object - properties: - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?' - type: string - optional: - description: Specify whether the ConfigMap must be defined - type: boolean - x-kubernetes-map-type: atomic - prefix: - description: An optional identifier to prepend to each key in the ConfigMap. Must be a C_IDENTIFIER. - type: string - secretRef: - description: The Secret to select from - type: object - properties: - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?' - type: string - optional: - description: Specify whether the Secret must be defined - type: boolean - x-kubernetes-map-type: atomic - image: - description: 'Container image name. More info: https://kubernetes.io/docs/concepts/containers/images This field is optional to allow higher level config management to default or override container images in workload controllers like Deployments and StatefulSets.' - type: string - imagePullPolicy: - description: 'Image pull policy. One of Always, Never, IfNotPresent. Defaults to Always if :latest tag is specified, or IfNotPresent otherwise. Cannot be updated. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images' - type: string - livenessProbe: - description: 'Periodic probe of container liveness. Container will be restarted if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' - type: object - properties: - exec: - description: Exec specifies the action to take. - type: object - properties: - command: - description: Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. - type: array - items: - type: string - failureThreshold: - description: Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1. - type: integer - format: int32 - httpGet: - description: HTTPGet specifies the http request to perform. - type: object - properties: - host: - description: Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. - type: string - httpHeaders: - description: Custom headers to set in the request. HTTP allows repeated headers. - type: array - items: - description: HTTPHeader describes a custom header to be used in HTTP probes - type: object - required: - - name - - value - properties: - name: - description: The header field name - type: string - value: - description: The header field value - type: string - path: - description: Path to access on the HTTP server. - type: string - port: - description: Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - scheme: - description: Scheme to use for connecting to the host. Defaults to HTTP. - type: string - initialDelaySeconds: - description: 'Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' - type: integer - format: int32 - periodSeconds: - description: How often (in seconds) to perform the probe. - type: integer - format: int32 - successThreshold: - description: Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1. - type: integer - format: int32 - tcpSocket: - description: TCPSocket specifies an action involving a TCP port. - type: object - properties: - host: - description: 'Optional: Host name to connect to, defaults to the pod IP.' - type: string - port: - description: Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - timeoutSeconds: - description: 'Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' - type: integer - format: int32 - name: - description: Name of the container specified as a DNS_LABEL. Each container in a pod must have a unique name (DNS_LABEL). Cannot be updated. - type: string - ports: - description: List of ports to expose from the container. Not specifying a port here DOES NOT prevent that port from being exposed. Any port which is listening on the default "0.0.0.0" address inside a container will be accessible from the network. Modifying this array with strategic merge patch may corrupt the data. For more information See https://github.com/kubernetes/kubernetes/issues/108255. Cannot be updated. - type: array - items: - description: ContainerPort represents a network port in a single container. - type: object - required: - - containerPort - properties: - containerPort: - description: Number of port to expose on the pod's IP address. This must be a valid port number, 0 < x < 65536. - type: integer - format: int32 - name: - description: If specified, this must be an IANA_SVC_NAME and unique within the pod. Each named port in a pod must have a unique name. Name for the port that can be referred to by services. - type: string - protocol: - description: Protocol for port. Must be UDP, TCP, or SCTP. Defaults to "TCP". - type: string - default: TCP - x-kubernetes-list-map-keys: - - containerPort - - protocol - x-kubernetes-list-type: map - readinessProbe: - description: 'Periodic probe of container service readiness. Container will be removed from service endpoints if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' - type: object - properties: - exec: - description: Exec specifies the action to take. - type: object - properties: - command: - description: Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. - type: array - items: - type: string - failureThreshold: - description: Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1. - type: integer - format: int32 - httpGet: - description: HTTPGet specifies the http request to perform. - type: object - properties: - host: - description: Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. - type: string - httpHeaders: - description: Custom headers to set in the request. HTTP allows repeated headers. - type: array - items: - description: HTTPHeader describes a custom header to be used in HTTP probes - type: object - required: - - name - - value - properties: - name: - description: The header field name - type: string - value: - description: The header field value - type: string - path: - description: Path to access on the HTTP server. - type: string - port: - description: Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - scheme: - description: Scheme to use for connecting to the host. Defaults to HTTP. - type: string - initialDelaySeconds: - description: 'Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' - type: integer - format: int32 - periodSeconds: - description: How often (in seconds) to perform the probe. - type: integer - format: int32 - successThreshold: - description: Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1. - type: integer - format: int32 - tcpSocket: - description: TCPSocket specifies an action involving a TCP port. - type: object - properties: - host: - description: 'Optional: Host name to connect to, defaults to the pod IP.' - type: string - port: - description: Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - timeoutSeconds: - description: 'Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' - type: integer - format: int32 - resources: - description: 'Compute Resources required by this container. Cannot be updated. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' - type: object - properties: - limits: - description: 'Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' - type: object - additionalProperties: - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - requests: - description: 'Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' - type: object - additionalProperties: - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - securityContext: - description: 'SecurityContext defines the security options the container should be run with. If set, the fields of SecurityContext override the equivalent fields of PodSecurityContext. More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/' - type: object - properties: - allowPrivilegeEscalation: - description: 'AllowPrivilegeEscalation controls whether a process can gain more privileges than its parent process. This bool directly controls if the no_new_privs flag will be set on the container process. AllowPrivilegeEscalation is true always when the container is: 1) run as Privileged 2) has CAP_SYS_ADMIN Note that this field cannot be set when spec.os.name is windows.' - type: boolean - capabilities: - description: The capabilities to add/drop when running containers. Defaults to the default set of capabilities granted by the container runtime. Note that this field cannot be set when spec.os.name is windows. - type: object - properties: - add: - description: This is accessible behind a feature flag - kubernetes.containerspec-addcapabilities - type: array - items: - description: Capability represent POSIX capabilities type - type: string - drop: - description: Removed capabilities - type: array - items: - description: Capability represent POSIX capabilities type - type: string - readOnlyRootFilesystem: - description: Whether this container has a read-only root filesystem. Default is false. Note that this field cannot be set when spec.os.name is windows. - type: boolean - runAsGroup: - description: The GID to run the entrypoint of the container process. Uses runtime default if unset. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is windows. - type: integer - format: int64 - runAsNonRoot: - description: Indicates that the container must run as a non-root user. If true, the Kubelet will validate the image at runtime to ensure that it does not run as UID 0 (root) and fail to start the container if it does. If unset or false, no such validation will be performed. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. - type: boolean - runAsUser: - description: The UID to run the entrypoint of the container process. Defaults to user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is windows. - type: integer - format: int64 - terminationMessagePath: - description: 'Optional: Path at which the file to which the container''s termination message will be written is mounted into the container''s filesystem. Message written is intended to be brief final status, such as an assertion failure message. Will be truncated by the node if greater than 4096 bytes. The total message length across all containers will be limited to 12kb. Defaults to /dev/termination-log. Cannot be updated.' - type: string - terminationMessagePolicy: - description: Indicate how the termination message should be populated. File will use the contents of terminationMessagePath to populate the container status message on both success and failure. FallbackToLogsOnError will use the last chunk of container log output if the termination message file is empty and the container exited with an error. The log output is limited to 2048 bytes or 80 lines, whichever is smaller. Defaults to File. Cannot be updated. - type: string - volumeMounts: - description: Pod volumes to mount into the container's filesystem. Cannot be updated. - type: array - items: - description: VolumeMount describes a mounting of a Volume within a container. - type: object - required: - - mountPath - - name - properties: - mountPath: - description: Path within the container at which the volume should be mounted. Must not contain ':'. - type: string - name: - description: This must match the Name of a Volume. - type: string - readOnly: - description: Mounted read-only if true, read-write otherwise (false or unspecified). Defaults to false. - type: boolean - subPath: - description: Path within the volume from which the container's volume should be mounted. Defaults to "" (volume's root). - type: string - workingDir: - description: Container's working directory. If not specified, the container runtime's default will be used, which might be configured in the container image. Cannot be updated. - type: string - dnsConfig: - description: This is accessible behind a feature flag - kubernetes.podspec-dnsconfig - type: object - x-kubernetes-preserve-unknown-fields: true - dnsPolicy: - description: This is accessible behind a feature flag - kubernetes.podspec-dnspolicy - type: string - enableServiceLinks: - description: 'EnableServiceLinks indicates whether information about services should be injected into pod''s environment variables, matching the syntax of Docker links. Optional: Knative defaults this to false.' - type: boolean - hostAliases: - description: This is accessible behind a feature flag - kubernetes.podspec-hostaliases - type: array - items: - description: This is accessible behind a feature flag - kubernetes.podspec-hostaliases - type: object - x-kubernetes-preserve-unknown-fields: true - idleTimeoutSeconds: - description: IdleTimeoutSeconds is the maximum duration in seconds a request will be allowed to stay open while not receiving any bytes from the user's application. If unspecified, a system default will be provided. - type: integer - format: int64 - imagePullSecrets: - description: 'ImagePullSecrets is an optional list of references to secrets in the same namespace to use for pulling any of the images used by this PodSpec. If specified, these secrets will be passed to individual puller implementations for them to use. More info: https://kubernetes.io/docs/concepts/containers/images#specifying-imagepullsecrets-on-a-pod' - type: array - items: - description: LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. - type: object - properties: - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?' - type: string - x-kubernetes-map-type: atomic - initContainers: - description: 'List of initialization containers belonging to the pod. Init containers are executed in order prior to containers being started. If any init container fails, the pod is considered to have failed and is handled according to its restartPolicy. The name for an init container or normal container must be unique among all containers. Init containers may not have Lifecycle actions, Readiness probes, Liveness probes, or Startup probes. The resourceRequirements of an init container are taken into account during scheduling by finding the highest request/limit for each resource type, and then using the max of of that value or the sum of the normal containers. Limits are applied to init containers in a similar fashion. Init containers cannot currently be added or removed. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/init-containers/' - type: array - items: - description: This is accessible behind a feature flag - kubernetes.podspec-init-containers - type: object - x-kubernetes-preserve-unknown-fields: true - nodeSelector: - description: This is accessible behind a feature flag - kubernetes.podspec-nodeselector - type: object - x-kubernetes-preserve-unknown-fields: true - x-kubernetes-map-type: atomic - priorityClassName: - description: This is accessible behind a feature flag - kubernetes.podspec-priorityclassname - type: string - x-kubernetes-preserve-unknown-fields: true - responseStartTimeoutSeconds: - description: ResponseStartTimeoutSeconds is the maximum duration in seconds that the request routing layer will wait for a request delivered to a container to begin sending any network traffic. - type: integer - format: int64 - runtimeClassName: - description: This is accessible behind a feature flag - kubernetes.podspec-runtimeclassname - type: string - x-kubernetes-preserve-unknown-fields: true - schedulerName: - description: This is accessible behind a feature flag - kubernetes.podspec-schedulername - type: string - x-kubernetes-preserve-unknown-fields: true - securityContext: - description: This is accessible behind a feature flag - kubernetes.podspec-securitycontext - type: object - x-kubernetes-preserve-unknown-fields: true - serviceAccountName: - description: 'ServiceAccountName is the name of the ServiceAccount to use to run this pod. More info: https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/' - type: string - timeoutSeconds: - description: TimeoutSeconds is the maximum duration in seconds that the request instance is allowed to respond to a request. If unspecified, a system default will be provided. - type: integer - format: int64 - tolerations: - description: This is accessible behind a feature flag - kubernetes.podspec-tolerations - type: array - items: - description: This is accessible behind a feature flag - kubernetes.podspec-tolerations - type: object - x-kubernetes-preserve-unknown-fields: true - topologySpreadConstraints: - description: This is accessible behind a feature flag - kubernetes.podspec-topologyspreadconstraints - type: array - items: - description: This is accessible behind a feature flag - kubernetes.podspec-topologyspreadconstraints - type: object - x-kubernetes-preserve-unknown-fields: true - volumes: - description: 'List of volumes that can be mounted by containers belonging to the pod. More info: https://kubernetes.io/docs/concepts/storage/volumes' - type: array - items: - description: Volume represents a named volume in a pod that may be accessed by any container in the pod. - type: object - required: - - name - properties: - configMap: - description: configMap represents a configMap that should populate this volume - type: object - properties: - defaultMode: - description: 'defaultMode is optional: mode bits used to set permissions on created files by default. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. Defaults to 0644. Directories within the path are not affected by this setting. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.' - type: integer - format: int32 - items: - description: items if unspecified, each key-value pair in the Data field of the referenced ConfigMap will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the ConfigMap, the volume setup will error unless it is marked optional. Paths must be relative and may not contain the '..' path or start with '..'. - type: array - items: - description: Maps a string key to a path within a volume. - type: object - required: - - key - - path - properties: - key: - description: key is the key to project. - type: string - mode: - description: 'mode is Optional: mode bits used to set permissions on this file. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.' - type: integer - format: int32 - path: - description: path is the relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'. - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?' - type: string - optional: - description: optional specify whether the ConfigMap or its keys must be defined - type: boolean - x-kubernetes-map-type: atomic - emptyDir: - description: This is accessible behind a feature flag - kubernetes.podspec-emptydir - type: object - x-kubernetes-preserve-unknown-fields: true - name: - description: 'name of the volume. Must be a DNS_LABEL and unique within the pod. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - persistentVolumeClaim: - description: This is accessible behind a feature flag - kubernetes.podspec-persistent-volume-claim - type: object - x-kubernetes-preserve-unknown-fields: true - projected: - description: projected items for all in one resources secrets, configmaps, and downward API - type: object - properties: - defaultMode: - description: defaultMode are the mode bits used to set permissions on created files by default. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. Directories within the path are not affected by this setting. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. - type: integer - format: int32 - sources: - description: sources is the list of volume projections - type: array - items: - description: Projection that may be projected along with other supported volume types - type: object - properties: - configMap: - description: configMap information about the configMap data to project - type: object - properties: - items: - description: items if unspecified, each key-value pair in the Data field of the referenced ConfigMap will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the ConfigMap, the volume setup will error unless it is marked optional. Paths must be relative and may not contain the '..' path or start with '..'. - type: array - items: - description: Maps a string key to a path within a volume. - type: object - required: - - key - - path - properties: - key: - description: key is the key to project. - type: string - mode: - description: 'mode is Optional: mode bits used to set permissions on this file. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.' - type: integer - format: int32 - path: - description: path is the relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'. - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?' - type: string - optional: - description: optional specify whether the ConfigMap or its keys must be defined - type: boolean - x-kubernetes-map-type: atomic - secret: - description: secret information about the secret data to project - type: object - properties: - items: - description: items if unspecified, each key-value pair in the Data field of the referenced Secret will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the Secret, the volume setup will error unless it is marked optional. Paths must be relative and may not contain the '..' path or start with '..'. - type: array - items: - description: Maps a string key to a path within a volume. - type: object - required: - - key - - path - properties: - key: - description: key is the key to project. - type: string - mode: - description: 'mode is Optional: mode bits used to set permissions on this file. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.' - type: integer - format: int32 - path: - description: path is the relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'. - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?' - type: string - optional: - description: optional field specify whether the Secret or its key must be defined - type: boolean - x-kubernetes-map-type: atomic - serviceAccountToken: - description: serviceAccountToken is information about the serviceAccountToken data to project - type: object - required: - - path - properties: - audience: - description: audience is the intended audience of the token. A recipient of a token must identify itself with an identifier specified in the audience of the token, and otherwise should reject the token. The audience defaults to the identifier of the apiserver. - type: string - expirationSeconds: - description: expirationSeconds is the requested duration of validity of the service account token. As the token approaches expiration, the kubelet volume plugin will proactively rotate the service account token. The kubelet will start trying to rotate the token if the token is older than 80 percent of its time to live or if the token is older than 24 hours.Defaults to 1 hour and must be at least 10 minutes. - type: integer - format: int64 - path: - description: path is the path relative to the mount point of the file to project the token into. - type: string - secret: - description: 'secret represents a secret that should populate this volume. More info: https://kubernetes.io/docs/concepts/storage/volumes#secret' - type: object - properties: - defaultMode: - description: 'defaultMode is Optional: mode bits used to set permissions on created files by default. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. Defaults to 0644. Directories within the path are not affected by this setting. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.' - type: integer - format: int32 - items: - description: items If unspecified, each key-value pair in the Data field of the referenced Secret will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the Secret, the volume setup will error unless it is marked optional. Paths must be relative and may not contain the '..' path or start with '..'. - type: array - items: - description: Maps a string key to a path within a volume. - type: object - required: - - key - - path - properties: - key: - description: key is the key to project. - type: string - mode: - description: 'mode is Optional: mode bits used to set permissions on this file. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.' - type: integer - format: int32 - path: - description: path is the relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'. - type: string - optional: - description: optional field specify whether the Secret or its keys must be defined - type: boolean - secretName: - description: 'secretName is the name of the secret in the pod''s namespace to use. More info: https://kubernetes.io/docs/concepts/storage/volumes#secret' - type: string - traffic: - description: Traffic specifies how to distribute traffic over a collection of revisions and configurations. - type: array - items: - description: TrafficTarget holds a single entry of the routing table for a Route. - type: object - properties: - configurationName: - description: ConfigurationName of a configuration to whose latest revision we will send this portion of traffic. When the "status.latestReadyRevisionName" of the referenced configuration changes, we will automatically migrate traffic from the prior "latest ready" revision to the new one. This field is never set in Route's status, only its spec. This is mutually exclusive with RevisionName. - type: string - latestRevision: - description: LatestRevision may be optionally provided to indicate that the latest ready Revision of the Configuration should be used for this traffic target. When provided LatestRevision must be true if RevisionName is empty; it must be false when RevisionName is non-empty. - type: boolean - percent: - description: 'Percent indicates that percentage based routing should be used and the value indicates the percent of traffic that is be routed to this Revision or Configuration. `0` (zero) mean no traffic, `100` means all traffic. When percentage based routing is being used the follow rules apply: - the sum of all percent values must equal 100 - when not specified, the implied value for `percent` is zero for that particular Revision or Configuration' - type: integer - format: int64 - revisionName: - description: RevisionName of a specific revision to which to send this portion of traffic. This is mutually exclusive with ConfigurationName. - type: string - tag: - description: Tag is optionally used to expose a dedicated url for referencing this target exclusively. - type: string - url: - description: URL displays the URL for accessing named traffic targets. URL is displayed in status, and is disallowed on spec. URL must contain a scheme (e.g. http://) and a hostname, but may not contain anything else (e.g. basic auth, url path, etc.) - type: string - status: - description: ServiceStatus represents the Status stanza of the Service resource. - type: object - properties: - address: - description: Address holds the information needed for a Route to be the target of an event. - type: object - properties: - url: - type: string - annotations: - description: Annotations is additional Status fields for the Resource to save some additional State as well as convey more information to the user. This is roughly akin to Annotations on any k8s resource, just the reconciler conveying richer information outwards. - type: object - additionalProperties: - type: string - conditions: - description: Conditions the latest available observations of a resource's current state. - type: array - items: - description: 'Condition defines a readiness condition for a Knative resource. See: https://github.com/kubernetes/community/blob/master/contributors/devel/sig-architecture/api-conventions.md#typical-status-properties' - type: object - required: - - status - - type - properties: - lastTransitionTime: - description: LastTransitionTime is the last time the condition transitioned from one status to another. We use VolatileTime in place of metav1.Time to exclude this from creating equality.Semantic differences (all other things held constant). - type: string - message: - description: A human readable message indicating details about the transition. - type: string - reason: - description: The reason for the condition's last transition. - type: string - severity: - description: Severity with which to treat failures of this type of condition. When this is not specified, it defaults to Error. - type: string - status: - description: Status of the condition, one of True, False, Unknown. - type: string - type: - description: Type of condition. - type: string - latestCreatedRevisionName: - description: LatestCreatedRevisionName is the last revision that was created from this Configuration. It might not be ready yet, for that use LatestReadyRevisionName. - type: string - latestReadyRevisionName: - description: LatestReadyRevisionName holds the name of the latest Revision stamped out from this Configuration that has had its "Ready" condition become "True". - type: string - observedGeneration: - description: ObservedGeneration is the 'Generation' of the Service that was last processed by the controller. - type: integer - format: int64 - traffic: - description: Traffic holds the configured traffic distribution. These entries will always contain RevisionName references. When ConfigurationName appears in the spec, this will hold the LatestReadyRevisionName that we last observed. - type: array - items: - description: TrafficTarget holds a single entry of the routing table for a Route. - type: object - properties: - configurationName: - description: ConfigurationName of a configuration to whose latest revision we will send this portion of traffic. When the "status.latestReadyRevisionName" of the referenced configuration changes, we will automatically migrate traffic from the prior "latest ready" revision to the new one. This field is never set in Route's status, only its spec. This is mutually exclusive with RevisionName. - type: string - latestRevision: - description: LatestRevision may be optionally provided to indicate that the latest ready Revision of the Configuration should be used for this traffic target. When provided LatestRevision must be true if RevisionName is empty; it must be false when RevisionName is non-empty. - type: boolean - percent: - description: 'Percent indicates that percentage based routing should be used and the value indicates the percent of traffic that is be routed to this Revision or Configuration. `0` (zero) mean no traffic, `100` means all traffic. When percentage based routing is being used the follow rules apply: - the sum of all percent values must equal 100 - when not specified, the implied value for `percent` is zero for that particular Revision or Configuration' - type: integer - format: int64 - revisionName: - description: RevisionName of a specific revision to which to send this portion of traffic. This is mutually exclusive with ConfigurationName. - type: string - tag: - description: Tag is optionally used to expose a dedicated url for referencing this target exclusively. - type: string - url: - description: URL displays the URL for accessing named traffic targets. URL is displayed in status, and is disallowed on spec. URL must contain a scheme (e.g. http://) and a hostname, but may not contain anything else (e.g. basic auth, url path, etc.) - type: string - url: - description: URL holds the url that will distribute traffic over the provided traffic targets. It generally has the form http[s]://{route-name}.{route-namespace}.{cluster-level-suffix} - type: string - ---- -# Copyright 2022 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: v1 -kind: Secret -metadata: - # Do not drop -ctrl-ca suffix as control-protocol requires it. - # https://github.com/knative-sandbox/control-protocol/blob/main/pkg/certificates/reconciler/controller.go - name: serving-certs-ctrl-ca - namespace: knative-serving - -# The data is populated when internal-encryption is enabled. ---- -apiVersion: v1 -kind: Secret -metadata: - name: knative-serving-certs - namespace: knative-serving - labels: - serving-certs-ctrl: "data-plane" - networking.internal.knative.dev/certificate-uid: "serving-certs" -# The data is populated when internal-encryption is enabled. - ---- -# Copyright 2018 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: caching.internal.knative.dev/v1alpha1 -kind: Image -metadata: - name: queue-proxy - namespace: knative-serving - labels: - app.kubernetes.io/component: queue-proxy - app.kubernetes.io/name: knative-serving - app.kubernetes.io/version: "1.8.1" -spec: - # This is the Go import path for the binary that is containerized - # and substituted here. - image: gcr.io/knative-releases/knative.dev/serving/cmd/queue@sha256:b87bce5143a9f7d890fdc14f00a6e50bbfaed12955f98b308bf50e33381809ec - ---- -# Copyright 2018 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: v1 -kind: ConfigMap -metadata: - name: config-autoscaler - namespace: knative-serving - labels: - app.kubernetes.io/component: autoscaler - app.kubernetes.io/name: knative-serving - app.kubernetes.io/version: "1.8.1" - annotations: - knative.dev/example-checksum: "47c2487f" -data: - _example: | - ################################ - # # - # EXAMPLE CONFIGURATION # - # # - ################################ - - # This block is not actually functional configuration, - # but serves to illustrate the available configuration - # options and document them in a way that is accessible - # to users that `kubectl edit` this config map. - # - # These sample configuration options may be copied out of - # this example block and unindented to be in the data block - # to actually change the configuration. - - # The Revision ContainerConcurrency field specifies the maximum number - # of requests the Container can handle at once. Container concurrency - # target percentage is how much of that maximum to use in a stable - # state. E.g. if a Revision specifies ContainerConcurrency of 10, then - # the Autoscaler will try to maintain 7 concurrent connections per pod - # on average. - # Note: this limit will be applied to container concurrency set at every - # level (ConfigMap, Revision Spec or Annotation). - # For legacy and backwards compatibility reasons, this value also accepts - # fractional values in (0, 1] interval (i.e. 0.7 ⇒ 70%). - # Thus minimal percentage value must be greater than 1.0, or it will be - # treated as a fraction. - # NOTE: that this value does not affect actual number of concurrent requests - # the user container may receive, but only the average number of requests - # that the revision pods will receive. - container-concurrency-target-percentage: "70" - - # The container concurrency target default is what the Autoscaler will - # try to maintain when concurrency is used as the scaling metric for the - # Revision and the Revision specifies unlimited concurrency. - # When revision explicitly specifies container concurrency, that value - # will be used as a scaling target for autoscaler. - # When specifying unlimited concurrency, the autoscaler will - # horizontally scale the application based on this target concurrency. - # This is what we call "soft limit" in the documentation, i.e. it only - # affects number of pods and does not affect the number of requests - # individual pod processes. - # The value must be a positive number such that the value multiplied - # by container-concurrency-target-percentage is greater than 0.01. - # NOTE: that this value will be adjusted by application of - # container-concurrency-target-percentage, i.e. by default - # the system will target on average 70 concurrent requests - # per revision pod. - # NOTE: Only one metric can be used for autoscaling a Revision. - container-concurrency-target-default: "100" - - # The requests per second (RPS) target default is what the Autoscaler will - # try to maintain when RPS is used as the scaling metric for a Revision and - # the Revision specifies unlimited RPS. Even when specifying unlimited RPS, - # the autoscaler will horizontally scale the application based on this - # target RPS. - # Must be greater than 1.0. - # NOTE: Only one metric can be used for autoscaling a Revision. - requests-per-second-target-default: "200" - - # The target burst capacity specifies the size of burst in concurrent - # requests that the system operator expects the system will receive. - # Autoscaler will try to protect the system from queueing by introducing - # Activator in the request path if the current spare capacity of the - # service is less than this setting. - # If this setting is 0, then Activator will be in the request path only - # when the revision is scaled to 0. - # If this setting is > 0 and container-concurrency-target-percentage is - # 100% or 1.0, then activator will always be in the request path. - # -1 denotes unlimited target-burst-capacity and activator will always - # be in the request path. - # Other negative values are invalid. - target-burst-capacity: "211" - - # When operating in a stable mode, the autoscaler operates on the - # average concurrency over the stable window. - # Stable window must be in whole seconds. - stable-window: "60s" - - # When observed average concurrency during the panic window reaches - # panic-threshold-percentage the target concurrency, the autoscaler - # enters panic mode. When operating in panic mode, the autoscaler - # scales on the average concurrency over the panic window which is - # panic-window-percentage of the stable-window. - # Must be in the [1, 100] range. - # When computing the panic window it will be rounded to the closest - # whole second, at least 1s. - panic-window-percentage: "10.0" - - # The percentage of the container concurrency target at which to - # enter panic mode when reached within the panic window. - panic-threshold-percentage: "200.0" - - # Max scale up rate limits the rate at which the autoscaler will - # increase pod count. It is the maximum ratio of desired pods versus - # observed pods. - # Cannot be less or equal to 1. - # I.e with value of 2.0 the number of pods can at most go N to 2N - # over single Autoscaler period (2s), but at least N to - # N+1, if Autoscaler needs to scale up. - max-scale-up-rate: "1000.0" - - # Max scale down rate limits the rate at which the autoscaler will - # decrease pod count. It is the maximum ratio of observed pods versus - # desired pods. - # Cannot be less or equal to 1. - # I.e. with value of 2.0 the number of pods can at most go N to N/2 - # over single Autoscaler evaluation period (2s), but at - # least N to N-1, if Autoscaler needs to scale down. - max-scale-down-rate: "2.0" - - # Scale to zero feature flag. - enable-scale-to-zero: "true" - - # Scale to zero grace period is the time an inactive revision is left - # running before it is scaled to zero (must be positive, but recommended - # at least a few seconds if running with mesh networking). - # This is the upper limit and is provided not to enforce timeout after - # the revision stopped receiving requests for stable window, but to - # ensure network reprogramming to put activator in the path has completed. - # If the system determines that a shorter period is satisfactory, - # then the system will only wait that amount of time before scaling to 0. - # NOTE: this period might actually be 0, if activator has been - # in the request path sufficiently long. - # If there is necessity for the last pod to linger longer use - # scale-to-zero-pod-retention-period flag. - scale-to-zero-grace-period: "30s" - - # Scale to zero pod retention period defines the minimum amount - # of time the last pod will remain after Autoscaler has decided to - # scale to zero. - # This flag is for the situations where the pod startup is very expensive - # and the traffic is bursty (requiring smaller windows for fast action), - # but patchy. - # The larger of this flag and `scale-to-zero-grace-period` will effectively - # determine how the last pod will hang around. - scale-to-zero-pod-retention-period: "0s" - - # pod-autoscaler-class specifies the default pod autoscaler class - # that should be used if none is specified. If omitted, - # the Knative Pod Autoscaler (KPA) is used by default. - pod-autoscaler-class: "kpa.autoscaling.knative.dev" - - # The capacity of a single activator task. - # The `unit` is one concurrent request proxied by the activator. - # activator-capacity must be at least 1. - # This value is used for computation of the Activator subset size. - # See the algorithm here: http://bit.ly/38XiCZ3. - # TODO(vagababov): tune after actual benchmarking. - activator-capacity: "100.0" - - # initial-scale is the cluster-wide default value for the initial target - # scale of a revision after creation, unless overridden by the - # "autoscaling.knative.dev/initialScale" annotation. - # This value must be greater than 0 unless allow-zero-initial-scale is true. - initial-scale: "1" - - # allow-zero-initial-scale controls whether either the cluster-wide initial-scale flag, - # or the "autoscaling.knative.dev/initialScale" annotation, can be set to 0. - allow-zero-initial-scale: "false" - - # min-scale is the cluster-wide default value for the min scale of a revision, - # unless overridden by the "autoscaling.knative.dev/minScale" annotation. - min-scale: "0" - - # max-scale is the cluster-wide default value for the max scale of a revision, - # unless overridden by the "autoscaling.knative.dev/maxScale" annotation. - # If set to 0, the revision has no maximum scale. - max-scale: "0" - - # scale-down-delay is the amount of time that must pass at reduced - # concurrency before a scale down decision is applied. This can be useful, - # for example, to maintain replica count and avoid a cold start penalty if - # more requests come in within the scale down delay period. - # The default, 0s, imposes no delay at all. - scale-down-delay: "0s" - - # max-scale-limit sets the maximum permitted value for the max scale of a revision. - # When this is set to a positive value, a revision with a maxScale above that value - # (including a maxScale of "0" = unlimited) is disallowed. - # A value of zero (the default) allows any limit, including unlimited. - max-scale-limit: "0" - ---- -# Copyright 2019 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: v1 -kind: ConfigMap -metadata: - name: config-defaults - namespace: knative-serving - labels: - app.kubernetes.io/name: knative-serving - app.kubernetes.io/component: controller - app.kubernetes.io/version: "1.8.1" - annotations: - knative.dev/example-checksum: "e7973912" -data: - _example: | - ################################ - # # - # EXAMPLE CONFIGURATION # - # # - ################################ - - # This block is not actually functional configuration, - # but serves to illustrate the available configuration - # options and document them in a way that is accessible - # to users that `kubectl edit` this config map. - # - # These sample configuration options may be copied out of - # this example block and unindented to be in the data block - # to actually change the configuration. - - # revision-timeout-seconds contains the default number of - # seconds to use for the revision's per-request timeout, if - # none is specified. - revision-timeout-seconds: "300" # 5 minutes - - # max-revision-timeout-seconds contains the maximum number of - # seconds that can be used for revision-timeout-seconds. - # This value must be greater than or equal to revision-timeout-seconds. - # If omitted, the system default is used (600 seconds). - # - # If this value is increased, the activator's terminationGraceTimeSeconds - # should also be increased to prevent in-flight requests being disrupted. - max-revision-timeout-seconds: "600" # 10 minutes - - # revision-response-start-timeout-seconds contains the default number of - # seconds a request will be allowed to stay open while waiting to - # receive any bytes from the user's application, if none is specified. - # - # This defaults to 'revision-timeout-seconds' - revision-response-start-timeout-seconds: "300" - - # revision-idle-timeout-seconds contains the default number of - # seconds a request will be allowed to stay open while not receiving any - # bytes from the user's application, if none is specified. - revision-idle-timeout-seconds: "0" # infinite - - # revision-cpu-request contains the cpu allocation to assign - # to revisions by default. If omitted, no value is specified - # and the system default is used. - # Below is an example of setting revision-cpu-request. - # By default, it is not set by Knative. - revision-cpu-request: "400m" # 0.4 of a CPU (aka 400 milli-CPU) - - # revision-memory-request contains the memory allocation to assign - # to revisions by default. If omitted, no value is specified - # and the system default is used. - # Below is an example of setting revision-memory-request. - # By default, it is not set by Knative. - revision-memory-request: "100M" # 100 megabytes of memory - - # revision-ephemeral-storage-request contains the ephemeral storage - # allocation to assign to revisions by default. If omitted, no value is - # specified and the system default is used. - revision-ephemeral-storage-request: "500M" # 500 megabytes of storage - - # revision-cpu-limit contains the cpu allocation to limit - # revisions to by default. If omitted, no value is specified - # and the system default is used. - # Below is an example of setting revision-cpu-limit. - # By default, it is not set by Knative. - revision-cpu-limit: "1000m" # 1 CPU (aka 1000 milli-CPU) - - # revision-memory-limit contains the memory allocation to limit - # revisions to by default. If omitted, no value is specified - # and the system default is used. - # Below is an example of setting revision-memory-limit. - # By default, it is not set by Knative. - revision-memory-limit: "200M" # 200 megabytes of memory - - # revision-ephemeral-storage-limit contains the ephemeral storage - # allocation to limit revisions to by default. If omitted, no value is - # specified and the system default is used. - revision-ephemeral-storage-limit: "750M" # 750 megabytes of storage - - # container-name-template contains a template for the default - # container name, if none is specified. This field supports - # Go templating and is supplied with the ObjectMeta of the - # enclosing Service or Configuration, so values such as - # {{.Name}} are also valid. - container-name-template: "user-container" - - # init-container-name-template contains a template for the default - # init container name, if none is specified. This field supports - # Go templating and is supplied with the ObjectMeta of the - # enclosing Service or Configuration, so values such as - # {{.Name}} are also valid. - init-container-name-template: "init-container" - - # container-concurrency specifies the maximum number - # of requests the Container can handle at once, and requests - # above this threshold are queued. Setting a value of zero - # disables this throttling and lets through as many requests as - # the pod receives. - container-concurrency: "0" - - # The container concurrency max limit is an operator setting ensuring that - # the individual revisions cannot have arbitrary large concurrency - # values, or autoscaling targets. `container-concurrency` default setting - # must be at or below this value. - # - # Must be greater than 1. - # - # Note: even with this set, a user can choose a containerConcurrency - # of 0 (i.e. unbounded) unless allow-container-concurrency-zero is - # set to "false". - container-concurrency-max-limit: "1000" - - # allow-container-concurrency-zero controls whether users can - # specify 0 (i.e. unbounded) for containerConcurrency. - allow-container-concurrency-zero: "true" - - # enable-service-links specifies the default value used for the - # enableServiceLinks field of the PodSpec, when it is omitted by the user. - # See: https://kubernetes.io/docs/concepts/services-networking/connect-applications-service/#accessing-the-service - # - # This is a tri-state flag with possible values of (true|false|default). - # - # In environments with large number of services it is suggested - # to set this value to `false`. - # See https://github.com/knative/serving/issues/8498. - enable-service-links: "false" - ---- -# Copyright 2019 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: v1 -kind: ConfigMap -metadata: - name: config-deployment - namespace: knative-serving - labels: - app.kubernetes.io/name: knative-serving - app.kubernetes.io/component: controller - app.kubernetes.io/version: "1.8.1" - annotations: - knative.dev/example-checksum: "dd7ee769" -data: - # This is the Go import path for the binary that is containerized - # and substituted here. - queue-sidecar-image: gcr.io/knative-releases/knative.dev/serving/cmd/queue@sha256:b87bce5143a9f7d890fdc14f00a6e50bbfaed12955f98b308bf50e33381809ec - _example: |- - ################################ - # # - # EXAMPLE CONFIGURATION # - # # - ################################ - - # This block is not actually functional configuration, - # but serves to illustrate the available configuration - # options and document them in a way that is accessible - # to users that `kubectl edit` this config map. - # - # These sample configuration options may be copied out of - # this example block and unindented to be in the data block - # to actually change the configuration. - - # List of repositories for which tag to digest resolving should be skipped - registries-skipping-tag-resolving: "kind.local,ko.local,dev.local" - - # Maximum time allowed for an image's digests to be resolved. - digest-resolution-timeout: "10s" - - # Duration we wait for the deployment to be ready before considering it failed. - progress-deadline: "600s" - - # Sets the queue proxy's CPU request. - # If omitted, a default value (currently "25m"), is used. - queue-sidecar-cpu-request: "25m" - - # Sets the queue proxy's CPU limit. - # If omitted, no value is specified and the system default is used. - queue-sidecar-cpu-limit: "1000m" - - # Sets the queue proxy's memory request. - # If omitted, no value is specified and the system default is used. - queue-sidecar-memory-request: "400Mi" - - # Sets the queue proxy's memory limit. - # If omitted, no value is specified and the system default is used. - queue-sidecar-memory-limit: "800Mi" - - # Sets the queue proxy's ephemeral storage request. - # If omitted, no value is specified and the system default is used. - queue-sidecar-ephemeral-storage-request: "512Mi" - - # Sets the queue proxy's ephemeral storage limit. - # If omitted, no value is specified and the system default is used. - queue-sidecar-ephemeral-storage-limit: "1024Mi" - - # The freezer service endpoint that queue-proxy calls when its traffic drops to zero or - # scales up from zero. - # - # Freezer service is available at: https://github.com/knative-sandbox/container-freezer - # or users may write their own service. - # - # The value will need to include both the host and the port that will be accessed. - # For the host, $HOST_IP can be passed, and the appropriate host IP value will be swapped - # in at runtime, which will enable the freezer daemonset to be reachable via the node IP. - # - # As an example: - # concurrency-state-endpoint: "http://$HOST_IP:9696" - # - # If not set, queue proxy takes no action (this is the default behavior). - # - # When enabled, a serviceAccountToken will be mounted to queue-proxy using - # a projected volume. This requires the Service Account Token Volume Projection feature - # to be enabled. For details, see this link: - # https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/#service-account-token-volume-projection - # - # NOTE THAT THIS IS AN EXPERIMENTAL / ALPHA FEATURE - concurrency-state-endpoint: "" - ---- -# Copyright 2018 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: v1 -kind: ConfigMap -metadata: - name: config-domain - namespace: knative-serving - labels: - app.kubernetes.io/name: knative-serving - app.kubernetes.io/component: controller - app.kubernetes.io/version: "1.8.1" - annotations: - knative.dev/example-checksum: "26c09de5" -data: - _example: | - ################################ - # # - # EXAMPLE CONFIGURATION # - # # - ################################ - - # This block is not actually functional configuration, - # but serves to illustrate the available configuration - # options and document them in a way that is accessible - # to users that `kubectl edit` this config map. - # - # These sample configuration options may be copied out of - # this example block and unindented to be in the data block - # to actually change the configuration. - - # Default value for domain. - # Routes having the cluster domain suffix (by default 'svc.cluster.local') - # will not be exposed through Ingress. You can define your own label - # selector to assign that domain suffix to your Route here, or you can set - # the label - # "networking.knative.dev/visibility=cluster-local" - # to achieve the same effect. This shows how to make routes having - # the label app=secret only exposed to the local cluster. - svc.cluster.local: | - selector: - app: secret - - # These are example settings of domain. - # example.com will be used for all routes, but it is the least-specific rule so it - # will only be used if no other domain matches. - example.com: | - - # example.org will be used for routes having app=nonprofit. - example.org: | - selector: - app: nonprofit - ---- -# Copyright 2020 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: v1 -kind: ConfigMap -metadata: - name: config-features - namespace: knative-serving - labels: - app.kubernetes.io/name: knative-serving - app.kubernetes.io/component: controller - app.kubernetes.io/version: "1.8.1" - annotations: - knative.dev/example-checksum: "691a192e" -data: - _example: |- - ################################ - # # - # EXAMPLE CONFIGURATION # - # # - ################################ - - # This block is not actually functional configuration, - # but serves to illustrate the available configuration - # options and document them in a way that is accessible - # to users that `kubectl edit` this config map. - # - # These sample configuration options may be copied out of - # this example block and unindented to be in the data block - # to actually change the configuration. - - # Indicates whether multi container support is enabled - # - # WARNING: Cannot safely be disabled once enabled. - # See: https://knative.dev/docs/serving/feature-flags/#multi-containers - multi-container: "enabled" - - # Indicates whether Kubernetes affinity support is enabled - # - # WARNING: Cannot safely be disabled once enabled. - # See: https://knative.dev/docs/serving/feature-flags/#kubernetes-node-affinity - kubernetes.podspec-affinity: "disabled" - - # Indicates whether Kubernetes topologySpreadConstraints support is enabled - # - # WARNING: Cannot safely be disabled once enabled. - # See: https://knative.dev/docs/serving/feature-flags/#kubernetes-topology-spread-constraints - kubernetes.podspec-topologyspreadconstraints: "disabled" - - # Indicates whether Kubernetes hostAliases support is enabled - # - # WARNING: Cannot safely be disabled once enabled. - # See: https://knative.dev/docs/serving/feature-flags/#kubernetes-host-aliases - kubernetes.podspec-hostaliases: "disabled" - - # Indicates whether Kubernetes nodeSelector support is enabled - # - # WARNING: Cannot safely be disabled once enabled. - # See: https://knative.dev/docs/serving/feature-flags/#kubernetes-node-selector - kubernetes.podspec-nodeselector: "disabled" - - # Indicates whether Kubernetes tolerations support is enabled - # - # WARNING: Cannot safely be disabled once enabled - # See: https://knative.dev/docs/serving/feature-flags/#kubernetes-toleration - kubernetes.podspec-tolerations: "disabled" - - # Indicates whether Kubernetes FieldRef support is enabled - # - # WARNING: Cannot safely be disabled once enabled. - # See: https://knative.dev/docs/serving/feature-flags/#kubernetes-fieldref - kubernetes.podspec-fieldref: "disabled" - - # Indicates whether Kubernetes RuntimeClassName support is enabled - # - # WARNING: Cannot safely be disabled once enabled. - # See: https://knative.dev/docs/serving/feature-flags/#kubernetes-runtime-class - kubernetes.podspec-runtimeclassname: "disabled" - - # Indicates whether Kubernetes DNSPolicy support is enabled - # - # WARNING: Cannot safely be disabled once enabled. - # See: https://knative.dev/docs/serving/feature-flags/#kubernetes-dnspolicy - kubernetes.podspec-dnspolicy: "disabled" - - # Indicates whether Kubernetes DNSConfig support is enabled - # - # WARNING: Cannot safely be disabled once enabled. - # See: https://knative.dev/docs/serving/feature-flags/#kubernetes-dnsconfig - kubernetes.podspec-dnsconfig: "disabled" - - # This feature allows end-users to set a subset of fields on the Pod's SecurityContext - # - # When set to "enabled" or "allowed" it allows the following - # PodSecurityContext properties: - # - FSGroup - # - RunAsGroup - # - RunAsNonRoot - # - SupplementalGroups - # - RunAsUser - # - SeccompProfile - # - # This feature flag should be used with caution as the PodSecurityContext - # properties may have a side-effect on non-user sidecar containers that come - # from Knative or your service mesh - # - # WARNING: Cannot safely be disabled once enabled. - # See: https://knative.dev/docs/serving/feature-flags/#kubernetes-security-context - kubernetes.podspec-securitycontext: "disabled" - - # Indicates whether Kubernetes PriorityClassName support is enabled - # - # WARNING: Cannot safely be disabled once enabled. - # See: https://knative.dev/docs/serving/feature-flags/#kubernetes-priority-class-name - kubernetes.podspec-priorityclassname: "disabled" - - # Indicates whether Kubernetes SchedulerName support is enabled - # - # WARNING: Cannot safely be disabled once enabled. - # See: https://knative.dev/docs/serving/feature-flags/#kubernetes-scheduler-name - kubernetes.podspec-schedulername: "disabled" - - # This feature flag allows end-users to add a subset of capabilities on the Pod's SecurityContext. - # - # When set to "enabled" or "allowed" it allows capabilities to be added to the container. - # For a list of possible capabilities, see https://man7.org/linux/man-pages/man7/capabilities.7.html - kubernetes.containerspec-addcapabilities: "disabled" - - # This feature validates PodSpecs from the validating webhook - # against the K8s API Server. - # - # When "enabled", the server will always run the extra validation. - # When "allowed", the server will not run the dry-run validation by default. - # However, clients may enable the behavior on an individual Service by - # attaching the following metadata annotation: "features.knative.dev/podspec-dryrun":"enabled". - # See: https://knative.dev/docs/serving/feature-flags/#kubernetes-dry-run - kubernetes.podspec-dryrun: "allowed" - - # Controls whether tag header based routing feature are enabled or not. - # 1. Enabled: enabling tag header based routing - # 2. Disabled: disabling tag header based routing - # See: https://knative.dev/docs/serving/feature-flags/#tag-header-based-routing - tag-header-based-routing: "disabled" - - # Controls whether http2 auto-detection should be enabled or not. - # 1. Enabled: http2 connection will be attempted via upgrade. - # 2. Disabled: http2 connection will only be attempted when port name is set to "h2c". - autodetect-http2: "disabled" - - # Controls whether volume support for EmptyDir is enabled or not. - # 1. Enabled: enabling EmptyDir volume support - # 2. Disabled: disabling EmptyDir volume support - kubernetes.podspec-volumes-emptydir: "enabled" - - # Controls whether init containers support is enabled or not. - # 1. Enabled: enabling init containers support - # 2. Disabled: disabling init containers support - kubernetes.podspec-init-containers: "disabled" - - # Controls whether persistent volume claim support is enabled or not. - # 1. Enabled: enabling persistent volume claim support - # 2. Disabled: disabling persistent volume claim support - kubernetes.podspec-persistent-volume-claim: "disabled" - - # Controls whether write access for persistent volumes is enabled or not. - # 1. Enabled: enabling write access for persistent volumes - # 2. Disabled: disabling write access for persistent volumes - kubernetes.podspec-persistent-volume-write: "disabled" - - # Controls if the queue proxy podInfo feature is enabled, allowed or disabled - # - # This feature should be enabled/allowed when using queue proxy Options (Extensions) - # Enabling will mount a podInfo volume to the queue proxy container. - # The volume will contains an 'annotations' file (from the pod's annotation field). - # The annotations in this file include the Service annotations set by the client creating the service. - # If mounted, the annotations can be accessed by queue proxy extensions at /etc/podinfo/annnotations - # - # 1. "enabled": always mount a podInfo volume - # 2. "disabled": never mount a podInfo volume - # 3. "allowed": by default, do not mount a podInfo volume - # However, a client may mount the podInfo volume on an individual Service by attaching - # the following metadata annotation to the Service: "features.knative.dev/queueproxy-podinfo":"enabled". - # - # NOTE THAT THIS IS AN EXPERIMENTAL / ALPHA FEATURE - queueproxy.mount-podinfo: "disabled" - ---- -# Copyright 2018 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: v1 -kind: ConfigMap -metadata: - name: config-gc - namespace: knative-serving - labels: - app.kubernetes.io/name: knative-serving - app.kubernetes.io/component: controller - app.kubernetes.io/version: "1.8.1" - annotations: - knative.dev/example-checksum: "aa3813a8" -data: - _example: | - ################################ - # # - # EXAMPLE CONFIGURATION # - # # - ################################ - - # This block is not actually functional configuration, - # but serves to illustrate the available configuration - # options and document them in a way that is accessible - # to users that `kubectl edit` this config map. - # - # These sample configuration options may be copied out of - # this example block and unindented to be in the data block - # to actually change the configuration. - - # --------------------------------------- - # Garbage Collector Settings - # --------------------------------------- - # - # Active - # * Revisions which are referenced by a Route are considered active. - # * Individual revisions may be marked with the annotation - # "serving.knative.dev/no-gc":"true" to be permanently considered active. - # * Active revisions are not considered for GC. - # Retention - # * Revisions are retained if they are any of the following: - # 1. Active - # 2. Were created within "retain-since-create-time" - # 3. Were last referenced by a route within - # "retain-since-last-active-time" - # 4. There are fewer than "min-non-active-revisions" - # If none of these conditions are met, or if the count of revisions exceed - # "max-non-active-revisions", they will be deleted by GC. - # The special value "disabled" may be used to turn off these limits. - # - # Example config to immediately collect any inactive revision: - # min-non-active-revisions: "0" - # max-non-active-revisions: "0" - # retain-since-create-time: "disabled" - # retain-since-last-active-time: "disabled" - # - # Example config to always keep around the last ten non-active revisions: - # retain-since-create-time: "disabled" - # retain-since-last-active-time: "disabled" - # max-non-active-revisions: "10" - # - # Example config to disable all garbage collection: - # retain-since-create-time: "disabled" - # retain-since-last-active-time: "disabled" - # max-non-active-revisions: "disabled" - # - # Example config to keep recently deployed or active revisions, - # always maintain the last two in case of rollback, and prevent - # burst activity from exploding the count of old revisions: - # retain-since-create-time: "48h" - # retain-since-last-active-time: "15h" - # min-non-active-revisions: "2" - # max-non-active-revisions: "1000" - - # Duration since creation before considering a revision for GC or "disabled". - retain-since-create-time: "48h" - - # Duration since active before considering a revision for GC or "disabled". - retain-since-last-active-time: "15h" - - # Minimum number of non-active revisions to retain. - min-non-active-revisions: "20" - - # Maximum number of non-active revisions to retain - # or "disabled" to disable any maximum limit. - max-non-active-revisions: "1000" - ---- -# Copyright 2020 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: v1 -kind: ConfigMap -metadata: - name: config-leader-election - namespace: knative-serving - labels: - app.kubernetes.io/name: knative-serving - app.kubernetes.io/component: controller - app.kubernetes.io/version: "1.8.1" - annotations: - knative.dev/example-checksum: "f4b71f57" -data: - _example: | - ################################ - # # - # EXAMPLE CONFIGURATION # - # # - ################################ - - # This block is not actually functional configuration, - # but serves to illustrate the available configuration - # options and document them in a way that is accessible - # to users that `kubectl edit` this config map. - # - # These sample configuration options may be copied out of - # this example block and unindented to be in the data block - # to actually change the configuration. - - # lease-duration is how long non-leaders will wait to try to acquire the - # lock; 15 seconds is the value used by core kubernetes controllers. - lease-duration: "60s" - - # renew-deadline is how long a leader will try to renew the lease before - # giving up; 10 seconds is the value used by core kubernetes controllers. - renew-deadline: "40s" - - # retry-period is how long the leader election client waits between tries of - # actions; 2 seconds is the value used by core kubernetes controllers. - retry-period: "10s" - - # buckets is the number of buckets used to partition key space of each - # Reconciler. If this number is M and the replica number of the controller - # is N, the N replicas will compete for the M buckets. The owner of a - # bucket will take care of the reconciling for the keys partitioned into - # that bucket. - buckets: "1" - ---- -# Copyright 2018 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: v1 -kind: ConfigMap -metadata: - name: config-logging - namespace: knative-serving - labels: - app.kubernetes.io/version: "1.8.1" - app.kubernetes.io/component: logging - app.kubernetes.io/name: knative-serving - annotations: - knative.dev/example-checksum: "b0f3c6f2" -data: - _example: | - ################################ - # # - # EXAMPLE CONFIGURATION # - # # - ################################ - - # This block is not actually functional configuration, - # but serves to illustrate the available configuration - # options and document them in a way that is accessible - # to users that `kubectl edit` this config map. - # - # These sample configuration options may be copied out of - # this example block and unindented to be in the data block - # to actually change the configuration. - - # Common configuration for all Knative codebase - zap-logger-config: | - { - "level": "info", - "development": false, - "outputPaths": ["stdout"], - "errorOutputPaths": ["stderr"], - "encoding": "json", - "encoderConfig": { - "timeKey": "timestamp", - "levelKey": "severity", - "nameKey": "logger", - "callerKey": "caller", - "messageKey": "message", - "stacktraceKey": "stacktrace", - "lineEnding": "", - "levelEncoder": "", - "timeEncoder": "iso8601", - "durationEncoder": "", - "callerEncoder": "" - } - } - - # Log level overrides - # For all components except the queue proxy, - # changes are picked up immediately. - # For queue proxy, changes require recreation of the pods. - loglevel.controller: "info" - loglevel.autoscaler: "info" - loglevel.queueproxy: "info" - loglevel.webhook: "info" - loglevel.activator: "info" - loglevel.hpaautoscaler: "info" - loglevel.net-certmanager-controller: "info" - loglevel.net-istio-controller: "info" - loglevel.net-contour-controller: "info" - ---- -# Copyright 2018 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: v1 -kind: ConfigMap -metadata: - name: config-network - namespace: knative-serving - labels: - app.kubernetes.io/name: knative-serving - app.kubernetes.io/component: networking - app.kubernetes.io/version: "1.8.1" - annotations: - knative.dev/example-checksum: "73d96d1b" -data: - _example: | - ################################ - # # - # EXAMPLE CONFIGURATION # - # # - ################################ - - # This block is not actually functional configuration, - # but serves to illustrate the available configuration - # options and document them in a way that is accessible - # to users that `kubectl edit` this config map. - # - # These sample configuration options may be copied out of - # this example block and unindented to be in the data block - # to actually change the configuration. - - # ingress-class specifies the default ingress class - # to use when not dictated by Route annotation. - # - # If not specified, will use the Istio ingress. - # - # Note that changing the Ingress class of an existing Route - # will result in undefined behavior. Therefore it is best to only - # update this value during the setup of Knative, to avoid getting - # undefined behavior. - ingress-class: "istio.ingress.networking.knative.dev" - - # certificate-class specifies the default Certificate class - # to use when not dictated by Route annotation. - # - # If not specified, will use the Cert-Manager Certificate. - # - # Note that changing the Certificate class of an existing Route - # will result in undefined behavior. Therefore it is best to only - # update this value during the setup of Knative, to avoid getting - # undefined behavior. - certificate-class: "cert-manager.certificate.networking.knative.dev" - - # namespace-wildcard-cert-selector specifies a LabelSelector which - # determines which namespaces should have a wildcard certificate - # provisioned. - # - # Use an empty value to disable the feature (this is the default): - # namespace-wildcard-cert-selector: "" - # - # Use an empty object to enable for all namespaces - # namespace-wildcard-cert-selector: {} - # - # Useful labels include the "kubernetes.io/metadata.name" label to - # avoid provisioning a certifcate for the "kube-system" namespaces. - # Use the following selector to match pre-1.0 behavior of using - # "networking.knative.dev/disableWildcardCert" to exclude namespaces: - # - # matchExpressions: - # - key: "networking.knative.dev/disableWildcardCert" - # operator: "NotIn" - # values: ["true"] - namespace-wildcard-cert-selector: "" - - # domain-template specifies the golang text template string to use - # when constructing the Knative service's DNS name. The default - # value is "{{.Name}}.{{.Namespace}}.{{.Domain}}". - # - # Valid variables defined in the template include Name, Namespace, Domain, - # Labels, and Annotations. Name will be the result of the tagTemplate - # below, if a tag is specified for the route. - # - # Changing this value might be necessary when the extra levels in - # the domain name generated is problematic for wildcard certificates - # that only support a single level of domain name added to the - # certificate's domain. In those cases you might consider using a value - # of "{{.Name}}-{{.Namespace}}.{{.Domain}}", or removing the Namespace - # entirely from the template. When choosing a new value be thoughtful - # of the potential for conflicts - for example, when users choose to use - # characters such as `-` in their service, or namespace, names. - # {{.Annotations}} or {{.Labels}} can be used for any customization in the - # go template if needed. - # We strongly recommend keeping namespace part of the template to avoid - # domain name clashes: - # eg. '{{.Name}}-{{.Namespace}}.{{ index .Annotations "sub"}}.{{.Domain}}' - # and you have an annotation {"sub":"foo"}, then the generated template - # would be {Name}-{Namespace}.foo.{Domain} - domain-template: "{{.Name}}.{{.Namespace}}.{{.Domain}}" - - # tagTemplate specifies the golang text template string to use - # when constructing the DNS name for "tags" within the traffic blocks - # of Routes and Configuration. This is used in conjunction with the - # domainTemplate above to determine the full URL for the tag. - tag-template: "{{.Tag}}-{{.Name}}" - - # Controls whether TLS certificates are automatically provisioned and - # installed in the Knative ingress to terminate external TLS connection. - # 1. Enabled: enabling auto-TLS feature. - # 2. Disabled: disabling auto-TLS feature. - auto-tls: "Disabled" - - # Controls the behavior of the HTTP endpoint for the Knative ingress. - # It requires autoTLS to be enabled. - # 1. Enabled: The Knative ingress will be able to serve HTTP connection. - # 2. Redirected: The Knative ingress will send a 301 redirect for all - # http connections, asking the clients to use HTTPS. - # - # "Disabled" option is deprecated. - http-protocol: "Enabled" - - # rollout-duration contains the minimal duration in seconds over which the - # Configuration traffic targets are rolled out to the newest revision. - rollout-duration: "0" - - # autocreate-cluster-domain-claims controls whether ClusterDomainClaims should - # be automatically created (and deleted) as needed when DomainMappings are - # reconciled. - # - # If this is "false" (the default), the cluster administrator is - # responsible for creating ClusterDomainClaims and delegating them to - # namespaces via their spec.Namespace field. This setting should be used in - # multitenant environments which need to control which namespace can use a - # particular domain name in a domain mapping. - # - # If this is "true", users are able to associate arbitrary names with their - # services via the DomainMapping feature. - autocreate-cluster-domain-claims: "false" - - # If true, networking plugins can add additional information to deployed - # applications to make their pods directly accessible via their IPs even if mesh is - # enabled and thus direct-addressability is usually not possible. - # Consumers like Knative Serving can use this setting to adjust their behavior - # accordingly, i.e. to drop fallback solutions for non-pod-addressable systems. - # - # NOTE: This flag is in an alpha state and is mostly here to enable internal testing - # for now. Use with caution. - enable-mesh-pod-addressability: "false" - - # mesh-compatibility-mode indicates whether consumers of network plugins - # should directly contact Pod IPs (most efficient), or should use the - # Cluster IP (less efficient, needed when mesh is enabled unless - # `enable-mesh-pod-addressability`, above, is set). - # Permitted values are: - # - "auto" (default): automatically determine which mesh mode to use by trying Pod IP and falling back to Cluster IP as needed. - # - "enabled": always use Cluster IP and do not attempt to use Pod IPs. - # - "disabled": always use Pod IPs and do not fall back to Cluster IP on failure. - mesh-compatibility-mode: "auto" - - # Defines the scheme used for external URLs if autoTLS is not enabled. - # This can be used for making Knative report all URLs as "HTTPS" for example, if you're - # fronting Knative with an external loadbalancer that deals with TLS termination and - # Knative doesn't know about that otherwise. - default-external-scheme: "http" - - # internal-encryption indicates whether internal traffic is encrypted or not. - # If this is "true", the following traffic are encrypted: - # - ingress to activator - # - ingress to queue-proxy - # - activator to queue-proxy - # - # NOTE: This flag is in an alpha state and is mostly here to enable internal testing - # for now. Use with caution. - internal-encryption: "false" - ---- -# Copyright 2018 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: v1 -kind: ConfigMap -metadata: - name: config-observability - namespace: knative-serving - labels: - app.kubernetes.io/name: knative-serving - app.kubernetes.io/component: observability - app.kubernetes.io/version: "1.8.1" - annotations: - knative.dev/example-checksum: "fed4756e" -data: - _example: | - ################################ - # # - # EXAMPLE CONFIGURATION # - # # - ################################ - - # This block is not actually functional configuration, - # but serves to illustrate the available configuration - # options and document them in a way that is accessible - # to users that `kubectl edit` this config map. - # - # These sample configuration options may be copied out of - # this example block and unindented to be in the data block - # to actually change the configuration. - - # logging.enable-var-log-collection defaults to false. - # The fluentd daemon set will be set up to collect /var/log if - # this flag is true. - logging.enable-var-log-collection: "false" - - # logging.revision-url-template provides a template to use for producing the - # logging URL that is injected into the status of each Revision. - logging.revision-url-template: "http://logging.example.com/?revisionUID=${REVISION_UID}" - - # If non-empty, this enables queue proxy writing user request logs to stdout, excluding probe - # requests. - # NB: after 0.18 release logging.enable-request-log must be explicitly set to true - # in order for request logging to be enabled. - # - # The value determines the shape of the request logs and it must be a valid go text/template. - # It is important to keep this as a single line. Multiple lines are parsed as separate entities - # by most collection agents and will split the request logs into multiple records. - # - # The following fields and functions are available to the template: - # - # Request: An http.Request (see https://golang.org/pkg/net/http/#Request) - # representing an HTTP request received by the server. - # - # Response: - # struct { - # Code int // HTTP status code (see https://www.iana.org/assignments/http-status-codes/http-status-codes.xhtml) - # Size int // An int representing the size of the response. - # Latency float64 // A float64 representing the latency of the response in seconds. - # } - # - # Revision: - # struct { - # Name string // Knative revision name - # Namespace string // Knative revision namespace - # Service string // Knative service name - # Configuration string // Knative configuration name - # PodName string // Name of the pod hosting the revision - # PodIP string // IP of the pod hosting the revision - # } - # - logging.request-log-template: '{"httpRequest": {"requestMethod": "{{.Request.Method}}", "requestUrl": "{{js .Request.RequestURI}}", "requestSize": "{{.Request.ContentLength}}", "status": {{.Response.Code}}, "responseSize": "{{.Response.Size}}", "userAgent": "{{js .Request.UserAgent}}", "remoteIp": "{{js .Request.RemoteAddr}}", "serverIp": "{{.Revision.PodIP}}", "referer": "{{js .Request.Referer}}", "latency": "{{.Response.Latency}}s", "protocol": "{{.Request.Proto}}"}, "traceId": "{{index .Request.Header "X-B3-Traceid"}}"}' - - # If true, the request logging will be enabled. - # NB: up to and including Knative version 0.18 if logging.request-log-template is non-empty, this value - # will be ignored. - logging.enable-request-log: "false" - - # If true, this enables queue proxy writing request logs for probe requests to stdout. - # It uses the same template for user requests, i.e. logging.request-log-template. - logging.enable-probe-request-log: "false" - - # metrics.backend-destination field specifies the system metrics destination. - # It supports either prometheus (the default) or opencensus. - metrics.backend-destination: prometheus - - # metrics.request-metrics-backend-destination specifies the request metrics - # destination. It enables queue proxy to send request metrics. - # Currently supported values: prometheus (the default), opencensus. - metrics.request-metrics-backend-destination: prometheus - - # profiling.enable indicates whether it is allowed to retrieve runtime profiling data from - # the pods via an HTTP server in the format expected by the pprof visualization tool. When - # enabled, the Knative Serving pods expose the profiling data on an alternate HTTP port 8008. - # The HTTP context root for profiling is then /debug/pprof/. - profiling.enable: "false" - ---- -# Copyright 2019 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: v1 -kind: ConfigMap -metadata: - name: config-tracing - namespace: knative-serving - labels: - app.kubernetes.io/name: knative-serving - app.kubernetes.io/component: tracing - app.kubernetes.io/version: "1.8.1" - annotations: - knative.dev/example-checksum: "26614636" -data: - _example: | - ################################ - # # - # EXAMPLE CONFIGURATION # - # # - ################################ - - # This block is not actually functional configuration, - # but serves to illustrate the available configuration - # options and document them in a way that is accessible - # to users that `kubectl edit` this config map. - # - # These sample configuration options may be copied out of - # this example block and unindented to be in the data block - # to actually change the configuration. - # - # This may be "zipkin" or "none" (default) - backend: "none" - - # URL to zipkin collector where traces are sent. - # This must be specified when backend is "zipkin" - zipkin-endpoint: "http://zipkin.istio-system.svc.cluster.local:9411/api/v2/spans" - - # Enable zipkin debug mode. This allows all spans to be sent to the server - # bypassing sampling. - debug: "false" - - # Percentage (0-1) of requests to trace - sample-rate: "0.1" - ---- -# Copyright 2020 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: autoscaling/v2 -kind: HorizontalPodAutoscaler -metadata: - name: activator - namespace: knative-serving - labels: - app.kubernetes.io/component: activator - app.kubernetes.io/name: knative-serving - app.kubernetes.io/version: "1.8.1" -spec: - minReplicas: 1 - maxReplicas: 20 - scaleTargetRef: - apiVersion: apps/v1 - kind: Deployment - name: activator - metrics: - - type: Resource - resource: - name: cpu - target: - type: Utilization - # Percentage of the requested CPU - averageUtilization: 100 ---- -# Activator PDB. Currently we permit unavailability of 20% of tasks at the same time. -# Given the subsetting and that the activators are partially stateful systems, we want -# a slow rollout of the new versions and slow migration during node upgrades. -apiVersion: policy/v1 -kind: PodDisruptionBudget -metadata: - name: activator-pdb - namespace: knative-serving - labels: - app.kubernetes.io/component: activator - app.kubernetes.io/name: knative-serving - app.kubernetes.io/version: "1.8.1" -spec: - minAvailable: 80% - selector: - matchLabels: - app: activator - ---- -# Copyright 2018 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: apps/v1 -kind: Deployment -metadata: - name: activator - namespace: knative-serving - labels: - app.kubernetes.io/component: activator - app.kubernetes.io/version: "1.8.1" - app.kubernetes.io/name: knative-serving -spec: - selector: - matchLabels: - app: activator - role: activator - template: - metadata: - annotations: - cluster-autoscaler.kubernetes.io/safe-to-evict: "false" - labels: - app: activator - role: activator - app.kubernetes.io/component: activator - app.kubernetes.io/name: knative-serving - app.kubernetes.io/version: "1.8.1" - spec: - serviceAccountName: controller - containers: - - name: activator - # This is the Go import path for the binary that is containerized - # and substituted here. - image: gcr.io/knative-releases/knative.dev/serving/cmd/activator@sha256:d7f05e8bae04b1a55ab2f44735b974aa5bdcbd277f5f6f6fad6cc47864c3716f - # The numbers are based on performance test results from - # https://github.com/knative/serving/issues/1625#issuecomment-511930023 - resources: - requests: - cpu: 300m - memory: 60Mi - limits: - cpu: 1000m - memory: 600Mi - env: - # Run Activator with GC collection when newly generated memory is 500%. - - name: GOGC - value: "500" - - name: POD_NAME - valueFrom: - fieldRef: - fieldPath: metadata.name - - name: POD_IP - valueFrom: - fieldRef: - fieldPath: status.podIP - - name: SYSTEM_NAMESPACE - valueFrom: - fieldRef: - fieldPath: metadata.namespace - - name: CONFIG_LOGGING_NAME - value: config-logging - - name: CONFIG_OBSERVABILITY_NAME - value: config-observability - # TODO(https://github.com/knative/pkg/pull/953): Remove stackdriver specific config - - name: METRICS_DOMAIN - value: knative.dev/internal/serving - securityContext: - allowPrivilegeEscalation: false - readOnlyRootFilesystem: true - runAsNonRoot: true - capabilities: - drop: - - ALL - seccompProfile: - type: RuntimeDefault - ports: - - name: metrics - containerPort: 9090 - - name: profiling - containerPort: 8008 - - name: http1 - containerPort: 8012 - - name: h2c - containerPort: 8013 - readinessProbe: - httpGet: - port: 8012 - httpHeaders: - - name: k-kubelet-probe - value: "activator" - periodSeconds: 5 - failureThreshold: 5 - livenessProbe: - httpGet: - port: 8012 - httpHeaders: - - name: k-kubelet-probe - value: "activator" - periodSeconds: 10 - failureThreshold: 12 - initialDelaySeconds: 15 - # The activator (often) sits on the dataplane, and may proxy long (e.g. - # streaming, websockets) requests. We give a long grace period for the - # activator to "lame duck" and drain outstanding requests before we - # forcibly terminate the pod (and outstanding connections). This value - # should be at least as large as the upper bound on the Revision's - # timeoutSeconds property to avoid servicing events disrupting - # connections. - terminationGracePeriodSeconds: 600 ---- -apiVersion: v1 -kind: Service -metadata: - name: activator-service - namespace: knative-serving - labels: - app: activator - app.kubernetes.io/component: activator - app.kubernetes.io/version: "1.8.1" - app.kubernetes.io/name: knative-serving -spec: - selector: - app: activator - ports: - # Define metrics and profiling for them to be accessible within service meshes. - - name: http-metrics - port: 9090 - targetPort: 9090 - - name: http-profiling - port: 8008 - targetPort: 8008 - - name: http - port: 80 - targetPort: 8012 - - name: http2 - port: 81 - targetPort: 8013 - - name: https - port: 443 - targetPort: 8112 - type: ClusterIP - ---- -# Copyright 2018 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: apps/v1 -kind: Deployment -metadata: - name: autoscaler - namespace: knative-serving - labels: - app.kubernetes.io/component: autoscaler - app.kubernetes.io/name: knative-serving - app.kubernetes.io/version: "1.8.1" -spec: - replicas: 1 - selector: - matchLabels: - app: autoscaler - strategy: - type: RollingUpdate - rollingUpdate: - maxUnavailable: 0 - template: - metadata: - annotations: - cluster-autoscaler.kubernetes.io/safe-to-evict: "false" - labels: - app: autoscaler - app.kubernetes.io/component: autoscaler - app.kubernetes.io/name: knative-serving - app.kubernetes.io/version: "1.8.1" - spec: - # To avoid node becoming SPOF, spread our replicas to different nodes. - affinity: - podAntiAffinity: - preferredDuringSchedulingIgnoredDuringExecution: - - podAffinityTerm: - labelSelector: - matchLabels: - app: autoscaler - topologyKey: kubernetes.io/hostname - weight: 100 - serviceAccountName: controller - containers: - - name: autoscaler - # This is the Go import path for the binary that is containerized - # and substituted here. - image: gcr.io/knative-releases/knative.dev/serving/cmd/autoscaler@sha256:a432d1275e1e861fa03fa3b0dd5c524875993730ee06f2e51990d5d560c4a794 - resources: - requests: - cpu: 100m - memory: 100Mi - limits: - cpu: 1000m - memory: 1000Mi - env: - - name: POD_NAME - valueFrom: - fieldRef: - fieldPath: metadata.name - - name: POD_IP - valueFrom: - fieldRef: - fieldPath: status.podIP - - name: SYSTEM_NAMESPACE - valueFrom: - fieldRef: - fieldPath: metadata.namespace - - name: CONFIG_LOGGING_NAME - value: config-logging - - name: CONFIG_OBSERVABILITY_NAME - value: config-observability - # TODO(https://github.com/knative/pkg/pull/953): Remove stackdriver specific config - - name: METRICS_DOMAIN - value: knative.dev/serving - securityContext: - allowPrivilegeEscalation: false - readOnlyRootFilesystem: true - runAsNonRoot: true - capabilities: - drop: - - ALL - seccompProfile: - type: RuntimeDefault - ports: - - name: metrics - containerPort: 9090 - - name: profiling - containerPort: 8008 - - name: websocket - containerPort: 8080 - readinessProbe: - httpGet: - port: 8080 - httpHeaders: - - name: k-kubelet-probe - value: "autoscaler" - livenessProbe: - httpGet: - port: 8080 - httpHeaders: - - name: k-kubelet-probe - value: "autoscaler" - failureThreshold: 6 ---- -apiVersion: v1 -kind: Service -metadata: - labels: - app: autoscaler - app.kubernetes.io/component: autoscaler - app.kubernetes.io/name: knative-serving - app.kubernetes.io/version: "1.8.1" - name: autoscaler - namespace: knative-serving -spec: - ports: - # Define metrics and profiling for them to be accessible within service meshes. - - name: http-metrics - port: 9090 - targetPort: 9090 - - name: http-profiling - port: 8008 - targetPort: 8008 - - name: http - port: 8080 - targetPort: 8080 - selector: - app: autoscaler - ---- -# Copyright 2018 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: apps/v1 -kind: Deployment -metadata: - name: controller - namespace: knative-serving - labels: - app.kubernetes.io/component: controller - app.kubernetes.io/name: knative-serving - app.kubernetes.io/version: "1.8.1" -spec: - selector: - matchLabels: - app: controller - template: - metadata: - annotations: - cluster-autoscaler.kubernetes.io/safe-to-evict: "true" - labels: - app: controller - app.kubernetes.io/component: controller - app.kubernetes.io/name: knative-serving - app.kubernetes.io/version: "1.8.1" - spec: - # To avoid node becoming SPOF, spread our replicas to different nodes. - affinity: - podAntiAffinity: - preferredDuringSchedulingIgnoredDuringExecution: - - podAffinityTerm: - labelSelector: - matchLabels: - app: controller - topologyKey: kubernetes.io/hostname - weight: 100 - serviceAccountName: controller - containers: - - name: controller - # This is the Go import path for the binary that is containerized - # and substituted here. - image: gcr.io/knative-releases/knative.dev/serving/cmd/controller@sha256:9102224b906b702c2875a0360dbec1f073db0809faada35ffd15d1593f67552b - resources: - requests: - cpu: 100m - memory: 100Mi - limits: - cpu: 1000m - memory: 1000Mi - env: - - name: POD_NAME - valueFrom: - fieldRef: - fieldPath: metadata.name - - name: SYSTEM_NAMESPACE - valueFrom: - fieldRef: - fieldPath: metadata.namespace - - name: CONFIG_LOGGING_NAME - value: config-logging - - name: CONFIG_OBSERVABILITY_NAME - value: config-observability - # TODO(https://github.com/knative/pkg/pull/953): Remove stackdriver specific config - - name: METRICS_DOMAIN - value: knative.dev/internal/serving - securityContext: - allowPrivilegeEscalation: false - readOnlyRootFilesystem: true - runAsNonRoot: true - capabilities: - drop: - - ALL - seccompProfile: - type: RuntimeDefault - ports: - - name: metrics - containerPort: 9090 - - name: profiling - containerPort: 8008 ---- -apiVersion: v1 -kind: Service -metadata: - labels: - app: controller - app.kubernetes.io/component: controller - app.kubernetes.io/name: knative-serving - app.kubernetes.io/version: "1.8.1" - name: controller - namespace: knative-serving -spec: - ports: - # Define metrics and profiling for them to be accessible within service meshes. - - name: http-metrics - port: 9090 - targetPort: 9090 - - name: http-profiling - port: 8008 - targetPort: 8008 - selector: - app: controller - ---- -# Copyright 2020 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: apps/v1 -kind: Deployment -metadata: - name: domain-mapping - namespace: knative-serving - labels: - app.kubernetes.io/component: domain-mapping - app.kubernetes.io/name: knative-serving - app.kubernetes.io/version: "1.8.1" -spec: - selector: - matchLabels: - app: domain-mapping - template: - metadata: - annotations: - cluster-autoscaler.kubernetes.io/safe-to-evict: "true" - labels: - app: domain-mapping - app.kubernetes.io/component: domain-mapping - app.kubernetes.io/name: knative-serving - app.kubernetes.io/version: "1.8.1" - spec: - # To avoid node becoming SPOF, spread our replicas to different nodes. - affinity: - podAntiAffinity: - preferredDuringSchedulingIgnoredDuringExecution: - - podAffinityTerm: - labelSelector: - matchLabels: - app: domain-mapping - topologyKey: kubernetes.io/hostname - weight: 100 - serviceAccountName: controller - containers: - - name: domain-mapping - # This is the Go import path for the binary that is containerized - # and substituted here. - image: gcr.io/knative-releases/knative.dev/serving/cmd/domain-mapping@sha256:35633cb04a19f542a43b2dfd45609addec451d634372c1ee15c9ecb6a204bba4 - resources: - requests: - cpu: 30m - memory: 40Mi - limits: - cpu: 300m - memory: 400Mi - env: - - name: SYSTEM_NAMESPACE - valueFrom: - fieldRef: - fieldPath: metadata.namespace - - name: CONFIG_LOGGING_NAME - value: config-logging - - name: CONFIG_OBSERVABILITY_NAME - value: config-observability - # TODO(https://github.com/knative/pkg/pull/953): Remove stackdriver specific config - - name: METRICS_DOMAIN - value: knative.dev/serving - securityContext: - allowPrivilegeEscalation: false - readOnlyRootFilesystem: true - runAsNonRoot: true - capabilities: - drop: - - ALL - seccompProfile: - type: RuntimeDefault - ports: - - name: metrics - containerPort: 9090 - - name: profiling - containerPort: 8008 - ---- -# Copyright 2020 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: apps/v1 -kind: Deployment -metadata: - name: domainmapping-webhook - namespace: knative-serving - labels: - app.kubernetes.io/component: domain-mapping - app.kubernetes.io/name: knative-serving - app.kubernetes.io/version: "1.8.1" -spec: - selector: - matchLabels: - app: domainmapping-webhook - role: domainmapping-webhook - template: - metadata: - annotations: - cluster-autoscaler.kubernetes.io/safe-to-evict: "false" - labels: - app: domainmapping-webhook - role: domainmapping-webhook - app.kubernetes.io/component: domain-mapping - app.kubernetes.io/name: knative-serving - app.kubernetes.io/version: "1.8.1" - spec: - # To avoid node becoming SPOF, spread our replicas to different nodes. - affinity: - podAntiAffinity: - preferredDuringSchedulingIgnoredDuringExecution: - - podAffinityTerm: - labelSelector: - matchLabels: - app: domainmapping-webhook - topologyKey: kubernetes.io/hostname - weight: 100 - serviceAccountName: controller - containers: - - name: domainmapping-webhook - # This is the Go import path for the binary that is containerized - # and substituted here. - image: gcr.io/knative-releases/knative.dev/serving/cmd/domain-mapping-webhook@sha256:58951c139612c9b88c70f2fa19f7493b830d79725e5444ad4ef198e6ec5d7263 - resources: - requests: - cpu: 100m - memory: 100Mi - limits: - cpu: 500m - memory: 500Mi - env: - - name: POD_NAME - valueFrom: - fieldRef: - fieldPath: metadata.name - - name: SYSTEM_NAMESPACE - valueFrom: - fieldRef: - fieldPath: metadata.namespace - - name: CONFIG_LOGGING_NAME - value: config-logging - - name: CONFIG_OBSERVABILITY_NAME - value: config-observability - - name: WEBHOOK_PORT - value: "8443" - # TODO(https://github.com/knative/pkg/pull/953): Remove stackdriver specific config - - name: METRICS_DOMAIN - value: knative.dev/serving - securityContext: - allowPrivilegeEscalation: false - readOnlyRootFilesystem: true - runAsNonRoot: true - capabilities: - drop: - - ALL - seccompProfile: - type: RuntimeDefault - ports: - - name: metrics - containerPort: 9090 - - name: profiling - containerPort: 8008 - - name: https-webhook - containerPort: 8443 - readinessProbe: - periodSeconds: 1 - httpGet: - scheme: HTTPS - port: 8443 - httpHeaders: - - name: k-kubelet-probe - value: "webhook" - livenessProbe: - periodSeconds: 1 - httpGet: - scheme: HTTPS - port: 8443 - httpHeaders: - - name: k-kubelet-probe - value: "webhook" - failureThreshold: 6 - initialDelaySeconds: 20 - # Our webhook should gracefully terminate by lame ducking first, set this to a sufficiently - # high value that we respect whatever value it has configured for the lame duck grace period. - terminationGracePeriodSeconds: 300 ---- -apiVersion: v1 -kind: Service -metadata: - labels: - role: domainmapping-webhook - app.kubernetes.io/component: domain-mapping - app.kubernetes.io/name: knative-serving - app.kubernetes.io/version: "1.8.1" - name: domainmapping-webhook - namespace: knative-serving -spec: - ports: - # Define metrics and profiling for them to be accessible within service meshes. - - name: http-metrics - port: 9090 - targetPort: 9090 - - name: http-profiling - port: 8008 - targetPort: 8008 - - name: https-webhook - port: 443 - targetPort: 8443 - selector: - role: domainmapping-webhook - ---- -# Copyright 2020 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: autoscaling/v2beta2 -kind: HorizontalPodAutoscaler -metadata: - name: webhook - namespace: knative-serving - labels: - app.kubernetes.io/component: webhook - app.kubernetes.io/name: knative-serving - app.kubernetes.io/version: "1.8.1" -spec: - minReplicas: 1 - maxReplicas: 5 - scaleTargetRef: - apiVersion: apps/v1 - kind: Deployment - name: webhook - metrics: - - type: Resource - resource: - name: cpu - target: - type: Utilization - # Percentage of the requested CPU - averageUtilization: 100 ---- -# Webhook PDB. -apiVersion: policy/v1 -kind: PodDisruptionBudget -metadata: - name: webhook-pdb - namespace: knative-serving - labels: - app.kubernetes.io/component: webhook - app.kubernetes.io/name: knative-serving - app.kubernetes.io/version: "1.8.1" -spec: - minAvailable: 80% - selector: - matchLabels: - app: webhook - ---- -# Copyright 2018 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: apps/v1 -kind: Deployment -metadata: - name: webhook - namespace: knative-serving - labels: - app.kubernetes.io/component: webhook - app.kubernetes.io/version: "1.8.1" - app.kubernetes.io/name: knative-serving -spec: - selector: - matchLabels: - app: webhook - role: webhook - template: - metadata: - annotations: - cluster-autoscaler.kubernetes.io/safe-to-evict: "false" - labels: - app: webhook - role: webhook - app.kubernetes.io/version: "1.8.1" - app.kubernetes.io/name: knative-serving - spec: - # To avoid node becoming SPOF, spread our replicas to different nodes. - affinity: - podAntiAffinity: - preferredDuringSchedulingIgnoredDuringExecution: - - podAffinityTerm: - labelSelector: - matchLabels: - app: webhook - topologyKey: kubernetes.io/hostname - weight: 100 - serviceAccountName: controller - containers: - - name: webhook - # This is the Go import path for the binary that is containerized - # and substituted here. - image: gcr.io/knative-releases/knative.dev/serving/cmd/webhook@sha256:0adee6d52bbb6155f90429924643f48fc95b307f7a98aa929075ec29390fcec8 - resources: - requests: - cpu: 100m - memory: 100Mi - limits: - cpu: 500m - memory: 500Mi - env: - - name: POD_NAME - valueFrom: - fieldRef: - fieldPath: metadata.name - - name: SYSTEM_NAMESPACE - valueFrom: - fieldRef: - fieldPath: metadata.namespace - - name: CONFIG_LOGGING_NAME - value: config-logging - - name: CONFIG_OBSERVABILITY_NAME - value: config-observability - - name: WEBHOOK_NAME - value: webhook - - name: WEBHOOK_PORT - value: "8443" - # TODO(https://github.com/knative/pkg/pull/953): Remove stackdriver specific config - - name: METRICS_DOMAIN - value: knative.dev/internal/serving - securityContext: - allowPrivilegeEscalation: false - readOnlyRootFilesystem: true - runAsNonRoot: true - capabilities: - drop: - - ALL - seccompProfile: - type: RuntimeDefault - ports: - - name: metrics - containerPort: 9090 - - name: profiling - containerPort: 8008 - - name: https-webhook - containerPort: 8443 - readinessProbe: - periodSeconds: 1 - httpGet: - scheme: HTTPS - port: 8443 - httpHeaders: - - name: k-kubelet-probe - value: "webhook" - livenessProbe: - periodSeconds: 1 - httpGet: - scheme: HTTPS - port: 8443 - httpHeaders: - - name: k-kubelet-probe - value: "webhook" - failureThreshold: 6 - initialDelaySeconds: 20 - # Our webhook should gracefully terminate by lame ducking first, set this to a sufficiently - # high value that we respect whatever value it has configured for the lame duck grace period. - terminationGracePeriodSeconds: 300 ---- -apiVersion: v1 -kind: Service -metadata: - labels: - role: webhook - app.kubernetes.io/component: webhook - app.kubernetes.io/version: "1.8.1" - app.kubernetes.io/name: knative-serving - name: webhook - namespace: knative-serving -spec: - ports: - # Define metrics and profiling for them to be accessible within service meshes. - - name: http-metrics - port: 9090 - targetPort: 9090 - - name: http-profiling - port: 8008 - targetPort: 8008 - - name: https-webhook - port: 443 - targetPort: 8443 - selector: - role: webhook - ---- -# Copyright 2020 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: admissionregistration.k8s.io/v1 -kind: ValidatingWebhookConfiguration -metadata: - name: config.webhook.serving.knative.dev - labels: - app.kubernetes.io/component: webhook - app.kubernetes.io/name: knative-serving - app.kubernetes.io/version: "1.8.1" -webhooks: - - admissionReviewVersions: ["v1", "v1beta1"] - clientConfig: - service: - name: webhook - namespace: knative-serving - failurePolicy: Fail - sideEffects: None - name: config.webhook.serving.knative.dev - objectSelector: - matchExpressions: - - key: app.kubernetes.io/name - operator: In - values: ["knative-serving"] - - key: app.kubernetes.io/component - operator: In - values: ["autoscaler", "controller", "logging", "networking", "observability", "tracing"] - timeoutSeconds: 10 - ---- -# Copyright 2020 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: admissionregistration.k8s.io/v1 -kind: MutatingWebhookConfiguration -metadata: - name: webhook.serving.knative.dev - labels: - app.kubernetes.io/component: webhook - app.kubernetes.io/name: knative-serving - app.kubernetes.io/version: "1.8.1" -webhooks: - - admissionReviewVersions: ["v1", "v1beta1"] - clientConfig: - service: - name: webhook - namespace: knative-serving - failurePolicy: Fail - sideEffects: None - name: webhook.serving.knative.dev - timeoutSeconds: 10 - rules: - - apiGroups: - - autoscaling.internal.knative.dev - - networking.internal.knative.dev - - serving.knative.dev - apiVersions: - - "*" - operations: - - CREATE - - UPDATE - scope: "*" - resources: - - metrics - - podautoscalers - - certificates - - ingresses - - serverlessservices - - configurations - - revisions - - routes - - services - ---- -# Copyright 2020 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: admissionregistration.k8s.io/v1 -kind: MutatingWebhookConfiguration -metadata: - name: webhook.domainmapping.serving.knative.dev - labels: - app.kubernetes.io/component: domain-mapping - app.kubernetes.io/name: knative-serving - app.kubernetes.io/version: "1.8.1" -webhooks: - - admissionReviewVersions: ["v1", "v1beta1"] - clientConfig: - service: - name: domainmapping-webhook - namespace: knative-serving - failurePolicy: Fail - sideEffects: None - name: webhook.domainmapping.serving.knative.dev - timeoutSeconds: 10 - rules: - - apiGroups: - - serving.knative.dev - apiVersions: - - "*" - operations: - - CREATE - - UPDATE - scope: "*" - resources: - - domainmappings - - domainmappings/status - ---- -# Copyright 2020 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: v1 -kind: Secret -metadata: - name: domainmapping-webhook-certs - namespace: knative-serving - labels: - app.kubernetes.io/component: domain-mapping - app.kubernetes.io/name: knative-serving - app.kubernetes.io/version: "1.8.1" -# The data is populated at install time. - ---- -# Copyright 2020 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: admissionregistration.k8s.io/v1 -kind: ValidatingWebhookConfiguration -metadata: - name: validation.webhook.domainmapping.serving.knative.dev - labels: - app.kubernetes.io/component: domain-mapping - app.kubernetes.io/name: knative-serving - app.kubernetes.io/version: "1.8.1" -webhooks: - - admissionReviewVersions: ["v1", "v1beta1"] - clientConfig: - service: - name: domainmapping-webhook - namespace: knative-serving - failurePolicy: Fail - sideEffects: None - name: validation.webhook.domainmapping.serving.knative.dev - timeoutSeconds: 10 - rules: - - apiGroups: - - serving.knative.dev - apiVersions: - - "*" - operations: - - CREATE - - UPDATE - - DELETE - scope: "*" - resources: - - domainmappings - - domainmappings/status - ---- -# Copyright 2020 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: admissionregistration.k8s.io/v1 -kind: ValidatingWebhookConfiguration -metadata: - name: validation.webhook.serving.knative.dev - labels: - app.kubernetes.io/component: webhook - app.kubernetes.io/name: knative-serving - app.kubernetes.io/version: "1.8.1" -webhooks: - - admissionReviewVersions: ["v1", "v1beta1"] - clientConfig: - service: - name: webhook - namespace: knative-serving - failurePolicy: Fail - sideEffects: None - name: validation.webhook.serving.knative.dev - timeoutSeconds: 10 - rules: - - apiGroups: - - autoscaling.internal.knative.dev - - networking.internal.knative.dev - - serving.knative.dev - apiVersions: - - "*" - operations: - - CREATE - - UPDATE - - DELETE - scope: "*" - resources: - - metrics - - podautoscalers - - certificates - - ingresses - - serverlessservices - - configurations - - revisions - - routes - - services - ---- -# Copyright 2020 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: v1 -kind: Secret -metadata: - name: webhook-certs - namespace: knative-serving - labels: - app.kubernetes.io/component: webhook - app.kubernetes.io/name: knative-serving - app.kubernetes.io/version: "1.8.1" -# The data is populated at install time. - ---- diff --git a/cmd/operator/kodata/knative-serving/1.8.1/3-serving-hpa.yaml b/cmd/operator/kodata/knative-serving/1.8.1/3-serving-hpa.yaml deleted file mode 100644 index b0d5c7a734..0000000000 --- a/cmd/operator/kodata/knative-serving/1.8.1/3-serving-hpa.yaml +++ /dev/null @@ -1,112 +0,0 @@ -# Copyright 2019 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: apps/v1 -kind: Deployment -metadata: - name: autoscaler-hpa - namespace: knative-serving - labels: - autoscaling.knative.dev/autoscaler-provider: hpa - app.kubernetes.io/component: autoscaler-hpa - app.kubernetes.io/name: knative-serving - app.kubernetes.io/version: "1.8.1" -spec: - selector: - matchLabels: - app: autoscaler-hpa - template: - metadata: - annotations: - cluster-autoscaler.kubernetes.io/safe-to-evict: "true" - labels: - app: autoscaler-hpa - app.kubernetes.io/component: autoscaler-hpa - app.kubernetes.io/name: knative-serving - app.kubernetes.io/version: "1.8.1" - spec: - # To avoid node becoming SPOF, spread our replicas to different nodes. - affinity: - podAntiAffinity: - preferredDuringSchedulingIgnoredDuringExecution: - - podAffinityTerm: - labelSelector: - matchLabels: - app: autoscaler-hpa - topologyKey: kubernetes.io/hostname - weight: 100 - serviceAccountName: controller - containers: - - name: autoscaler-hpa - # This is the Go import path for the binary that is containerized - # and substituted here. - image: gcr.io/knative-releases/knative.dev/serving/cmd/autoscaler-hpa@sha256:5623d64bc19e2813b94d8bea44c065924ef3c63f08bdc79847788beeb5f8b527 - resources: - requests: - cpu: 30m - memory: 40Mi - limits: - cpu: 300m - memory: 400Mi - env: - - name: SYSTEM_NAMESPACE - valueFrom: - fieldRef: - fieldPath: metadata.namespace - - name: CONFIG_LOGGING_NAME - value: config-logging - - name: CONFIG_OBSERVABILITY_NAME - value: config-observability - # TODO(https://github.com/knative/pkg/pull/953): Remove stackdriver specific config - - name: METRICS_DOMAIN - value: knative.dev/serving - securityContext: - allowPrivilegeEscalation: false - readOnlyRootFilesystem: true - runAsNonRoot: true - capabilities: - drop: - - ALL - seccompProfile: - type: RuntimeDefault - ports: - - name: metrics - containerPort: 9090 - - name: profiling - containerPort: 8008 ---- -apiVersion: v1 -kind: Service -metadata: - labels: - app: autoscaler-hpa - autoscaling.knative.dev/autoscaler-provider: hpa - app.kubernetes.io/component: autoscaler-hpa - app.kubernetes.io/name: knative-serving - app.kubernetes.io/version: "1.8.1" - name: autoscaler-hpa - namespace: knative-serving -spec: - ports: - # Define metrics and profiling for them to be accessible within service meshes. - - name: http-metrics - port: 9090 - targetPort: 9090 - - name: http-profiling - port: 8008 - targetPort: 8008 - selector: - app: autoscaler-hpa - ---- diff --git a/cmd/operator/kodata/knative-serving/1.8.1/4-serving-post-install-jobs.yaml b/cmd/operator/kodata/knative-serving/1.8.1/4-serving-post-install-jobs.yaml deleted file mode 100644 index a59df9912e..0000000000 --- a/cmd/operator/kodata/knative-serving/1.8.1/4-serving-post-install-jobs.yaml +++ /dev/null @@ -1,70 +0,0 @@ - ---- -# /tmp/knative.K0hlPAYp/tmp.d4GfhdNSAJ/serving-storage-version-migration.yaml -# Copyright 2020 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: batch/v1 -kind: Job -metadata: - generateName: storage-version-migration-serving- - namespace: knative-serving - labels: - app: storage-version-migration-serving - app.kubernetes.io/name: knative-serving - app.kubernetes.io/component: storage-version-migration-job - app.kubernetes.io/version: "1.8.1" -spec: - ttlSecondsAfterFinished: 600 - backoffLimit: 10 - template: - metadata: - annotations: - sidecar.istio.io/inject: "false" - labels: - app: storage-version-migration-serving - app.kubernetes.io/name: knative-serving - app.kubernetes.io/component: storage-version-migration-job - app.kubernetes.io/version: "1.8.1" - spec: - serviceAccountName: controller - restartPolicy: OnFailure - containers: - - name: migrate - # This is the Go import path for the binary that is containerized - # and substituted here. - image: gcr.io/knative-releases/knative.dev/pkg/apiextensions/storageversion/cmd/migrate@sha256:b6a9bb1c500669410d1ec2fef88af0de011375e619c335973a2894f109135858 - args: - - "services.serving.knative.dev" - - "configurations.serving.knative.dev" - - "revisions.serving.knative.dev" - - "routes.serving.knative.dev" - resources: - requests: - cpu: 100m - memory: 100Mi - limits: - cpu: 1000m - memory: 1000Mi - securityContext: - allowPrivilegeEscalation: false - readOnlyRootFilesystem: true - runAsNonRoot: true - capabilities: - drop: - - ALL - seccompProfile: - type: RuntimeDefault - ---- diff --git a/cmd/operator/kodata/knative-serving/1.8.2/2-serving-core.yaml b/cmd/operator/kodata/knative-serving/1.8.2/2-serving-core.yaml deleted file mode 100644 index 0af1bbe46e..0000000000 --- a/cmd/operator/kodata/knative-serving/1.8.2/2-serving-core.yaml +++ /dev/null @@ -1,6917 +0,0 @@ -# Copyright 2018 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: v1 -kind: Namespace -metadata: - name: knative-serving - labels: - app.kubernetes.io/name: knative-serving - app.kubernetes.io/version: "1.8.2" - ---- -# Copyright 2019 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -# Use this aggregated ClusterRole when you need readonly access to "Addressables" -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRole -metadata: - # Named like this to avoid clashing with eventing's existing `addressable-resolver` role - # (which should be identical, but isn't guaranteed to be installed alongside serving). - name: knative-serving-aggregated-addressable-resolver - labels: - app.kubernetes.io/version: "1.8.2" - app.kubernetes.io/name: knative-serving -aggregationRule: - clusterRoleSelectors: - - matchLabels: - duck.knative.dev/addressable: "true" ---- -kind: ClusterRole -apiVersion: rbac.authorization.k8s.io/v1 -metadata: - name: knative-serving-addressable-resolver - labels: - app.kubernetes.io/version: "1.8.2" - app.kubernetes.io/name: knative-serving - # Labeled to facilitate aggregated cluster roles that act on Addressables. - duck.knative.dev/addressable: "true" -# Do not use this role directly. These rules will be added to the "addressable-resolver" role. -rules: - - apiGroups: - - serving.knative.dev - resources: - - routes - - routes/status - - services - - services/status - verbs: - - get - - list - - watch - ---- -# Copyright 2019 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -kind: ClusterRole -apiVersion: rbac.authorization.k8s.io/v1 -metadata: - name: knative-serving-namespaced-admin - labels: - rbac.authorization.k8s.io/aggregate-to-admin: "true" - app.kubernetes.io/version: "1.8.2" - app.kubernetes.io/name: knative-serving -rules: - - apiGroups: ["serving.knative.dev"] - resources: ["*"] - verbs: ["*"] - - apiGroups: ["networking.internal.knative.dev", "autoscaling.internal.knative.dev", "caching.internal.knative.dev"] - resources: ["*"] - verbs: ["get", "list", "watch"] ---- -kind: ClusterRole -apiVersion: rbac.authorization.k8s.io/v1 -metadata: - name: knative-serving-namespaced-edit - labels: - rbac.authorization.k8s.io/aggregate-to-edit: "true" - app.kubernetes.io/version: "1.8.2" - app.kubernetes.io/name: knative-serving -rules: - - apiGroups: ["serving.knative.dev"] - resources: ["*"] - verbs: ["create", "update", "patch", "delete"] - - apiGroups: ["networking.internal.knative.dev", "autoscaling.internal.knative.dev", "caching.internal.knative.dev"] - resources: ["*"] - verbs: ["get", "list", "watch"] ---- -kind: ClusterRole -apiVersion: rbac.authorization.k8s.io/v1 -metadata: - name: knative-serving-namespaced-view - labels: - rbac.authorization.k8s.io/aggregate-to-view: "true" - app.kubernetes.io/version: "1.8.2" - app.kubernetes.io/name: knative-serving -rules: - - apiGroups: ["serving.knative.dev", "networking.internal.knative.dev", "autoscaling.internal.knative.dev", "caching.internal.knative.dev"] - resources: ["*"] - verbs: ["get", "list", "watch"] - ---- -# Copyright 2019 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -kind: ClusterRole -apiVersion: rbac.authorization.k8s.io/v1 -metadata: - name: knative-serving-core - labels: - serving.knative.dev/controller: "true" - app.kubernetes.io/version: "1.8.2" - app.kubernetes.io/name: knative-serving -rules: - - apiGroups: [""] - resources: ["pods", "namespaces", "secrets", "configmaps", "endpoints", "services", "events", "serviceaccounts"] - verbs: ["get", "list", "create", "update", "delete", "patch", "watch"] - - apiGroups: [""] - resources: ["endpoints/restricted"] # Permission for RestrictedEndpointsAdmission - verbs: ["create"] - - apiGroups: [""] - resources: ["namespaces/finalizers"] # finalizers are needed for the owner reference of the webhook - verbs: ["update"] - - apiGroups: ["apps"] - resources: ["deployments", "deployments/finalizers"] # finalizers are needed for the owner reference of the webhook - verbs: ["get", "list", "create", "update", "delete", "patch", "watch"] - - apiGroups: ["admissionregistration.k8s.io"] - resources: ["mutatingwebhookconfigurations", "validatingwebhookconfigurations"] - verbs: ["get", "list", "create", "update", "delete", "patch", "watch"] - - apiGroups: ["apiextensions.k8s.io"] - resources: ["customresourcedefinitions", "customresourcedefinitions/status"] - verbs: ["get", "list", "create", "update", "delete", "patch", "watch"] - - apiGroups: ["autoscaling"] - resources: ["horizontalpodautoscalers"] - verbs: ["get", "list", "create", "update", "delete", "patch", "watch"] - - apiGroups: ["coordination.k8s.io"] - resources: ["leases"] - verbs: ["get", "list", "create", "update", "delete", "patch", "watch"] - - apiGroups: ["serving.knative.dev", "autoscaling.internal.knative.dev", "networking.internal.knative.dev"] - resources: ["*", "*/status", "*/finalizers"] - verbs: ["get", "list", "create", "update", "delete", "deletecollection", "patch", "watch"] - - apiGroups: ["caching.internal.knative.dev"] - resources: ["images"] - verbs: ["get", "list", "create", "update", "delete", "patch", "watch"] - ---- -# Copyright 2019 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -kind: ClusterRole -apiVersion: rbac.authorization.k8s.io/v1 -metadata: - name: knative-serving-podspecable-binding - labels: - app.kubernetes.io/version: "1.8.2" - app.kubernetes.io/name: knative-serving - # Labeled to facilitate aggregated cluster roles that act on PodSpecables. - duck.knative.dev/podspecable: "true" -# Do not use this role directly. These rules will be added to the "podspecable-binder" role. -rules: - - apiGroups: - - serving.knative.dev - resources: - - configurations - - services - verbs: - - list - - watch - - patch - ---- -# Copyright 2018 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: v1 -kind: ServiceAccount -metadata: - name: controller - namespace: knative-serving - labels: - app.kubernetes.io/component: controller - app.kubernetes.io/name: knative-serving - app.kubernetes.io/version: "1.8.2" ---- -kind: ClusterRole -apiVersion: rbac.authorization.k8s.io/v1 -metadata: - name: knative-serving-admin - labels: - app.kubernetes.io/name: knative-serving - app.kubernetes.io/version: "1.8.2" -aggregationRule: - clusterRoleSelectors: - - matchLabels: - serving.knative.dev/controller: "true" ---- -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRoleBinding -metadata: - name: knative-serving-controller-admin - labels: - app.kubernetes.io/component: controller - app.kubernetes.io/name: knative-serving - app.kubernetes.io/version: "1.8.2" -subjects: - - kind: ServiceAccount - name: controller - namespace: knative-serving -roleRef: - kind: ClusterRole - name: knative-serving-admin - apiGroup: rbac.authorization.k8s.io ---- -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRoleBinding -metadata: - name: knative-serving-controller-addressable-resolver - labels: - app.kubernetes.io/component: controller - app.kubernetes.io/name: knative-serving - app.kubernetes.io/version: "1.8.2" -subjects: - - kind: ServiceAccount - name: controller - namespace: knative-serving -roleRef: - kind: ClusterRole - name: knative-serving-aggregated-addressable-resolver - apiGroup: rbac.authorization.k8s.io - ---- -# Copyright 2018 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - name: images.caching.internal.knative.dev - labels: - app.kubernetes.io/name: knative-serving - app.kubernetes.io/version: "1.8.2" - knative.dev/crd-install: "true" -spec: - group: caching.internal.knative.dev - names: - kind: Image - plural: images - singular: image - categories: - - knative-internal - - caching - scope: Namespaced - versions: - - name: v1alpha1 - served: true - storage: true - subresources: - status: {} - schema: - openAPIV3Schema: - description: Image is a Knative abstraction that encapsulates the interface by which Knative components express a desire to have a particular image cached. - type: object - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - description: Spec holds the desired state of the Image (from the client). - type: object - required: - - image - properties: - image: - description: Image is the name of the container image url to cache across the cluster. - type: string - imagePullSecrets: - description: ImagePullSecrets contains the names of the Kubernetes Secrets containing login information used by the Pods which will run this container. - type: array - items: - description: LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. - type: object - properties: - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?' - type: string - x-kubernetes-map-type: atomic - serviceAccountName: - description: 'ServiceAccountName is the name of the Kubernetes ServiceAccount as which the Pods will run this container. This is potentially used to authenticate the image pull if the service account has attached pull secrets. For more information: https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/#add-imagepullsecrets-to-a-service-account' - type: string - status: - description: Status communicates the observed state of the Image (from the controller). - type: object - properties: - annotations: - description: Annotations is additional Status fields for the Resource to save some additional State as well as convey more information to the user. This is roughly akin to Annotations on any k8s resource, just the reconciler conveying richer information outwards. - type: object - additionalProperties: - type: string - conditions: - description: Conditions the latest available observations of a resource's current state. - type: array - items: - description: 'Condition defines a readiness condition for a Knative resource. See: https://github.com/kubernetes/community/blob/master/contributors/devel/sig-architecture/api-conventions.md#typical-status-properties' - type: object - required: - - status - - type - properties: - lastTransitionTime: - description: LastTransitionTime is the last time the condition transitioned from one status to another. We use VolatileTime in place of metav1.Time to exclude this from creating equality.Semantic differences (all other things held constant). - type: string - message: - description: A human readable message indicating details about the transition. - type: string - reason: - description: The reason for the condition's last transition. - type: string - severity: - description: Severity with which to treat failures of this type of condition. When this is not specified, it defaults to Error. - type: string - status: - description: Status of the condition, one of True, False, Unknown. - type: string - type: - description: Type of condition. - type: string - observedGeneration: - description: ObservedGeneration is the 'Generation' of the Service that was last processed by the controller. - type: integer - format: int64 - additionalPrinterColumns: - - name: Image - type: string - jsonPath: .spec.image - ---- -# Copyright 2020 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - name: certificates.networking.internal.knative.dev - labels: - app.kubernetes.io/name: knative-serving - app.kubernetes.io/component: networking - app.kubernetes.io/version: "1.8.2" - knative.dev/crd-install: "true" -spec: - group: networking.internal.knative.dev - versions: - - name: v1alpha1 - served: true - storage: true - subresources: - status: {} - schema: - openAPIV3Schema: - description: Certificate is responsible for provisioning a SSL certificate for the given hosts. It is a Knative abstraction for various SSL certificate provisioning solutions (such as cert-manager or self-signed SSL certificate). - type: object - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - description: 'Spec is the desired state of the Certificate. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status' - type: object - required: - - dnsNames - - secretName - properties: - dnsNames: - description: DNSNames is a list of DNS names the Certificate could support. The wildcard format of DNSNames (e.g. *.default.example.com) is supported. - type: array - items: - type: string - secretName: - description: SecretName is the name of the secret resource to store the SSL certificate in. - type: string - status: - description: 'Status is the current state of the Certificate. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status' - type: object - properties: - annotations: - description: Annotations is additional Status fields for the Resource to save some additional State as well as convey more information to the user. This is roughly akin to Annotations on any k8s resource, just the reconciler conveying richer information outwards. - type: object - additionalProperties: - type: string - conditions: - description: Conditions the latest available observations of a resource's current state. - type: array - items: - description: 'Condition defines a readiness condition for a Knative resource. See: https://github.com/kubernetes/community/blob/master/contributors/devel/sig-architecture/api-conventions.md#typical-status-properties' - type: object - required: - - status - - type - properties: - lastTransitionTime: - description: LastTransitionTime is the last time the condition transitioned from one status to another. We use VolatileTime in place of metav1.Time to exclude this from creating equality.Semantic differences (all other things held constant). - type: string - message: - description: A human readable message indicating details about the transition. - type: string - reason: - description: The reason for the condition's last transition. - type: string - severity: - description: Severity with which to treat failures of this type of condition. When this is not specified, it defaults to Error. - type: string - status: - description: Status of the condition, one of True, False, Unknown. - type: string - type: - description: Type of condition. - type: string - http01Challenges: - description: HTTP01Challenges is a list of HTTP01 challenges that need to be fulfilled in order to get the TLS certificate.. - type: array - items: - description: HTTP01Challenge defines the status of a HTTP01 challenge that a certificate needs to fulfill. - type: object - properties: - serviceName: - description: ServiceName is the name of the service to serve HTTP01 challenge requests. - type: string - serviceNamespace: - description: ServiceNamespace is the namespace of the service to serve HTTP01 challenge requests. - type: string - servicePort: - description: ServicePort is the port of the service to serve HTTP01 challenge requests. - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - url: - description: URL is the URL that the HTTP01 challenge is expected to serve on. - type: string - notAfter: - description: The expiration time of the TLS certificate stored in the secret named by this resource in spec.secretName. - type: string - format: date-time - observedGeneration: - description: ObservedGeneration is the 'Generation' of the Service that was last processed by the controller. - type: integer - format: int64 - additionalPrinterColumns: - - name: Ready - type: string - jsonPath: ".status.conditions[?(@.type==\"Ready\")].status" - - name: Reason - type: string - jsonPath: ".status.conditions[?(@.type==\"Ready\")].reason" - names: - kind: Certificate - plural: certificates - singular: certificate - categories: - - knative-internal - - networking - shortNames: - - kcert - scope: Namespaced - ---- -# Copyright 2019 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -# Note: The schema part of the spec is auto-generated by hack/update-schemas.sh. - -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - name: configurations.serving.knative.dev - labels: - app.kubernetes.io/name: knative-serving - app.kubernetes.io/version: "1.8.2" - knative.dev/crd-install: "true" - duck.knative.dev/podspecable: "true" -spec: - group: serving.knative.dev - names: - kind: Configuration - plural: configurations - singular: configuration - categories: - - all - - knative - - serving - shortNames: - - config - - cfg - scope: Namespaced - versions: - - name: v1 - served: true - storage: true - subresources: - status: {} - additionalPrinterColumns: - - name: LatestCreated - type: string - jsonPath: .status.latestCreatedRevisionName - - name: LatestReady - type: string - jsonPath: .status.latestReadyRevisionName - - name: Ready - type: string - jsonPath: ".status.conditions[?(@.type=='Ready')].status" - - name: Reason - type: string - jsonPath: ".status.conditions[?(@.type=='Ready')].reason" - schema: - openAPIV3Schema: - description: 'Configuration represents the "floating HEAD" of a linear history of Revisions. Users create new Revisions by updating the Configuration''s spec. The "latest created" revision''s name is available under status, as is the "latest ready" revision''s name. See also: https://github.com/knative/serving/blob/main/docs/spec/overview.md#configuration' - type: object - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - description: ConfigurationSpec holds the desired state of the Configuration (from the client). - type: object - properties: - template: - description: Template holds the latest specification for the Revision to be stamped out. - type: object - properties: - metadata: - type: object - properties: - annotations: - type: object - additionalProperties: - type: string - finalizers: - type: array - items: - type: string - labels: - type: object - additionalProperties: - type: string - name: - type: string - namespace: - type: string - x-kubernetes-preserve-unknown-fields: true - spec: - description: RevisionSpec holds the desired state of the Revision (from the client). - type: object - required: - - containers - properties: - affinity: - description: This is accessible behind a feature flag - kubernetes.podspec-affinity - type: object - x-kubernetes-preserve-unknown-fields: true - automountServiceAccountToken: - description: AutomountServiceAccountToken indicates whether a service account token should be automatically mounted. - type: boolean - containerConcurrency: - description: ContainerConcurrency specifies the maximum allowed in-flight (concurrent) requests per container of the Revision. Defaults to `0` which means concurrency to the application is not limited, and the system decides the target concurrency for the autoscaler. - type: integer - format: int64 - containers: - description: List of containers belonging to the pod. Containers cannot currently be added or removed. There must be at least one container in a Pod. Cannot be updated. - type: array - items: - description: A single application container that you want to run within a pod. - type: object - properties: - args: - description: 'Arguments to the entrypoint. The container image''s CMD is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container''s environment. If a variable cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)" will produce the string literal "$(VAR_NAME)". Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell' - type: array - items: - type: string - command: - description: 'Entrypoint array. Not executed within a shell. The container image''s ENTRYPOINT is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container''s environment. If a variable cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)" will produce the string literal "$(VAR_NAME)". Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell' - type: array - items: - type: string - env: - description: List of environment variables to set in the container. Cannot be updated. - type: array - items: - description: EnvVar represents an environment variable present in a Container. - type: object - required: - - name - properties: - name: - description: Name of the environment variable. Must be a C_IDENTIFIER. - type: string - value: - description: 'Variable references $(VAR_NAME) are expanded using the previously defined environment variables in the container and any service environment variables. If a variable cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)" will produce the string literal "$(VAR_NAME)". Escaped references will never be expanded, regardless of whether the variable exists or not. Defaults to "".' - type: string - valueFrom: - description: Source for the environment variable's value. Cannot be used if value is not empty. - type: object - properties: - configMapKeyRef: - description: Selects a key of a ConfigMap. - type: object - required: - - key - properties: - key: - description: The key to select. - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?' - type: string - optional: - description: Specify whether the ConfigMap or its key must be defined - type: boolean - x-kubernetes-map-type: atomic - fieldRef: - description: This is accessible behind a feature flag - kubernetes.podspec-fieldref - type: object - x-kubernetes-preserve-unknown-fields: true - x-kubernetes-map-type: atomic - resourceFieldRef: - description: This is accessible behind a feature flag - kubernetes.podspec-fieldref - type: object - x-kubernetes-preserve-unknown-fields: true - x-kubernetes-map-type: atomic - secretKeyRef: - description: Selects a key of a secret in the pod's namespace - type: object - required: - - key - properties: - key: - description: The key of the secret to select from. Must be a valid secret key. - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?' - type: string - optional: - description: Specify whether the Secret or its key must be defined - type: boolean - x-kubernetes-map-type: atomic - envFrom: - description: List of sources to populate environment variables in the container. The keys defined within a source must be a C_IDENTIFIER. All invalid keys will be reported as an event when the container is starting. When a key exists in multiple sources, the value associated with the last source will take precedence. Values defined by an Env with a duplicate key will take precedence. Cannot be updated. - type: array - items: - description: EnvFromSource represents the source of a set of ConfigMaps - type: object - properties: - configMapRef: - description: The ConfigMap to select from - type: object - properties: - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?' - type: string - optional: - description: Specify whether the ConfigMap must be defined - type: boolean - x-kubernetes-map-type: atomic - prefix: - description: An optional identifier to prepend to each key in the ConfigMap. Must be a C_IDENTIFIER. - type: string - secretRef: - description: The Secret to select from - type: object - properties: - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?' - type: string - optional: - description: Specify whether the Secret must be defined - type: boolean - x-kubernetes-map-type: atomic - image: - description: 'Container image name. More info: https://kubernetes.io/docs/concepts/containers/images This field is optional to allow higher level config management to default or override container images in workload controllers like Deployments and StatefulSets.' - type: string - imagePullPolicy: - description: 'Image pull policy. One of Always, Never, IfNotPresent. Defaults to Always if :latest tag is specified, or IfNotPresent otherwise. Cannot be updated. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images' - type: string - livenessProbe: - description: 'Periodic probe of container liveness. Container will be restarted if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' - type: object - properties: - exec: - description: Exec specifies the action to take. - type: object - properties: - command: - description: Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. - type: array - items: - type: string - failureThreshold: - description: Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1. - type: integer - format: int32 - httpGet: - description: HTTPGet specifies the http request to perform. - type: object - properties: - host: - description: Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. - type: string - httpHeaders: - description: Custom headers to set in the request. HTTP allows repeated headers. - type: array - items: - description: HTTPHeader describes a custom header to be used in HTTP probes - type: object - required: - - name - - value - properties: - name: - description: The header field name - type: string - value: - description: The header field value - type: string - path: - description: Path to access on the HTTP server. - type: string - port: - description: Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - scheme: - description: Scheme to use for connecting to the host. Defaults to HTTP. - type: string - initialDelaySeconds: - description: 'Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' - type: integer - format: int32 - periodSeconds: - description: How often (in seconds) to perform the probe. - type: integer - format: int32 - successThreshold: - description: Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1. - type: integer - format: int32 - tcpSocket: - description: TCPSocket specifies an action involving a TCP port. - type: object - properties: - host: - description: 'Optional: Host name to connect to, defaults to the pod IP.' - type: string - port: - description: Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - timeoutSeconds: - description: 'Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' - type: integer - format: int32 - name: - description: Name of the container specified as a DNS_LABEL. Each container in a pod must have a unique name (DNS_LABEL). Cannot be updated. - type: string - ports: - description: List of ports to expose from the container. Not specifying a port here DOES NOT prevent that port from being exposed. Any port which is listening on the default "0.0.0.0" address inside a container will be accessible from the network. Modifying this array with strategic merge patch may corrupt the data. For more information See https://github.com/kubernetes/kubernetes/issues/108255. Cannot be updated. - type: array - items: - description: ContainerPort represents a network port in a single container. - type: object - required: - - containerPort - properties: - containerPort: - description: Number of port to expose on the pod's IP address. This must be a valid port number, 0 < x < 65536. - type: integer - format: int32 - name: - description: If specified, this must be an IANA_SVC_NAME and unique within the pod. Each named port in a pod must have a unique name. Name for the port that can be referred to by services. - type: string - protocol: - description: Protocol for port. Must be UDP, TCP, or SCTP. Defaults to "TCP". - type: string - default: TCP - x-kubernetes-list-map-keys: - - containerPort - - protocol - x-kubernetes-list-type: map - readinessProbe: - description: 'Periodic probe of container service readiness. Container will be removed from service endpoints if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' - type: object - properties: - exec: - description: Exec specifies the action to take. - type: object - properties: - command: - description: Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. - type: array - items: - type: string - failureThreshold: - description: Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1. - type: integer - format: int32 - httpGet: - description: HTTPGet specifies the http request to perform. - type: object - properties: - host: - description: Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. - type: string - httpHeaders: - description: Custom headers to set in the request. HTTP allows repeated headers. - type: array - items: - description: HTTPHeader describes a custom header to be used in HTTP probes - type: object - required: - - name - - value - properties: - name: - description: The header field name - type: string - value: - description: The header field value - type: string - path: - description: Path to access on the HTTP server. - type: string - port: - description: Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - scheme: - description: Scheme to use for connecting to the host. Defaults to HTTP. - type: string - initialDelaySeconds: - description: 'Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' - type: integer - format: int32 - periodSeconds: - description: How often (in seconds) to perform the probe. - type: integer - format: int32 - successThreshold: - description: Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1. - type: integer - format: int32 - tcpSocket: - description: TCPSocket specifies an action involving a TCP port. - type: object - properties: - host: - description: 'Optional: Host name to connect to, defaults to the pod IP.' - type: string - port: - description: Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - timeoutSeconds: - description: 'Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' - type: integer - format: int32 - resources: - description: 'Compute Resources required by this container. Cannot be updated. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' - type: object - properties: - limits: - description: 'Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' - type: object - additionalProperties: - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - requests: - description: 'Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' - type: object - additionalProperties: - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - securityContext: - description: 'SecurityContext defines the security options the container should be run with. If set, the fields of SecurityContext override the equivalent fields of PodSecurityContext. More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/' - type: object - properties: - allowPrivilegeEscalation: - description: 'AllowPrivilegeEscalation controls whether a process can gain more privileges than its parent process. This bool directly controls if the no_new_privs flag will be set on the container process. AllowPrivilegeEscalation is true always when the container is: 1) run as Privileged 2) has CAP_SYS_ADMIN Note that this field cannot be set when spec.os.name is windows.' - type: boolean - capabilities: - description: The capabilities to add/drop when running containers. Defaults to the default set of capabilities granted by the container runtime. Note that this field cannot be set when spec.os.name is windows. - type: object - properties: - add: - description: This is accessible behind a feature flag - kubernetes.containerspec-addcapabilities - type: array - items: - description: Capability represent POSIX capabilities type - type: string - drop: - description: Removed capabilities - type: array - items: - description: Capability represent POSIX capabilities type - type: string - readOnlyRootFilesystem: - description: Whether this container has a read-only root filesystem. Default is false. Note that this field cannot be set when spec.os.name is windows. - type: boolean - runAsGroup: - description: The GID to run the entrypoint of the container process. Uses runtime default if unset. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is windows. - type: integer - format: int64 - runAsNonRoot: - description: Indicates that the container must run as a non-root user. If true, the Kubelet will validate the image at runtime to ensure that it does not run as UID 0 (root) and fail to start the container if it does. If unset or false, no such validation will be performed. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. - type: boolean - runAsUser: - description: The UID to run the entrypoint of the container process. Defaults to user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is windows. - type: integer - format: int64 - terminationMessagePath: - description: 'Optional: Path at which the file to which the container''s termination message will be written is mounted into the container''s filesystem. Message written is intended to be brief final status, such as an assertion failure message. Will be truncated by the node if greater than 4096 bytes. The total message length across all containers will be limited to 12kb. Defaults to /dev/termination-log. Cannot be updated.' - type: string - terminationMessagePolicy: - description: Indicate how the termination message should be populated. File will use the contents of terminationMessagePath to populate the container status message on both success and failure. FallbackToLogsOnError will use the last chunk of container log output if the termination message file is empty and the container exited with an error. The log output is limited to 2048 bytes or 80 lines, whichever is smaller. Defaults to File. Cannot be updated. - type: string - volumeMounts: - description: Pod volumes to mount into the container's filesystem. Cannot be updated. - type: array - items: - description: VolumeMount describes a mounting of a Volume within a container. - type: object - required: - - mountPath - - name - properties: - mountPath: - description: Path within the container at which the volume should be mounted. Must not contain ':'. - type: string - name: - description: This must match the Name of a Volume. - type: string - readOnly: - description: Mounted read-only if true, read-write otherwise (false or unspecified). Defaults to false. - type: boolean - subPath: - description: Path within the volume from which the container's volume should be mounted. Defaults to "" (volume's root). - type: string - workingDir: - description: Container's working directory. If not specified, the container runtime's default will be used, which might be configured in the container image. Cannot be updated. - type: string - dnsConfig: - description: This is accessible behind a feature flag - kubernetes.podspec-dnsconfig - type: object - x-kubernetes-preserve-unknown-fields: true - dnsPolicy: - description: This is accessible behind a feature flag - kubernetes.podspec-dnspolicy - type: string - enableServiceLinks: - description: 'EnableServiceLinks indicates whether information about services should be injected into pod''s environment variables, matching the syntax of Docker links. Optional: Knative defaults this to false.' - type: boolean - hostAliases: - description: This is accessible behind a feature flag - kubernetes.podspec-hostaliases - type: array - items: - description: This is accessible behind a feature flag - kubernetes.podspec-hostaliases - type: object - x-kubernetes-preserve-unknown-fields: true - idleTimeoutSeconds: - description: IdleTimeoutSeconds is the maximum duration in seconds a request will be allowed to stay open while not receiving any bytes from the user's application. If unspecified, a system default will be provided. - type: integer - format: int64 - imagePullSecrets: - description: 'ImagePullSecrets is an optional list of references to secrets in the same namespace to use for pulling any of the images used by this PodSpec. If specified, these secrets will be passed to individual puller implementations for them to use. More info: https://kubernetes.io/docs/concepts/containers/images#specifying-imagepullsecrets-on-a-pod' - type: array - items: - description: LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. - type: object - properties: - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?' - type: string - x-kubernetes-map-type: atomic - initContainers: - description: 'List of initialization containers belonging to the pod. Init containers are executed in order prior to containers being started. If any init container fails, the pod is considered to have failed and is handled according to its restartPolicy. The name for an init container or normal container must be unique among all containers. Init containers may not have Lifecycle actions, Readiness probes, Liveness probes, or Startup probes. The resourceRequirements of an init container are taken into account during scheduling by finding the highest request/limit for each resource type, and then using the max of of that value or the sum of the normal containers. Limits are applied to init containers in a similar fashion. Init containers cannot currently be added or removed. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/init-containers/' - type: array - items: - description: This is accessible behind a feature flag - kubernetes.podspec-init-containers - type: object - x-kubernetes-preserve-unknown-fields: true - nodeSelector: - description: This is accessible behind a feature flag - kubernetes.podspec-nodeselector - type: object - x-kubernetes-preserve-unknown-fields: true - x-kubernetes-map-type: atomic - priorityClassName: - description: This is accessible behind a feature flag - kubernetes.podspec-priorityclassname - type: string - x-kubernetes-preserve-unknown-fields: true - responseStartTimeoutSeconds: - description: ResponseStartTimeoutSeconds is the maximum duration in seconds that the request routing layer will wait for a request delivered to a container to begin sending any network traffic. - type: integer - format: int64 - runtimeClassName: - description: This is accessible behind a feature flag - kubernetes.podspec-runtimeclassname - type: string - x-kubernetes-preserve-unknown-fields: true - schedulerName: - description: This is accessible behind a feature flag - kubernetes.podspec-schedulername - type: string - x-kubernetes-preserve-unknown-fields: true - securityContext: - description: This is accessible behind a feature flag - kubernetes.podspec-securitycontext - type: object - x-kubernetes-preserve-unknown-fields: true - serviceAccountName: - description: 'ServiceAccountName is the name of the ServiceAccount to use to run this pod. More info: https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/' - type: string - timeoutSeconds: - description: TimeoutSeconds is the maximum duration in seconds that the request instance is allowed to respond to a request. If unspecified, a system default will be provided. - type: integer - format: int64 - tolerations: - description: This is accessible behind a feature flag - kubernetes.podspec-tolerations - type: array - items: - description: This is accessible behind a feature flag - kubernetes.podspec-tolerations - type: object - x-kubernetes-preserve-unknown-fields: true - topologySpreadConstraints: - description: This is accessible behind a feature flag - kubernetes.podspec-topologyspreadconstraints - type: array - items: - description: This is accessible behind a feature flag - kubernetes.podspec-topologyspreadconstraints - type: object - x-kubernetes-preserve-unknown-fields: true - volumes: - description: 'List of volumes that can be mounted by containers belonging to the pod. More info: https://kubernetes.io/docs/concepts/storage/volumes' - type: array - items: - description: Volume represents a named volume in a pod that may be accessed by any container in the pod. - type: object - required: - - name - properties: - configMap: - description: configMap represents a configMap that should populate this volume - type: object - properties: - defaultMode: - description: 'defaultMode is optional: mode bits used to set permissions on created files by default. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. Defaults to 0644. Directories within the path are not affected by this setting. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.' - type: integer - format: int32 - items: - description: items if unspecified, each key-value pair in the Data field of the referenced ConfigMap will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the ConfigMap, the volume setup will error unless it is marked optional. Paths must be relative and may not contain the '..' path or start with '..'. - type: array - items: - description: Maps a string key to a path within a volume. - type: object - required: - - key - - path - properties: - key: - description: key is the key to project. - type: string - mode: - description: 'mode is Optional: mode bits used to set permissions on this file. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.' - type: integer - format: int32 - path: - description: path is the relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'. - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?' - type: string - optional: - description: optional specify whether the ConfigMap or its keys must be defined - type: boolean - x-kubernetes-map-type: atomic - emptyDir: - description: This is accessible behind a feature flag - kubernetes.podspec-emptydir - type: object - x-kubernetes-preserve-unknown-fields: true - name: - description: 'name of the volume. Must be a DNS_LABEL and unique within the pod. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - persistentVolumeClaim: - description: This is accessible behind a feature flag - kubernetes.podspec-persistent-volume-claim - type: object - x-kubernetes-preserve-unknown-fields: true - projected: - description: projected items for all in one resources secrets, configmaps, and downward API - type: object - properties: - defaultMode: - description: defaultMode are the mode bits used to set permissions on created files by default. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. Directories within the path are not affected by this setting. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. - type: integer - format: int32 - sources: - description: sources is the list of volume projections - type: array - items: - description: Projection that may be projected along with other supported volume types - type: object - properties: - configMap: - description: configMap information about the configMap data to project - type: object - properties: - items: - description: items if unspecified, each key-value pair in the Data field of the referenced ConfigMap will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the ConfigMap, the volume setup will error unless it is marked optional. Paths must be relative and may not contain the '..' path or start with '..'. - type: array - items: - description: Maps a string key to a path within a volume. - type: object - required: - - key - - path - properties: - key: - description: key is the key to project. - type: string - mode: - description: 'mode is Optional: mode bits used to set permissions on this file. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.' - type: integer - format: int32 - path: - description: path is the relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'. - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?' - type: string - optional: - description: optional specify whether the ConfigMap or its keys must be defined - type: boolean - x-kubernetes-map-type: atomic - secret: - description: secret information about the secret data to project - type: object - properties: - items: - description: items if unspecified, each key-value pair in the Data field of the referenced Secret will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the Secret, the volume setup will error unless it is marked optional. Paths must be relative and may not contain the '..' path or start with '..'. - type: array - items: - description: Maps a string key to a path within a volume. - type: object - required: - - key - - path - properties: - key: - description: key is the key to project. - type: string - mode: - description: 'mode is Optional: mode bits used to set permissions on this file. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.' - type: integer - format: int32 - path: - description: path is the relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'. - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?' - type: string - optional: - description: optional field specify whether the Secret or its key must be defined - type: boolean - x-kubernetes-map-type: atomic - serviceAccountToken: - description: serviceAccountToken is information about the serviceAccountToken data to project - type: object - required: - - path - properties: - audience: - description: audience is the intended audience of the token. A recipient of a token must identify itself with an identifier specified in the audience of the token, and otherwise should reject the token. The audience defaults to the identifier of the apiserver. - type: string - expirationSeconds: - description: expirationSeconds is the requested duration of validity of the service account token. As the token approaches expiration, the kubelet volume plugin will proactively rotate the service account token. The kubelet will start trying to rotate the token if the token is older than 80 percent of its time to live or if the token is older than 24 hours.Defaults to 1 hour and must be at least 10 minutes. - type: integer - format: int64 - path: - description: path is the path relative to the mount point of the file to project the token into. - type: string - secret: - description: 'secret represents a secret that should populate this volume. More info: https://kubernetes.io/docs/concepts/storage/volumes#secret' - type: object - properties: - defaultMode: - description: 'defaultMode is Optional: mode bits used to set permissions on created files by default. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. Defaults to 0644. Directories within the path are not affected by this setting. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.' - type: integer - format: int32 - items: - description: items If unspecified, each key-value pair in the Data field of the referenced Secret will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the Secret, the volume setup will error unless it is marked optional. Paths must be relative and may not contain the '..' path or start with '..'. - type: array - items: - description: Maps a string key to a path within a volume. - type: object - required: - - key - - path - properties: - key: - description: key is the key to project. - type: string - mode: - description: 'mode is Optional: mode bits used to set permissions on this file. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.' - type: integer - format: int32 - path: - description: path is the relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'. - type: string - optional: - description: optional field specify whether the Secret or its keys must be defined - type: boolean - secretName: - description: 'secretName is the name of the secret in the pod''s namespace to use. More info: https://kubernetes.io/docs/concepts/storage/volumes#secret' - type: string - status: - description: ConfigurationStatus communicates the observed state of the Configuration (from the controller). - type: object - properties: - annotations: - description: Annotations is additional Status fields for the Resource to save some additional State as well as convey more information to the user. This is roughly akin to Annotations on any k8s resource, just the reconciler conveying richer information outwards. - type: object - additionalProperties: - type: string - conditions: - description: Conditions the latest available observations of a resource's current state. - type: array - items: - description: 'Condition defines a readiness condition for a Knative resource. See: https://github.com/kubernetes/community/blob/master/contributors/devel/sig-architecture/api-conventions.md#typical-status-properties' - type: object - required: - - status - - type - properties: - lastTransitionTime: - description: LastTransitionTime is the last time the condition transitioned from one status to another. We use VolatileTime in place of metav1.Time to exclude this from creating equality.Semantic differences (all other things held constant). - type: string - message: - description: A human readable message indicating details about the transition. - type: string - reason: - description: The reason for the condition's last transition. - type: string - severity: - description: Severity with which to treat failures of this type of condition. When this is not specified, it defaults to Error. - type: string - status: - description: Status of the condition, one of True, False, Unknown. - type: string - type: - description: Type of condition. - type: string - latestCreatedRevisionName: - description: LatestCreatedRevisionName is the last revision that was created from this Configuration. It might not be ready yet, for that use LatestReadyRevisionName. - type: string - latestReadyRevisionName: - description: LatestReadyRevisionName holds the name of the latest Revision stamped out from this Configuration that has had its "Ready" condition become "True". - type: string - observedGeneration: - description: ObservedGeneration is the 'Generation' of the Service that was last processed by the controller. - type: integer - format: int64 - ---- -# Copyright 2020 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - name: clusterdomainclaims.networking.internal.knative.dev - labels: - app.kubernetes.io/name: knative-serving - app.kubernetes.io/component: networking - app.kubernetes.io/version: "1.8.2" - knative.dev/crd-install: "true" -spec: - group: networking.internal.knative.dev - versions: - - name: v1alpha1 - served: true - storage: true - subresources: - status: {} - schema: - openAPIV3Schema: - description: ClusterDomainClaim is a cluster-wide reservation for a particular domain name. - type: object - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - description: 'Spec is the desired state of the ClusterDomainClaim. More info: https://github.com/kubernetes/community/blob/master/contributors/devel/sig-architecture/api-conventions.md#spec-and-status' - type: object - required: - - namespace - properties: - namespace: - description: Namespace is the namespace which is allowed to create a DomainMapping using this ClusterDomainClaim's name. - type: string - names: - kind: ClusterDomainClaim - plural: clusterdomainclaims - singular: clusterdomainclaim - categories: - - knative-internal - - networking - shortNames: - - cdc - scope: Cluster - ---- -# Copyright 2020 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - name: domainmappings.serving.knative.dev - labels: - app.kubernetes.io/name: knative-serving - app.kubernetes.io/version: "1.8.2" - knative.dev/crd-install: "true" -spec: - group: serving.knative.dev - versions: - - name: v1beta1 - served: true - storage: false - subresources: - status: {} - additionalPrinterColumns: - - name: URL - type: string - jsonPath: .status.url - - name: Ready - type: string - jsonPath: ".status.conditions[?(@.type=='Ready')].status" - - name: Reason - type: string - jsonPath: ".status.conditions[?(@.type=='Ready')].reason" - "schema": - "openAPIV3Schema": - description: DomainMapping is a mapping from a custom hostname to an Addressable. - type: object - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - description: 'Spec is the desired state of the DomainMapping. More info: https://github.com/kubernetes/community/blob/master/contributors/devel/sig-architecture/api-conventions.md#spec-and-status' - type: object - required: - - ref - properties: - ref: - description: "Ref specifies the target of the Domain Mapping. \n The object identified by the Ref must be an Addressable with a URL of the form `{name}.{namespace}.{domain}` where `{domain}` is the cluster domain, and `{name}` and `{namespace}` are the name and namespace of a Kubernetes Service. \n This contract is satisfied by Knative types such as Knative Services and Knative Routes, and by Kubernetes Services." - type: object - required: - - kind - - name - properties: - apiVersion: - description: API version of the referent. - type: string - group: - description: 'Group of the API, without the version of the group. This can be used as an alternative to the APIVersion, and then resolved using ResolveGroup. Note: This API is EXPERIMENTAL and might break anytime. For more details: https://github.com/knative/eventing/issues/5086' - type: string - kind: - description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - namespace: - description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ This is optional field, it gets defaulted to the object holding it if left out.' - type: string - tls: - description: TLS allows the DomainMapping to terminate TLS traffic with an existing secret. - type: object - required: - - secretName - properties: - secretName: - description: SecretName is the name of the existing secret used to terminate TLS traffic. - type: string - status: - description: 'Status is the current state of the DomainMapping. More info: https://github.com/kubernetes/community/blob/master/contributors/devel/sig-architecture/api-conventions.md#spec-and-status' - type: object - properties: - address: - description: Address holds the information needed for a DomainMapping to be the target of an event. - type: object - properties: - url: - type: string - annotations: - description: Annotations is additional Status fields for the Resource to save some additional State as well as convey more information to the user. This is roughly akin to Annotations on any k8s resource, just the reconciler conveying richer information outwards. - type: object - additionalProperties: - type: string - conditions: - description: Conditions the latest available observations of a resource's current state. - type: array - items: - description: 'Condition defines a readiness condition for a Knative resource. See: https://github.com/kubernetes/community/blob/master/contributors/devel/sig-architecture/api-conventions.md#typical-status-properties' - type: object - required: - - status - - type - properties: - lastTransitionTime: - description: LastTransitionTime is the last time the condition transitioned from one status to another. We use VolatileTime in place of metav1.Time to exclude this from creating equality.Semantic differences (all other things held constant). - type: string - message: - description: A human readable message indicating details about the transition. - type: string - reason: - description: The reason for the condition's last transition. - type: string - severity: - description: Severity with which to treat failures of this type of condition. When this is not specified, it defaults to Error. - type: string - status: - description: Status of the condition, one of True, False, Unknown. - type: string - type: - description: Type of condition. - type: string - observedGeneration: - description: ObservedGeneration is the 'Generation' of the Service that was last processed by the controller. - type: integer - format: int64 - url: - description: URL is the URL of this DomainMapping. - type: string - - name: v1alpha1 - served: true - storage: true - subresources: - status: {} - schema: - openAPIV3Schema: - description: DomainMapping is a mapping from a custom hostname to an Addressable. - type: object - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - description: 'Spec is the desired state of the DomainMapping. More info: https://github.com/kubernetes/community/blob/master/contributors/devel/sig-architecture/api-conventions.md#spec-and-status' - type: object - required: - - ref - properties: - ref: - description: "Ref specifies the target of the Domain Mapping. \n The object identified by the Ref must be an Addressable with a URL of the form `{name}.{namespace}.{domain}` where `{domain}` is the cluster domain, and `{name}` and `{namespace}` are the name and namespace of a Kubernetes Service. \n This contract is satisfied by Knative types such as Knative Services and Knative Routes, and by Kubernetes Services." - type: object - required: - - kind - - name - properties: - apiVersion: - description: API version of the referent. - type: string - group: - description: 'Group of the API, without the version of the group. This can be used as an alternative to the APIVersion, and then resolved using ResolveGroup. Note: This API is EXPERIMENTAL and might break anytime. For more details: https://github.com/knative/eventing/issues/5086' - type: string - kind: - description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - namespace: - description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ This is optional field, it gets defaulted to the object holding it if left out.' - type: string - tls: - description: TLS allows the DomainMapping to terminate TLS traffic with an existing secret. - type: object - required: - - secretName - properties: - secretName: - description: SecretName is the name of the existing secret used to terminate TLS traffic. - type: string - status: - description: 'Status is the current state of the DomainMapping. More info: https://github.com/kubernetes/community/blob/master/contributors/devel/sig-architecture/api-conventions.md#spec-and-status' - type: object - properties: - address: - description: Address holds the information needed for a DomainMapping to be the target of an event. - type: object - properties: - url: - type: string - annotations: - description: Annotations is additional Status fields for the Resource to save some additional State as well as convey more information to the user. This is roughly akin to Annotations on any k8s resource, just the reconciler conveying richer information outwards. - type: object - additionalProperties: - type: string - conditions: - description: Conditions the latest available observations of a resource's current state. - type: array - items: - description: 'Condition defines a readiness condition for a Knative resource. See: https://github.com/kubernetes/community/blob/master/contributors/devel/sig-architecture/api-conventions.md#typical-status-properties' - type: object - required: - - status - - type - properties: - lastTransitionTime: - description: LastTransitionTime is the last time the condition transitioned from one status to another. We use VolatileTime in place of metav1.Time to exclude this from creating equality.Semantic differences (all other things held constant). - type: string - message: - description: A human readable message indicating details about the transition. - type: string - reason: - description: The reason for the condition's last transition. - type: string - severity: - description: Severity with which to treat failures of this type of condition. When this is not specified, it defaults to Error. - type: string - status: - description: Status of the condition, one of True, False, Unknown. - type: string - type: - description: Type of condition. - type: string - observedGeneration: - description: ObservedGeneration is the 'Generation' of the Service that was last processed by the controller. - type: integer - format: int64 - url: - description: URL is the URL of this DomainMapping. - type: string - additionalPrinterColumns: - - name: URL - type: string - jsonPath: .status.url - - name: Ready - type: string - jsonPath: ".status.conditions[?(@.type=='Ready')].status" - - name: Reason - type: string - jsonPath: ".status.conditions[?(@.type=='Ready')].reason" - names: - kind: DomainMapping - plural: domainmappings - singular: domainmapping - categories: - - all - - knative - - serving - shortNames: - - dm - scope: Namespaced - ---- -# Copyright 2020 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - name: ingresses.networking.internal.knative.dev - labels: - app.kubernetes.io/name: knative-serving - app.kubernetes.io/component: networking - app.kubernetes.io/version: "1.8.2" - knative.dev/crd-install: "true" -spec: - group: networking.internal.knative.dev - versions: - - name: v1alpha1 - served: true - storage: true - subresources: - status: {} - schema: - openAPIV3Schema: - description: "Ingress is a collection of rules that allow inbound connections to reach the endpoints defined by a backend. An Ingress can be configured to give services externally-reachable URLs, load balance traffic, offer name based virtual hosting, etc. \n This is heavily based on K8s Ingress https://godoc.org/k8s.io/api/networking/v1beta1#Ingress which some highlighted modifications." - type: object - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - description: 'Spec is the desired state of the Ingress. More info: https://github.com/kubernetes/community/blob/master/contributors/devel/sig-architecture/api-conventions.md#spec-and-status' - type: object - properties: - httpOption: - description: 'HTTPOption is the option of HTTP. It has the following two values: `HTTPOptionEnabled`, `HTTPOptionRedirected`' - type: string - rules: - description: A list of host rules used to configure the Ingress. - type: array - items: - description: IngressRule represents the rules mapping the paths under a specified host to the related backend services. Incoming requests are first evaluated for a host match, then routed to the backend associated with the matching IngressRuleValue. - type: object - properties: - hosts: - description: 'Host is the fully qualified domain name of a network host, as defined by RFC 3986. Note the following deviations from the "host" part of the URI as defined in the RFC: 1. IPs are not allowed. Currently a rule value can only apply to the IP in the Spec of the parent . 2. The `:` delimiter is not respected because ports are not allowed. Currently the port of an Ingress is implicitly :80 for http and :443 for https. Both these may change in the future. If the host is unspecified, the Ingress routes all traffic based on the specified IngressRuleValue. If multiple matching Hosts were provided, the first rule will take precedent.' - type: array - items: - type: string - http: - description: HTTP represents a rule to apply against incoming requests. If the rule is satisfied, the request is routed to the specified backend. - type: object - required: - - paths - properties: - paths: - description: "A collection of paths that map requests to backends. \n If they are multiple matching paths, the first match takes precedence." - type: array - items: - description: HTTPIngressPath associates a path regex with a backend. Incoming URLs matching the path are forwarded to the backend. - type: object - required: - - splits - properties: - appendHeaders: - description: "AppendHeaders allow specifying additional HTTP headers to add before forwarding a request to the destination service. \n NOTE: This differs from K8s Ingress which doesn't allow header appending." - type: object - additionalProperties: - type: string - headers: - description: Headers defines header matching rules which is a map from a header name to HeaderMatch which specify a matching condition. When a request matched with all the header matching rules, the request is routed by the corresponding ingress rule. If it is empty, the headers are not used for matching - type: object - additionalProperties: - description: HeaderMatch represents a matching value of Headers in HTTPIngressPath. Currently, only the exact matching is supported. - type: object - required: - - exact - properties: - exact: - type: string - path: - description: Path represents a literal prefix to which this rule should apply. Currently it can contain characters disallowed from the conventional "path" part of a URL as defined by RFC 3986. Paths must begin with a '/'. If unspecified, the path defaults to a catch all sending traffic to the backend. - type: string - rewriteHost: - description: "RewriteHost rewrites the incoming request's host header. \n This field is currently experimental and not supported by all Ingress implementations." - type: string - splits: - description: Splits defines the referenced service endpoints to which the traffic will be forwarded to. - type: array - items: - description: IngressBackendSplit describes all endpoints for a given service and port. - type: object - required: - - serviceName - - serviceNamespace - - servicePort - properties: - appendHeaders: - description: "AppendHeaders allow specifying additional HTTP headers to add before forwarding a request to the destination service. \n NOTE: This differs from K8s Ingress which doesn't allow header appending." - type: object - additionalProperties: - type: string - percent: - description: "Specifies the split percentage, a number between 0 and 100. If only one split is specified, we default to 100. \n NOTE: This differs from K8s Ingress to allow percentage split." - type: integer - serviceName: - description: Specifies the name of the referenced service. - type: string - serviceNamespace: - description: "Specifies the namespace of the referenced service. \n NOTE: This differs from K8s Ingress to allow routing to different namespaces." - type: string - servicePort: - description: Specifies the port of the referenced service. - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - visibility: - description: Visibility signifies whether this rule should `ClusterLocal`. If it's not specified then it defaults to `ExternalIP`. - type: string - tls: - description: 'TLS configuration. Currently Ingress only supports a single TLS port: 443. If multiple members of this list specify different hosts, they will be multiplexed on the same port according to the hostname specified through the SNI TLS extension, if the ingress controller fulfilling the ingress supports SNI.' - type: array - items: - description: IngressTLS describes the transport layer security associated with an Ingress. - type: object - properties: - hosts: - description: Hosts is a list of hosts included in the TLS certificate. The values in this list must match the name/s used in the tlsSecret. Defaults to the wildcard host setting for the loadbalancer controller fulfilling this Ingress, if left unspecified. - type: array - items: - type: string - secretName: - description: SecretName is the name of the secret used to terminate SSL traffic. - type: string - secretNamespace: - description: SecretNamespace is the namespace of the secret used to terminate SSL traffic. If not set the namespace should be assumed to be the same as the Ingress. If set the secret should have the same namespace as the Ingress otherwise the behaviour is undefined and not supported. - type: string - status: - description: 'Status is the current state of the Ingress. More info: https://github.com/kubernetes/community/blob/master/contributors/devel/sig-architecture/api-conventions.md#spec-and-status' - type: object - properties: - annotations: - description: Annotations is additional Status fields for the Resource to save some additional State as well as convey more information to the user. This is roughly akin to Annotations on any k8s resource, just the reconciler conveying richer information outwards. - type: object - additionalProperties: - type: string - conditions: - description: Conditions the latest available observations of a resource's current state. - type: array - items: - description: 'Condition defines a readiness condition for a Knative resource. See: https://github.com/kubernetes/community/blob/master/contributors/devel/sig-architecture/api-conventions.md#typical-status-properties' - type: object - required: - - status - - type - properties: - lastTransitionTime: - description: LastTransitionTime is the last time the condition transitioned from one status to another. We use VolatileTime in place of metav1.Time to exclude this from creating equality.Semantic differences (all other things held constant). - type: string - message: - description: A human readable message indicating details about the transition. - type: string - reason: - description: The reason for the condition's last transition. - type: string - severity: - description: Severity with which to treat failures of this type of condition. When this is not specified, it defaults to Error. - type: string - status: - description: Status of the condition, one of True, False, Unknown. - type: string - type: - description: Type of condition. - type: string - observedGeneration: - description: ObservedGeneration is the 'Generation' of the Service that was last processed by the controller. - type: integer - format: int64 - privateLoadBalancer: - description: PrivateLoadBalancer contains the current status of the load-balancer. - type: object - properties: - ingress: - description: Ingress is a list containing ingress points for the load-balancer. Traffic intended for the service should be sent to these ingress points. - type: array - items: - description: 'LoadBalancerIngressStatus represents the status of a load-balancer ingress point: traffic intended for the service should be sent to an ingress point.' - type: object - properties: - domain: - description: Domain is set for load-balancer ingress points that are DNS based (typically AWS load-balancers) - type: string - domainInternal: - description: "DomainInternal is set if there is a cluster-local DNS name to access the Ingress. \n NOTE: This differs from K8s Ingress, since we also desire to have a cluster-local DNS name to allow routing in case of not having a mesh." - type: string - ip: - description: IP is set for load-balancer ingress points that are IP based (typically GCE or OpenStack load-balancers) - type: string - meshOnly: - description: MeshOnly is set if the Ingress is only load-balanced through a Service mesh. - type: boolean - publicLoadBalancer: - description: PublicLoadBalancer contains the current status of the load-balancer. - type: object - properties: - ingress: - description: Ingress is a list containing ingress points for the load-balancer. Traffic intended for the service should be sent to these ingress points. - type: array - items: - description: 'LoadBalancerIngressStatus represents the status of a load-balancer ingress point: traffic intended for the service should be sent to an ingress point.' - type: object - properties: - domain: - description: Domain is set for load-balancer ingress points that are DNS based (typically AWS load-balancers) - type: string - domainInternal: - description: "DomainInternal is set if there is a cluster-local DNS name to access the Ingress. \n NOTE: This differs from K8s Ingress, since we also desire to have a cluster-local DNS name to allow routing in case of not having a mesh." - type: string - ip: - description: IP is set for load-balancer ingress points that are IP based (typically GCE or OpenStack load-balancers) - type: string - meshOnly: - description: MeshOnly is set if the Ingress is only load-balanced through a Service mesh. - type: boolean - additionalPrinterColumns: - - name: Ready - type: string - jsonPath: ".status.conditions[?(@.type=='Ready')].status" - - name: Reason - type: string - jsonPath: ".status.conditions[?(@.type=='Ready')].reason" - names: - kind: Ingress - plural: ingresses - singular: ingress - categories: - - knative-internal - - networking - shortNames: - - kingress - - king - scope: Namespaced - ---- -# Copyright 2019 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -# Note: The schema part of the spec is auto-generated by hack/update-schemas.sh. - -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - name: metrics.autoscaling.internal.knative.dev - labels: - app.kubernetes.io/name: knative-serving - app.kubernetes.io/version: "1.8.2" - knative.dev/crd-install: "true" -spec: - group: autoscaling.internal.knative.dev - names: - kind: Metric - plural: metrics - singular: metric - categories: - - knative-internal - - autoscaling - scope: Namespaced - versions: - - name: v1alpha1 - served: true - storage: true - subresources: - status: {} - additionalPrinterColumns: - - name: Ready - type: string - jsonPath: ".status.conditions[?(@.type=='Ready')].status" - - name: Reason - type: string - jsonPath: ".status.conditions[?(@.type=='Ready')].reason" - schema: - openAPIV3Schema: - description: Metric represents a resource to configure the metric collector with. - type: object - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - description: Spec holds the desired state of the Metric (from the client). - type: object - required: - - panicWindow - - scrapeTarget - - stableWindow - properties: - panicWindow: - description: PanicWindow is the aggregation window for metrics where quick reactions are needed. - type: integer - format: int64 - scrapeTarget: - description: ScrapeTarget is the K8s service that publishes the metric endpoint. - type: string - stableWindow: - description: StableWindow is the aggregation window for metrics in a stable state. - type: integer - format: int64 - status: - description: Status communicates the observed state of the Metric (from the controller). - type: object - properties: - annotations: - description: Annotations is additional Status fields for the Resource to save some additional State as well as convey more information to the user. This is roughly akin to Annotations on any k8s resource, just the reconciler conveying richer information outwards. - type: object - additionalProperties: - type: string - conditions: - description: Conditions the latest available observations of a resource's current state. - type: array - items: - description: 'Condition defines a readiness condition for a Knative resource. See: https://github.com/kubernetes/community/blob/master/contributors/devel/sig-architecture/api-conventions.md#typical-status-properties' - type: object - required: - - status - - type - properties: - lastTransitionTime: - description: LastTransitionTime is the last time the condition transitioned from one status to another. We use VolatileTime in place of metav1.Time to exclude this from creating equality.Semantic differences (all other things held constant). - type: string - message: - description: A human readable message indicating details about the transition. - type: string - reason: - description: The reason for the condition's last transition. - type: string - severity: - description: Severity with which to treat failures of this type of condition. When this is not specified, it defaults to Error. - type: string - status: - description: Status of the condition, one of True, False, Unknown. - type: string - type: - description: Type of condition. - type: string - observedGeneration: - description: ObservedGeneration is the 'Generation' of the Service that was last processed by the controller. - type: integer - format: int64 - ---- -# Copyright 2018 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -# Note: The schema part of the spec is auto-generated by hack/update-schemas.sh. - -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - name: podautoscalers.autoscaling.internal.knative.dev - labels: - app.kubernetes.io/name: knative-serving - app.kubernetes.io/version: "1.8.2" - knative.dev/crd-install: "true" -spec: - group: autoscaling.internal.knative.dev - names: - kind: PodAutoscaler - plural: podautoscalers - singular: podautoscaler - categories: - - knative-internal - - autoscaling - shortNames: - - kpa - - pa - scope: Namespaced - versions: - - name: v1alpha1 - served: true - storage: true - subresources: - status: {} - additionalPrinterColumns: - - name: DesiredScale - type: integer - jsonPath: ".status.desiredScale" - - name: ActualScale - type: integer - jsonPath: ".status.actualScale" - - name: Ready - type: string - jsonPath: ".status.conditions[?(@.type=='Ready')].status" - - name: Reason - type: string - jsonPath: ".status.conditions[?(@.type=='Ready')].reason" - schema: - openAPIV3Schema: - description: 'PodAutoscaler is a Knative abstraction that encapsulates the interface by which Knative components instantiate autoscalers. This definition is an abstraction that may be backed by multiple definitions. For more information, see the Knative Pluggability presentation: https://docs.google.com/presentation/d/19vW9HFZ6Puxt31biNZF3uLRejDmu82rxJIk1cWmxF7w/edit' - type: object - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - description: Spec holds the desired state of the PodAutoscaler (from the client). - type: object - required: - - protocolType - - scaleTargetRef - properties: - containerConcurrency: - description: ContainerConcurrency specifies the maximum allowed in-flight (concurrent) requests per container of the Revision. Defaults to `0` which means unlimited concurrency. - type: integer - format: int64 - protocolType: - description: The application-layer protocol. Matches `ProtocolType` inferred from the revision spec. - type: string - reachability: - description: Reachability specifies whether or not the `ScaleTargetRef` can be reached (ie. has a route). Defaults to `ReachabilityUnknown` - type: string - scaleTargetRef: - description: ScaleTargetRef defines the /scale-able resource that this PodAutoscaler is responsible for quickly right-sizing. - type: object - properties: - apiVersion: - description: API version of the referent. - type: string - kind: - description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - x-kubernetes-map-type: atomic - status: - description: Status communicates the observed state of the PodAutoscaler (from the controller). - type: object - required: - - metricsServiceName - - serviceName - properties: - actualScale: - description: ActualScale shows the actual number of replicas for the revision. - type: integer - format: int32 - annotations: - description: Annotations is additional Status fields for the Resource to save some additional State as well as convey more information to the user. This is roughly akin to Annotations on any k8s resource, just the reconciler conveying richer information outwards. - type: object - additionalProperties: - type: string - conditions: - description: Conditions the latest available observations of a resource's current state. - type: array - items: - description: 'Condition defines a readiness condition for a Knative resource. See: https://github.com/kubernetes/community/blob/master/contributors/devel/sig-architecture/api-conventions.md#typical-status-properties' - type: object - required: - - status - - type - properties: - lastTransitionTime: - description: LastTransitionTime is the last time the condition transitioned from one status to another. We use VolatileTime in place of metav1.Time to exclude this from creating equality.Semantic differences (all other things held constant). - type: string - message: - description: A human readable message indicating details about the transition. - type: string - reason: - description: The reason for the condition's last transition. - type: string - severity: - description: Severity with which to treat failures of this type of condition. When this is not specified, it defaults to Error. - type: string - status: - description: Status of the condition, one of True, False, Unknown. - type: string - type: - description: Type of condition. - type: string - desiredScale: - description: DesiredScale shows the current desired number of replicas for the revision. - type: integer - format: int32 - metricsServiceName: - description: MetricsServiceName is the K8s Service name that provides revision metrics. The service is managed by the PA object. - type: string - observedGeneration: - description: ObservedGeneration is the 'Generation' of the Service that was last processed by the controller. - type: integer - format: int64 - serviceName: - description: ServiceName is the K8s Service name that serves the revision, scaled by this PA. The service is created and owned by the ServerlessService object owned by this PA. - type: string - ---- -# Copyright 2019 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -# Note: The schema part of the spec is auto-generated by hack/update-schemas.sh. - -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - name: revisions.serving.knative.dev - labels: - app.kubernetes.io/name: knative-serving - app.kubernetes.io/version: "1.8.2" - knative.dev/crd-install: "true" -spec: - group: serving.knative.dev - names: - kind: Revision - plural: revisions - singular: revision - categories: - - all - - knative - - serving - shortNames: - - rev - scope: Namespaced - versions: - - name: v1 - served: true - storage: true - subresources: - status: {} - additionalPrinterColumns: - - name: Config Name - type: string - jsonPath: ".metadata.labels['serving\\.knative\\.dev/configuration']" - - name: K8s Service Name - type: string - jsonPath: ".status.serviceName" - - name: Generation - type: string # int in string form :( - jsonPath: ".metadata.labels['serving\\.knative\\.dev/configurationGeneration']" - - name: Ready - type: string - jsonPath: ".status.conditions[?(@.type=='Ready')].status" - - name: Reason - type: string - jsonPath: ".status.conditions[?(@.type=='Ready')].reason" - - name: Actual Replicas - type: integer - jsonPath: ".status.actualReplicas" - - name: Desired Replicas - type: integer - jsonPath: ".status.desiredReplicas" - schema: - openAPIV3Schema: - description: "Revision is an immutable snapshot of code and configuration. A revision references a container image. Revisions are created by updates to a Configuration. \n See also: https://github.com/knative/serving/blob/main/docs/spec/overview.md#revision" - type: object - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - description: RevisionSpec holds the desired state of the Revision (from the client). - type: object - required: - - containers - properties: - affinity: - description: This is accessible behind a feature flag - kubernetes.podspec-affinity - type: object - x-kubernetes-preserve-unknown-fields: true - automountServiceAccountToken: - description: AutomountServiceAccountToken indicates whether a service account token should be automatically mounted. - type: boolean - containerConcurrency: - description: ContainerConcurrency specifies the maximum allowed in-flight (concurrent) requests per container of the Revision. Defaults to `0` which means concurrency to the application is not limited, and the system decides the target concurrency for the autoscaler. - type: integer - format: int64 - containers: - description: List of containers belonging to the pod. Containers cannot currently be added or removed. There must be at least one container in a Pod. Cannot be updated. - type: array - items: - description: A single application container that you want to run within a pod. - type: object - properties: - args: - description: 'Arguments to the entrypoint. The container image''s CMD is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container''s environment. If a variable cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)" will produce the string literal "$(VAR_NAME)". Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell' - type: array - items: - type: string - command: - description: 'Entrypoint array. Not executed within a shell. The container image''s ENTRYPOINT is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container''s environment. If a variable cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)" will produce the string literal "$(VAR_NAME)". Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell' - type: array - items: - type: string - env: - description: List of environment variables to set in the container. Cannot be updated. - type: array - items: - description: EnvVar represents an environment variable present in a Container. - type: object - required: - - name - properties: - name: - description: Name of the environment variable. Must be a C_IDENTIFIER. - type: string - value: - description: 'Variable references $(VAR_NAME) are expanded using the previously defined environment variables in the container and any service environment variables. If a variable cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)" will produce the string literal "$(VAR_NAME)". Escaped references will never be expanded, regardless of whether the variable exists or not. Defaults to "".' - type: string - valueFrom: - description: Source for the environment variable's value. Cannot be used if value is not empty. - type: object - properties: - configMapKeyRef: - description: Selects a key of a ConfigMap. - type: object - required: - - key - properties: - key: - description: The key to select. - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?' - type: string - optional: - description: Specify whether the ConfigMap or its key must be defined - type: boolean - x-kubernetes-map-type: atomic - fieldRef: - description: This is accessible behind a feature flag - kubernetes.podspec-fieldref - type: object - x-kubernetes-preserve-unknown-fields: true - x-kubernetes-map-type: atomic - resourceFieldRef: - description: This is accessible behind a feature flag - kubernetes.podspec-fieldref - type: object - x-kubernetes-preserve-unknown-fields: true - x-kubernetes-map-type: atomic - secretKeyRef: - description: Selects a key of a secret in the pod's namespace - type: object - required: - - key - properties: - key: - description: The key of the secret to select from. Must be a valid secret key. - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?' - type: string - optional: - description: Specify whether the Secret or its key must be defined - type: boolean - x-kubernetes-map-type: atomic - envFrom: - description: List of sources to populate environment variables in the container. The keys defined within a source must be a C_IDENTIFIER. All invalid keys will be reported as an event when the container is starting. When a key exists in multiple sources, the value associated with the last source will take precedence. Values defined by an Env with a duplicate key will take precedence. Cannot be updated. - type: array - items: - description: EnvFromSource represents the source of a set of ConfigMaps - type: object - properties: - configMapRef: - description: The ConfigMap to select from - type: object - properties: - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?' - type: string - optional: - description: Specify whether the ConfigMap must be defined - type: boolean - x-kubernetes-map-type: atomic - prefix: - description: An optional identifier to prepend to each key in the ConfigMap. Must be a C_IDENTIFIER. - type: string - secretRef: - description: The Secret to select from - type: object - properties: - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?' - type: string - optional: - description: Specify whether the Secret must be defined - type: boolean - x-kubernetes-map-type: atomic - image: - description: 'Container image name. More info: https://kubernetes.io/docs/concepts/containers/images This field is optional to allow higher level config management to default or override container images in workload controllers like Deployments and StatefulSets.' - type: string - imagePullPolicy: - description: 'Image pull policy. One of Always, Never, IfNotPresent. Defaults to Always if :latest tag is specified, or IfNotPresent otherwise. Cannot be updated. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images' - type: string - livenessProbe: - description: 'Periodic probe of container liveness. Container will be restarted if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' - type: object - properties: - exec: - description: Exec specifies the action to take. - type: object - properties: - command: - description: Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. - type: array - items: - type: string - failureThreshold: - description: Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1. - type: integer - format: int32 - httpGet: - description: HTTPGet specifies the http request to perform. - type: object - properties: - host: - description: Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. - type: string - httpHeaders: - description: Custom headers to set in the request. HTTP allows repeated headers. - type: array - items: - description: HTTPHeader describes a custom header to be used in HTTP probes - type: object - required: - - name - - value - properties: - name: - description: The header field name - type: string - value: - description: The header field value - type: string - path: - description: Path to access on the HTTP server. - type: string - port: - description: Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - scheme: - description: Scheme to use for connecting to the host. Defaults to HTTP. - type: string - initialDelaySeconds: - description: 'Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' - type: integer - format: int32 - periodSeconds: - description: How often (in seconds) to perform the probe. - type: integer - format: int32 - successThreshold: - description: Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1. - type: integer - format: int32 - tcpSocket: - description: TCPSocket specifies an action involving a TCP port. - type: object - properties: - host: - description: 'Optional: Host name to connect to, defaults to the pod IP.' - type: string - port: - description: Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - timeoutSeconds: - description: 'Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' - type: integer - format: int32 - name: - description: Name of the container specified as a DNS_LABEL. Each container in a pod must have a unique name (DNS_LABEL). Cannot be updated. - type: string - ports: - description: List of ports to expose from the container. Not specifying a port here DOES NOT prevent that port from being exposed. Any port which is listening on the default "0.0.0.0" address inside a container will be accessible from the network. Modifying this array with strategic merge patch may corrupt the data. For more information See https://github.com/kubernetes/kubernetes/issues/108255. Cannot be updated. - type: array - items: - description: ContainerPort represents a network port in a single container. - type: object - required: - - containerPort - properties: - containerPort: - description: Number of port to expose on the pod's IP address. This must be a valid port number, 0 < x < 65536. - type: integer - format: int32 - name: - description: If specified, this must be an IANA_SVC_NAME and unique within the pod. Each named port in a pod must have a unique name. Name for the port that can be referred to by services. - type: string - protocol: - description: Protocol for port. Must be UDP, TCP, or SCTP. Defaults to "TCP". - type: string - default: TCP - x-kubernetes-list-map-keys: - - containerPort - - protocol - x-kubernetes-list-type: map - readinessProbe: - description: 'Periodic probe of container service readiness. Container will be removed from service endpoints if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' - type: object - properties: - exec: - description: Exec specifies the action to take. - type: object - properties: - command: - description: Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. - type: array - items: - type: string - failureThreshold: - description: Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1. - type: integer - format: int32 - httpGet: - description: HTTPGet specifies the http request to perform. - type: object - properties: - host: - description: Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. - type: string - httpHeaders: - description: Custom headers to set in the request. HTTP allows repeated headers. - type: array - items: - description: HTTPHeader describes a custom header to be used in HTTP probes - type: object - required: - - name - - value - properties: - name: - description: The header field name - type: string - value: - description: The header field value - type: string - path: - description: Path to access on the HTTP server. - type: string - port: - description: Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - scheme: - description: Scheme to use for connecting to the host. Defaults to HTTP. - type: string - initialDelaySeconds: - description: 'Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' - type: integer - format: int32 - periodSeconds: - description: How often (in seconds) to perform the probe. - type: integer - format: int32 - successThreshold: - description: Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1. - type: integer - format: int32 - tcpSocket: - description: TCPSocket specifies an action involving a TCP port. - type: object - properties: - host: - description: 'Optional: Host name to connect to, defaults to the pod IP.' - type: string - port: - description: Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - timeoutSeconds: - description: 'Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' - type: integer - format: int32 - resources: - description: 'Compute Resources required by this container. Cannot be updated. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' - type: object - properties: - limits: - description: 'Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' - type: object - additionalProperties: - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - requests: - description: 'Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' - type: object - additionalProperties: - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - securityContext: - description: 'SecurityContext defines the security options the container should be run with. If set, the fields of SecurityContext override the equivalent fields of PodSecurityContext. More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/' - type: object - properties: - allowPrivilegeEscalation: - description: 'AllowPrivilegeEscalation controls whether a process can gain more privileges than its parent process. This bool directly controls if the no_new_privs flag will be set on the container process. AllowPrivilegeEscalation is true always when the container is: 1) run as Privileged 2) has CAP_SYS_ADMIN Note that this field cannot be set when spec.os.name is windows.' - type: boolean - capabilities: - description: The capabilities to add/drop when running containers. Defaults to the default set of capabilities granted by the container runtime. Note that this field cannot be set when spec.os.name is windows. - type: object - properties: - add: - description: This is accessible behind a feature flag - kubernetes.containerspec-addcapabilities - type: array - items: - description: Capability represent POSIX capabilities type - type: string - drop: - description: Removed capabilities - type: array - items: - description: Capability represent POSIX capabilities type - type: string - readOnlyRootFilesystem: - description: Whether this container has a read-only root filesystem. Default is false. Note that this field cannot be set when spec.os.name is windows. - type: boolean - runAsGroup: - description: The GID to run the entrypoint of the container process. Uses runtime default if unset. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is windows. - type: integer - format: int64 - runAsNonRoot: - description: Indicates that the container must run as a non-root user. If true, the Kubelet will validate the image at runtime to ensure that it does not run as UID 0 (root) and fail to start the container if it does. If unset or false, no such validation will be performed. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. - type: boolean - runAsUser: - description: The UID to run the entrypoint of the container process. Defaults to user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is windows. - type: integer - format: int64 - terminationMessagePath: - description: 'Optional: Path at which the file to which the container''s termination message will be written is mounted into the container''s filesystem. Message written is intended to be brief final status, such as an assertion failure message. Will be truncated by the node if greater than 4096 bytes. The total message length across all containers will be limited to 12kb. Defaults to /dev/termination-log. Cannot be updated.' - type: string - terminationMessagePolicy: - description: Indicate how the termination message should be populated. File will use the contents of terminationMessagePath to populate the container status message on both success and failure. FallbackToLogsOnError will use the last chunk of container log output if the termination message file is empty and the container exited with an error. The log output is limited to 2048 bytes or 80 lines, whichever is smaller. Defaults to File. Cannot be updated. - type: string - volumeMounts: - description: Pod volumes to mount into the container's filesystem. Cannot be updated. - type: array - items: - description: VolumeMount describes a mounting of a Volume within a container. - type: object - required: - - mountPath - - name - properties: - mountPath: - description: Path within the container at which the volume should be mounted. Must not contain ':'. - type: string - name: - description: This must match the Name of a Volume. - type: string - readOnly: - description: Mounted read-only if true, read-write otherwise (false or unspecified). Defaults to false. - type: boolean - subPath: - description: Path within the volume from which the container's volume should be mounted. Defaults to "" (volume's root). - type: string - workingDir: - description: Container's working directory. If not specified, the container runtime's default will be used, which might be configured in the container image. Cannot be updated. - type: string - dnsConfig: - description: This is accessible behind a feature flag - kubernetes.podspec-dnsconfig - type: object - x-kubernetes-preserve-unknown-fields: true - dnsPolicy: - description: This is accessible behind a feature flag - kubernetes.podspec-dnspolicy - type: string - enableServiceLinks: - description: 'EnableServiceLinks indicates whether information about services should be injected into pod''s environment variables, matching the syntax of Docker links. Optional: Knative defaults this to false.' - type: boolean - hostAliases: - description: This is accessible behind a feature flag - kubernetes.podspec-hostaliases - type: array - items: - description: This is accessible behind a feature flag - kubernetes.podspec-hostaliases - type: object - x-kubernetes-preserve-unknown-fields: true - idleTimeoutSeconds: - description: IdleTimeoutSeconds is the maximum duration in seconds a request will be allowed to stay open while not receiving any bytes from the user's application. If unspecified, a system default will be provided. - type: integer - format: int64 - imagePullSecrets: - description: 'ImagePullSecrets is an optional list of references to secrets in the same namespace to use for pulling any of the images used by this PodSpec. If specified, these secrets will be passed to individual puller implementations for them to use. More info: https://kubernetes.io/docs/concepts/containers/images#specifying-imagepullsecrets-on-a-pod' - type: array - items: - description: LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. - type: object - properties: - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?' - type: string - x-kubernetes-map-type: atomic - initContainers: - description: 'List of initialization containers belonging to the pod. Init containers are executed in order prior to containers being started. If any init container fails, the pod is considered to have failed and is handled according to its restartPolicy. The name for an init container or normal container must be unique among all containers. Init containers may not have Lifecycle actions, Readiness probes, Liveness probes, or Startup probes. The resourceRequirements of an init container are taken into account during scheduling by finding the highest request/limit for each resource type, and then using the max of of that value or the sum of the normal containers. Limits are applied to init containers in a similar fashion. Init containers cannot currently be added or removed. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/init-containers/' - type: array - items: - description: This is accessible behind a feature flag - kubernetes.podspec-init-containers - type: object - x-kubernetes-preserve-unknown-fields: true - nodeSelector: - description: This is accessible behind a feature flag - kubernetes.podspec-nodeselector - type: object - x-kubernetes-preserve-unknown-fields: true - x-kubernetes-map-type: atomic - priorityClassName: - description: This is accessible behind a feature flag - kubernetes.podspec-priorityclassname - type: string - x-kubernetes-preserve-unknown-fields: true - responseStartTimeoutSeconds: - description: ResponseStartTimeoutSeconds is the maximum duration in seconds that the request routing layer will wait for a request delivered to a container to begin sending any network traffic. - type: integer - format: int64 - runtimeClassName: - description: This is accessible behind a feature flag - kubernetes.podspec-runtimeclassname - type: string - x-kubernetes-preserve-unknown-fields: true - schedulerName: - description: This is accessible behind a feature flag - kubernetes.podspec-schedulername - type: string - x-kubernetes-preserve-unknown-fields: true - securityContext: - description: This is accessible behind a feature flag - kubernetes.podspec-securitycontext - type: object - x-kubernetes-preserve-unknown-fields: true - serviceAccountName: - description: 'ServiceAccountName is the name of the ServiceAccount to use to run this pod. More info: https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/' - type: string - timeoutSeconds: - description: TimeoutSeconds is the maximum duration in seconds that the request instance is allowed to respond to a request. If unspecified, a system default will be provided. - type: integer - format: int64 - tolerations: - description: This is accessible behind a feature flag - kubernetes.podspec-tolerations - type: array - items: - description: This is accessible behind a feature flag - kubernetes.podspec-tolerations - type: object - x-kubernetes-preserve-unknown-fields: true - topologySpreadConstraints: - description: This is accessible behind a feature flag - kubernetes.podspec-topologyspreadconstraints - type: array - items: - description: This is accessible behind a feature flag - kubernetes.podspec-topologyspreadconstraints - type: object - x-kubernetes-preserve-unknown-fields: true - volumes: - description: 'List of volumes that can be mounted by containers belonging to the pod. More info: https://kubernetes.io/docs/concepts/storage/volumes' - type: array - items: - description: Volume represents a named volume in a pod that may be accessed by any container in the pod. - type: object - required: - - name - properties: - configMap: - description: configMap represents a configMap that should populate this volume - type: object - properties: - defaultMode: - description: 'defaultMode is optional: mode bits used to set permissions on created files by default. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. Defaults to 0644. Directories within the path are not affected by this setting. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.' - type: integer - format: int32 - items: - description: items if unspecified, each key-value pair in the Data field of the referenced ConfigMap will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the ConfigMap, the volume setup will error unless it is marked optional. Paths must be relative and may not contain the '..' path or start with '..'. - type: array - items: - description: Maps a string key to a path within a volume. - type: object - required: - - key - - path - properties: - key: - description: key is the key to project. - type: string - mode: - description: 'mode is Optional: mode bits used to set permissions on this file. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.' - type: integer - format: int32 - path: - description: path is the relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'. - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?' - type: string - optional: - description: optional specify whether the ConfigMap or its keys must be defined - type: boolean - x-kubernetes-map-type: atomic - emptyDir: - description: This is accessible behind a feature flag - kubernetes.podspec-emptydir - type: object - x-kubernetes-preserve-unknown-fields: true - name: - description: 'name of the volume. Must be a DNS_LABEL and unique within the pod. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - persistentVolumeClaim: - description: This is accessible behind a feature flag - kubernetes.podspec-persistent-volume-claim - type: object - x-kubernetes-preserve-unknown-fields: true - projected: - description: projected items for all in one resources secrets, configmaps, and downward API - type: object - properties: - defaultMode: - description: defaultMode are the mode bits used to set permissions on created files by default. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. Directories within the path are not affected by this setting. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. - type: integer - format: int32 - sources: - description: sources is the list of volume projections - type: array - items: - description: Projection that may be projected along with other supported volume types - type: object - properties: - configMap: - description: configMap information about the configMap data to project - type: object - properties: - items: - description: items if unspecified, each key-value pair in the Data field of the referenced ConfigMap will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the ConfigMap, the volume setup will error unless it is marked optional. Paths must be relative and may not contain the '..' path or start with '..'. - type: array - items: - description: Maps a string key to a path within a volume. - type: object - required: - - key - - path - properties: - key: - description: key is the key to project. - type: string - mode: - description: 'mode is Optional: mode bits used to set permissions on this file. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.' - type: integer - format: int32 - path: - description: path is the relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'. - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?' - type: string - optional: - description: optional specify whether the ConfigMap or its keys must be defined - type: boolean - x-kubernetes-map-type: atomic - secret: - description: secret information about the secret data to project - type: object - properties: - items: - description: items if unspecified, each key-value pair in the Data field of the referenced Secret will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the Secret, the volume setup will error unless it is marked optional. Paths must be relative and may not contain the '..' path or start with '..'. - type: array - items: - description: Maps a string key to a path within a volume. - type: object - required: - - key - - path - properties: - key: - description: key is the key to project. - type: string - mode: - description: 'mode is Optional: mode bits used to set permissions on this file. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.' - type: integer - format: int32 - path: - description: path is the relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'. - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?' - type: string - optional: - description: optional field specify whether the Secret or its key must be defined - type: boolean - x-kubernetes-map-type: atomic - serviceAccountToken: - description: serviceAccountToken is information about the serviceAccountToken data to project - type: object - required: - - path - properties: - audience: - description: audience is the intended audience of the token. A recipient of a token must identify itself with an identifier specified in the audience of the token, and otherwise should reject the token. The audience defaults to the identifier of the apiserver. - type: string - expirationSeconds: - description: expirationSeconds is the requested duration of validity of the service account token. As the token approaches expiration, the kubelet volume plugin will proactively rotate the service account token. The kubelet will start trying to rotate the token if the token is older than 80 percent of its time to live or if the token is older than 24 hours.Defaults to 1 hour and must be at least 10 minutes. - type: integer - format: int64 - path: - description: path is the path relative to the mount point of the file to project the token into. - type: string - secret: - description: 'secret represents a secret that should populate this volume. More info: https://kubernetes.io/docs/concepts/storage/volumes#secret' - type: object - properties: - defaultMode: - description: 'defaultMode is Optional: mode bits used to set permissions on created files by default. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. Defaults to 0644. Directories within the path are not affected by this setting. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.' - type: integer - format: int32 - items: - description: items If unspecified, each key-value pair in the Data field of the referenced Secret will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the Secret, the volume setup will error unless it is marked optional. Paths must be relative and may not contain the '..' path or start with '..'. - type: array - items: - description: Maps a string key to a path within a volume. - type: object - required: - - key - - path - properties: - key: - description: key is the key to project. - type: string - mode: - description: 'mode is Optional: mode bits used to set permissions on this file. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.' - type: integer - format: int32 - path: - description: path is the relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'. - type: string - optional: - description: optional field specify whether the Secret or its keys must be defined - type: boolean - secretName: - description: 'secretName is the name of the secret in the pod''s namespace to use. More info: https://kubernetes.io/docs/concepts/storage/volumes#secret' - type: string - status: - description: RevisionStatus communicates the observed state of the Revision (from the controller). - type: object - properties: - actualReplicas: - description: ActualReplicas reflects the amount of ready pods running this revision. - type: integer - format: int32 - annotations: - description: Annotations is additional Status fields for the Resource to save some additional State as well as convey more information to the user. This is roughly akin to Annotations on any k8s resource, just the reconciler conveying richer information outwards. - type: object - additionalProperties: - type: string - conditions: - description: Conditions the latest available observations of a resource's current state. - type: array - items: - description: 'Condition defines a readiness condition for a Knative resource. See: https://github.com/kubernetes/community/blob/master/contributors/devel/sig-architecture/api-conventions.md#typical-status-properties' - type: object - required: - - status - - type - properties: - lastTransitionTime: - description: LastTransitionTime is the last time the condition transitioned from one status to another. We use VolatileTime in place of metav1.Time to exclude this from creating equality.Semantic differences (all other things held constant). - type: string - message: - description: A human readable message indicating details about the transition. - type: string - reason: - description: The reason for the condition's last transition. - type: string - severity: - description: Severity with which to treat failures of this type of condition. When this is not specified, it defaults to Error. - type: string - status: - description: Status of the condition, one of True, False, Unknown. - type: string - type: - description: Type of condition. - type: string - containerStatuses: - description: 'ContainerStatuses is a slice of images present in .Spec.Container[*].Image to their respective digests and their container name. The digests are resolved during the creation of Revision. ContainerStatuses holds the container name and image digests for both serving and non serving containers. ref: http://bit.ly/image-digests' - type: array - items: - description: ContainerStatus holds the information of container name and image digest value - type: object - properties: - imageDigest: - type: string - name: - type: string - desiredReplicas: - description: DesiredReplicas reflects the desired amount of pods running this revision. - type: integer - format: int32 - initContainerStatuses: - description: 'InitContainerStatuses is a slice of images present in .Spec.InitContainer[*].Image to their respective digests and their container name. The digests are resolved during the creation of Revision. ContainerStatuses holds the container name and image digests for both serving and non serving containers. ref: http://bit.ly/image-digests' - type: array - items: - description: ContainerStatus holds the information of container name and image digest value - type: object - properties: - imageDigest: - type: string - name: - type: string - logUrl: - description: LogURL specifies the generated logging url for this particular revision based on the revision url template specified in the controller's config. - type: string - observedGeneration: - description: ObservedGeneration is the 'Generation' of the Service that was last processed by the controller. - type: integer - format: int64 - ---- -# Copyright 2019 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -# Note: The schema part of the spec is auto-generated by hack/update-schemas.sh. - -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - name: routes.serving.knative.dev - labels: - app.kubernetes.io/name: knative-serving - app.kubernetes.io/version: "1.8.2" - knative.dev/crd-install: "true" - duck.knative.dev/addressable: "true" -spec: - group: serving.knative.dev - names: - kind: Route - plural: routes - singular: route - categories: - - all - - knative - - serving - shortNames: - - rt - scope: Namespaced - versions: - - name: v1 - served: true - storage: true - subresources: - status: {} - additionalPrinterColumns: - - name: URL - type: string - jsonPath: .status.url - - name: Ready - type: string - jsonPath: ".status.conditions[?(@.type=='Ready')].status" - - name: Reason - type: string - jsonPath: ".status.conditions[?(@.type=='Ready')].reason" - schema: - openAPIV3Schema: - description: 'Route is responsible for configuring ingress over a collection of Revisions. Some of the Revisions a Route distributes traffic over may be specified by referencing the Configuration responsible for creating them; in these cases the Route is additionally responsible for monitoring the Configuration for "latest ready revision" changes, and smoothly rolling out latest revisions. See also: https://github.com/knative/serving/blob/main/docs/spec/overview.md#route' - type: object - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - description: Spec holds the desired state of the Route (from the client). - type: object - properties: - traffic: - description: Traffic specifies how to distribute traffic over a collection of revisions and configurations. - type: array - items: - description: TrafficTarget holds a single entry of the routing table for a Route. - type: object - properties: - configurationName: - description: ConfigurationName of a configuration to whose latest revision we will send this portion of traffic. When the "status.latestReadyRevisionName" of the referenced configuration changes, we will automatically migrate traffic from the prior "latest ready" revision to the new one. This field is never set in Route's status, only its spec. This is mutually exclusive with RevisionName. - type: string - latestRevision: - description: LatestRevision may be optionally provided to indicate that the latest ready Revision of the Configuration should be used for this traffic target. When provided LatestRevision must be true if RevisionName is empty; it must be false when RevisionName is non-empty. - type: boolean - percent: - description: 'Percent indicates that percentage based routing should be used and the value indicates the percent of traffic that is be routed to this Revision or Configuration. `0` (zero) mean no traffic, `100` means all traffic. When percentage based routing is being used the follow rules apply: - the sum of all percent values must equal 100 - when not specified, the implied value for `percent` is zero for that particular Revision or Configuration' - type: integer - format: int64 - revisionName: - description: RevisionName of a specific revision to which to send this portion of traffic. This is mutually exclusive with ConfigurationName. - type: string - tag: - description: Tag is optionally used to expose a dedicated url for referencing this target exclusively. - type: string - url: - description: URL displays the URL for accessing named traffic targets. URL is displayed in status, and is disallowed on spec. URL must contain a scheme (e.g. http://) and a hostname, but may not contain anything else (e.g. basic auth, url path, etc.) - type: string - status: - description: Status communicates the observed state of the Route (from the controller). - type: object - properties: - address: - description: Address holds the information needed for a Route to be the target of an event. - type: object - properties: - url: - type: string - annotations: - description: Annotations is additional Status fields for the Resource to save some additional State as well as convey more information to the user. This is roughly akin to Annotations on any k8s resource, just the reconciler conveying richer information outwards. - type: object - additionalProperties: - type: string - conditions: - description: Conditions the latest available observations of a resource's current state. - type: array - items: - description: 'Condition defines a readiness condition for a Knative resource. See: https://github.com/kubernetes/community/blob/master/contributors/devel/sig-architecture/api-conventions.md#typical-status-properties' - type: object - required: - - status - - type - properties: - lastTransitionTime: - description: LastTransitionTime is the last time the condition transitioned from one status to another. We use VolatileTime in place of metav1.Time to exclude this from creating equality.Semantic differences (all other things held constant). - type: string - message: - description: A human readable message indicating details about the transition. - type: string - reason: - description: The reason for the condition's last transition. - type: string - severity: - description: Severity with which to treat failures of this type of condition. When this is not specified, it defaults to Error. - type: string - status: - description: Status of the condition, one of True, False, Unknown. - type: string - type: - description: Type of condition. - type: string - observedGeneration: - description: ObservedGeneration is the 'Generation' of the Service that was last processed by the controller. - type: integer - format: int64 - traffic: - description: Traffic holds the configured traffic distribution. These entries will always contain RevisionName references. When ConfigurationName appears in the spec, this will hold the LatestReadyRevisionName that we last observed. - type: array - items: - description: TrafficTarget holds a single entry of the routing table for a Route. - type: object - properties: - configurationName: - description: ConfigurationName of a configuration to whose latest revision we will send this portion of traffic. When the "status.latestReadyRevisionName" of the referenced configuration changes, we will automatically migrate traffic from the prior "latest ready" revision to the new one. This field is never set in Route's status, only its spec. This is mutually exclusive with RevisionName. - type: string - latestRevision: - description: LatestRevision may be optionally provided to indicate that the latest ready Revision of the Configuration should be used for this traffic target. When provided LatestRevision must be true if RevisionName is empty; it must be false when RevisionName is non-empty. - type: boolean - percent: - description: 'Percent indicates that percentage based routing should be used and the value indicates the percent of traffic that is be routed to this Revision or Configuration. `0` (zero) mean no traffic, `100` means all traffic. When percentage based routing is being used the follow rules apply: - the sum of all percent values must equal 100 - when not specified, the implied value for `percent` is zero for that particular Revision or Configuration' - type: integer - format: int64 - revisionName: - description: RevisionName of a specific revision to which to send this portion of traffic. This is mutually exclusive with ConfigurationName. - type: string - tag: - description: Tag is optionally used to expose a dedicated url for referencing this target exclusively. - type: string - url: - description: URL displays the URL for accessing named traffic targets. URL is displayed in status, and is disallowed on spec. URL must contain a scheme (e.g. http://) and a hostname, but may not contain anything else (e.g. basic auth, url path, etc.) - type: string - url: - description: URL holds the url that will distribute traffic over the provided traffic targets. It generally has the form http[s]://{route-name}.{route-namespace}.{cluster-level-suffix} - type: string - ---- -# Copyright 2019 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - name: serverlessservices.networking.internal.knative.dev - labels: - app.kubernetes.io/name: knative-serving - app.kubernetes.io/component: networking - app.kubernetes.io/version: "1.8.2" - knative.dev/crd-install: "true" -spec: - group: networking.internal.knative.dev - versions: - - name: v1alpha1 - served: true - storage: true - subresources: - status: {} - schema: - openAPIV3Schema: - description: 'ServerlessService is a proxy for the K8s service objects containing the endpoints for the revision, whether those are endpoints of the activator or revision pods. See: https://knative.page.link/naxz for details.' - type: object - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - description: 'Spec is the desired state of the ServerlessService. More info: https://github.com/kubernetes/community/blob/master/contributors/devel/sig-architecture/api-conventions.md#spec-and-status' - type: object - required: - - objectRef - - protocolType - properties: - mode: - description: Mode describes the mode of operation of the ServerlessService. - type: string - numActivators: - description: NumActivators contains number of Activators that this revision should be assigned. O means — assign all. - type: integer - format: int32 - objectRef: - description: ObjectRef defines the resource that this ServerlessService is responsible for making "serverless". - type: object - properties: - apiVersion: - description: API version of the referent. - type: string - fieldPath: - description: 'If referring to a piece of an object instead of an entire object, this string should contain a valid JSON/Go field access statement, such as desiredState.manifest.containers[2]. For example, if the object reference is to a container within a pod, this would take on a value like: "spec.containers{name}" (where "name" refers to the name of the container that triggered the event) or if no container name is specified "spec.containers[2]" (container with index 2 in this pod). This syntax is chosen only to have some well-defined way of referencing a part of an object. TODO: this design is not final and this field is subject to change in the future.' - type: string - kind: - description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - namespace: - description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' - type: string - resourceVersion: - description: 'Specific resourceVersion to which this reference is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency' - type: string - uid: - description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids' - type: string - x-kubernetes-map-type: atomic - protocolType: - description: The application-layer protocol. Matches `RevisionProtocolType` set on the owning pa/revision. serving imports networking, so just use string. - type: string - status: - description: 'Status is the current state of the ServerlessService. More info: https://github.com/kubernetes/community/blob/master/contributors/devel/sig-architecture/api-conventions.md#spec-and-status' - type: object - properties: - annotations: - description: Annotations is additional Status fields for the Resource to save some additional State as well as convey more information to the user. This is roughly akin to Annotations on any k8s resource, just the reconciler conveying richer information outwards. - type: object - additionalProperties: - type: string - conditions: - description: Conditions the latest available observations of a resource's current state. - type: array - items: - description: 'Condition defines a readiness condition for a Knative resource. See: https://github.com/kubernetes/community/blob/master/contributors/devel/sig-architecture/api-conventions.md#typical-status-properties' - type: object - required: - - status - - type - properties: - lastTransitionTime: - description: LastTransitionTime is the last time the condition transitioned from one status to another. We use VolatileTime in place of metav1.Time to exclude this from creating equality.Semantic differences (all other things held constant). - type: string - message: - description: A human readable message indicating details about the transition. - type: string - reason: - description: The reason for the condition's last transition. - type: string - severity: - description: Severity with which to treat failures of this type of condition. When this is not specified, it defaults to Error. - type: string - status: - description: Status of the condition, one of True, False, Unknown. - type: string - type: - description: Type of condition. - type: string - observedGeneration: - description: ObservedGeneration is the 'Generation' of the Service that was last processed by the controller. - type: integer - format: int64 - privateServiceName: - description: PrivateServiceName holds the name of a core K8s Service resource that load balances over the user service pods backing this Revision. - type: string - serviceName: - description: ServiceName holds the name of a core K8s Service resource that load balances over the pods backing this Revision (activator or revision). - type: string - additionalPrinterColumns: - - name: Mode - type: string - jsonPath: ".spec.mode" - - name: Activators - type: integer - jsonPath: ".spec.numActivators" - - name: ServiceName - type: string - jsonPath: ".status.serviceName" - - name: PrivateServiceName - type: string - jsonPath: ".status.privateServiceName" - - name: Ready - type: string - jsonPath: ".status.conditions[?(@.type=='Ready')].status" - - name: Reason - type: string - jsonPath: ".status.conditions[?(@.type=='Ready')].reason" - names: - kind: ServerlessService - plural: serverlessservices - singular: serverlessservice - categories: - - knative-internal - - networking - shortNames: - - sks - scope: Namespaced - ---- -# Copyright 2019 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -# Note: The schema part of the spec is auto-generated by hack/update-schemas.sh. - -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - name: services.serving.knative.dev - labels: - app.kubernetes.io/name: knative-serving - app.kubernetes.io/version: "1.8.2" - knative.dev/crd-install: "true" - duck.knative.dev/addressable: "true" - duck.knative.dev/podspecable: "true" -spec: - group: serving.knative.dev - names: - kind: Service - plural: services - singular: service - categories: - - all - - knative - - serving - shortNames: - - kservice - - ksvc - scope: Namespaced - versions: - - name: v1 - served: true - storage: true - subresources: - status: {} - additionalPrinterColumns: - - name: URL - type: string - jsonPath: .status.url - - name: LatestCreated - type: string - jsonPath: .status.latestCreatedRevisionName - - name: LatestReady - type: string - jsonPath: .status.latestReadyRevisionName - - name: Ready - type: string - jsonPath: ".status.conditions[?(@.type=='Ready')].status" - - name: Reason - type: string - jsonPath: ".status.conditions[?(@.type=='Ready')].reason" - schema: - openAPIV3Schema: - description: "Service acts as a top-level container that manages a Route and Configuration which implement a network service. Service exists to provide a singular abstraction which can be access controlled, reasoned about, and which encapsulates software lifecycle decisions such as rollout policy and team resource ownership. Service acts only as an orchestrator of the underlying Routes and Configurations (much as a kubernetes Deployment orchestrates ReplicaSets), and its usage is optional but recommended. \n The Service's controller will track the statuses of its owned Configuration and Route, reflecting their statuses and conditions as its own. \n See also: https://github.com/knative/serving/blob/main/docs/spec/overview.md#service" - type: object - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - description: ServiceSpec represents the configuration for the Service object. A Service's specification is the union of the specifications for a Route and Configuration. The Service restricts what can be expressed in these fields, e.g. the Route must reference the provided Configuration; however, these limitations also enable friendlier defaulting, e.g. Route never needs a Configuration name, and may be defaulted to the appropriate "run latest" spec. - type: object - properties: - template: - description: Template holds the latest specification for the Revision to be stamped out. - type: object - properties: - metadata: - type: object - properties: - annotations: - type: object - additionalProperties: - type: string - finalizers: - type: array - items: - type: string - labels: - type: object - additionalProperties: - type: string - name: - type: string - namespace: - type: string - x-kubernetes-preserve-unknown-fields: true - spec: - description: RevisionSpec holds the desired state of the Revision (from the client). - type: object - required: - - containers - properties: - affinity: - description: This is accessible behind a feature flag - kubernetes.podspec-affinity - type: object - x-kubernetes-preserve-unknown-fields: true - automountServiceAccountToken: - description: AutomountServiceAccountToken indicates whether a service account token should be automatically mounted. - type: boolean - containerConcurrency: - description: ContainerConcurrency specifies the maximum allowed in-flight (concurrent) requests per container of the Revision. Defaults to `0` which means concurrency to the application is not limited, and the system decides the target concurrency for the autoscaler. - type: integer - format: int64 - containers: - description: List of containers belonging to the pod. Containers cannot currently be added or removed. There must be at least one container in a Pod. Cannot be updated. - type: array - items: - description: A single application container that you want to run within a pod. - type: object - properties: - args: - description: 'Arguments to the entrypoint. The container image''s CMD is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container''s environment. If a variable cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)" will produce the string literal "$(VAR_NAME)". Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell' - type: array - items: - type: string - command: - description: 'Entrypoint array. Not executed within a shell. The container image''s ENTRYPOINT is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container''s environment. If a variable cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)" will produce the string literal "$(VAR_NAME)". Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell' - type: array - items: - type: string - env: - description: List of environment variables to set in the container. Cannot be updated. - type: array - items: - description: EnvVar represents an environment variable present in a Container. - type: object - required: - - name - properties: - name: - description: Name of the environment variable. Must be a C_IDENTIFIER. - type: string - value: - description: 'Variable references $(VAR_NAME) are expanded using the previously defined environment variables in the container and any service environment variables. If a variable cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)" will produce the string literal "$(VAR_NAME)". Escaped references will never be expanded, regardless of whether the variable exists or not. Defaults to "".' - type: string - valueFrom: - description: Source for the environment variable's value. Cannot be used if value is not empty. - type: object - properties: - configMapKeyRef: - description: Selects a key of a ConfigMap. - type: object - required: - - key - properties: - key: - description: The key to select. - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?' - type: string - optional: - description: Specify whether the ConfigMap or its key must be defined - type: boolean - x-kubernetes-map-type: atomic - fieldRef: - description: This is accessible behind a feature flag - kubernetes.podspec-fieldref - type: object - x-kubernetes-preserve-unknown-fields: true - x-kubernetes-map-type: atomic - resourceFieldRef: - description: This is accessible behind a feature flag - kubernetes.podspec-fieldref - type: object - x-kubernetes-preserve-unknown-fields: true - x-kubernetes-map-type: atomic - secretKeyRef: - description: Selects a key of a secret in the pod's namespace - type: object - required: - - key - properties: - key: - description: The key of the secret to select from. Must be a valid secret key. - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?' - type: string - optional: - description: Specify whether the Secret or its key must be defined - type: boolean - x-kubernetes-map-type: atomic - envFrom: - description: List of sources to populate environment variables in the container. The keys defined within a source must be a C_IDENTIFIER. All invalid keys will be reported as an event when the container is starting. When a key exists in multiple sources, the value associated with the last source will take precedence. Values defined by an Env with a duplicate key will take precedence. Cannot be updated. - type: array - items: - description: EnvFromSource represents the source of a set of ConfigMaps - type: object - properties: - configMapRef: - description: The ConfigMap to select from - type: object - properties: - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?' - type: string - optional: - description: Specify whether the ConfigMap must be defined - type: boolean - x-kubernetes-map-type: atomic - prefix: - description: An optional identifier to prepend to each key in the ConfigMap. Must be a C_IDENTIFIER. - type: string - secretRef: - description: The Secret to select from - type: object - properties: - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?' - type: string - optional: - description: Specify whether the Secret must be defined - type: boolean - x-kubernetes-map-type: atomic - image: - description: 'Container image name. More info: https://kubernetes.io/docs/concepts/containers/images This field is optional to allow higher level config management to default or override container images in workload controllers like Deployments and StatefulSets.' - type: string - imagePullPolicy: - description: 'Image pull policy. One of Always, Never, IfNotPresent. Defaults to Always if :latest tag is specified, or IfNotPresent otherwise. Cannot be updated. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images' - type: string - livenessProbe: - description: 'Periodic probe of container liveness. Container will be restarted if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' - type: object - properties: - exec: - description: Exec specifies the action to take. - type: object - properties: - command: - description: Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. - type: array - items: - type: string - failureThreshold: - description: Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1. - type: integer - format: int32 - httpGet: - description: HTTPGet specifies the http request to perform. - type: object - properties: - host: - description: Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. - type: string - httpHeaders: - description: Custom headers to set in the request. HTTP allows repeated headers. - type: array - items: - description: HTTPHeader describes a custom header to be used in HTTP probes - type: object - required: - - name - - value - properties: - name: - description: The header field name - type: string - value: - description: The header field value - type: string - path: - description: Path to access on the HTTP server. - type: string - port: - description: Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - scheme: - description: Scheme to use for connecting to the host. Defaults to HTTP. - type: string - initialDelaySeconds: - description: 'Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' - type: integer - format: int32 - periodSeconds: - description: How often (in seconds) to perform the probe. - type: integer - format: int32 - successThreshold: - description: Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1. - type: integer - format: int32 - tcpSocket: - description: TCPSocket specifies an action involving a TCP port. - type: object - properties: - host: - description: 'Optional: Host name to connect to, defaults to the pod IP.' - type: string - port: - description: Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - timeoutSeconds: - description: 'Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' - type: integer - format: int32 - name: - description: Name of the container specified as a DNS_LABEL. Each container in a pod must have a unique name (DNS_LABEL). Cannot be updated. - type: string - ports: - description: List of ports to expose from the container. Not specifying a port here DOES NOT prevent that port from being exposed. Any port which is listening on the default "0.0.0.0" address inside a container will be accessible from the network. Modifying this array with strategic merge patch may corrupt the data. For more information See https://github.com/kubernetes/kubernetes/issues/108255. Cannot be updated. - type: array - items: - description: ContainerPort represents a network port in a single container. - type: object - required: - - containerPort - properties: - containerPort: - description: Number of port to expose on the pod's IP address. This must be a valid port number, 0 < x < 65536. - type: integer - format: int32 - name: - description: If specified, this must be an IANA_SVC_NAME and unique within the pod. Each named port in a pod must have a unique name. Name for the port that can be referred to by services. - type: string - protocol: - description: Protocol for port. Must be UDP, TCP, or SCTP. Defaults to "TCP". - type: string - default: TCP - x-kubernetes-list-map-keys: - - containerPort - - protocol - x-kubernetes-list-type: map - readinessProbe: - description: 'Periodic probe of container service readiness. Container will be removed from service endpoints if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' - type: object - properties: - exec: - description: Exec specifies the action to take. - type: object - properties: - command: - description: Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. - type: array - items: - type: string - failureThreshold: - description: Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1. - type: integer - format: int32 - httpGet: - description: HTTPGet specifies the http request to perform. - type: object - properties: - host: - description: Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. - type: string - httpHeaders: - description: Custom headers to set in the request. HTTP allows repeated headers. - type: array - items: - description: HTTPHeader describes a custom header to be used in HTTP probes - type: object - required: - - name - - value - properties: - name: - description: The header field name - type: string - value: - description: The header field value - type: string - path: - description: Path to access on the HTTP server. - type: string - port: - description: Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - scheme: - description: Scheme to use for connecting to the host. Defaults to HTTP. - type: string - initialDelaySeconds: - description: 'Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' - type: integer - format: int32 - periodSeconds: - description: How often (in seconds) to perform the probe. - type: integer - format: int32 - successThreshold: - description: Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1. - type: integer - format: int32 - tcpSocket: - description: TCPSocket specifies an action involving a TCP port. - type: object - properties: - host: - description: 'Optional: Host name to connect to, defaults to the pod IP.' - type: string - port: - description: Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - timeoutSeconds: - description: 'Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' - type: integer - format: int32 - resources: - description: 'Compute Resources required by this container. Cannot be updated. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' - type: object - properties: - limits: - description: 'Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' - type: object - additionalProperties: - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - requests: - description: 'Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' - type: object - additionalProperties: - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - securityContext: - description: 'SecurityContext defines the security options the container should be run with. If set, the fields of SecurityContext override the equivalent fields of PodSecurityContext. More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/' - type: object - properties: - allowPrivilegeEscalation: - description: 'AllowPrivilegeEscalation controls whether a process can gain more privileges than its parent process. This bool directly controls if the no_new_privs flag will be set on the container process. AllowPrivilegeEscalation is true always when the container is: 1) run as Privileged 2) has CAP_SYS_ADMIN Note that this field cannot be set when spec.os.name is windows.' - type: boolean - capabilities: - description: The capabilities to add/drop when running containers. Defaults to the default set of capabilities granted by the container runtime. Note that this field cannot be set when spec.os.name is windows. - type: object - properties: - add: - description: This is accessible behind a feature flag - kubernetes.containerspec-addcapabilities - type: array - items: - description: Capability represent POSIX capabilities type - type: string - drop: - description: Removed capabilities - type: array - items: - description: Capability represent POSIX capabilities type - type: string - readOnlyRootFilesystem: - description: Whether this container has a read-only root filesystem. Default is false. Note that this field cannot be set when spec.os.name is windows. - type: boolean - runAsGroup: - description: The GID to run the entrypoint of the container process. Uses runtime default if unset. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is windows. - type: integer - format: int64 - runAsNonRoot: - description: Indicates that the container must run as a non-root user. If true, the Kubelet will validate the image at runtime to ensure that it does not run as UID 0 (root) and fail to start the container if it does. If unset or false, no such validation will be performed. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. - type: boolean - runAsUser: - description: The UID to run the entrypoint of the container process. Defaults to user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is windows. - type: integer - format: int64 - terminationMessagePath: - description: 'Optional: Path at which the file to which the container''s termination message will be written is mounted into the container''s filesystem. Message written is intended to be brief final status, such as an assertion failure message. Will be truncated by the node if greater than 4096 bytes. The total message length across all containers will be limited to 12kb. Defaults to /dev/termination-log. Cannot be updated.' - type: string - terminationMessagePolicy: - description: Indicate how the termination message should be populated. File will use the contents of terminationMessagePath to populate the container status message on both success and failure. FallbackToLogsOnError will use the last chunk of container log output if the termination message file is empty and the container exited with an error. The log output is limited to 2048 bytes or 80 lines, whichever is smaller. Defaults to File. Cannot be updated. - type: string - volumeMounts: - description: Pod volumes to mount into the container's filesystem. Cannot be updated. - type: array - items: - description: VolumeMount describes a mounting of a Volume within a container. - type: object - required: - - mountPath - - name - properties: - mountPath: - description: Path within the container at which the volume should be mounted. Must not contain ':'. - type: string - name: - description: This must match the Name of a Volume. - type: string - readOnly: - description: Mounted read-only if true, read-write otherwise (false or unspecified). Defaults to false. - type: boolean - subPath: - description: Path within the volume from which the container's volume should be mounted. Defaults to "" (volume's root). - type: string - workingDir: - description: Container's working directory. If not specified, the container runtime's default will be used, which might be configured in the container image. Cannot be updated. - type: string - dnsConfig: - description: This is accessible behind a feature flag - kubernetes.podspec-dnsconfig - type: object - x-kubernetes-preserve-unknown-fields: true - dnsPolicy: - description: This is accessible behind a feature flag - kubernetes.podspec-dnspolicy - type: string - enableServiceLinks: - description: 'EnableServiceLinks indicates whether information about services should be injected into pod''s environment variables, matching the syntax of Docker links. Optional: Knative defaults this to false.' - type: boolean - hostAliases: - description: This is accessible behind a feature flag - kubernetes.podspec-hostaliases - type: array - items: - description: This is accessible behind a feature flag - kubernetes.podspec-hostaliases - type: object - x-kubernetes-preserve-unknown-fields: true - idleTimeoutSeconds: - description: IdleTimeoutSeconds is the maximum duration in seconds a request will be allowed to stay open while not receiving any bytes from the user's application. If unspecified, a system default will be provided. - type: integer - format: int64 - imagePullSecrets: - description: 'ImagePullSecrets is an optional list of references to secrets in the same namespace to use for pulling any of the images used by this PodSpec. If specified, these secrets will be passed to individual puller implementations for them to use. More info: https://kubernetes.io/docs/concepts/containers/images#specifying-imagepullsecrets-on-a-pod' - type: array - items: - description: LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. - type: object - properties: - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?' - type: string - x-kubernetes-map-type: atomic - initContainers: - description: 'List of initialization containers belonging to the pod. Init containers are executed in order prior to containers being started. If any init container fails, the pod is considered to have failed and is handled according to its restartPolicy. The name for an init container or normal container must be unique among all containers. Init containers may not have Lifecycle actions, Readiness probes, Liveness probes, or Startup probes. The resourceRequirements of an init container are taken into account during scheduling by finding the highest request/limit for each resource type, and then using the max of of that value or the sum of the normal containers. Limits are applied to init containers in a similar fashion. Init containers cannot currently be added or removed. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/init-containers/' - type: array - items: - description: This is accessible behind a feature flag - kubernetes.podspec-init-containers - type: object - x-kubernetes-preserve-unknown-fields: true - nodeSelector: - description: This is accessible behind a feature flag - kubernetes.podspec-nodeselector - type: object - x-kubernetes-preserve-unknown-fields: true - x-kubernetes-map-type: atomic - priorityClassName: - description: This is accessible behind a feature flag - kubernetes.podspec-priorityclassname - type: string - x-kubernetes-preserve-unknown-fields: true - responseStartTimeoutSeconds: - description: ResponseStartTimeoutSeconds is the maximum duration in seconds that the request routing layer will wait for a request delivered to a container to begin sending any network traffic. - type: integer - format: int64 - runtimeClassName: - description: This is accessible behind a feature flag - kubernetes.podspec-runtimeclassname - type: string - x-kubernetes-preserve-unknown-fields: true - schedulerName: - description: This is accessible behind a feature flag - kubernetes.podspec-schedulername - type: string - x-kubernetes-preserve-unknown-fields: true - securityContext: - description: This is accessible behind a feature flag - kubernetes.podspec-securitycontext - type: object - x-kubernetes-preserve-unknown-fields: true - serviceAccountName: - description: 'ServiceAccountName is the name of the ServiceAccount to use to run this pod. More info: https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/' - type: string - timeoutSeconds: - description: TimeoutSeconds is the maximum duration in seconds that the request instance is allowed to respond to a request. If unspecified, a system default will be provided. - type: integer - format: int64 - tolerations: - description: This is accessible behind a feature flag - kubernetes.podspec-tolerations - type: array - items: - description: This is accessible behind a feature flag - kubernetes.podspec-tolerations - type: object - x-kubernetes-preserve-unknown-fields: true - topologySpreadConstraints: - description: This is accessible behind a feature flag - kubernetes.podspec-topologyspreadconstraints - type: array - items: - description: This is accessible behind a feature flag - kubernetes.podspec-topologyspreadconstraints - type: object - x-kubernetes-preserve-unknown-fields: true - volumes: - description: 'List of volumes that can be mounted by containers belonging to the pod. More info: https://kubernetes.io/docs/concepts/storage/volumes' - type: array - items: - description: Volume represents a named volume in a pod that may be accessed by any container in the pod. - type: object - required: - - name - properties: - configMap: - description: configMap represents a configMap that should populate this volume - type: object - properties: - defaultMode: - description: 'defaultMode is optional: mode bits used to set permissions on created files by default. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. Defaults to 0644. Directories within the path are not affected by this setting. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.' - type: integer - format: int32 - items: - description: items if unspecified, each key-value pair in the Data field of the referenced ConfigMap will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the ConfigMap, the volume setup will error unless it is marked optional. Paths must be relative and may not contain the '..' path or start with '..'. - type: array - items: - description: Maps a string key to a path within a volume. - type: object - required: - - key - - path - properties: - key: - description: key is the key to project. - type: string - mode: - description: 'mode is Optional: mode bits used to set permissions on this file. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.' - type: integer - format: int32 - path: - description: path is the relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'. - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?' - type: string - optional: - description: optional specify whether the ConfigMap or its keys must be defined - type: boolean - x-kubernetes-map-type: atomic - emptyDir: - description: This is accessible behind a feature flag - kubernetes.podspec-emptydir - type: object - x-kubernetes-preserve-unknown-fields: true - name: - description: 'name of the volume. Must be a DNS_LABEL and unique within the pod. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - persistentVolumeClaim: - description: This is accessible behind a feature flag - kubernetes.podspec-persistent-volume-claim - type: object - x-kubernetes-preserve-unknown-fields: true - projected: - description: projected items for all in one resources secrets, configmaps, and downward API - type: object - properties: - defaultMode: - description: defaultMode are the mode bits used to set permissions on created files by default. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. Directories within the path are not affected by this setting. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. - type: integer - format: int32 - sources: - description: sources is the list of volume projections - type: array - items: - description: Projection that may be projected along with other supported volume types - type: object - properties: - configMap: - description: configMap information about the configMap data to project - type: object - properties: - items: - description: items if unspecified, each key-value pair in the Data field of the referenced ConfigMap will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the ConfigMap, the volume setup will error unless it is marked optional. Paths must be relative and may not contain the '..' path or start with '..'. - type: array - items: - description: Maps a string key to a path within a volume. - type: object - required: - - key - - path - properties: - key: - description: key is the key to project. - type: string - mode: - description: 'mode is Optional: mode bits used to set permissions on this file. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.' - type: integer - format: int32 - path: - description: path is the relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'. - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?' - type: string - optional: - description: optional specify whether the ConfigMap or its keys must be defined - type: boolean - x-kubernetes-map-type: atomic - secret: - description: secret information about the secret data to project - type: object - properties: - items: - description: items if unspecified, each key-value pair in the Data field of the referenced Secret will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the Secret, the volume setup will error unless it is marked optional. Paths must be relative and may not contain the '..' path or start with '..'. - type: array - items: - description: Maps a string key to a path within a volume. - type: object - required: - - key - - path - properties: - key: - description: key is the key to project. - type: string - mode: - description: 'mode is Optional: mode bits used to set permissions on this file. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.' - type: integer - format: int32 - path: - description: path is the relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'. - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?' - type: string - optional: - description: optional field specify whether the Secret or its key must be defined - type: boolean - x-kubernetes-map-type: atomic - serviceAccountToken: - description: serviceAccountToken is information about the serviceAccountToken data to project - type: object - required: - - path - properties: - audience: - description: audience is the intended audience of the token. A recipient of a token must identify itself with an identifier specified in the audience of the token, and otherwise should reject the token. The audience defaults to the identifier of the apiserver. - type: string - expirationSeconds: - description: expirationSeconds is the requested duration of validity of the service account token. As the token approaches expiration, the kubelet volume plugin will proactively rotate the service account token. The kubelet will start trying to rotate the token if the token is older than 80 percent of its time to live or if the token is older than 24 hours.Defaults to 1 hour and must be at least 10 minutes. - type: integer - format: int64 - path: - description: path is the path relative to the mount point of the file to project the token into. - type: string - secret: - description: 'secret represents a secret that should populate this volume. More info: https://kubernetes.io/docs/concepts/storage/volumes#secret' - type: object - properties: - defaultMode: - description: 'defaultMode is Optional: mode bits used to set permissions on created files by default. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. Defaults to 0644. Directories within the path are not affected by this setting. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.' - type: integer - format: int32 - items: - description: items If unspecified, each key-value pair in the Data field of the referenced Secret will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the Secret, the volume setup will error unless it is marked optional. Paths must be relative and may not contain the '..' path or start with '..'. - type: array - items: - description: Maps a string key to a path within a volume. - type: object - required: - - key - - path - properties: - key: - description: key is the key to project. - type: string - mode: - description: 'mode is Optional: mode bits used to set permissions on this file. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.' - type: integer - format: int32 - path: - description: path is the relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'. - type: string - optional: - description: optional field specify whether the Secret or its keys must be defined - type: boolean - secretName: - description: 'secretName is the name of the secret in the pod''s namespace to use. More info: https://kubernetes.io/docs/concepts/storage/volumes#secret' - type: string - traffic: - description: Traffic specifies how to distribute traffic over a collection of revisions and configurations. - type: array - items: - description: TrafficTarget holds a single entry of the routing table for a Route. - type: object - properties: - configurationName: - description: ConfigurationName of a configuration to whose latest revision we will send this portion of traffic. When the "status.latestReadyRevisionName" of the referenced configuration changes, we will automatically migrate traffic from the prior "latest ready" revision to the new one. This field is never set in Route's status, only its spec. This is mutually exclusive with RevisionName. - type: string - latestRevision: - description: LatestRevision may be optionally provided to indicate that the latest ready Revision of the Configuration should be used for this traffic target. When provided LatestRevision must be true if RevisionName is empty; it must be false when RevisionName is non-empty. - type: boolean - percent: - description: 'Percent indicates that percentage based routing should be used and the value indicates the percent of traffic that is be routed to this Revision or Configuration. `0` (zero) mean no traffic, `100` means all traffic. When percentage based routing is being used the follow rules apply: - the sum of all percent values must equal 100 - when not specified, the implied value for `percent` is zero for that particular Revision or Configuration' - type: integer - format: int64 - revisionName: - description: RevisionName of a specific revision to which to send this portion of traffic. This is mutually exclusive with ConfigurationName. - type: string - tag: - description: Tag is optionally used to expose a dedicated url for referencing this target exclusively. - type: string - url: - description: URL displays the URL for accessing named traffic targets. URL is displayed in status, and is disallowed on spec. URL must contain a scheme (e.g. http://) and a hostname, but may not contain anything else (e.g. basic auth, url path, etc.) - type: string - status: - description: ServiceStatus represents the Status stanza of the Service resource. - type: object - properties: - address: - description: Address holds the information needed for a Route to be the target of an event. - type: object - properties: - url: - type: string - annotations: - description: Annotations is additional Status fields for the Resource to save some additional State as well as convey more information to the user. This is roughly akin to Annotations on any k8s resource, just the reconciler conveying richer information outwards. - type: object - additionalProperties: - type: string - conditions: - description: Conditions the latest available observations of a resource's current state. - type: array - items: - description: 'Condition defines a readiness condition for a Knative resource. See: https://github.com/kubernetes/community/blob/master/contributors/devel/sig-architecture/api-conventions.md#typical-status-properties' - type: object - required: - - status - - type - properties: - lastTransitionTime: - description: LastTransitionTime is the last time the condition transitioned from one status to another. We use VolatileTime in place of metav1.Time to exclude this from creating equality.Semantic differences (all other things held constant). - type: string - message: - description: A human readable message indicating details about the transition. - type: string - reason: - description: The reason for the condition's last transition. - type: string - severity: - description: Severity with which to treat failures of this type of condition. When this is not specified, it defaults to Error. - type: string - status: - description: Status of the condition, one of True, False, Unknown. - type: string - type: - description: Type of condition. - type: string - latestCreatedRevisionName: - description: LatestCreatedRevisionName is the last revision that was created from this Configuration. It might not be ready yet, for that use LatestReadyRevisionName. - type: string - latestReadyRevisionName: - description: LatestReadyRevisionName holds the name of the latest Revision stamped out from this Configuration that has had its "Ready" condition become "True". - type: string - observedGeneration: - description: ObservedGeneration is the 'Generation' of the Service that was last processed by the controller. - type: integer - format: int64 - traffic: - description: Traffic holds the configured traffic distribution. These entries will always contain RevisionName references. When ConfigurationName appears in the spec, this will hold the LatestReadyRevisionName that we last observed. - type: array - items: - description: TrafficTarget holds a single entry of the routing table for a Route. - type: object - properties: - configurationName: - description: ConfigurationName of a configuration to whose latest revision we will send this portion of traffic. When the "status.latestReadyRevisionName" of the referenced configuration changes, we will automatically migrate traffic from the prior "latest ready" revision to the new one. This field is never set in Route's status, only its spec. This is mutually exclusive with RevisionName. - type: string - latestRevision: - description: LatestRevision may be optionally provided to indicate that the latest ready Revision of the Configuration should be used for this traffic target. When provided LatestRevision must be true if RevisionName is empty; it must be false when RevisionName is non-empty. - type: boolean - percent: - description: 'Percent indicates that percentage based routing should be used and the value indicates the percent of traffic that is be routed to this Revision or Configuration. `0` (zero) mean no traffic, `100` means all traffic. When percentage based routing is being used the follow rules apply: - the sum of all percent values must equal 100 - when not specified, the implied value for `percent` is zero for that particular Revision or Configuration' - type: integer - format: int64 - revisionName: - description: RevisionName of a specific revision to which to send this portion of traffic. This is mutually exclusive with ConfigurationName. - type: string - tag: - description: Tag is optionally used to expose a dedicated url for referencing this target exclusively. - type: string - url: - description: URL displays the URL for accessing named traffic targets. URL is displayed in status, and is disallowed on spec. URL must contain a scheme (e.g. http://) and a hostname, but may not contain anything else (e.g. basic auth, url path, etc.) - type: string - url: - description: URL holds the url that will distribute traffic over the provided traffic targets. It generally has the form http[s]://{route-name}.{route-namespace}.{cluster-level-suffix} - type: string - ---- -# Copyright 2022 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: v1 -kind: Secret -metadata: - # Do not drop -ctrl-ca suffix as control-protocol requires it. - # https://github.com/knative-sandbox/control-protocol/blob/main/pkg/certificates/reconciler/controller.go - name: serving-certs-ctrl-ca - namespace: knative-serving - -# The data is populated when internal-encryption is enabled. ---- -apiVersion: v1 -kind: Secret -metadata: - name: knative-serving-certs - namespace: knative-serving - labels: - serving-certs-ctrl: "data-plane" - networking.internal.knative.dev/certificate-uid: "serving-certs" -# The data is populated when internal-encryption is enabled. - ---- -# Copyright 2018 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: caching.internal.knative.dev/v1alpha1 -kind: Image -metadata: - name: queue-proxy - namespace: knative-serving - labels: - app.kubernetes.io/component: queue-proxy - app.kubernetes.io/name: knative-serving - app.kubernetes.io/version: "1.8.2" -spec: - # This is the Go import path for the binary that is containerized - # and substituted here. - image: gcr.io/knative-releases/knative.dev/serving/cmd/queue@sha256:5d5d3657f9bb02e66cfa3e9c2b3a4451577fc8d3234684cd16a0642af71d5522 - ---- -# Copyright 2018 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: v1 -kind: ConfigMap -metadata: - name: config-autoscaler - namespace: knative-serving - labels: - app.kubernetes.io/component: autoscaler - app.kubernetes.io/name: knative-serving - app.kubernetes.io/version: "1.8.2" - annotations: - knative.dev/example-checksum: "47c2487f" -data: - _example: | - ################################ - # # - # EXAMPLE CONFIGURATION # - # # - ################################ - - # This block is not actually functional configuration, - # but serves to illustrate the available configuration - # options and document them in a way that is accessible - # to users that `kubectl edit` this config map. - # - # These sample configuration options may be copied out of - # this example block and unindented to be in the data block - # to actually change the configuration. - - # The Revision ContainerConcurrency field specifies the maximum number - # of requests the Container can handle at once. Container concurrency - # target percentage is how much of that maximum to use in a stable - # state. E.g. if a Revision specifies ContainerConcurrency of 10, then - # the Autoscaler will try to maintain 7 concurrent connections per pod - # on average. - # Note: this limit will be applied to container concurrency set at every - # level (ConfigMap, Revision Spec or Annotation). - # For legacy and backwards compatibility reasons, this value also accepts - # fractional values in (0, 1] interval (i.e. 0.7 ⇒ 70%). - # Thus minimal percentage value must be greater than 1.0, or it will be - # treated as a fraction. - # NOTE: that this value does not affect actual number of concurrent requests - # the user container may receive, but only the average number of requests - # that the revision pods will receive. - container-concurrency-target-percentage: "70" - - # The container concurrency target default is what the Autoscaler will - # try to maintain when concurrency is used as the scaling metric for the - # Revision and the Revision specifies unlimited concurrency. - # When revision explicitly specifies container concurrency, that value - # will be used as a scaling target for autoscaler. - # When specifying unlimited concurrency, the autoscaler will - # horizontally scale the application based on this target concurrency. - # This is what we call "soft limit" in the documentation, i.e. it only - # affects number of pods and does not affect the number of requests - # individual pod processes. - # The value must be a positive number such that the value multiplied - # by container-concurrency-target-percentage is greater than 0.01. - # NOTE: that this value will be adjusted by application of - # container-concurrency-target-percentage, i.e. by default - # the system will target on average 70 concurrent requests - # per revision pod. - # NOTE: Only one metric can be used for autoscaling a Revision. - container-concurrency-target-default: "100" - - # The requests per second (RPS) target default is what the Autoscaler will - # try to maintain when RPS is used as the scaling metric for a Revision and - # the Revision specifies unlimited RPS. Even when specifying unlimited RPS, - # the autoscaler will horizontally scale the application based on this - # target RPS. - # Must be greater than 1.0. - # NOTE: Only one metric can be used for autoscaling a Revision. - requests-per-second-target-default: "200" - - # The target burst capacity specifies the size of burst in concurrent - # requests that the system operator expects the system will receive. - # Autoscaler will try to protect the system from queueing by introducing - # Activator in the request path if the current spare capacity of the - # service is less than this setting. - # If this setting is 0, then Activator will be in the request path only - # when the revision is scaled to 0. - # If this setting is > 0 and container-concurrency-target-percentage is - # 100% or 1.0, then activator will always be in the request path. - # -1 denotes unlimited target-burst-capacity and activator will always - # be in the request path. - # Other negative values are invalid. - target-burst-capacity: "211" - - # When operating in a stable mode, the autoscaler operates on the - # average concurrency over the stable window. - # Stable window must be in whole seconds. - stable-window: "60s" - - # When observed average concurrency during the panic window reaches - # panic-threshold-percentage the target concurrency, the autoscaler - # enters panic mode. When operating in panic mode, the autoscaler - # scales on the average concurrency over the panic window which is - # panic-window-percentage of the stable-window. - # Must be in the [1, 100] range. - # When computing the panic window it will be rounded to the closest - # whole second, at least 1s. - panic-window-percentage: "10.0" - - # The percentage of the container concurrency target at which to - # enter panic mode when reached within the panic window. - panic-threshold-percentage: "200.0" - - # Max scale up rate limits the rate at which the autoscaler will - # increase pod count. It is the maximum ratio of desired pods versus - # observed pods. - # Cannot be less or equal to 1. - # I.e with value of 2.0 the number of pods can at most go N to 2N - # over single Autoscaler period (2s), but at least N to - # N+1, if Autoscaler needs to scale up. - max-scale-up-rate: "1000.0" - - # Max scale down rate limits the rate at which the autoscaler will - # decrease pod count. It is the maximum ratio of observed pods versus - # desired pods. - # Cannot be less or equal to 1. - # I.e. with value of 2.0 the number of pods can at most go N to N/2 - # over single Autoscaler evaluation period (2s), but at - # least N to N-1, if Autoscaler needs to scale down. - max-scale-down-rate: "2.0" - - # Scale to zero feature flag. - enable-scale-to-zero: "true" - - # Scale to zero grace period is the time an inactive revision is left - # running before it is scaled to zero (must be positive, but recommended - # at least a few seconds if running with mesh networking). - # This is the upper limit and is provided not to enforce timeout after - # the revision stopped receiving requests for stable window, but to - # ensure network reprogramming to put activator in the path has completed. - # If the system determines that a shorter period is satisfactory, - # then the system will only wait that amount of time before scaling to 0. - # NOTE: this period might actually be 0, if activator has been - # in the request path sufficiently long. - # If there is necessity for the last pod to linger longer use - # scale-to-zero-pod-retention-period flag. - scale-to-zero-grace-period: "30s" - - # Scale to zero pod retention period defines the minimum amount - # of time the last pod will remain after Autoscaler has decided to - # scale to zero. - # This flag is for the situations where the pod startup is very expensive - # and the traffic is bursty (requiring smaller windows for fast action), - # but patchy. - # The larger of this flag and `scale-to-zero-grace-period` will effectively - # determine how the last pod will hang around. - scale-to-zero-pod-retention-period: "0s" - - # pod-autoscaler-class specifies the default pod autoscaler class - # that should be used if none is specified. If omitted, - # the Knative Pod Autoscaler (KPA) is used by default. - pod-autoscaler-class: "kpa.autoscaling.knative.dev" - - # The capacity of a single activator task. - # The `unit` is one concurrent request proxied by the activator. - # activator-capacity must be at least 1. - # This value is used for computation of the Activator subset size. - # See the algorithm here: http://bit.ly/38XiCZ3. - # TODO(vagababov): tune after actual benchmarking. - activator-capacity: "100.0" - - # initial-scale is the cluster-wide default value for the initial target - # scale of a revision after creation, unless overridden by the - # "autoscaling.knative.dev/initialScale" annotation. - # This value must be greater than 0 unless allow-zero-initial-scale is true. - initial-scale: "1" - - # allow-zero-initial-scale controls whether either the cluster-wide initial-scale flag, - # or the "autoscaling.knative.dev/initialScale" annotation, can be set to 0. - allow-zero-initial-scale: "false" - - # min-scale is the cluster-wide default value for the min scale of a revision, - # unless overridden by the "autoscaling.knative.dev/minScale" annotation. - min-scale: "0" - - # max-scale is the cluster-wide default value for the max scale of a revision, - # unless overridden by the "autoscaling.knative.dev/maxScale" annotation. - # If set to 0, the revision has no maximum scale. - max-scale: "0" - - # scale-down-delay is the amount of time that must pass at reduced - # concurrency before a scale down decision is applied. This can be useful, - # for example, to maintain replica count and avoid a cold start penalty if - # more requests come in within the scale down delay period. - # The default, 0s, imposes no delay at all. - scale-down-delay: "0s" - - # max-scale-limit sets the maximum permitted value for the max scale of a revision. - # When this is set to a positive value, a revision with a maxScale above that value - # (including a maxScale of "0" = unlimited) is disallowed. - # A value of zero (the default) allows any limit, including unlimited. - max-scale-limit: "0" - ---- -# Copyright 2019 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: v1 -kind: ConfigMap -metadata: - name: config-defaults - namespace: knative-serving - labels: - app.kubernetes.io/name: knative-serving - app.kubernetes.io/component: controller - app.kubernetes.io/version: "1.8.2" - annotations: - knative.dev/example-checksum: "e7973912" -data: - _example: | - ################################ - # # - # EXAMPLE CONFIGURATION # - # # - ################################ - - # This block is not actually functional configuration, - # but serves to illustrate the available configuration - # options and document them in a way that is accessible - # to users that `kubectl edit` this config map. - # - # These sample configuration options may be copied out of - # this example block and unindented to be in the data block - # to actually change the configuration. - - # revision-timeout-seconds contains the default number of - # seconds to use for the revision's per-request timeout, if - # none is specified. - revision-timeout-seconds: "300" # 5 minutes - - # max-revision-timeout-seconds contains the maximum number of - # seconds that can be used for revision-timeout-seconds. - # This value must be greater than or equal to revision-timeout-seconds. - # If omitted, the system default is used (600 seconds). - # - # If this value is increased, the activator's terminationGraceTimeSeconds - # should also be increased to prevent in-flight requests being disrupted. - max-revision-timeout-seconds: "600" # 10 minutes - - # revision-response-start-timeout-seconds contains the default number of - # seconds a request will be allowed to stay open while waiting to - # receive any bytes from the user's application, if none is specified. - # - # This defaults to 'revision-timeout-seconds' - revision-response-start-timeout-seconds: "300" - - # revision-idle-timeout-seconds contains the default number of - # seconds a request will be allowed to stay open while not receiving any - # bytes from the user's application, if none is specified. - revision-idle-timeout-seconds: "0" # infinite - - # revision-cpu-request contains the cpu allocation to assign - # to revisions by default. If omitted, no value is specified - # and the system default is used. - # Below is an example of setting revision-cpu-request. - # By default, it is not set by Knative. - revision-cpu-request: "400m" # 0.4 of a CPU (aka 400 milli-CPU) - - # revision-memory-request contains the memory allocation to assign - # to revisions by default. If omitted, no value is specified - # and the system default is used. - # Below is an example of setting revision-memory-request. - # By default, it is not set by Knative. - revision-memory-request: "100M" # 100 megabytes of memory - - # revision-ephemeral-storage-request contains the ephemeral storage - # allocation to assign to revisions by default. If omitted, no value is - # specified and the system default is used. - revision-ephemeral-storage-request: "500M" # 500 megabytes of storage - - # revision-cpu-limit contains the cpu allocation to limit - # revisions to by default. If omitted, no value is specified - # and the system default is used. - # Below is an example of setting revision-cpu-limit. - # By default, it is not set by Knative. - revision-cpu-limit: "1000m" # 1 CPU (aka 1000 milli-CPU) - - # revision-memory-limit contains the memory allocation to limit - # revisions to by default. If omitted, no value is specified - # and the system default is used. - # Below is an example of setting revision-memory-limit. - # By default, it is not set by Knative. - revision-memory-limit: "200M" # 200 megabytes of memory - - # revision-ephemeral-storage-limit contains the ephemeral storage - # allocation to limit revisions to by default. If omitted, no value is - # specified and the system default is used. - revision-ephemeral-storage-limit: "750M" # 750 megabytes of storage - - # container-name-template contains a template for the default - # container name, if none is specified. This field supports - # Go templating and is supplied with the ObjectMeta of the - # enclosing Service or Configuration, so values such as - # {{.Name}} are also valid. - container-name-template: "user-container" - - # init-container-name-template contains a template for the default - # init container name, if none is specified. This field supports - # Go templating and is supplied with the ObjectMeta of the - # enclosing Service or Configuration, so values such as - # {{.Name}} are also valid. - init-container-name-template: "init-container" - - # container-concurrency specifies the maximum number - # of requests the Container can handle at once, and requests - # above this threshold are queued. Setting a value of zero - # disables this throttling and lets through as many requests as - # the pod receives. - container-concurrency: "0" - - # The container concurrency max limit is an operator setting ensuring that - # the individual revisions cannot have arbitrary large concurrency - # values, or autoscaling targets. `container-concurrency` default setting - # must be at or below this value. - # - # Must be greater than 1. - # - # Note: even with this set, a user can choose a containerConcurrency - # of 0 (i.e. unbounded) unless allow-container-concurrency-zero is - # set to "false". - container-concurrency-max-limit: "1000" - - # allow-container-concurrency-zero controls whether users can - # specify 0 (i.e. unbounded) for containerConcurrency. - allow-container-concurrency-zero: "true" - - # enable-service-links specifies the default value used for the - # enableServiceLinks field of the PodSpec, when it is omitted by the user. - # See: https://kubernetes.io/docs/concepts/services-networking/connect-applications-service/#accessing-the-service - # - # This is a tri-state flag with possible values of (true|false|default). - # - # In environments with large number of services it is suggested - # to set this value to `false`. - # See https://github.com/knative/serving/issues/8498. - enable-service-links: "false" - ---- -# Copyright 2019 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: v1 -kind: ConfigMap -metadata: - name: config-deployment - namespace: knative-serving - labels: - app.kubernetes.io/name: knative-serving - app.kubernetes.io/component: controller - app.kubernetes.io/version: "1.8.2" - annotations: - knative.dev/example-checksum: "dd7ee769" -data: - # This is the Go import path for the binary that is containerized - # and substituted here. - queue-sidecar-image: gcr.io/knative-releases/knative.dev/serving/cmd/queue@sha256:5d5d3657f9bb02e66cfa3e9c2b3a4451577fc8d3234684cd16a0642af71d5522 - _example: |- - ################################ - # # - # EXAMPLE CONFIGURATION # - # # - ################################ - - # This block is not actually functional configuration, - # but serves to illustrate the available configuration - # options and document them in a way that is accessible - # to users that `kubectl edit` this config map. - # - # These sample configuration options may be copied out of - # this example block and unindented to be in the data block - # to actually change the configuration. - - # List of repositories for which tag to digest resolving should be skipped - registries-skipping-tag-resolving: "kind.local,ko.local,dev.local" - - # Maximum time allowed for an image's digests to be resolved. - digest-resolution-timeout: "10s" - - # Duration we wait for the deployment to be ready before considering it failed. - progress-deadline: "600s" - - # Sets the queue proxy's CPU request. - # If omitted, a default value (currently "25m"), is used. - queue-sidecar-cpu-request: "25m" - - # Sets the queue proxy's CPU limit. - # If omitted, no value is specified and the system default is used. - queue-sidecar-cpu-limit: "1000m" - - # Sets the queue proxy's memory request. - # If omitted, no value is specified and the system default is used. - queue-sidecar-memory-request: "400Mi" - - # Sets the queue proxy's memory limit. - # If omitted, no value is specified and the system default is used. - queue-sidecar-memory-limit: "800Mi" - - # Sets the queue proxy's ephemeral storage request. - # If omitted, no value is specified and the system default is used. - queue-sidecar-ephemeral-storage-request: "512Mi" - - # Sets the queue proxy's ephemeral storage limit. - # If omitted, no value is specified and the system default is used. - queue-sidecar-ephemeral-storage-limit: "1024Mi" - - # The freezer service endpoint that queue-proxy calls when its traffic drops to zero or - # scales up from zero. - # - # Freezer service is available at: https://github.com/knative-sandbox/container-freezer - # or users may write their own service. - # - # The value will need to include both the host and the port that will be accessed. - # For the host, $HOST_IP can be passed, and the appropriate host IP value will be swapped - # in at runtime, which will enable the freezer daemonset to be reachable via the node IP. - # - # As an example: - # concurrency-state-endpoint: "http://$HOST_IP:9696" - # - # If not set, queue proxy takes no action (this is the default behavior). - # - # When enabled, a serviceAccountToken will be mounted to queue-proxy using - # a projected volume. This requires the Service Account Token Volume Projection feature - # to be enabled. For details, see this link: - # https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/#service-account-token-volume-projection - # - # NOTE THAT THIS IS AN EXPERIMENTAL / ALPHA FEATURE - concurrency-state-endpoint: "" - ---- -# Copyright 2018 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: v1 -kind: ConfigMap -metadata: - name: config-domain - namespace: knative-serving - labels: - app.kubernetes.io/name: knative-serving - app.kubernetes.io/component: controller - app.kubernetes.io/version: "1.8.2" - annotations: - knative.dev/example-checksum: "26c09de5" -data: - _example: | - ################################ - # # - # EXAMPLE CONFIGURATION # - # # - ################################ - - # This block is not actually functional configuration, - # but serves to illustrate the available configuration - # options and document them in a way that is accessible - # to users that `kubectl edit` this config map. - # - # These sample configuration options may be copied out of - # this example block and unindented to be in the data block - # to actually change the configuration. - - # Default value for domain. - # Routes having the cluster domain suffix (by default 'svc.cluster.local') - # will not be exposed through Ingress. You can define your own label - # selector to assign that domain suffix to your Route here, or you can set - # the label - # "networking.knative.dev/visibility=cluster-local" - # to achieve the same effect. This shows how to make routes having - # the label app=secret only exposed to the local cluster. - svc.cluster.local: | - selector: - app: secret - - # These are example settings of domain. - # example.com will be used for all routes, but it is the least-specific rule so it - # will only be used if no other domain matches. - example.com: | - - # example.org will be used for routes having app=nonprofit. - example.org: | - selector: - app: nonprofit - ---- -# Copyright 2020 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: v1 -kind: ConfigMap -metadata: - name: config-features - namespace: knative-serving - labels: - app.kubernetes.io/name: knative-serving - app.kubernetes.io/component: controller - app.kubernetes.io/version: "1.8.2" - annotations: - knative.dev/example-checksum: "691a192e" -data: - _example: |- - ################################ - # # - # EXAMPLE CONFIGURATION # - # # - ################################ - - # This block is not actually functional configuration, - # but serves to illustrate the available configuration - # options and document them in a way that is accessible - # to users that `kubectl edit` this config map. - # - # These sample configuration options may be copied out of - # this example block and unindented to be in the data block - # to actually change the configuration. - - # Indicates whether multi container support is enabled - # - # WARNING: Cannot safely be disabled once enabled. - # See: https://knative.dev/docs/serving/feature-flags/#multi-containers - multi-container: "enabled" - - # Indicates whether Kubernetes affinity support is enabled - # - # WARNING: Cannot safely be disabled once enabled. - # See: https://knative.dev/docs/serving/feature-flags/#kubernetes-node-affinity - kubernetes.podspec-affinity: "disabled" - - # Indicates whether Kubernetes topologySpreadConstraints support is enabled - # - # WARNING: Cannot safely be disabled once enabled. - # See: https://knative.dev/docs/serving/feature-flags/#kubernetes-topology-spread-constraints - kubernetes.podspec-topologyspreadconstraints: "disabled" - - # Indicates whether Kubernetes hostAliases support is enabled - # - # WARNING: Cannot safely be disabled once enabled. - # See: https://knative.dev/docs/serving/feature-flags/#kubernetes-host-aliases - kubernetes.podspec-hostaliases: "disabled" - - # Indicates whether Kubernetes nodeSelector support is enabled - # - # WARNING: Cannot safely be disabled once enabled. - # See: https://knative.dev/docs/serving/feature-flags/#kubernetes-node-selector - kubernetes.podspec-nodeselector: "disabled" - - # Indicates whether Kubernetes tolerations support is enabled - # - # WARNING: Cannot safely be disabled once enabled - # See: https://knative.dev/docs/serving/feature-flags/#kubernetes-toleration - kubernetes.podspec-tolerations: "disabled" - - # Indicates whether Kubernetes FieldRef support is enabled - # - # WARNING: Cannot safely be disabled once enabled. - # See: https://knative.dev/docs/serving/feature-flags/#kubernetes-fieldref - kubernetes.podspec-fieldref: "disabled" - - # Indicates whether Kubernetes RuntimeClassName support is enabled - # - # WARNING: Cannot safely be disabled once enabled. - # See: https://knative.dev/docs/serving/feature-flags/#kubernetes-runtime-class - kubernetes.podspec-runtimeclassname: "disabled" - - # Indicates whether Kubernetes DNSPolicy support is enabled - # - # WARNING: Cannot safely be disabled once enabled. - # See: https://knative.dev/docs/serving/feature-flags/#kubernetes-dnspolicy - kubernetes.podspec-dnspolicy: "disabled" - - # Indicates whether Kubernetes DNSConfig support is enabled - # - # WARNING: Cannot safely be disabled once enabled. - # See: https://knative.dev/docs/serving/feature-flags/#kubernetes-dnsconfig - kubernetes.podspec-dnsconfig: "disabled" - - # This feature allows end-users to set a subset of fields on the Pod's SecurityContext - # - # When set to "enabled" or "allowed" it allows the following - # PodSecurityContext properties: - # - FSGroup - # - RunAsGroup - # - RunAsNonRoot - # - SupplementalGroups - # - RunAsUser - # - SeccompProfile - # - # This feature flag should be used with caution as the PodSecurityContext - # properties may have a side-effect on non-user sidecar containers that come - # from Knative or your service mesh - # - # WARNING: Cannot safely be disabled once enabled. - # See: https://knative.dev/docs/serving/feature-flags/#kubernetes-security-context - kubernetes.podspec-securitycontext: "disabled" - - # Indicates whether Kubernetes PriorityClassName support is enabled - # - # WARNING: Cannot safely be disabled once enabled. - # See: https://knative.dev/docs/serving/feature-flags/#kubernetes-priority-class-name - kubernetes.podspec-priorityclassname: "disabled" - - # Indicates whether Kubernetes SchedulerName support is enabled - # - # WARNING: Cannot safely be disabled once enabled. - # See: https://knative.dev/docs/serving/feature-flags/#kubernetes-scheduler-name - kubernetes.podspec-schedulername: "disabled" - - # This feature flag allows end-users to add a subset of capabilities on the Pod's SecurityContext. - # - # When set to "enabled" or "allowed" it allows capabilities to be added to the container. - # For a list of possible capabilities, see https://man7.org/linux/man-pages/man7/capabilities.7.html - kubernetes.containerspec-addcapabilities: "disabled" - - # This feature validates PodSpecs from the validating webhook - # against the K8s API Server. - # - # When "enabled", the server will always run the extra validation. - # When "allowed", the server will not run the dry-run validation by default. - # However, clients may enable the behavior on an individual Service by - # attaching the following metadata annotation: "features.knative.dev/podspec-dryrun":"enabled". - # See: https://knative.dev/docs/serving/feature-flags/#kubernetes-dry-run - kubernetes.podspec-dryrun: "allowed" - - # Controls whether tag header based routing feature are enabled or not. - # 1. Enabled: enabling tag header based routing - # 2. Disabled: disabling tag header based routing - # See: https://knative.dev/docs/serving/feature-flags/#tag-header-based-routing - tag-header-based-routing: "disabled" - - # Controls whether http2 auto-detection should be enabled or not. - # 1. Enabled: http2 connection will be attempted via upgrade. - # 2. Disabled: http2 connection will only be attempted when port name is set to "h2c". - autodetect-http2: "disabled" - - # Controls whether volume support for EmptyDir is enabled or not. - # 1. Enabled: enabling EmptyDir volume support - # 2. Disabled: disabling EmptyDir volume support - kubernetes.podspec-volumes-emptydir: "enabled" - - # Controls whether init containers support is enabled or not. - # 1. Enabled: enabling init containers support - # 2. Disabled: disabling init containers support - kubernetes.podspec-init-containers: "disabled" - - # Controls whether persistent volume claim support is enabled or not. - # 1. Enabled: enabling persistent volume claim support - # 2. Disabled: disabling persistent volume claim support - kubernetes.podspec-persistent-volume-claim: "disabled" - - # Controls whether write access for persistent volumes is enabled or not. - # 1. Enabled: enabling write access for persistent volumes - # 2. Disabled: disabling write access for persistent volumes - kubernetes.podspec-persistent-volume-write: "disabled" - - # Controls if the queue proxy podInfo feature is enabled, allowed or disabled - # - # This feature should be enabled/allowed when using queue proxy Options (Extensions) - # Enabling will mount a podInfo volume to the queue proxy container. - # The volume will contains an 'annotations' file (from the pod's annotation field). - # The annotations in this file include the Service annotations set by the client creating the service. - # If mounted, the annotations can be accessed by queue proxy extensions at /etc/podinfo/annnotations - # - # 1. "enabled": always mount a podInfo volume - # 2. "disabled": never mount a podInfo volume - # 3. "allowed": by default, do not mount a podInfo volume - # However, a client may mount the podInfo volume on an individual Service by attaching - # the following metadata annotation to the Service: "features.knative.dev/queueproxy-podinfo":"enabled". - # - # NOTE THAT THIS IS AN EXPERIMENTAL / ALPHA FEATURE - queueproxy.mount-podinfo: "disabled" - ---- -# Copyright 2018 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: v1 -kind: ConfigMap -metadata: - name: config-gc - namespace: knative-serving - labels: - app.kubernetes.io/name: knative-serving - app.kubernetes.io/component: controller - app.kubernetes.io/version: "1.8.2" - annotations: - knative.dev/example-checksum: "aa3813a8" -data: - _example: | - ################################ - # # - # EXAMPLE CONFIGURATION # - # # - ################################ - - # This block is not actually functional configuration, - # but serves to illustrate the available configuration - # options and document them in a way that is accessible - # to users that `kubectl edit` this config map. - # - # These sample configuration options may be copied out of - # this example block and unindented to be in the data block - # to actually change the configuration. - - # --------------------------------------- - # Garbage Collector Settings - # --------------------------------------- - # - # Active - # * Revisions which are referenced by a Route are considered active. - # * Individual revisions may be marked with the annotation - # "serving.knative.dev/no-gc":"true" to be permanently considered active. - # * Active revisions are not considered for GC. - # Retention - # * Revisions are retained if they are any of the following: - # 1. Active - # 2. Were created within "retain-since-create-time" - # 3. Were last referenced by a route within - # "retain-since-last-active-time" - # 4. There are fewer than "min-non-active-revisions" - # If none of these conditions are met, or if the count of revisions exceed - # "max-non-active-revisions", they will be deleted by GC. - # The special value "disabled" may be used to turn off these limits. - # - # Example config to immediately collect any inactive revision: - # min-non-active-revisions: "0" - # max-non-active-revisions: "0" - # retain-since-create-time: "disabled" - # retain-since-last-active-time: "disabled" - # - # Example config to always keep around the last ten non-active revisions: - # retain-since-create-time: "disabled" - # retain-since-last-active-time: "disabled" - # max-non-active-revisions: "10" - # - # Example config to disable all garbage collection: - # retain-since-create-time: "disabled" - # retain-since-last-active-time: "disabled" - # max-non-active-revisions: "disabled" - # - # Example config to keep recently deployed or active revisions, - # always maintain the last two in case of rollback, and prevent - # burst activity from exploding the count of old revisions: - # retain-since-create-time: "48h" - # retain-since-last-active-time: "15h" - # min-non-active-revisions: "2" - # max-non-active-revisions: "1000" - - # Duration since creation before considering a revision for GC or "disabled". - retain-since-create-time: "48h" - - # Duration since active before considering a revision for GC or "disabled". - retain-since-last-active-time: "15h" - - # Minimum number of non-active revisions to retain. - min-non-active-revisions: "20" - - # Maximum number of non-active revisions to retain - # or "disabled" to disable any maximum limit. - max-non-active-revisions: "1000" - ---- -# Copyright 2020 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: v1 -kind: ConfigMap -metadata: - name: config-leader-election - namespace: knative-serving - labels: - app.kubernetes.io/name: knative-serving - app.kubernetes.io/component: controller - app.kubernetes.io/version: "1.8.2" - annotations: - knative.dev/example-checksum: "f4b71f57" -data: - _example: | - ################################ - # # - # EXAMPLE CONFIGURATION # - # # - ################################ - - # This block is not actually functional configuration, - # but serves to illustrate the available configuration - # options and document them in a way that is accessible - # to users that `kubectl edit` this config map. - # - # These sample configuration options may be copied out of - # this example block and unindented to be in the data block - # to actually change the configuration. - - # lease-duration is how long non-leaders will wait to try to acquire the - # lock; 15 seconds is the value used by core kubernetes controllers. - lease-duration: "60s" - - # renew-deadline is how long a leader will try to renew the lease before - # giving up; 10 seconds is the value used by core kubernetes controllers. - renew-deadline: "40s" - - # retry-period is how long the leader election client waits between tries of - # actions; 2 seconds is the value used by core kubernetes controllers. - retry-period: "10s" - - # buckets is the number of buckets used to partition key space of each - # Reconciler. If this number is M and the replica number of the controller - # is N, the N replicas will compete for the M buckets. The owner of a - # bucket will take care of the reconciling for the keys partitioned into - # that bucket. - buckets: "1" - ---- -# Copyright 2018 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: v1 -kind: ConfigMap -metadata: - name: config-logging - namespace: knative-serving - labels: - app.kubernetes.io/version: "1.8.2" - app.kubernetes.io/component: logging - app.kubernetes.io/name: knative-serving - annotations: - knative.dev/example-checksum: "b0f3c6f2" -data: - _example: | - ################################ - # # - # EXAMPLE CONFIGURATION # - # # - ################################ - - # This block is not actually functional configuration, - # but serves to illustrate the available configuration - # options and document them in a way that is accessible - # to users that `kubectl edit` this config map. - # - # These sample configuration options may be copied out of - # this example block and unindented to be in the data block - # to actually change the configuration. - - # Common configuration for all Knative codebase - zap-logger-config: | - { - "level": "info", - "development": false, - "outputPaths": ["stdout"], - "errorOutputPaths": ["stderr"], - "encoding": "json", - "encoderConfig": { - "timeKey": "timestamp", - "levelKey": "severity", - "nameKey": "logger", - "callerKey": "caller", - "messageKey": "message", - "stacktraceKey": "stacktrace", - "lineEnding": "", - "levelEncoder": "", - "timeEncoder": "iso8601", - "durationEncoder": "", - "callerEncoder": "" - } - } - - # Log level overrides - # For all components except the queue proxy, - # changes are picked up immediately. - # For queue proxy, changes require recreation of the pods. - loglevel.controller: "info" - loglevel.autoscaler: "info" - loglevel.queueproxy: "info" - loglevel.webhook: "info" - loglevel.activator: "info" - loglevel.hpaautoscaler: "info" - loglevel.net-certmanager-controller: "info" - loglevel.net-istio-controller: "info" - loglevel.net-contour-controller: "info" - ---- -# Copyright 2018 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: v1 -kind: ConfigMap -metadata: - name: config-network - namespace: knative-serving - labels: - app.kubernetes.io/name: knative-serving - app.kubernetes.io/component: networking - app.kubernetes.io/version: "1.8.2" - annotations: - knative.dev/example-checksum: "73d96d1b" -data: - _example: | - ################################ - # # - # EXAMPLE CONFIGURATION # - # # - ################################ - - # This block is not actually functional configuration, - # but serves to illustrate the available configuration - # options and document them in a way that is accessible - # to users that `kubectl edit` this config map. - # - # These sample configuration options may be copied out of - # this example block and unindented to be in the data block - # to actually change the configuration. - - # ingress-class specifies the default ingress class - # to use when not dictated by Route annotation. - # - # If not specified, will use the Istio ingress. - # - # Note that changing the Ingress class of an existing Route - # will result in undefined behavior. Therefore it is best to only - # update this value during the setup of Knative, to avoid getting - # undefined behavior. - ingress-class: "istio.ingress.networking.knative.dev" - - # certificate-class specifies the default Certificate class - # to use when not dictated by Route annotation. - # - # If not specified, will use the Cert-Manager Certificate. - # - # Note that changing the Certificate class of an existing Route - # will result in undefined behavior. Therefore it is best to only - # update this value during the setup of Knative, to avoid getting - # undefined behavior. - certificate-class: "cert-manager.certificate.networking.knative.dev" - - # namespace-wildcard-cert-selector specifies a LabelSelector which - # determines which namespaces should have a wildcard certificate - # provisioned. - # - # Use an empty value to disable the feature (this is the default): - # namespace-wildcard-cert-selector: "" - # - # Use an empty object to enable for all namespaces - # namespace-wildcard-cert-selector: {} - # - # Useful labels include the "kubernetes.io/metadata.name" label to - # avoid provisioning a certifcate for the "kube-system" namespaces. - # Use the following selector to match pre-1.0 behavior of using - # "networking.knative.dev/disableWildcardCert" to exclude namespaces: - # - # matchExpressions: - # - key: "networking.knative.dev/disableWildcardCert" - # operator: "NotIn" - # values: ["true"] - namespace-wildcard-cert-selector: "" - - # domain-template specifies the golang text template string to use - # when constructing the Knative service's DNS name. The default - # value is "{{.Name}}.{{.Namespace}}.{{.Domain}}". - # - # Valid variables defined in the template include Name, Namespace, Domain, - # Labels, and Annotations. Name will be the result of the tagTemplate - # below, if a tag is specified for the route. - # - # Changing this value might be necessary when the extra levels in - # the domain name generated is problematic for wildcard certificates - # that only support a single level of domain name added to the - # certificate's domain. In those cases you might consider using a value - # of "{{.Name}}-{{.Namespace}}.{{.Domain}}", or removing the Namespace - # entirely from the template. When choosing a new value be thoughtful - # of the potential for conflicts - for example, when users choose to use - # characters such as `-` in their service, or namespace, names. - # {{.Annotations}} or {{.Labels}} can be used for any customization in the - # go template if needed. - # We strongly recommend keeping namespace part of the template to avoid - # domain name clashes: - # eg. '{{.Name}}-{{.Namespace}}.{{ index .Annotations "sub"}}.{{.Domain}}' - # and you have an annotation {"sub":"foo"}, then the generated template - # would be {Name}-{Namespace}.foo.{Domain} - domain-template: "{{.Name}}.{{.Namespace}}.{{.Domain}}" - - # tagTemplate specifies the golang text template string to use - # when constructing the DNS name for "tags" within the traffic blocks - # of Routes and Configuration. This is used in conjunction with the - # domainTemplate above to determine the full URL for the tag. - tag-template: "{{.Tag}}-{{.Name}}" - - # Controls whether TLS certificates are automatically provisioned and - # installed in the Knative ingress to terminate external TLS connection. - # 1. Enabled: enabling auto-TLS feature. - # 2. Disabled: disabling auto-TLS feature. - auto-tls: "Disabled" - - # Controls the behavior of the HTTP endpoint for the Knative ingress. - # It requires autoTLS to be enabled. - # 1. Enabled: The Knative ingress will be able to serve HTTP connection. - # 2. Redirected: The Knative ingress will send a 301 redirect for all - # http connections, asking the clients to use HTTPS. - # - # "Disabled" option is deprecated. - http-protocol: "Enabled" - - # rollout-duration contains the minimal duration in seconds over which the - # Configuration traffic targets are rolled out to the newest revision. - rollout-duration: "0" - - # autocreate-cluster-domain-claims controls whether ClusterDomainClaims should - # be automatically created (and deleted) as needed when DomainMappings are - # reconciled. - # - # If this is "false" (the default), the cluster administrator is - # responsible for creating ClusterDomainClaims and delegating them to - # namespaces via their spec.Namespace field. This setting should be used in - # multitenant environments which need to control which namespace can use a - # particular domain name in a domain mapping. - # - # If this is "true", users are able to associate arbitrary names with their - # services via the DomainMapping feature. - autocreate-cluster-domain-claims: "false" - - # If true, networking plugins can add additional information to deployed - # applications to make their pods directly accessible via their IPs even if mesh is - # enabled and thus direct-addressability is usually not possible. - # Consumers like Knative Serving can use this setting to adjust their behavior - # accordingly, i.e. to drop fallback solutions for non-pod-addressable systems. - # - # NOTE: This flag is in an alpha state and is mostly here to enable internal testing - # for now. Use with caution. - enable-mesh-pod-addressability: "false" - - # mesh-compatibility-mode indicates whether consumers of network plugins - # should directly contact Pod IPs (most efficient), or should use the - # Cluster IP (less efficient, needed when mesh is enabled unless - # `enable-mesh-pod-addressability`, above, is set). - # Permitted values are: - # - "auto" (default): automatically determine which mesh mode to use by trying Pod IP and falling back to Cluster IP as needed. - # - "enabled": always use Cluster IP and do not attempt to use Pod IPs. - # - "disabled": always use Pod IPs and do not fall back to Cluster IP on failure. - mesh-compatibility-mode: "auto" - - # Defines the scheme used for external URLs if autoTLS is not enabled. - # This can be used for making Knative report all URLs as "HTTPS" for example, if you're - # fronting Knative with an external loadbalancer that deals with TLS termination and - # Knative doesn't know about that otherwise. - default-external-scheme: "http" - - # internal-encryption indicates whether internal traffic is encrypted or not. - # If this is "true", the following traffic are encrypted: - # - ingress to activator - # - ingress to queue-proxy - # - activator to queue-proxy - # - # NOTE: This flag is in an alpha state and is mostly here to enable internal testing - # for now. Use with caution. - internal-encryption: "false" - ---- -# Copyright 2018 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: v1 -kind: ConfigMap -metadata: - name: config-observability - namespace: knative-serving - labels: - app.kubernetes.io/name: knative-serving - app.kubernetes.io/component: observability - app.kubernetes.io/version: "1.8.2" - annotations: - knative.dev/example-checksum: "fed4756e" -data: - _example: | - ################################ - # # - # EXAMPLE CONFIGURATION # - # # - ################################ - - # This block is not actually functional configuration, - # but serves to illustrate the available configuration - # options and document them in a way that is accessible - # to users that `kubectl edit` this config map. - # - # These sample configuration options may be copied out of - # this example block and unindented to be in the data block - # to actually change the configuration. - - # logging.enable-var-log-collection defaults to false. - # The fluentd daemon set will be set up to collect /var/log if - # this flag is true. - logging.enable-var-log-collection: "false" - - # logging.revision-url-template provides a template to use for producing the - # logging URL that is injected into the status of each Revision. - logging.revision-url-template: "http://logging.example.com/?revisionUID=${REVISION_UID}" - - # If non-empty, this enables queue proxy writing user request logs to stdout, excluding probe - # requests. - # NB: after 0.18 release logging.enable-request-log must be explicitly set to true - # in order for request logging to be enabled. - # - # The value determines the shape of the request logs and it must be a valid go text/template. - # It is important to keep this as a single line. Multiple lines are parsed as separate entities - # by most collection agents and will split the request logs into multiple records. - # - # The following fields and functions are available to the template: - # - # Request: An http.Request (see https://golang.org/pkg/net/http/#Request) - # representing an HTTP request received by the server. - # - # Response: - # struct { - # Code int // HTTP status code (see https://www.iana.org/assignments/http-status-codes/http-status-codes.xhtml) - # Size int // An int representing the size of the response. - # Latency float64 // A float64 representing the latency of the response in seconds. - # } - # - # Revision: - # struct { - # Name string // Knative revision name - # Namespace string // Knative revision namespace - # Service string // Knative service name - # Configuration string // Knative configuration name - # PodName string // Name of the pod hosting the revision - # PodIP string // IP of the pod hosting the revision - # } - # - logging.request-log-template: '{"httpRequest": {"requestMethod": "{{.Request.Method}}", "requestUrl": "{{js .Request.RequestURI}}", "requestSize": "{{.Request.ContentLength}}", "status": {{.Response.Code}}, "responseSize": "{{.Response.Size}}", "userAgent": "{{js .Request.UserAgent}}", "remoteIp": "{{js .Request.RemoteAddr}}", "serverIp": "{{.Revision.PodIP}}", "referer": "{{js .Request.Referer}}", "latency": "{{.Response.Latency}}s", "protocol": "{{.Request.Proto}}"}, "traceId": "{{index .Request.Header "X-B3-Traceid"}}"}' - - # If true, the request logging will be enabled. - # NB: up to and including Knative version 0.18 if logging.request-log-template is non-empty, this value - # will be ignored. - logging.enable-request-log: "false" - - # If true, this enables queue proxy writing request logs for probe requests to stdout. - # It uses the same template for user requests, i.e. logging.request-log-template. - logging.enable-probe-request-log: "false" - - # metrics.backend-destination field specifies the system metrics destination. - # It supports either prometheus (the default) or opencensus. - metrics.backend-destination: prometheus - - # metrics.request-metrics-backend-destination specifies the request metrics - # destination. It enables queue proxy to send request metrics. - # Currently supported values: prometheus (the default), opencensus. - metrics.request-metrics-backend-destination: prometheus - - # profiling.enable indicates whether it is allowed to retrieve runtime profiling data from - # the pods via an HTTP server in the format expected by the pprof visualization tool. When - # enabled, the Knative Serving pods expose the profiling data on an alternate HTTP port 8008. - # The HTTP context root for profiling is then /debug/pprof/. - profiling.enable: "false" - ---- -# Copyright 2019 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: v1 -kind: ConfigMap -metadata: - name: config-tracing - namespace: knative-serving - labels: - app.kubernetes.io/name: knative-serving - app.kubernetes.io/component: tracing - app.kubernetes.io/version: "1.8.2" - annotations: - knative.dev/example-checksum: "26614636" -data: - _example: | - ################################ - # # - # EXAMPLE CONFIGURATION # - # # - ################################ - - # This block is not actually functional configuration, - # but serves to illustrate the available configuration - # options and document them in a way that is accessible - # to users that `kubectl edit` this config map. - # - # These sample configuration options may be copied out of - # this example block and unindented to be in the data block - # to actually change the configuration. - # - # This may be "zipkin" or "none" (default) - backend: "none" - - # URL to zipkin collector where traces are sent. - # This must be specified when backend is "zipkin" - zipkin-endpoint: "http://zipkin.istio-system.svc.cluster.local:9411/api/v2/spans" - - # Enable zipkin debug mode. This allows all spans to be sent to the server - # bypassing sampling. - debug: "false" - - # Percentage (0-1) of requests to trace - sample-rate: "0.1" - ---- -# Copyright 2020 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: autoscaling/v2 -kind: HorizontalPodAutoscaler -metadata: - name: activator - namespace: knative-serving - labels: - app.kubernetes.io/component: activator - app.kubernetes.io/name: knative-serving - app.kubernetes.io/version: "1.8.2" -spec: - minReplicas: 1 - maxReplicas: 20 - scaleTargetRef: - apiVersion: apps/v1 - kind: Deployment - name: activator - metrics: - - type: Resource - resource: - name: cpu - target: - type: Utilization - # Percentage of the requested CPU - averageUtilization: 100 ---- -# Activator PDB. Currently we permit unavailability of 20% of tasks at the same time. -# Given the subsetting and that the activators are partially stateful systems, we want -# a slow rollout of the new versions and slow migration during node upgrades. -apiVersion: policy/v1 -kind: PodDisruptionBudget -metadata: - name: activator-pdb - namespace: knative-serving - labels: - app.kubernetes.io/component: activator - app.kubernetes.io/name: knative-serving - app.kubernetes.io/version: "1.8.2" -spec: - minAvailable: 80% - selector: - matchLabels: - app: activator - ---- -# Copyright 2018 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: apps/v1 -kind: Deployment -metadata: - name: activator - namespace: knative-serving - labels: - app.kubernetes.io/component: activator - app.kubernetes.io/version: "1.8.2" - app.kubernetes.io/name: knative-serving -spec: - selector: - matchLabels: - app: activator - role: activator - template: - metadata: - annotations: - cluster-autoscaler.kubernetes.io/safe-to-evict: "false" - labels: - app: activator - role: activator - app.kubernetes.io/component: activator - app.kubernetes.io/name: knative-serving - app.kubernetes.io/version: "1.8.2" - spec: - serviceAccountName: controller - containers: - - name: activator - # This is the Go import path for the binary that is containerized - # and substituted here. - image: gcr.io/knative-releases/knative.dev/serving/cmd/activator@sha256:9cb7c468f0975079c7b86d1b2b6b61dd9b5e64d38cd92ccb5239348ce5bd9dee - # The numbers are based on performance test results from - # https://github.com/knative/serving/issues/1625#issuecomment-511930023 - resources: - requests: - cpu: 300m - memory: 60Mi - limits: - cpu: 1000m - memory: 600Mi - env: - # Run Activator with GC collection when newly generated memory is 500%. - - name: GOGC - value: "500" - - name: POD_NAME - valueFrom: - fieldRef: - fieldPath: metadata.name - - name: POD_IP - valueFrom: - fieldRef: - fieldPath: status.podIP - - name: SYSTEM_NAMESPACE - valueFrom: - fieldRef: - fieldPath: metadata.namespace - - name: CONFIG_LOGGING_NAME - value: config-logging - - name: CONFIG_OBSERVABILITY_NAME - value: config-observability - # TODO(https://github.com/knative/pkg/pull/953): Remove stackdriver specific config - - name: METRICS_DOMAIN - value: knative.dev/internal/serving - securityContext: - allowPrivilegeEscalation: false - readOnlyRootFilesystem: true - runAsNonRoot: true - capabilities: - drop: - - ALL - seccompProfile: - type: RuntimeDefault - ports: - - name: metrics - containerPort: 9090 - - name: profiling - containerPort: 8008 - - name: http1 - containerPort: 8012 - - name: h2c - containerPort: 8013 - readinessProbe: - httpGet: - port: 8012 - httpHeaders: - - name: k-kubelet-probe - value: "activator" - periodSeconds: 5 - failureThreshold: 5 - livenessProbe: - httpGet: - port: 8012 - httpHeaders: - - name: k-kubelet-probe - value: "activator" - periodSeconds: 10 - failureThreshold: 12 - initialDelaySeconds: 15 - # The activator (often) sits on the dataplane, and may proxy long (e.g. - # streaming, websockets) requests. We give a long grace period for the - # activator to "lame duck" and drain outstanding requests before we - # forcibly terminate the pod (and outstanding connections). This value - # should be at least as large as the upper bound on the Revision's - # timeoutSeconds property to avoid servicing events disrupting - # connections. - terminationGracePeriodSeconds: 600 ---- -apiVersion: v1 -kind: Service -metadata: - name: activator-service - namespace: knative-serving - labels: - app: activator - app.kubernetes.io/component: activator - app.kubernetes.io/version: "1.8.2" - app.kubernetes.io/name: knative-serving -spec: - selector: - app: activator - ports: - # Define metrics and profiling for them to be accessible within service meshes. - - name: http-metrics - port: 9090 - targetPort: 9090 - - name: http-profiling - port: 8008 - targetPort: 8008 - - name: http - port: 80 - targetPort: 8012 - - name: http2 - port: 81 - targetPort: 8013 - - name: https - port: 443 - targetPort: 8112 - type: ClusterIP - ---- -# Copyright 2018 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: apps/v1 -kind: Deployment -metadata: - name: autoscaler - namespace: knative-serving - labels: - app.kubernetes.io/component: autoscaler - app.kubernetes.io/name: knative-serving - app.kubernetes.io/version: "1.8.2" -spec: - replicas: 1 - selector: - matchLabels: - app: autoscaler - strategy: - type: RollingUpdate - rollingUpdate: - maxUnavailable: 0 - template: - metadata: - annotations: - cluster-autoscaler.kubernetes.io/safe-to-evict: "false" - labels: - app: autoscaler - app.kubernetes.io/component: autoscaler - app.kubernetes.io/name: knative-serving - app.kubernetes.io/version: "1.8.2" - spec: - # To avoid node becoming SPOF, spread our replicas to different nodes. - affinity: - podAntiAffinity: - preferredDuringSchedulingIgnoredDuringExecution: - - podAffinityTerm: - labelSelector: - matchLabels: - app: autoscaler - topologyKey: kubernetes.io/hostname - weight: 100 - serviceAccountName: controller - containers: - - name: autoscaler - # This is the Go import path for the binary that is containerized - # and substituted here. - image: gcr.io/knative-releases/knative.dev/serving/cmd/autoscaler@sha256:210839a401050ada56679b3c769edad987ed2f8872cabad511d96450b5d93299 - resources: - requests: - cpu: 100m - memory: 100Mi - limits: - cpu: 1000m - memory: 1000Mi - env: - - name: POD_NAME - valueFrom: - fieldRef: - fieldPath: metadata.name - - name: POD_IP - valueFrom: - fieldRef: - fieldPath: status.podIP - - name: SYSTEM_NAMESPACE - valueFrom: - fieldRef: - fieldPath: metadata.namespace - - name: CONFIG_LOGGING_NAME - value: config-logging - - name: CONFIG_OBSERVABILITY_NAME - value: config-observability - # TODO(https://github.com/knative/pkg/pull/953): Remove stackdriver specific config - - name: METRICS_DOMAIN - value: knative.dev/serving - securityContext: - allowPrivilegeEscalation: false - readOnlyRootFilesystem: true - runAsNonRoot: true - capabilities: - drop: - - ALL - seccompProfile: - type: RuntimeDefault - ports: - - name: metrics - containerPort: 9090 - - name: profiling - containerPort: 8008 - - name: websocket - containerPort: 8080 - readinessProbe: - httpGet: - port: 8080 - httpHeaders: - - name: k-kubelet-probe - value: "autoscaler" - livenessProbe: - httpGet: - port: 8080 - httpHeaders: - - name: k-kubelet-probe - value: "autoscaler" - failureThreshold: 6 ---- -apiVersion: v1 -kind: Service -metadata: - labels: - app: autoscaler - app.kubernetes.io/component: autoscaler - app.kubernetes.io/name: knative-serving - app.kubernetes.io/version: "1.8.2" - name: autoscaler - namespace: knative-serving -spec: - ports: - # Define metrics and profiling for them to be accessible within service meshes. - - name: http-metrics - port: 9090 - targetPort: 9090 - - name: http-profiling - port: 8008 - targetPort: 8008 - - name: http - port: 8080 - targetPort: 8080 - selector: - app: autoscaler - ---- -# Copyright 2018 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: apps/v1 -kind: Deployment -metadata: - name: controller - namespace: knative-serving - labels: - app.kubernetes.io/component: controller - app.kubernetes.io/name: knative-serving - app.kubernetes.io/version: "1.8.2" -spec: - selector: - matchLabels: - app: controller - template: - metadata: - annotations: - cluster-autoscaler.kubernetes.io/safe-to-evict: "true" - labels: - app: controller - app.kubernetes.io/component: controller - app.kubernetes.io/name: knative-serving - app.kubernetes.io/version: "1.8.2" - spec: - # To avoid node becoming SPOF, spread our replicas to different nodes. - affinity: - podAntiAffinity: - preferredDuringSchedulingIgnoredDuringExecution: - - podAffinityTerm: - labelSelector: - matchLabels: - app: controller - topologyKey: kubernetes.io/hostname - weight: 100 - serviceAccountName: controller - containers: - - name: controller - # This is the Go import path for the binary that is containerized - # and substituted here. - image: gcr.io/knative-releases/knative.dev/serving/cmd/controller@sha256:830f5a8a7a56f6715cea1624b694047be32e178c31cc8bcefa058932f2e1365a - resources: - requests: - cpu: 100m - memory: 100Mi - limits: - cpu: 1000m - memory: 1000Mi - env: - - name: POD_NAME - valueFrom: - fieldRef: - fieldPath: metadata.name - - name: SYSTEM_NAMESPACE - valueFrom: - fieldRef: - fieldPath: metadata.namespace - - name: CONFIG_LOGGING_NAME - value: config-logging - - name: CONFIG_OBSERVABILITY_NAME - value: config-observability - # TODO(https://github.com/knative/pkg/pull/953): Remove stackdriver specific config - - name: METRICS_DOMAIN - value: knative.dev/internal/serving - securityContext: - allowPrivilegeEscalation: false - readOnlyRootFilesystem: true - runAsNonRoot: true - capabilities: - drop: - - ALL - seccompProfile: - type: RuntimeDefault - ports: - - name: metrics - containerPort: 9090 - - name: profiling - containerPort: 8008 ---- -apiVersion: v1 -kind: Service -metadata: - labels: - app: controller - app.kubernetes.io/component: controller - app.kubernetes.io/name: knative-serving - app.kubernetes.io/version: "1.8.2" - name: controller - namespace: knative-serving -spec: - ports: - # Define metrics and profiling for them to be accessible within service meshes. - - name: http-metrics - port: 9090 - targetPort: 9090 - - name: http-profiling - port: 8008 - targetPort: 8008 - selector: - app: controller - ---- -# Copyright 2020 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: apps/v1 -kind: Deployment -metadata: - name: domain-mapping - namespace: knative-serving - labels: - app.kubernetes.io/component: domain-mapping - app.kubernetes.io/name: knative-serving - app.kubernetes.io/version: "1.8.2" -spec: - selector: - matchLabels: - app: domain-mapping - template: - metadata: - annotations: - cluster-autoscaler.kubernetes.io/safe-to-evict: "true" - labels: - app: domain-mapping - app.kubernetes.io/component: domain-mapping - app.kubernetes.io/name: knative-serving - app.kubernetes.io/version: "1.8.2" - spec: - # To avoid node becoming SPOF, spread our replicas to different nodes. - affinity: - podAntiAffinity: - preferredDuringSchedulingIgnoredDuringExecution: - - podAffinityTerm: - labelSelector: - matchLabels: - app: domain-mapping - topologyKey: kubernetes.io/hostname - weight: 100 - serviceAccountName: controller - containers: - - name: domain-mapping - # This is the Go import path for the binary that is containerized - # and substituted here. - image: gcr.io/knative-releases/knative.dev/serving/cmd/domain-mapping@sha256:c927bc09e8b176a04614042898af285bbeb84838c782459b9fd35dc87b0cd1e9 - resources: - requests: - cpu: 30m - memory: 40Mi - limits: - cpu: 300m - memory: 400Mi - env: - - name: SYSTEM_NAMESPACE - valueFrom: - fieldRef: - fieldPath: metadata.namespace - - name: CONFIG_LOGGING_NAME - value: config-logging - - name: CONFIG_OBSERVABILITY_NAME - value: config-observability - # TODO(https://github.com/knative/pkg/pull/953): Remove stackdriver specific config - - name: METRICS_DOMAIN - value: knative.dev/serving - securityContext: - allowPrivilegeEscalation: false - readOnlyRootFilesystem: true - runAsNonRoot: true - capabilities: - drop: - - ALL - seccompProfile: - type: RuntimeDefault - ports: - - name: metrics - containerPort: 9090 - - name: profiling - containerPort: 8008 - ---- -# Copyright 2020 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: apps/v1 -kind: Deployment -metadata: - name: domainmapping-webhook - namespace: knative-serving - labels: - app.kubernetes.io/component: domain-mapping - app.kubernetes.io/name: knative-serving - app.kubernetes.io/version: "1.8.2" -spec: - selector: - matchLabels: - app: domainmapping-webhook - role: domainmapping-webhook - template: - metadata: - annotations: - cluster-autoscaler.kubernetes.io/safe-to-evict: "false" - labels: - app: domainmapping-webhook - role: domainmapping-webhook - app.kubernetes.io/component: domain-mapping - app.kubernetes.io/name: knative-serving - app.kubernetes.io/version: "1.8.2" - spec: - # To avoid node becoming SPOF, spread our replicas to different nodes. - affinity: - podAntiAffinity: - preferredDuringSchedulingIgnoredDuringExecution: - - podAffinityTerm: - labelSelector: - matchLabels: - app: domainmapping-webhook - topologyKey: kubernetes.io/hostname - weight: 100 - serviceAccountName: controller - containers: - - name: domainmapping-webhook - # This is the Go import path for the binary that is containerized - # and substituted here. - image: gcr.io/knative-releases/knative.dev/serving/cmd/domain-mapping-webhook@sha256:6703fa4e253c8288c9a182be8e199fdced7cc6c6bcf059963281985a31e39e24 - resources: - requests: - cpu: 100m - memory: 100Mi - limits: - cpu: 500m - memory: 500Mi - env: - - name: POD_NAME - valueFrom: - fieldRef: - fieldPath: metadata.name - - name: SYSTEM_NAMESPACE - valueFrom: - fieldRef: - fieldPath: metadata.namespace - - name: CONFIG_LOGGING_NAME - value: config-logging - - name: CONFIG_OBSERVABILITY_NAME - value: config-observability - - name: WEBHOOK_PORT - value: "8443" - # TODO(https://github.com/knative/pkg/pull/953): Remove stackdriver specific config - - name: METRICS_DOMAIN - value: knative.dev/serving - securityContext: - allowPrivilegeEscalation: false - readOnlyRootFilesystem: true - runAsNonRoot: true - capabilities: - drop: - - ALL - seccompProfile: - type: RuntimeDefault - ports: - - name: metrics - containerPort: 9090 - - name: profiling - containerPort: 8008 - - name: https-webhook - containerPort: 8443 - readinessProbe: - periodSeconds: 1 - httpGet: - scheme: HTTPS - port: 8443 - httpHeaders: - - name: k-kubelet-probe - value: "webhook" - livenessProbe: - periodSeconds: 1 - httpGet: - scheme: HTTPS - port: 8443 - httpHeaders: - - name: k-kubelet-probe - value: "webhook" - failureThreshold: 6 - initialDelaySeconds: 20 - # Our webhook should gracefully terminate by lame ducking first, set this to a sufficiently - # high value that we respect whatever value it has configured for the lame duck grace period. - terminationGracePeriodSeconds: 300 ---- -apiVersion: v1 -kind: Service -metadata: - labels: - role: domainmapping-webhook - app.kubernetes.io/component: domain-mapping - app.kubernetes.io/name: knative-serving - app.kubernetes.io/version: "1.8.2" - name: domainmapping-webhook - namespace: knative-serving -spec: - ports: - # Define metrics and profiling for them to be accessible within service meshes. - - name: http-metrics - port: 9090 - targetPort: 9090 - - name: http-profiling - port: 8008 - targetPort: 8008 - - name: https-webhook - port: 443 - targetPort: 8443 - selector: - role: domainmapping-webhook - ---- -# Copyright 2020 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: autoscaling/v2 -kind: HorizontalPodAutoscaler -metadata: - name: webhook - namespace: knative-serving - labels: - app.kubernetes.io/component: webhook - app.kubernetes.io/name: knative-serving - app.kubernetes.io/version: "1.8.2" -spec: - minReplicas: 1 - maxReplicas: 5 - scaleTargetRef: - apiVersion: apps/v1 - kind: Deployment - name: webhook - metrics: - - type: Resource - resource: - name: cpu - target: - type: Utilization - # Percentage of the requested CPU - averageUtilization: 100 ---- -# Webhook PDB. -apiVersion: policy/v1 -kind: PodDisruptionBudget -metadata: - name: webhook-pdb - namespace: knative-serving - labels: - app.kubernetes.io/component: webhook - app.kubernetes.io/name: knative-serving - app.kubernetes.io/version: "1.8.2" -spec: - minAvailable: 80% - selector: - matchLabels: - app: webhook - ---- -# Copyright 2018 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: apps/v1 -kind: Deployment -metadata: - name: webhook - namespace: knative-serving - labels: - app.kubernetes.io/component: webhook - app.kubernetes.io/version: "1.8.2" - app.kubernetes.io/name: knative-serving -spec: - selector: - matchLabels: - app: webhook - role: webhook - template: - metadata: - annotations: - cluster-autoscaler.kubernetes.io/safe-to-evict: "false" - labels: - app: webhook - role: webhook - app.kubernetes.io/version: "1.8.2" - app.kubernetes.io/name: knative-serving - spec: - # To avoid node becoming SPOF, spread our replicas to different nodes. - affinity: - podAntiAffinity: - preferredDuringSchedulingIgnoredDuringExecution: - - podAffinityTerm: - labelSelector: - matchLabels: - app: webhook - topologyKey: kubernetes.io/hostname - weight: 100 - serviceAccountName: controller - containers: - - name: webhook - # This is the Go import path for the binary that is containerized - # and substituted here. - image: gcr.io/knative-releases/knative.dev/serving/cmd/webhook@sha256:c410a63ea407552ab15e2f05da67b85d170557aade9d335ef734e8709890b7d8 - resources: - requests: - cpu: 100m - memory: 100Mi - limits: - cpu: 500m - memory: 500Mi - env: - - name: POD_NAME - valueFrom: - fieldRef: - fieldPath: metadata.name - - name: SYSTEM_NAMESPACE - valueFrom: - fieldRef: - fieldPath: metadata.namespace - - name: CONFIG_LOGGING_NAME - value: config-logging - - name: CONFIG_OBSERVABILITY_NAME - value: config-observability - - name: WEBHOOK_NAME - value: webhook - - name: WEBHOOK_PORT - value: "8443" - # TODO(https://github.com/knative/pkg/pull/953): Remove stackdriver specific config - - name: METRICS_DOMAIN - value: knative.dev/internal/serving - securityContext: - allowPrivilegeEscalation: false - readOnlyRootFilesystem: true - runAsNonRoot: true - capabilities: - drop: - - ALL - seccompProfile: - type: RuntimeDefault - ports: - - name: metrics - containerPort: 9090 - - name: profiling - containerPort: 8008 - - name: https-webhook - containerPort: 8443 - readinessProbe: - periodSeconds: 1 - httpGet: - scheme: HTTPS - port: 8443 - httpHeaders: - - name: k-kubelet-probe - value: "webhook" - livenessProbe: - periodSeconds: 1 - httpGet: - scheme: HTTPS - port: 8443 - httpHeaders: - - name: k-kubelet-probe - value: "webhook" - failureThreshold: 6 - initialDelaySeconds: 20 - # Our webhook should gracefully terminate by lame ducking first, set this to a sufficiently - # high value that we respect whatever value it has configured for the lame duck grace period. - terminationGracePeriodSeconds: 300 ---- -apiVersion: v1 -kind: Service -metadata: - labels: - role: webhook - app.kubernetes.io/component: webhook - app.kubernetes.io/version: "1.8.2" - app.kubernetes.io/name: knative-serving - name: webhook - namespace: knative-serving -spec: - ports: - # Define metrics and profiling for them to be accessible within service meshes. - - name: http-metrics - port: 9090 - targetPort: 9090 - - name: http-profiling - port: 8008 - targetPort: 8008 - - name: https-webhook - port: 443 - targetPort: 8443 - selector: - role: webhook - ---- -# Copyright 2020 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: admissionregistration.k8s.io/v1 -kind: ValidatingWebhookConfiguration -metadata: - name: config.webhook.serving.knative.dev - labels: - app.kubernetes.io/component: webhook - app.kubernetes.io/name: knative-serving - app.kubernetes.io/version: "1.8.2" -webhooks: - - admissionReviewVersions: ["v1", "v1beta1"] - clientConfig: - service: - name: webhook - namespace: knative-serving - failurePolicy: Fail - sideEffects: None - name: config.webhook.serving.knative.dev - objectSelector: - matchExpressions: - - key: app.kubernetes.io/name - operator: In - values: ["knative-serving"] - - key: app.kubernetes.io/component - operator: In - values: ["autoscaler", "controller", "logging", "networking", "observability", "tracing"] - timeoutSeconds: 10 - ---- -# Copyright 2020 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: admissionregistration.k8s.io/v1 -kind: MutatingWebhookConfiguration -metadata: - name: webhook.serving.knative.dev - labels: - app.kubernetes.io/component: webhook - app.kubernetes.io/name: knative-serving - app.kubernetes.io/version: "1.8.2" -webhooks: - - admissionReviewVersions: ["v1", "v1beta1"] - clientConfig: - service: - name: webhook - namespace: knative-serving - failurePolicy: Fail - sideEffects: None - name: webhook.serving.knative.dev - timeoutSeconds: 10 - rules: - - apiGroups: - - autoscaling.internal.knative.dev - - networking.internal.knative.dev - - serving.knative.dev - apiVersions: - - "*" - operations: - - CREATE - - UPDATE - scope: "*" - resources: - - metrics - - podautoscalers - - certificates - - ingresses - - serverlessservices - - configurations - - revisions - - routes - - services - ---- -# Copyright 2020 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: admissionregistration.k8s.io/v1 -kind: MutatingWebhookConfiguration -metadata: - name: webhook.domainmapping.serving.knative.dev - labels: - app.kubernetes.io/component: domain-mapping - app.kubernetes.io/name: knative-serving - app.kubernetes.io/version: "1.8.2" -webhooks: - - admissionReviewVersions: ["v1", "v1beta1"] - clientConfig: - service: - name: domainmapping-webhook - namespace: knative-serving - failurePolicy: Fail - sideEffects: None - name: webhook.domainmapping.serving.knative.dev - timeoutSeconds: 10 - rules: - - apiGroups: - - serving.knative.dev - apiVersions: - - "*" - operations: - - CREATE - - UPDATE - scope: "*" - resources: - - domainmappings - - domainmappings/status - ---- -# Copyright 2020 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: v1 -kind: Secret -metadata: - name: domainmapping-webhook-certs - namespace: knative-serving - labels: - app.kubernetes.io/component: domain-mapping - app.kubernetes.io/name: knative-serving - app.kubernetes.io/version: "1.8.2" -# The data is populated at install time. - ---- -# Copyright 2020 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: admissionregistration.k8s.io/v1 -kind: ValidatingWebhookConfiguration -metadata: - name: validation.webhook.domainmapping.serving.knative.dev - labels: - app.kubernetes.io/component: domain-mapping - app.kubernetes.io/name: knative-serving - app.kubernetes.io/version: "1.8.2" -webhooks: - - admissionReviewVersions: ["v1", "v1beta1"] - clientConfig: - service: - name: domainmapping-webhook - namespace: knative-serving - failurePolicy: Fail - sideEffects: None - name: validation.webhook.domainmapping.serving.knative.dev - timeoutSeconds: 10 - rules: - - apiGroups: - - serving.knative.dev - apiVersions: - - "*" - operations: - - CREATE - - UPDATE - - DELETE - scope: "*" - resources: - - domainmappings - - domainmappings/status - ---- -# Copyright 2020 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: admissionregistration.k8s.io/v1 -kind: ValidatingWebhookConfiguration -metadata: - name: validation.webhook.serving.knative.dev - labels: - app.kubernetes.io/component: webhook - app.kubernetes.io/name: knative-serving - app.kubernetes.io/version: "1.8.2" -webhooks: - - admissionReviewVersions: ["v1", "v1beta1"] - clientConfig: - service: - name: webhook - namespace: knative-serving - failurePolicy: Fail - sideEffects: None - name: validation.webhook.serving.knative.dev - timeoutSeconds: 10 - rules: - - apiGroups: - - autoscaling.internal.knative.dev - - networking.internal.knative.dev - - serving.knative.dev - apiVersions: - - "*" - operations: - - CREATE - - UPDATE - - DELETE - scope: "*" - resources: - - metrics - - podautoscalers - - certificates - - ingresses - - serverlessservices - - configurations - - revisions - - routes - - services - ---- -# Copyright 2020 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: v1 -kind: Secret -metadata: - name: webhook-certs - namespace: knative-serving - labels: - app.kubernetes.io/component: webhook - app.kubernetes.io/name: knative-serving - app.kubernetes.io/version: "1.8.2" -# The data is populated at install time. - ---- diff --git a/cmd/operator/kodata/knative-serving/1.8.2/3-serving-hpa.yaml b/cmd/operator/kodata/knative-serving/1.8.2/3-serving-hpa.yaml deleted file mode 100644 index e7cae58044..0000000000 --- a/cmd/operator/kodata/knative-serving/1.8.2/3-serving-hpa.yaml +++ /dev/null @@ -1,112 +0,0 @@ -# Copyright 2019 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: apps/v1 -kind: Deployment -metadata: - name: autoscaler-hpa - namespace: knative-serving - labels: - autoscaling.knative.dev/autoscaler-provider: hpa - app.kubernetes.io/component: autoscaler-hpa - app.kubernetes.io/name: knative-serving - app.kubernetes.io/version: "1.8.2" -spec: - selector: - matchLabels: - app: autoscaler-hpa - template: - metadata: - annotations: - cluster-autoscaler.kubernetes.io/safe-to-evict: "true" - labels: - app: autoscaler-hpa - app.kubernetes.io/component: autoscaler-hpa - app.kubernetes.io/name: knative-serving - app.kubernetes.io/version: "1.8.2" - spec: - # To avoid node becoming SPOF, spread our replicas to different nodes. - affinity: - podAntiAffinity: - preferredDuringSchedulingIgnoredDuringExecution: - - podAffinityTerm: - labelSelector: - matchLabels: - app: autoscaler-hpa - topologyKey: kubernetes.io/hostname - weight: 100 - serviceAccountName: controller - containers: - - name: autoscaler-hpa - # This is the Go import path for the binary that is containerized - # and substituted here. - image: gcr.io/knative-releases/knative.dev/serving/cmd/autoscaler-hpa@sha256:09f5bd6292ef2609562a7dcd104dd3573f2c49923a9303b1bfa28199c0e569b0 - resources: - requests: - cpu: 30m - memory: 40Mi - limits: - cpu: 300m - memory: 400Mi - env: - - name: SYSTEM_NAMESPACE - valueFrom: - fieldRef: - fieldPath: metadata.namespace - - name: CONFIG_LOGGING_NAME - value: config-logging - - name: CONFIG_OBSERVABILITY_NAME - value: config-observability - # TODO(https://github.com/knative/pkg/pull/953): Remove stackdriver specific config - - name: METRICS_DOMAIN - value: knative.dev/serving - securityContext: - allowPrivilegeEscalation: false - readOnlyRootFilesystem: true - runAsNonRoot: true - capabilities: - drop: - - ALL - seccompProfile: - type: RuntimeDefault - ports: - - name: metrics - containerPort: 9090 - - name: profiling - containerPort: 8008 ---- -apiVersion: v1 -kind: Service -metadata: - labels: - app: autoscaler-hpa - autoscaling.knative.dev/autoscaler-provider: hpa - app.kubernetes.io/component: autoscaler-hpa - app.kubernetes.io/name: knative-serving - app.kubernetes.io/version: "1.8.2" - name: autoscaler-hpa - namespace: knative-serving -spec: - ports: - # Define metrics and profiling for them to be accessible within service meshes. - - name: http-metrics - port: 9090 - targetPort: 9090 - - name: http-profiling - port: 8008 - targetPort: 8008 - selector: - app: autoscaler-hpa - ---- diff --git a/cmd/operator/kodata/knative-serving/1.8.3/1-serving-crds.yaml b/cmd/operator/kodata/knative-serving/1.8.3/1-serving-crds.yaml deleted file mode 100644 index efc7880c7e..0000000000 --- a/cmd/operator/kodata/knative-serving/1.8.3/1-serving-crds.yaml +++ /dev/null @@ -1,4032 +0,0 @@ -# Copyright 2020 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - name: certificates.networking.internal.knative.dev - labels: - app.kubernetes.io/name: knative-serving - app.kubernetes.io/component: networking - app.kubernetes.io/version: "1.8.3" - knative.dev/crd-install: "true" -spec: - group: networking.internal.knative.dev - versions: - - name: v1alpha1 - served: true - storage: true - subresources: - status: {} - schema: - openAPIV3Schema: - description: Certificate is responsible for provisioning a SSL certificate for the given hosts. It is a Knative abstraction for various SSL certificate provisioning solutions (such as cert-manager or self-signed SSL certificate). - type: object - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - description: 'Spec is the desired state of the Certificate. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status' - type: object - required: - - dnsNames - - secretName - properties: - dnsNames: - description: DNSNames is a list of DNS names the Certificate could support. The wildcard format of DNSNames (e.g. *.default.example.com) is supported. - type: array - items: - type: string - secretName: - description: SecretName is the name of the secret resource to store the SSL certificate in. - type: string - status: - description: 'Status is the current state of the Certificate. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status' - type: object - properties: - annotations: - description: Annotations is additional Status fields for the Resource to save some additional State as well as convey more information to the user. This is roughly akin to Annotations on any k8s resource, just the reconciler conveying richer information outwards. - type: object - additionalProperties: - type: string - conditions: - description: Conditions the latest available observations of a resource's current state. - type: array - items: - description: 'Condition defines a readiness condition for a Knative resource. See: https://github.com/kubernetes/community/blob/master/contributors/devel/sig-architecture/api-conventions.md#typical-status-properties' - type: object - required: - - status - - type - properties: - lastTransitionTime: - description: LastTransitionTime is the last time the condition transitioned from one status to another. We use VolatileTime in place of metav1.Time to exclude this from creating equality.Semantic differences (all other things held constant). - type: string - message: - description: A human readable message indicating details about the transition. - type: string - reason: - description: The reason for the condition's last transition. - type: string - severity: - description: Severity with which to treat failures of this type of condition. When this is not specified, it defaults to Error. - type: string - status: - description: Status of the condition, one of True, False, Unknown. - type: string - type: - description: Type of condition. - type: string - http01Challenges: - description: HTTP01Challenges is a list of HTTP01 challenges that need to be fulfilled in order to get the TLS certificate.. - type: array - items: - description: HTTP01Challenge defines the status of a HTTP01 challenge that a certificate needs to fulfill. - type: object - properties: - serviceName: - description: ServiceName is the name of the service to serve HTTP01 challenge requests. - type: string - serviceNamespace: - description: ServiceNamespace is the namespace of the service to serve HTTP01 challenge requests. - type: string - servicePort: - description: ServicePort is the port of the service to serve HTTP01 challenge requests. - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - url: - description: URL is the URL that the HTTP01 challenge is expected to serve on. - type: string - notAfter: - description: The expiration time of the TLS certificate stored in the secret named by this resource in spec.secretName. - type: string - format: date-time - observedGeneration: - description: ObservedGeneration is the 'Generation' of the Service that was last processed by the controller. - type: integer - format: int64 - additionalPrinterColumns: - - name: Ready - type: string - jsonPath: ".status.conditions[?(@.type==\"Ready\")].status" - - name: Reason - type: string - jsonPath: ".status.conditions[?(@.type==\"Ready\")].reason" - names: - kind: Certificate - plural: certificates - singular: certificate - categories: - - knative-internal - - networking - shortNames: - - kcert - scope: Namespaced - ---- -# Copyright 2019 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -# Note: The schema part of the spec is auto-generated by hack/update-schemas.sh. - -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - name: configurations.serving.knative.dev - labels: - app.kubernetes.io/name: knative-serving - app.kubernetes.io/version: "1.8.3" - knative.dev/crd-install: "true" - duck.knative.dev/podspecable: "true" -spec: - group: serving.knative.dev - names: - kind: Configuration - plural: configurations - singular: configuration - categories: - - all - - knative - - serving - shortNames: - - config - - cfg - scope: Namespaced - versions: - - name: v1 - served: true - storage: true - subresources: - status: {} - additionalPrinterColumns: - - name: LatestCreated - type: string - jsonPath: .status.latestCreatedRevisionName - - name: LatestReady - type: string - jsonPath: .status.latestReadyRevisionName - - name: Ready - type: string - jsonPath: ".status.conditions[?(@.type=='Ready')].status" - - name: Reason - type: string - jsonPath: ".status.conditions[?(@.type=='Ready')].reason" - schema: - openAPIV3Schema: - description: 'Configuration represents the "floating HEAD" of a linear history of Revisions. Users create new Revisions by updating the Configuration''s spec. The "latest created" revision''s name is available under status, as is the "latest ready" revision''s name. See also: https://github.com/knative/serving/blob/main/docs/spec/overview.md#configuration' - type: object - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - description: ConfigurationSpec holds the desired state of the Configuration (from the client). - type: object - properties: - template: - description: Template holds the latest specification for the Revision to be stamped out. - type: object - properties: - metadata: - type: object - properties: - annotations: - type: object - additionalProperties: - type: string - finalizers: - type: array - items: - type: string - labels: - type: object - additionalProperties: - type: string - name: - type: string - namespace: - type: string - x-kubernetes-preserve-unknown-fields: true - spec: - description: RevisionSpec holds the desired state of the Revision (from the client). - type: object - required: - - containers - properties: - affinity: - description: This is accessible behind a feature flag - kubernetes.podspec-affinity - type: object - x-kubernetes-preserve-unknown-fields: true - automountServiceAccountToken: - description: AutomountServiceAccountToken indicates whether a service account token should be automatically mounted. - type: boolean - containerConcurrency: - description: ContainerConcurrency specifies the maximum allowed in-flight (concurrent) requests per container of the Revision. Defaults to `0` which means concurrency to the application is not limited, and the system decides the target concurrency for the autoscaler. - type: integer - format: int64 - containers: - description: List of containers belonging to the pod. Containers cannot currently be added or removed. There must be at least one container in a Pod. Cannot be updated. - type: array - items: - description: A single application container that you want to run within a pod. - type: object - properties: - args: - description: 'Arguments to the entrypoint. The container image''s CMD is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container''s environment. If a variable cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)" will produce the string literal "$(VAR_NAME)". Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell' - type: array - items: - type: string - command: - description: 'Entrypoint array. Not executed within a shell. The container image''s ENTRYPOINT is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container''s environment. If a variable cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)" will produce the string literal "$(VAR_NAME)". Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell' - type: array - items: - type: string - env: - description: List of environment variables to set in the container. Cannot be updated. - type: array - items: - description: EnvVar represents an environment variable present in a Container. - type: object - required: - - name - properties: - name: - description: Name of the environment variable. Must be a C_IDENTIFIER. - type: string - value: - description: 'Variable references $(VAR_NAME) are expanded using the previously defined environment variables in the container and any service environment variables. If a variable cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)" will produce the string literal "$(VAR_NAME)". Escaped references will never be expanded, regardless of whether the variable exists or not. Defaults to "".' - type: string - valueFrom: - description: Source for the environment variable's value. Cannot be used if value is not empty. - type: object - properties: - configMapKeyRef: - description: Selects a key of a ConfigMap. - type: object - required: - - key - properties: - key: - description: The key to select. - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?' - type: string - optional: - description: Specify whether the ConfigMap or its key must be defined - type: boolean - x-kubernetes-map-type: atomic - fieldRef: - description: This is accessible behind a feature flag - kubernetes.podspec-fieldref - type: object - x-kubernetes-preserve-unknown-fields: true - x-kubernetes-map-type: atomic - resourceFieldRef: - description: This is accessible behind a feature flag - kubernetes.podspec-fieldref - type: object - x-kubernetes-preserve-unknown-fields: true - x-kubernetes-map-type: atomic - secretKeyRef: - description: Selects a key of a secret in the pod's namespace - type: object - required: - - key - properties: - key: - description: The key of the secret to select from. Must be a valid secret key. - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?' - type: string - optional: - description: Specify whether the Secret or its key must be defined - type: boolean - x-kubernetes-map-type: atomic - envFrom: - description: List of sources to populate environment variables in the container. The keys defined within a source must be a C_IDENTIFIER. All invalid keys will be reported as an event when the container is starting. When a key exists in multiple sources, the value associated with the last source will take precedence. Values defined by an Env with a duplicate key will take precedence. Cannot be updated. - type: array - items: - description: EnvFromSource represents the source of a set of ConfigMaps - type: object - properties: - configMapRef: - description: The ConfigMap to select from - type: object - properties: - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?' - type: string - optional: - description: Specify whether the ConfigMap must be defined - type: boolean - x-kubernetes-map-type: atomic - prefix: - description: An optional identifier to prepend to each key in the ConfigMap. Must be a C_IDENTIFIER. - type: string - secretRef: - description: The Secret to select from - type: object - properties: - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?' - type: string - optional: - description: Specify whether the Secret must be defined - type: boolean - x-kubernetes-map-type: atomic - image: - description: 'Container image name. More info: https://kubernetes.io/docs/concepts/containers/images This field is optional to allow higher level config management to default or override container images in workload controllers like Deployments and StatefulSets.' - type: string - imagePullPolicy: - description: 'Image pull policy. One of Always, Never, IfNotPresent. Defaults to Always if :latest tag is specified, or IfNotPresent otherwise. Cannot be updated. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images' - type: string - livenessProbe: - description: 'Periodic probe of container liveness. Container will be restarted if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' - type: object - properties: - exec: - description: Exec specifies the action to take. - type: object - properties: - command: - description: Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. - type: array - items: - type: string - failureThreshold: - description: Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1. - type: integer - format: int32 - httpGet: - description: HTTPGet specifies the http request to perform. - type: object - properties: - host: - description: Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. - type: string - httpHeaders: - description: Custom headers to set in the request. HTTP allows repeated headers. - type: array - items: - description: HTTPHeader describes a custom header to be used in HTTP probes - type: object - required: - - name - - value - properties: - name: - description: The header field name - type: string - value: - description: The header field value - type: string - path: - description: Path to access on the HTTP server. - type: string - port: - description: Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - scheme: - description: Scheme to use for connecting to the host. Defaults to HTTP. - type: string - initialDelaySeconds: - description: 'Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' - type: integer - format: int32 - periodSeconds: - description: How often (in seconds) to perform the probe. - type: integer - format: int32 - successThreshold: - description: Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1. - type: integer - format: int32 - tcpSocket: - description: TCPSocket specifies an action involving a TCP port. - type: object - properties: - host: - description: 'Optional: Host name to connect to, defaults to the pod IP.' - type: string - port: - description: Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - timeoutSeconds: - description: 'Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' - type: integer - format: int32 - name: - description: Name of the container specified as a DNS_LABEL. Each container in a pod must have a unique name (DNS_LABEL). Cannot be updated. - type: string - ports: - description: List of ports to expose from the container. Not specifying a port here DOES NOT prevent that port from being exposed. Any port which is listening on the default "0.0.0.0" address inside a container will be accessible from the network. Modifying this array with strategic merge patch may corrupt the data. For more information See https://github.com/kubernetes/kubernetes/issues/108255. Cannot be updated. - type: array - items: - description: ContainerPort represents a network port in a single container. - type: object - required: - - containerPort - properties: - containerPort: - description: Number of port to expose on the pod's IP address. This must be a valid port number, 0 < x < 65536. - type: integer - format: int32 - name: - description: If specified, this must be an IANA_SVC_NAME and unique within the pod. Each named port in a pod must have a unique name. Name for the port that can be referred to by services. - type: string - protocol: - description: Protocol for port. Must be UDP, TCP, or SCTP. Defaults to "TCP". - type: string - default: TCP - x-kubernetes-list-map-keys: - - containerPort - - protocol - x-kubernetes-list-type: map - readinessProbe: - description: 'Periodic probe of container service readiness. Container will be removed from service endpoints if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' - type: object - properties: - exec: - description: Exec specifies the action to take. - type: object - properties: - command: - description: Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. - type: array - items: - type: string - failureThreshold: - description: Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1. - type: integer - format: int32 - httpGet: - description: HTTPGet specifies the http request to perform. - type: object - properties: - host: - description: Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. - type: string - httpHeaders: - description: Custom headers to set in the request. HTTP allows repeated headers. - type: array - items: - description: HTTPHeader describes a custom header to be used in HTTP probes - type: object - required: - - name - - value - properties: - name: - description: The header field name - type: string - value: - description: The header field value - type: string - path: - description: Path to access on the HTTP server. - type: string - port: - description: Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - scheme: - description: Scheme to use for connecting to the host. Defaults to HTTP. - type: string - initialDelaySeconds: - description: 'Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' - type: integer - format: int32 - periodSeconds: - description: How often (in seconds) to perform the probe. - type: integer - format: int32 - successThreshold: - description: Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1. - type: integer - format: int32 - tcpSocket: - description: TCPSocket specifies an action involving a TCP port. - type: object - properties: - host: - description: 'Optional: Host name to connect to, defaults to the pod IP.' - type: string - port: - description: Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - timeoutSeconds: - description: 'Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' - type: integer - format: int32 - resources: - description: 'Compute Resources required by this container. Cannot be updated. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' - type: object - properties: - limits: - description: 'Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' - type: object - additionalProperties: - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - requests: - description: 'Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' - type: object - additionalProperties: - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - securityContext: - description: 'SecurityContext defines the security options the container should be run with. If set, the fields of SecurityContext override the equivalent fields of PodSecurityContext. More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/' - type: object - properties: - allowPrivilegeEscalation: - description: 'AllowPrivilegeEscalation controls whether a process can gain more privileges than its parent process. This bool directly controls if the no_new_privs flag will be set on the container process. AllowPrivilegeEscalation is true always when the container is: 1) run as Privileged 2) has CAP_SYS_ADMIN Note that this field cannot be set when spec.os.name is windows.' - type: boolean - capabilities: - description: The capabilities to add/drop when running containers. Defaults to the default set of capabilities granted by the container runtime. Note that this field cannot be set when spec.os.name is windows. - type: object - properties: - add: - description: This is accessible behind a feature flag - kubernetes.containerspec-addcapabilities - type: array - items: - description: Capability represent POSIX capabilities type - type: string - drop: - description: Removed capabilities - type: array - items: - description: Capability represent POSIX capabilities type - type: string - readOnlyRootFilesystem: - description: Whether this container has a read-only root filesystem. Default is false. Note that this field cannot be set when spec.os.name is windows. - type: boolean - runAsGroup: - description: The GID to run the entrypoint of the container process. Uses runtime default if unset. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is windows. - type: integer - format: int64 - runAsNonRoot: - description: Indicates that the container must run as a non-root user. If true, the Kubelet will validate the image at runtime to ensure that it does not run as UID 0 (root) and fail to start the container if it does. If unset or false, no such validation will be performed. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. - type: boolean - runAsUser: - description: The UID to run the entrypoint of the container process. Defaults to user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is windows. - type: integer - format: int64 - terminationMessagePath: - description: 'Optional: Path at which the file to which the container''s termination message will be written is mounted into the container''s filesystem. Message written is intended to be brief final status, such as an assertion failure message. Will be truncated by the node if greater than 4096 bytes. The total message length across all containers will be limited to 12kb. Defaults to /dev/termination-log. Cannot be updated.' - type: string - terminationMessagePolicy: - description: Indicate how the termination message should be populated. File will use the contents of terminationMessagePath to populate the container status message on both success and failure. FallbackToLogsOnError will use the last chunk of container log output if the termination message file is empty and the container exited with an error. The log output is limited to 2048 bytes or 80 lines, whichever is smaller. Defaults to File. Cannot be updated. - type: string - volumeMounts: - description: Pod volumes to mount into the container's filesystem. Cannot be updated. - type: array - items: - description: VolumeMount describes a mounting of a Volume within a container. - type: object - required: - - mountPath - - name - properties: - mountPath: - description: Path within the container at which the volume should be mounted. Must not contain ':'. - type: string - name: - description: This must match the Name of a Volume. - type: string - readOnly: - description: Mounted read-only if true, read-write otherwise (false or unspecified). Defaults to false. - type: boolean - subPath: - description: Path within the volume from which the container's volume should be mounted. Defaults to "" (volume's root). - type: string - workingDir: - description: Container's working directory. If not specified, the container runtime's default will be used, which might be configured in the container image. Cannot be updated. - type: string - dnsConfig: - description: This is accessible behind a feature flag - kubernetes.podspec-dnsconfig - type: object - x-kubernetes-preserve-unknown-fields: true - dnsPolicy: - description: This is accessible behind a feature flag - kubernetes.podspec-dnspolicy - type: string - enableServiceLinks: - description: 'EnableServiceLinks indicates whether information about services should be injected into pod''s environment variables, matching the syntax of Docker links. Optional: Knative defaults this to false.' - type: boolean - hostAliases: - description: This is accessible behind a feature flag - kubernetes.podspec-hostaliases - type: array - items: - description: This is accessible behind a feature flag - kubernetes.podspec-hostaliases - type: object - x-kubernetes-preserve-unknown-fields: true - idleTimeoutSeconds: - description: IdleTimeoutSeconds is the maximum duration in seconds a request will be allowed to stay open while not receiving any bytes from the user's application. If unspecified, a system default will be provided. - type: integer - format: int64 - imagePullSecrets: - description: 'ImagePullSecrets is an optional list of references to secrets in the same namespace to use for pulling any of the images used by this PodSpec. If specified, these secrets will be passed to individual puller implementations for them to use. More info: https://kubernetes.io/docs/concepts/containers/images#specifying-imagepullsecrets-on-a-pod' - type: array - items: - description: LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. - type: object - properties: - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?' - type: string - x-kubernetes-map-type: atomic - initContainers: - description: 'List of initialization containers belonging to the pod. Init containers are executed in order prior to containers being started. If any init container fails, the pod is considered to have failed and is handled according to its restartPolicy. The name for an init container or normal container must be unique among all containers. Init containers may not have Lifecycle actions, Readiness probes, Liveness probes, or Startup probes. The resourceRequirements of an init container are taken into account during scheduling by finding the highest request/limit for each resource type, and then using the max of of that value or the sum of the normal containers. Limits are applied to init containers in a similar fashion. Init containers cannot currently be added or removed. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/init-containers/' - type: array - items: - description: This is accessible behind a feature flag - kubernetes.podspec-init-containers - type: object - x-kubernetes-preserve-unknown-fields: true - nodeSelector: - description: This is accessible behind a feature flag - kubernetes.podspec-nodeselector - type: object - x-kubernetes-preserve-unknown-fields: true - x-kubernetes-map-type: atomic - priorityClassName: - description: This is accessible behind a feature flag - kubernetes.podspec-priorityclassname - type: string - x-kubernetes-preserve-unknown-fields: true - responseStartTimeoutSeconds: - description: ResponseStartTimeoutSeconds is the maximum duration in seconds that the request routing layer will wait for a request delivered to a container to begin sending any network traffic. - type: integer - format: int64 - runtimeClassName: - description: This is accessible behind a feature flag - kubernetes.podspec-runtimeclassname - type: string - x-kubernetes-preserve-unknown-fields: true - schedulerName: - description: This is accessible behind a feature flag - kubernetes.podspec-schedulername - type: string - x-kubernetes-preserve-unknown-fields: true - securityContext: - description: This is accessible behind a feature flag - kubernetes.podspec-securitycontext - type: object - x-kubernetes-preserve-unknown-fields: true - serviceAccountName: - description: 'ServiceAccountName is the name of the ServiceAccount to use to run this pod. More info: https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/' - type: string - timeoutSeconds: - description: TimeoutSeconds is the maximum duration in seconds that the request instance is allowed to respond to a request. If unspecified, a system default will be provided. - type: integer - format: int64 - tolerations: - description: This is accessible behind a feature flag - kubernetes.podspec-tolerations - type: array - items: - description: This is accessible behind a feature flag - kubernetes.podspec-tolerations - type: object - x-kubernetes-preserve-unknown-fields: true - topologySpreadConstraints: - description: This is accessible behind a feature flag - kubernetes.podspec-topologyspreadconstraints - type: array - items: - description: This is accessible behind a feature flag - kubernetes.podspec-topologyspreadconstraints - type: object - x-kubernetes-preserve-unknown-fields: true - volumes: - description: 'List of volumes that can be mounted by containers belonging to the pod. More info: https://kubernetes.io/docs/concepts/storage/volumes' - type: array - items: - description: Volume represents a named volume in a pod that may be accessed by any container in the pod. - type: object - required: - - name - properties: - configMap: - description: configMap represents a configMap that should populate this volume - type: object - properties: - defaultMode: - description: 'defaultMode is optional: mode bits used to set permissions on created files by default. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. Defaults to 0644. Directories within the path are not affected by this setting. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.' - type: integer - format: int32 - items: - description: items if unspecified, each key-value pair in the Data field of the referenced ConfigMap will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the ConfigMap, the volume setup will error unless it is marked optional. Paths must be relative and may not contain the '..' path or start with '..'. - type: array - items: - description: Maps a string key to a path within a volume. - type: object - required: - - key - - path - properties: - key: - description: key is the key to project. - type: string - mode: - description: 'mode is Optional: mode bits used to set permissions on this file. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.' - type: integer - format: int32 - path: - description: path is the relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'. - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?' - type: string - optional: - description: optional specify whether the ConfigMap or its keys must be defined - type: boolean - x-kubernetes-map-type: atomic - emptyDir: - description: This is accessible behind a feature flag - kubernetes.podspec-emptydir - type: object - x-kubernetes-preserve-unknown-fields: true - name: - description: 'name of the volume. Must be a DNS_LABEL and unique within the pod. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - persistentVolumeClaim: - description: This is accessible behind a feature flag - kubernetes.podspec-persistent-volume-claim - type: object - x-kubernetes-preserve-unknown-fields: true - projected: - description: projected items for all in one resources secrets, configmaps, and downward API - type: object - properties: - defaultMode: - description: defaultMode are the mode bits used to set permissions on created files by default. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. Directories within the path are not affected by this setting. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. - type: integer - format: int32 - sources: - description: sources is the list of volume projections - type: array - items: - description: Projection that may be projected along with other supported volume types - type: object - properties: - configMap: - description: configMap information about the configMap data to project - type: object - properties: - items: - description: items if unspecified, each key-value pair in the Data field of the referenced ConfigMap will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the ConfigMap, the volume setup will error unless it is marked optional. Paths must be relative and may not contain the '..' path or start with '..'. - type: array - items: - description: Maps a string key to a path within a volume. - type: object - required: - - key - - path - properties: - key: - description: key is the key to project. - type: string - mode: - description: 'mode is Optional: mode bits used to set permissions on this file. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.' - type: integer - format: int32 - path: - description: path is the relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'. - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?' - type: string - optional: - description: optional specify whether the ConfigMap or its keys must be defined - type: boolean - x-kubernetes-map-type: atomic - secret: - description: secret information about the secret data to project - type: object - properties: - items: - description: items if unspecified, each key-value pair in the Data field of the referenced Secret will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the Secret, the volume setup will error unless it is marked optional. Paths must be relative and may not contain the '..' path or start with '..'. - type: array - items: - description: Maps a string key to a path within a volume. - type: object - required: - - key - - path - properties: - key: - description: key is the key to project. - type: string - mode: - description: 'mode is Optional: mode bits used to set permissions on this file. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.' - type: integer - format: int32 - path: - description: path is the relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'. - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?' - type: string - optional: - description: optional field specify whether the Secret or its key must be defined - type: boolean - x-kubernetes-map-type: atomic - serviceAccountToken: - description: serviceAccountToken is information about the serviceAccountToken data to project - type: object - required: - - path - properties: - audience: - description: audience is the intended audience of the token. A recipient of a token must identify itself with an identifier specified in the audience of the token, and otherwise should reject the token. The audience defaults to the identifier of the apiserver. - type: string - expirationSeconds: - description: expirationSeconds is the requested duration of validity of the service account token. As the token approaches expiration, the kubelet volume plugin will proactively rotate the service account token. The kubelet will start trying to rotate the token if the token is older than 80 percent of its time to live or if the token is older than 24 hours.Defaults to 1 hour and must be at least 10 minutes. - type: integer - format: int64 - path: - description: path is the path relative to the mount point of the file to project the token into. - type: string - secret: - description: 'secret represents a secret that should populate this volume. More info: https://kubernetes.io/docs/concepts/storage/volumes#secret' - type: object - properties: - defaultMode: - description: 'defaultMode is Optional: mode bits used to set permissions on created files by default. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. Defaults to 0644. Directories within the path are not affected by this setting. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.' - type: integer - format: int32 - items: - description: items If unspecified, each key-value pair in the Data field of the referenced Secret will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the Secret, the volume setup will error unless it is marked optional. Paths must be relative and may not contain the '..' path or start with '..'. - type: array - items: - description: Maps a string key to a path within a volume. - type: object - required: - - key - - path - properties: - key: - description: key is the key to project. - type: string - mode: - description: 'mode is Optional: mode bits used to set permissions on this file. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.' - type: integer - format: int32 - path: - description: path is the relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'. - type: string - optional: - description: optional field specify whether the Secret or its keys must be defined - type: boolean - secretName: - description: 'secretName is the name of the secret in the pod''s namespace to use. More info: https://kubernetes.io/docs/concepts/storage/volumes#secret' - type: string - status: - description: ConfigurationStatus communicates the observed state of the Configuration (from the controller). - type: object - properties: - annotations: - description: Annotations is additional Status fields for the Resource to save some additional State as well as convey more information to the user. This is roughly akin to Annotations on any k8s resource, just the reconciler conveying richer information outwards. - type: object - additionalProperties: - type: string - conditions: - description: Conditions the latest available observations of a resource's current state. - type: array - items: - description: 'Condition defines a readiness condition for a Knative resource. See: https://github.com/kubernetes/community/blob/master/contributors/devel/sig-architecture/api-conventions.md#typical-status-properties' - type: object - required: - - status - - type - properties: - lastTransitionTime: - description: LastTransitionTime is the last time the condition transitioned from one status to another. We use VolatileTime in place of metav1.Time to exclude this from creating equality.Semantic differences (all other things held constant). - type: string - message: - description: A human readable message indicating details about the transition. - type: string - reason: - description: The reason for the condition's last transition. - type: string - severity: - description: Severity with which to treat failures of this type of condition. When this is not specified, it defaults to Error. - type: string - status: - description: Status of the condition, one of True, False, Unknown. - type: string - type: - description: Type of condition. - type: string - latestCreatedRevisionName: - description: LatestCreatedRevisionName is the last revision that was created from this Configuration. It might not be ready yet, for that use LatestReadyRevisionName. - type: string - latestReadyRevisionName: - description: LatestReadyRevisionName holds the name of the latest Revision stamped out from this Configuration that has had its "Ready" condition become "True". - type: string - observedGeneration: - description: ObservedGeneration is the 'Generation' of the Service that was last processed by the controller. - type: integer - format: int64 - ---- -# Copyright 2020 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - name: clusterdomainclaims.networking.internal.knative.dev - labels: - app.kubernetes.io/name: knative-serving - app.kubernetes.io/component: networking - app.kubernetes.io/version: "1.8.3" - knative.dev/crd-install: "true" -spec: - group: networking.internal.knative.dev - versions: - - name: v1alpha1 - served: true - storage: true - subresources: - status: {} - schema: - openAPIV3Schema: - description: ClusterDomainClaim is a cluster-wide reservation for a particular domain name. - type: object - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - description: 'Spec is the desired state of the ClusterDomainClaim. More info: https://github.com/kubernetes/community/blob/master/contributors/devel/sig-architecture/api-conventions.md#spec-and-status' - type: object - required: - - namespace - properties: - namespace: - description: Namespace is the namespace which is allowed to create a DomainMapping using this ClusterDomainClaim's name. - type: string - names: - kind: ClusterDomainClaim - plural: clusterdomainclaims - singular: clusterdomainclaim - categories: - - knative-internal - - networking - shortNames: - - cdc - scope: Cluster - ---- -# Copyright 2020 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - name: domainmappings.serving.knative.dev - labels: - app.kubernetes.io/name: knative-serving - app.kubernetes.io/version: "1.8.3" - knative.dev/crd-install: "true" -spec: - group: serving.knative.dev - versions: - - name: v1beta1 - served: true - storage: false - subresources: - status: {} - additionalPrinterColumns: - - name: URL - type: string - jsonPath: .status.url - - name: Ready - type: string - jsonPath: ".status.conditions[?(@.type=='Ready')].status" - - name: Reason - type: string - jsonPath: ".status.conditions[?(@.type=='Ready')].reason" - "schema": - "openAPIV3Schema": - description: DomainMapping is a mapping from a custom hostname to an Addressable. - type: object - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - description: 'Spec is the desired state of the DomainMapping. More info: https://github.com/kubernetes/community/blob/master/contributors/devel/sig-architecture/api-conventions.md#spec-and-status' - type: object - required: - - ref - properties: - ref: - description: "Ref specifies the target of the Domain Mapping. \n The object identified by the Ref must be an Addressable with a URL of the form `{name}.{namespace}.{domain}` where `{domain}` is the cluster domain, and `{name}` and `{namespace}` are the name and namespace of a Kubernetes Service. \n This contract is satisfied by Knative types such as Knative Services and Knative Routes, and by Kubernetes Services." - type: object - required: - - kind - - name - properties: - apiVersion: - description: API version of the referent. - type: string - group: - description: 'Group of the API, without the version of the group. This can be used as an alternative to the APIVersion, and then resolved using ResolveGroup. Note: This API is EXPERIMENTAL and might break anytime. For more details: https://github.com/knative/eventing/issues/5086' - type: string - kind: - description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - namespace: - description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ This is optional field, it gets defaulted to the object holding it if left out.' - type: string - tls: - description: TLS allows the DomainMapping to terminate TLS traffic with an existing secret. - type: object - required: - - secretName - properties: - secretName: - description: SecretName is the name of the existing secret used to terminate TLS traffic. - type: string - status: - description: 'Status is the current state of the DomainMapping. More info: https://github.com/kubernetes/community/blob/master/contributors/devel/sig-architecture/api-conventions.md#spec-and-status' - type: object - properties: - address: - description: Address holds the information needed for a DomainMapping to be the target of an event. - type: object - properties: - url: - type: string - annotations: - description: Annotations is additional Status fields for the Resource to save some additional State as well as convey more information to the user. This is roughly akin to Annotations on any k8s resource, just the reconciler conveying richer information outwards. - type: object - additionalProperties: - type: string - conditions: - description: Conditions the latest available observations of a resource's current state. - type: array - items: - description: 'Condition defines a readiness condition for a Knative resource. See: https://github.com/kubernetes/community/blob/master/contributors/devel/sig-architecture/api-conventions.md#typical-status-properties' - type: object - required: - - status - - type - properties: - lastTransitionTime: - description: LastTransitionTime is the last time the condition transitioned from one status to another. We use VolatileTime in place of metav1.Time to exclude this from creating equality.Semantic differences (all other things held constant). - type: string - message: - description: A human readable message indicating details about the transition. - type: string - reason: - description: The reason for the condition's last transition. - type: string - severity: - description: Severity with which to treat failures of this type of condition. When this is not specified, it defaults to Error. - type: string - status: - description: Status of the condition, one of True, False, Unknown. - type: string - type: - description: Type of condition. - type: string - observedGeneration: - description: ObservedGeneration is the 'Generation' of the Service that was last processed by the controller. - type: integer - format: int64 - url: - description: URL is the URL of this DomainMapping. - type: string - - name: v1alpha1 - served: true - storage: true - subresources: - status: {} - schema: - openAPIV3Schema: - description: DomainMapping is a mapping from a custom hostname to an Addressable. - type: object - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - description: 'Spec is the desired state of the DomainMapping. More info: https://github.com/kubernetes/community/blob/master/contributors/devel/sig-architecture/api-conventions.md#spec-and-status' - type: object - required: - - ref - properties: - ref: - description: "Ref specifies the target of the Domain Mapping. \n The object identified by the Ref must be an Addressable with a URL of the form `{name}.{namespace}.{domain}` where `{domain}` is the cluster domain, and `{name}` and `{namespace}` are the name and namespace of a Kubernetes Service. \n This contract is satisfied by Knative types such as Knative Services and Knative Routes, and by Kubernetes Services." - type: object - required: - - kind - - name - properties: - apiVersion: - description: API version of the referent. - type: string - group: - description: 'Group of the API, without the version of the group. This can be used as an alternative to the APIVersion, and then resolved using ResolveGroup. Note: This API is EXPERIMENTAL and might break anytime. For more details: https://github.com/knative/eventing/issues/5086' - type: string - kind: - description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - namespace: - description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ This is optional field, it gets defaulted to the object holding it if left out.' - type: string - tls: - description: TLS allows the DomainMapping to terminate TLS traffic with an existing secret. - type: object - required: - - secretName - properties: - secretName: - description: SecretName is the name of the existing secret used to terminate TLS traffic. - type: string - status: - description: 'Status is the current state of the DomainMapping. More info: https://github.com/kubernetes/community/blob/master/contributors/devel/sig-architecture/api-conventions.md#spec-and-status' - type: object - properties: - address: - description: Address holds the information needed for a DomainMapping to be the target of an event. - type: object - properties: - url: - type: string - annotations: - description: Annotations is additional Status fields for the Resource to save some additional State as well as convey more information to the user. This is roughly akin to Annotations on any k8s resource, just the reconciler conveying richer information outwards. - type: object - additionalProperties: - type: string - conditions: - description: Conditions the latest available observations of a resource's current state. - type: array - items: - description: 'Condition defines a readiness condition for a Knative resource. See: https://github.com/kubernetes/community/blob/master/contributors/devel/sig-architecture/api-conventions.md#typical-status-properties' - type: object - required: - - status - - type - properties: - lastTransitionTime: - description: LastTransitionTime is the last time the condition transitioned from one status to another. We use VolatileTime in place of metav1.Time to exclude this from creating equality.Semantic differences (all other things held constant). - type: string - message: - description: A human readable message indicating details about the transition. - type: string - reason: - description: The reason for the condition's last transition. - type: string - severity: - description: Severity with which to treat failures of this type of condition. When this is not specified, it defaults to Error. - type: string - status: - description: Status of the condition, one of True, False, Unknown. - type: string - type: - description: Type of condition. - type: string - observedGeneration: - description: ObservedGeneration is the 'Generation' of the Service that was last processed by the controller. - type: integer - format: int64 - url: - description: URL is the URL of this DomainMapping. - type: string - additionalPrinterColumns: - - name: URL - type: string - jsonPath: .status.url - - name: Ready - type: string - jsonPath: ".status.conditions[?(@.type=='Ready')].status" - - name: Reason - type: string - jsonPath: ".status.conditions[?(@.type=='Ready')].reason" - names: - kind: DomainMapping - plural: domainmappings - singular: domainmapping - categories: - - all - - knative - - serving - shortNames: - - dm - scope: Namespaced - ---- -# Copyright 2020 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - name: ingresses.networking.internal.knative.dev - labels: - app.kubernetes.io/name: knative-serving - app.kubernetes.io/component: networking - app.kubernetes.io/version: "1.8.3" - knative.dev/crd-install: "true" -spec: - group: networking.internal.knative.dev - versions: - - name: v1alpha1 - served: true - storage: true - subresources: - status: {} - schema: - openAPIV3Schema: - description: "Ingress is a collection of rules that allow inbound connections to reach the endpoints defined by a backend. An Ingress can be configured to give services externally-reachable URLs, load balance traffic, offer name based virtual hosting, etc. \n This is heavily based on K8s Ingress https://godoc.org/k8s.io/api/networking/v1beta1#Ingress which some highlighted modifications." - type: object - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - description: 'Spec is the desired state of the Ingress. More info: https://github.com/kubernetes/community/blob/master/contributors/devel/sig-architecture/api-conventions.md#spec-and-status' - type: object - properties: - httpOption: - description: 'HTTPOption is the option of HTTP. It has the following two values: `HTTPOptionEnabled`, `HTTPOptionRedirected`' - type: string - rules: - description: A list of host rules used to configure the Ingress. - type: array - items: - description: IngressRule represents the rules mapping the paths under a specified host to the related backend services. Incoming requests are first evaluated for a host match, then routed to the backend associated with the matching IngressRuleValue. - type: object - properties: - hosts: - description: 'Host is the fully qualified domain name of a network host, as defined by RFC 3986. Note the following deviations from the "host" part of the URI as defined in the RFC: 1. IPs are not allowed. Currently a rule value can only apply to the IP in the Spec of the parent . 2. The `:` delimiter is not respected because ports are not allowed. Currently the port of an Ingress is implicitly :80 for http and :443 for https. Both these may change in the future. If the host is unspecified, the Ingress routes all traffic based on the specified IngressRuleValue. If multiple matching Hosts were provided, the first rule will take precedent.' - type: array - items: - type: string - http: - description: HTTP represents a rule to apply against incoming requests. If the rule is satisfied, the request is routed to the specified backend. - type: object - required: - - paths - properties: - paths: - description: "A collection of paths that map requests to backends. \n If they are multiple matching paths, the first match takes precedence." - type: array - items: - description: HTTPIngressPath associates a path regex with a backend. Incoming URLs matching the path are forwarded to the backend. - type: object - required: - - splits - properties: - appendHeaders: - description: "AppendHeaders allow specifying additional HTTP headers to add before forwarding a request to the destination service. \n NOTE: This differs from K8s Ingress which doesn't allow header appending." - type: object - additionalProperties: - type: string - headers: - description: Headers defines header matching rules which is a map from a header name to HeaderMatch which specify a matching condition. When a request matched with all the header matching rules, the request is routed by the corresponding ingress rule. If it is empty, the headers are not used for matching - type: object - additionalProperties: - description: HeaderMatch represents a matching value of Headers in HTTPIngressPath. Currently, only the exact matching is supported. - type: object - required: - - exact - properties: - exact: - type: string - path: - description: Path represents a literal prefix to which this rule should apply. Currently it can contain characters disallowed from the conventional "path" part of a URL as defined by RFC 3986. Paths must begin with a '/'. If unspecified, the path defaults to a catch all sending traffic to the backend. - type: string - rewriteHost: - description: "RewriteHost rewrites the incoming request's host header. \n This field is currently experimental and not supported by all Ingress implementations." - type: string - splits: - description: Splits defines the referenced service endpoints to which the traffic will be forwarded to. - type: array - items: - description: IngressBackendSplit describes all endpoints for a given service and port. - type: object - required: - - serviceName - - serviceNamespace - - servicePort - properties: - appendHeaders: - description: "AppendHeaders allow specifying additional HTTP headers to add before forwarding a request to the destination service. \n NOTE: This differs from K8s Ingress which doesn't allow header appending." - type: object - additionalProperties: - type: string - percent: - description: "Specifies the split percentage, a number between 0 and 100. If only one split is specified, we default to 100. \n NOTE: This differs from K8s Ingress to allow percentage split." - type: integer - serviceName: - description: Specifies the name of the referenced service. - type: string - serviceNamespace: - description: "Specifies the namespace of the referenced service. \n NOTE: This differs from K8s Ingress to allow routing to different namespaces." - type: string - servicePort: - description: Specifies the port of the referenced service. - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - visibility: - description: Visibility signifies whether this rule should `ClusterLocal`. If it's not specified then it defaults to `ExternalIP`. - type: string - tls: - description: 'TLS configuration. Currently Ingress only supports a single TLS port: 443. If multiple members of this list specify different hosts, they will be multiplexed on the same port according to the hostname specified through the SNI TLS extension, if the ingress controller fulfilling the ingress supports SNI.' - type: array - items: - description: IngressTLS describes the transport layer security associated with an Ingress. - type: object - properties: - hosts: - description: Hosts is a list of hosts included in the TLS certificate. The values in this list must match the name/s used in the tlsSecret. Defaults to the wildcard host setting for the loadbalancer controller fulfilling this Ingress, if left unspecified. - type: array - items: - type: string - secretName: - description: SecretName is the name of the secret used to terminate SSL traffic. - type: string - secretNamespace: - description: SecretNamespace is the namespace of the secret used to terminate SSL traffic. If not set the namespace should be assumed to be the same as the Ingress. If set the secret should have the same namespace as the Ingress otherwise the behaviour is undefined and not supported. - type: string - status: - description: 'Status is the current state of the Ingress. More info: https://github.com/kubernetes/community/blob/master/contributors/devel/sig-architecture/api-conventions.md#spec-and-status' - type: object - properties: - annotations: - description: Annotations is additional Status fields for the Resource to save some additional State as well as convey more information to the user. This is roughly akin to Annotations on any k8s resource, just the reconciler conveying richer information outwards. - type: object - additionalProperties: - type: string - conditions: - description: Conditions the latest available observations of a resource's current state. - type: array - items: - description: 'Condition defines a readiness condition for a Knative resource. See: https://github.com/kubernetes/community/blob/master/contributors/devel/sig-architecture/api-conventions.md#typical-status-properties' - type: object - required: - - status - - type - properties: - lastTransitionTime: - description: LastTransitionTime is the last time the condition transitioned from one status to another. We use VolatileTime in place of metav1.Time to exclude this from creating equality.Semantic differences (all other things held constant). - type: string - message: - description: A human readable message indicating details about the transition. - type: string - reason: - description: The reason for the condition's last transition. - type: string - severity: - description: Severity with which to treat failures of this type of condition. When this is not specified, it defaults to Error. - type: string - status: - description: Status of the condition, one of True, False, Unknown. - type: string - type: - description: Type of condition. - type: string - observedGeneration: - description: ObservedGeneration is the 'Generation' of the Service that was last processed by the controller. - type: integer - format: int64 - privateLoadBalancer: - description: PrivateLoadBalancer contains the current status of the load-balancer. - type: object - properties: - ingress: - description: Ingress is a list containing ingress points for the load-balancer. Traffic intended for the service should be sent to these ingress points. - type: array - items: - description: 'LoadBalancerIngressStatus represents the status of a load-balancer ingress point: traffic intended for the service should be sent to an ingress point.' - type: object - properties: - domain: - description: Domain is set for load-balancer ingress points that are DNS based (typically AWS load-balancers) - type: string - domainInternal: - description: "DomainInternal is set if there is a cluster-local DNS name to access the Ingress. \n NOTE: This differs from K8s Ingress, since we also desire to have a cluster-local DNS name to allow routing in case of not having a mesh." - type: string - ip: - description: IP is set for load-balancer ingress points that are IP based (typically GCE or OpenStack load-balancers) - type: string - meshOnly: - description: MeshOnly is set if the Ingress is only load-balanced through a Service mesh. - type: boolean - publicLoadBalancer: - description: PublicLoadBalancer contains the current status of the load-balancer. - type: object - properties: - ingress: - description: Ingress is a list containing ingress points for the load-balancer. Traffic intended for the service should be sent to these ingress points. - type: array - items: - description: 'LoadBalancerIngressStatus represents the status of a load-balancer ingress point: traffic intended for the service should be sent to an ingress point.' - type: object - properties: - domain: - description: Domain is set for load-balancer ingress points that are DNS based (typically AWS load-balancers) - type: string - domainInternal: - description: "DomainInternal is set if there is a cluster-local DNS name to access the Ingress. \n NOTE: This differs from K8s Ingress, since we also desire to have a cluster-local DNS name to allow routing in case of not having a mesh." - type: string - ip: - description: IP is set for load-balancer ingress points that are IP based (typically GCE or OpenStack load-balancers) - type: string - meshOnly: - description: MeshOnly is set if the Ingress is only load-balanced through a Service mesh. - type: boolean - additionalPrinterColumns: - - name: Ready - type: string - jsonPath: ".status.conditions[?(@.type=='Ready')].status" - - name: Reason - type: string - jsonPath: ".status.conditions[?(@.type=='Ready')].reason" - names: - kind: Ingress - plural: ingresses - singular: ingress - categories: - - knative-internal - - networking - shortNames: - - kingress - - king - scope: Namespaced - ---- -# Copyright 2019 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -# Note: The schema part of the spec is auto-generated by hack/update-schemas.sh. - -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - name: metrics.autoscaling.internal.knative.dev - labels: - app.kubernetes.io/name: knative-serving - app.kubernetes.io/version: "1.8.3" - knative.dev/crd-install: "true" -spec: - group: autoscaling.internal.knative.dev - names: - kind: Metric - plural: metrics - singular: metric - categories: - - knative-internal - - autoscaling - scope: Namespaced - versions: - - name: v1alpha1 - served: true - storage: true - subresources: - status: {} - additionalPrinterColumns: - - name: Ready - type: string - jsonPath: ".status.conditions[?(@.type=='Ready')].status" - - name: Reason - type: string - jsonPath: ".status.conditions[?(@.type=='Ready')].reason" - schema: - openAPIV3Schema: - description: Metric represents a resource to configure the metric collector with. - type: object - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - description: Spec holds the desired state of the Metric (from the client). - type: object - required: - - panicWindow - - scrapeTarget - - stableWindow - properties: - panicWindow: - description: PanicWindow is the aggregation window for metrics where quick reactions are needed. - type: integer - format: int64 - scrapeTarget: - description: ScrapeTarget is the K8s service that publishes the metric endpoint. - type: string - stableWindow: - description: StableWindow is the aggregation window for metrics in a stable state. - type: integer - format: int64 - status: - description: Status communicates the observed state of the Metric (from the controller). - type: object - properties: - annotations: - description: Annotations is additional Status fields for the Resource to save some additional State as well as convey more information to the user. This is roughly akin to Annotations on any k8s resource, just the reconciler conveying richer information outwards. - type: object - additionalProperties: - type: string - conditions: - description: Conditions the latest available observations of a resource's current state. - type: array - items: - description: 'Condition defines a readiness condition for a Knative resource. See: https://github.com/kubernetes/community/blob/master/contributors/devel/sig-architecture/api-conventions.md#typical-status-properties' - type: object - required: - - status - - type - properties: - lastTransitionTime: - description: LastTransitionTime is the last time the condition transitioned from one status to another. We use VolatileTime in place of metav1.Time to exclude this from creating equality.Semantic differences (all other things held constant). - type: string - message: - description: A human readable message indicating details about the transition. - type: string - reason: - description: The reason for the condition's last transition. - type: string - severity: - description: Severity with which to treat failures of this type of condition. When this is not specified, it defaults to Error. - type: string - status: - description: Status of the condition, one of True, False, Unknown. - type: string - type: - description: Type of condition. - type: string - observedGeneration: - description: ObservedGeneration is the 'Generation' of the Service that was last processed by the controller. - type: integer - format: int64 - ---- -# Copyright 2018 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -# Note: The schema part of the spec is auto-generated by hack/update-schemas.sh. - -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - name: podautoscalers.autoscaling.internal.knative.dev - labels: - app.kubernetes.io/name: knative-serving - app.kubernetes.io/version: "1.8.3" - knative.dev/crd-install: "true" -spec: - group: autoscaling.internal.knative.dev - names: - kind: PodAutoscaler - plural: podautoscalers - singular: podautoscaler - categories: - - knative-internal - - autoscaling - shortNames: - - kpa - - pa - scope: Namespaced - versions: - - name: v1alpha1 - served: true - storage: true - subresources: - status: {} - additionalPrinterColumns: - - name: DesiredScale - type: integer - jsonPath: ".status.desiredScale" - - name: ActualScale - type: integer - jsonPath: ".status.actualScale" - - name: Ready - type: string - jsonPath: ".status.conditions[?(@.type=='Ready')].status" - - name: Reason - type: string - jsonPath: ".status.conditions[?(@.type=='Ready')].reason" - schema: - openAPIV3Schema: - description: 'PodAutoscaler is a Knative abstraction that encapsulates the interface by which Knative components instantiate autoscalers. This definition is an abstraction that may be backed by multiple definitions. For more information, see the Knative Pluggability presentation: https://docs.google.com/presentation/d/19vW9HFZ6Puxt31biNZF3uLRejDmu82rxJIk1cWmxF7w/edit' - type: object - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - description: Spec holds the desired state of the PodAutoscaler (from the client). - type: object - required: - - protocolType - - scaleTargetRef - properties: - containerConcurrency: - description: ContainerConcurrency specifies the maximum allowed in-flight (concurrent) requests per container of the Revision. Defaults to `0` which means unlimited concurrency. - type: integer - format: int64 - protocolType: - description: The application-layer protocol. Matches `ProtocolType` inferred from the revision spec. - type: string - reachability: - description: Reachability specifies whether or not the `ScaleTargetRef` can be reached (ie. has a route). Defaults to `ReachabilityUnknown` - type: string - scaleTargetRef: - description: ScaleTargetRef defines the /scale-able resource that this PodAutoscaler is responsible for quickly right-sizing. - type: object - properties: - apiVersion: - description: API version of the referent. - type: string - kind: - description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - x-kubernetes-map-type: atomic - status: - description: Status communicates the observed state of the PodAutoscaler (from the controller). - type: object - required: - - metricsServiceName - - serviceName - properties: - actualScale: - description: ActualScale shows the actual number of replicas for the revision. - type: integer - format: int32 - annotations: - description: Annotations is additional Status fields for the Resource to save some additional State as well as convey more information to the user. This is roughly akin to Annotations on any k8s resource, just the reconciler conveying richer information outwards. - type: object - additionalProperties: - type: string - conditions: - description: Conditions the latest available observations of a resource's current state. - type: array - items: - description: 'Condition defines a readiness condition for a Knative resource. See: https://github.com/kubernetes/community/blob/master/contributors/devel/sig-architecture/api-conventions.md#typical-status-properties' - type: object - required: - - status - - type - properties: - lastTransitionTime: - description: LastTransitionTime is the last time the condition transitioned from one status to another. We use VolatileTime in place of metav1.Time to exclude this from creating equality.Semantic differences (all other things held constant). - type: string - message: - description: A human readable message indicating details about the transition. - type: string - reason: - description: The reason for the condition's last transition. - type: string - severity: - description: Severity with which to treat failures of this type of condition. When this is not specified, it defaults to Error. - type: string - status: - description: Status of the condition, one of True, False, Unknown. - type: string - type: - description: Type of condition. - type: string - desiredScale: - description: DesiredScale shows the current desired number of replicas for the revision. - type: integer - format: int32 - metricsServiceName: - description: MetricsServiceName is the K8s Service name that provides revision metrics. The service is managed by the PA object. - type: string - observedGeneration: - description: ObservedGeneration is the 'Generation' of the Service that was last processed by the controller. - type: integer - format: int64 - serviceName: - description: ServiceName is the K8s Service name that serves the revision, scaled by this PA. The service is created and owned by the ServerlessService object owned by this PA. - type: string - ---- -# Copyright 2019 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -# Note: The schema part of the spec is auto-generated by hack/update-schemas.sh. - -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - name: revisions.serving.knative.dev - labels: - app.kubernetes.io/name: knative-serving - app.kubernetes.io/version: "1.8.3" - knative.dev/crd-install: "true" -spec: - group: serving.knative.dev - names: - kind: Revision - plural: revisions - singular: revision - categories: - - all - - knative - - serving - shortNames: - - rev - scope: Namespaced - versions: - - name: v1 - served: true - storage: true - subresources: - status: {} - additionalPrinterColumns: - - name: Config Name - type: string - jsonPath: ".metadata.labels['serving\\.knative\\.dev/configuration']" - - name: K8s Service Name - type: string - jsonPath: ".status.serviceName" - - name: Generation - type: string # int in string form :( - jsonPath: ".metadata.labels['serving\\.knative\\.dev/configurationGeneration']" - - name: Ready - type: string - jsonPath: ".status.conditions[?(@.type=='Ready')].status" - - name: Reason - type: string - jsonPath: ".status.conditions[?(@.type=='Ready')].reason" - - name: Actual Replicas - type: integer - jsonPath: ".status.actualReplicas" - - name: Desired Replicas - type: integer - jsonPath: ".status.desiredReplicas" - schema: - openAPIV3Schema: - description: "Revision is an immutable snapshot of code and configuration. A revision references a container image. Revisions are created by updates to a Configuration. \n See also: https://github.com/knative/serving/blob/main/docs/spec/overview.md#revision" - type: object - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - description: RevisionSpec holds the desired state of the Revision (from the client). - type: object - required: - - containers - properties: - affinity: - description: This is accessible behind a feature flag - kubernetes.podspec-affinity - type: object - x-kubernetes-preserve-unknown-fields: true - automountServiceAccountToken: - description: AutomountServiceAccountToken indicates whether a service account token should be automatically mounted. - type: boolean - containerConcurrency: - description: ContainerConcurrency specifies the maximum allowed in-flight (concurrent) requests per container of the Revision. Defaults to `0` which means concurrency to the application is not limited, and the system decides the target concurrency for the autoscaler. - type: integer - format: int64 - containers: - description: List of containers belonging to the pod. Containers cannot currently be added or removed. There must be at least one container in a Pod. Cannot be updated. - type: array - items: - description: A single application container that you want to run within a pod. - type: object - properties: - args: - description: 'Arguments to the entrypoint. The container image''s CMD is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container''s environment. If a variable cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)" will produce the string literal "$(VAR_NAME)". Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell' - type: array - items: - type: string - command: - description: 'Entrypoint array. Not executed within a shell. The container image''s ENTRYPOINT is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container''s environment. If a variable cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)" will produce the string literal "$(VAR_NAME)". Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell' - type: array - items: - type: string - env: - description: List of environment variables to set in the container. Cannot be updated. - type: array - items: - description: EnvVar represents an environment variable present in a Container. - type: object - required: - - name - properties: - name: - description: Name of the environment variable. Must be a C_IDENTIFIER. - type: string - value: - description: 'Variable references $(VAR_NAME) are expanded using the previously defined environment variables in the container and any service environment variables. If a variable cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)" will produce the string literal "$(VAR_NAME)". Escaped references will never be expanded, regardless of whether the variable exists or not. Defaults to "".' - type: string - valueFrom: - description: Source for the environment variable's value. Cannot be used if value is not empty. - type: object - properties: - configMapKeyRef: - description: Selects a key of a ConfigMap. - type: object - required: - - key - properties: - key: - description: The key to select. - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?' - type: string - optional: - description: Specify whether the ConfigMap or its key must be defined - type: boolean - x-kubernetes-map-type: atomic - fieldRef: - description: This is accessible behind a feature flag - kubernetes.podspec-fieldref - type: object - x-kubernetes-preserve-unknown-fields: true - x-kubernetes-map-type: atomic - resourceFieldRef: - description: This is accessible behind a feature flag - kubernetes.podspec-fieldref - type: object - x-kubernetes-preserve-unknown-fields: true - x-kubernetes-map-type: atomic - secretKeyRef: - description: Selects a key of a secret in the pod's namespace - type: object - required: - - key - properties: - key: - description: The key of the secret to select from. Must be a valid secret key. - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?' - type: string - optional: - description: Specify whether the Secret or its key must be defined - type: boolean - x-kubernetes-map-type: atomic - envFrom: - description: List of sources to populate environment variables in the container. The keys defined within a source must be a C_IDENTIFIER. All invalid keys will be reported as an event when the container is starting. When a key exists in multiple sources, the value associated with the last source will take precedence. Values defined by an Env with a duplicate key will take precedence. Cannot be updated. - type: array - items: - description: EnvFromSource represents the source of a set of ConfigMaps - type: object - properties: - configMapRef: - description: The ConfigMap to select from - type: object - properties: - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?' - type: string - optional: - description: Specify whether the ConfigMap must be defined - type: boolean - x-kubernetes-map-type: atomic - prefix: - description: An optional identifier to prepend to each key in the ConfigMap. Must be a C_IDENTIFIER. - type: string - secretRef: - description: The Secret to select from - type: object - properties: - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?' - type: string - optional: - description: Specify whether the Secret must be defined - type: boolean - x-kubernetes-map-type: atomic - image: - description: 'Container image name. More info: https://kubernetes.io/docs/concepts/containers/images This field is optional to allow higher level config management to default or override container images in workload controllers like Deployments and StatefulSets.' - type: string - imagePullPolicy: - description: 'Image pull policy. One of Always, Never, IfNotPresent. Defaults to Always if :latest tag is specified, or IfNotPresent otherwise. Cannot be updated. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images' - type: string - livenessProbe: - description: 'Periodic probe of container liveness. Container will be restarted if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' - type: object - properties: - exec: - description: Exec specifies the action to take. - type: object - properties: - command: - description: Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. - type: array - items: - type: string - failureThreshold: - description: Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1. - type: integer - format: int32 - httpGet: - description: HTTPGet specifies the http request to perform. - type: object - properties: - host: - description: Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. - type: string - httpHeaders: - description: Custom headers to set in the request. HTTP allows repeated headers. - type: array - items: - description: HTTPHeader describes a custom header to be used in HTTP probes - type: object - required: - - name - - value - properties: - name: - description: The header field name - type: string - value: - description: The header field value - type: string - path: - description: Path to access on the HTTP server. - type: string - port: - description: Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - scheme: - description: Scheme to use for connecting to the host. Defaults to HTTP. - type: string - initialDelaySeconds: - description: 'Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' - type: integer - format: int32 - periodSeconds: - description: How often (in seconds) to perform the probe. - type: integer - format: int32 - successThreshold: - description: Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1. - type: integer - format: int32 - tcpSocket: - description: TCPSocket specifies an action involving a TCP port. - type: object - properties: - host: - description: 'Optional: Host name to connect to, defaults to the pod IP.' - type: string - port: - description: Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - timeoutSeconds: - description: 'Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' - type: integer - format: int32 - name: - description: Name of the container specified as a DNS_LABEL. Each container in a pod must have a unique name (DNS_LABEL). Cannot be updated. - type: string - ports: - description: List of ports to expose from the container. Not specifying a port here DOES NOT prevent that port from being exposed. Any port which is listening on the default "0.0.0.0" address inside a container will be accessible from the network. Modifying this array with strategic merge patch may corrupt the data. For more information See https://github.com/kubernetes/kubernetes/issues/108255. Cannot be updated. - type: array - items: - description: ContainerPort represents a network port in a single container. - type: object - required: - - containerPort - properties: - containerPort: - description: Number of port to expose on the pod's IP address. This must be a valid port number, 0 < x < 65536. - type: integer - format: int32 - name: - description: If specified, this must be an IANA_SVC_NAME and unique within the pod. Each named port in a pod must have a unique name. Name for the port that can be referred to by services. - type: string - protocol: - description: Protocol for port. Must be UDP, TCP, or SCTP. Defaults to "TCP". - type: string - default: TCP - x-kubernetes-list-map-keys: - - containerPort - - protocol - x-kubernetes-list-type: map - readinessProbe: - description: 'Periodic probe of container service readiness. Container will be removed from service endpoints if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' - type: object - properties: - exec: - description: Exec specifies the action to take. - type: object - properties: - command: - description: Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. - type: array - items: - type: string - failureThreshold: - description: Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1. - type: integer - format: int32 - httpGet: - description: HTTPGet specifies the http request to perform. - type: object - properties: - host: - description: Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. - type: string - httpHeaders: - description: Custom headers to set in the request. HTTP allows repeated headers. - type: array - items: - description: HTTPHeader describes a custom header to be used in HTTP probes - type: object - required: - - name - - value - properties: - name: - description: The header field name - type: string - value: - description: The header field value - type: string - path: - description: Path to access on the HTTP server. - type: string - port: - description: Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - scheme: - description: Scheme to use for connecting to the host. Defaults to HTTP. - type: string - initialDelaySeconds: - description: 'Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' - type: integer - format: int32 - periodSeconds: - description: How often (in seconds) to perform the probe. - type: integer - format: int32 - successThreshold: - description: Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1. - type: integer - format: int32 - tcpSocket: - description: TCPSocket specifies an action involving a TCP port. - type: object - properties: - host: - description: 'Optional: Host name to connect to, defaults to the pod IP.' - type: string - port: - description: Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - timeoutSeconds: - description: 'Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' - type: integer - format: int32 - resources: - description: 'Compute Resources required by this container. Cannot be updated. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' - type: object - properties: - limits: - description: 'Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' - type: object - additionalProperties: - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - requests: - description: 'Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' - type: object - additionalProperties: - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - securityContext: - description: 'SecurityContext defines the security options the container should be run with. If set, the fields of SecurityContext override the equivalent fields of PodSecurityContext. More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/' - type: object - properties: - allowPrivilegeEscalation: - description: 'AllowPrivilegeEscalation controls whether a process can gain more privileges than its parent process. This bool directly controls if the no_new_privs flag will be set on the container process. AllowPrivilegeEscalation is true always when the container is: 1) run as Privileged 2) has CAP_SYS_ADMIN Note that this field cannot be set when spec.os.name is windows.' - type: boolean - capabilities: - description: The capabilities to add/drop when running containers. Defaults to the default set of capabilities granted by the container runtime. Note that this field cannot be set when spec.os.name is windows. - type: object - properties: - add: - description: This is accessible behind a feature flag - kubernetes.containerspec-addcapabilities - type: array - items: - description: Capability represent POSIX capabilities type - type: string - drop: - description: Removed capabilities - type: array - items: - description: Capability represent POSIX capabilities type - type: string - readOnlyRootFilesystem: - description: Whether this container has a read-only root filesystem. Default is false. Note that this field cannot be set when spec.os.name is windows. - type: boolean - runAsGroup: - description: The GID to run the entrypoint of the container process. Uses runtime default if unset. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is windows. - type: integer - format: int64 - runAsNonRoot: - description: Indicates that the container must run as a non-root user. If true, the Kubelet will validate the image at runtime to ensure that it does not run as UID 0 (root) and fail to start the container if it does. If unset or false, no such validation will be performed. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. - type: boolean - runAsUser: - description: The UID to run the entrypoint of the container process. Defaults to user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is windows. - type: integer - format: int64 - terminationMessagePath: - description: 'Optional: Path at which the file to which the container''s termination message will be written is mounted into the container''s filesystem. Message written is intended to be brief final status, such as an assertion failure message. Will be truncated by the node if greater than 4096 bytes. The total message length across all containers will be limited to 12kb. Defaults to /dev/termination-log. Cannot be updated.' - type: string - terminationMessagePolicy: - description: Indicate how the termination message should be populated. File will use the contents of terminationMessagePath to populate the container status message on both success and failure. FallbackToLogsOnError will use the last chunk of container log output if the termination message file is empty and the container exited with an error. The log output is limited to 2048 bytes or 80 lines, whichever is smaller. Defaults to File. Cannot be updated. - type: string - volumeMounts: - description: Pod volumes to mount into the container's filesystem. Cannot be updated. - type: array - items: - description: VolumeMount describes a mounting of a Volume within a container. - type: object - required: - - mountPath - - name - properties: - mountPath: - description: Path within the container at which the volume should be mounted. Must not contain ':'. - type: string - name: - description: This must match the Name of a Volume. - type: string - readOnly: - description: Mounted read-only if true, read-write otherwise (false or unspecified). Defaults to false. - type: boolean - subPath: - description: Path within the volume from which the container's volume should be mounted. Defaults to "" (volume's root). - type: string - workingDir: - description: Container's working directory. If not specified, the container runtime's default will be used, which might be configured in the container image. Cannot be updated. - type: string - dnsConfig: - description: This is accessible behind a feature flag - kubernetes.podspec-dnsconfig - type: object - x-kubernetes-preserve-unknown-fields: true - dnsPolicy: - description: This is accessible behind a feature flag - kubernetes.podspec-dnspolicy - type: string - enableServiceLinks: - description: 'EnableServiceLinks indicates whether information about services should be injected into pod''s environment variables, matching the syntax of Docker links. Optional: Knative defaults this to false.' - type: boolean - hostAliases: - description: This is accessible behind a feature flag - kubernetes.podspec-hostaliases - type: array - items: - description: This is accessible behind a feature flag - kubernetes.podspec-hostaliases - type: object - x-kubernetes-preserve-unknown-fields: true - idleTimeoutSeconds: - description: IdleTimeoutSeconds is the maximum duration in seconds a request will be allowed to stay open while not receiving any bytes from the user's application. If unspecified, a system default will be provided. - type: integer - format: int64 - imagePullSecrets: - description: 'ImagePullSecrets is an optional list of references to secrets in the same namespace to use for pulling any of the images used by this PodSpec. If specified, these secrets will be passed to individual puller implementations for them to use. More info: https://kubernetes.io/docs/concepts/containers/images#specifying-imagepullsecrets-on-a-pod' - type: array - items: - description: LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. - type: object - properties: - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?' - type: string - x-kubernetes-map-type: atomic - initContainers: - description: 'List of initialization containers belonging to the pod. Init containers are executed in order prior to containers being started. If any init container fails, the pod is considered to have failed and is handled according to its restartPolicy. The name for an init container or normal container must be unique among all containers. Init containers may not have Lifecycle actions, Readiness probes, Liveness probes, or Startup probes. The resourceRequirements of an init container are taken into account during scheduling by finding the highest request/limit for each resource type, and then using the max of of that value or the sum of the normal containers. Limits are applied to init containers in a similar fashion. Init containers cannot currently be added or removed. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/init-containers/' - type: array - items: - description: This is accessible behind a feature flag - kubernetes.podspec-init-containers - type: object - x-kubernetes-preserve-unknown-fields: true - nodeSelector: - description: This is accessible behind a feature flag - kubernetes.podspec-nodeselector - type: object - x-kubernetes-preserve-unknown-fields: true - x-kubernetes-map-type: atomic - priorityClassName: - description: This is accessible behind a feature flag - kubernetes.podspec-priorityclassname - type: string - x-kubernetes-preserve-unknown-fields: true - responseStartTimeoutSeconds: - description: ResponseStartTimeoutSeconds is the maximum duration in seconds that the request routing layer will wait for a request delivered to a container to begin sending any network traffic. - type: integer - format: int64 - runtimeClassName: - description: This is accessible behind a feature flag - kubernetes.podspec-runtimeclassname - type: string - x-kubernetes-preserve-unknown-fields: true - schedulerName: - description: This is accessible behind a feature flag - kubernetes.podspec-schedulername - type: string - x-kubernetes-preserve-unknown-fields: true - securityContext: - description: This is accessible behind a feature flag - kubernetes.podspec-securitycontext - type: object - x-kubernetes-preserve-unknown-fields: true - serviceAccountName: - description: 'ServiceAccountName is the name of the ServiceAccount to use to run this pod. More info: https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/' - type: string - timeoutSeconds: - description: TimeoutSeconds is the maximum duration in seconds that the request instance is allowed to respond to a request. If unspecified, a system default will be provided. - type: integer - format: int64 - tolerations: - description: This is accessible behind a feature flag - kubernetes.podspec-tolerations - type: array - items: - description: This is accessible behind a feature flag - kubernetes.podspec-tolerations - type: object - x-kubernetes-preserve-unknown-fields: true - topologySpreadConstraints: - description: This is accessible behind a feature flag - kubernetes.podspec-topologyspreadconstraints - type: array - items: - description: This is accessible behind a feature flag - kubernetes.podspec-topologyspreadconstraints - type: object - x-kubernetes-preserve-unknown-fields: true - volumes: - description: 'List of volumes that can be mounted by containers belonging to the pod. More info: https://kubernetes.io/docs/concepts/storage/volumes' - type: array - items: - description: Volume represents a named volume in a pod that may be accessed by any container in the pod. - type: object - required: - - name - properties: - configMap: - description: configMap represents a configMap that should populate this volume - type: object - properties: - defaultMode: - description: 'defaultMode is optional: mode bits used to set permissions on created files by default. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. Defaults to 0644. Directories within the path are not affected by this setting. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.' - type: integer - format: int32 - items: - description: items if unspecified, each key-value pair in the Data field of the referenced ConfigMap will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the ConfigMap, the volume setup will error unless it is marked optional. Paths must be relative and may not contain the '..' path or start with '..'. - type: array - items: - description: Maps a string key to a path within a volume. - type: object - required: - - key - - path - properties: - key: - description: key is the key to project. - type: string - mode: - description: 'mode is Optional: mode bits used to set permissions on this file. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.' - type: integer - format: int32 - path: - description: path is the relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'. - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?' - type: string - optional: - description: optional specify whether the ConfigMap or its keys must be defined - type: boolean - x-kubernetes-map-type: atomic - emptyDir: - description: This is accessible behind a feature flag - kubernetes.podspec-emptydir - type: object - x-kubernetes-preserve-unknown-fields: true - name: - description: 'name of the volume. Must be a DNS_LABEL and unique within the pod. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - persistentVolumeClaim: - description: This is accessible behind a feature flag - kubernetes.podspec-persistent-volume-claim - type: object - x-kubernetes-preserve-unknown-fields: true - projected: - description: projected items for all in one resources secrets, configmaps, and downward API - type: object - properties: - defaultMode: - description: defaultMode are the mode bits used to set permissions on created files by default. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. Directories within the path are not affected by this setting. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. - type: integer - format: int32 - sources: - description: sources is the list of volume projections - type: array - items: - description: Projection that may be projected along with other supported volume types - type: object - properties: - configMap: - description: configMap information about the configMap data to project - type: object - properties: - items: - description: items if unspecified, each key-value pair in the Data field of the referenced ConfigMap will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the ConfigMap, the volume setup will error unless it is marked optional. Paths must be relative and may not contain the '..' path or start with '..'. - type: array - items: - description: Maps a string key to a path within a volume. - type: object - required: - - key - - path - properties: - key: - description: key is the key to project. - type: string - mode: - description: 'mode is Optional: mode bits used to set permissions on this file. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.' - type: integer - format: int32 - path: - description: path is the relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'. - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?' - type: string - optional: - description: optional specify whether the ConfigMap or its keys must be defined - type: boolean - x-kubernetes-map-type: atomic - secret: - description: secret information about the secret data to project - type: object - properties: - items: - description: items if unspecified, each key-value pair in the Data field of the referenced Secret will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the Secret, the volume setup will error unless it is marked optional. Paths must be relative and may not contain the '..' path or start with '..'. - type: array - items: - description: Maps a string key to a path within a volume. - type: object - required: - - key - - path - properties: - key: - description: key is the key to project. - type: string - mode: - description: 'mode is Optional: mode bits used to set permissions on this file. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.' - type: integer - format: int32 - path: - description: path is the relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'. - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?' - type: string - optional: - description: optional field specify whether the Secret or its key must be defined - type: boolean - x-kubernetes-map-type: atomic - serviceAccountToken: - description: serviceAccountToken is information about the serviceAccountToken data to project - type: object - required: - - path - properties: - audience: - description: audience is the intended audience of the token. A recipient of a token must identify itself with an identifier specified in the audience of the token, and otherwise should reject the token. The audience defaults to the identifier of the apiserver. - type: string - expirationSeconds: - description: expirationSeconds is the requested duration of validity of the service account token. As the token approaches expiration, the kubelet volume plugin will proactively rotate the service account token. The kubelet will start trying to rotate the token if the token is older than 80 percent of its time to live or if the token is older than 24 hours.Defaults to 1 hour and must be at least 10 minutes. - type: integer - format: int64 - path: - description: path is the path relative to the mount point of the file to project the token into. - type: string - secret: - description: 'secret represents a secret that should populate this volume. More info: https://kubernetes.io/docs/concepts/storage/volumes#secret' - type: object - properties: - defaultMode: - description: 'defaultMode is Optional: mode bits used to set permissions on created files by default. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. Defaults to 0644. Directories within the path are not affected by this setting. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.' - type: integer - format: int32 - items: - description: items If unspecified, each key-value pair in the Data field of the referenced Secret will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the Secret, the volume setup will error unless it is marked optional. Paths must be relative and may not contain the '..' path or start with '..'. - type: array - items: - description: Maps a string key to a path within a volume. - type: object - required: - - key - - path - properties: - key: - description: key is the key to project. - type: string - mode: - description: 'mode is Optional: mode bits used to set permissions on this file. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.' - type: integer - format: int32 - path: - description: path is the relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'. - type: string - optional: - description: optional field specify whether the Secret or its keys must be defined - type: boolean - secretName: - description: 'secretName is the name of the secret in the pod''s namespace to use. More info: https://kubernetes.io/docs/concepts/storage/volumes#secret' - type: string - status: - description: RevisionStatus communicates the observed state of the Revision (from the controller). - type: object - properties: - actualReplicas: - description: ActualReplicas reflects the amount of ready pods running this revision. - type: integer - format: int32 - annotations: - description: Annotations is additional Status fields for the Resource to save some additional State as well as convey more information to the user. This is roughly akin to Annotations on any k8s resource, just the reconciler conveying richer information outwards. - type: object - additionalProperties: - type: string - conditions: - description: Conditions the latest available observations of a resource's current state. - type: array - items: - description: 'Condition defines a readiness condition for a Knative resource. See: https://github.com/kubernetes/community/blob/master/contributors/devel/sig-architecture/api-conventions.md#typical-status-properties' - type: object - required: - - status - - type - properties: - lastTransitionTime: - description: LastTransitionTime is the last time the condition transitioned from one status to another. We use VolatileTime in place of metav1.Time to exclude this from creating equality.Semantic differences (all other things held constant). - type: string - message: - description: A human readable message indicating details about the transition. - type: string - reason: - description: The reason for the condition's last transition. - type: string - severity: - description: Severity with which to treat failures of this type of condition. When this is not specified, it defaults to Error. - type: string - status: - description: Status of the condition, one of True, False, Unknown. - type: string - type: - description: Type of condition. - type: string - containerStatuses: - description: 'ContainerStatuses is a slice of images present in .Spec.Container[*].Image to their respective digests and their container name. The digests are resolved during the creation of Revision. ContainerStatuses holds the container name and image digests for both serving and non serving containers. ref: http://bit.ly/image-digests' - type: array - items: - description: ContainerStatus holds the information of container name and image digest value - type: object - properties: - imageDigest: - type: string - name: - type: string - desiredReplicas: - description: DesiredReplicas reflects the desired amount of pods running this revision. - type: integer - format: int32 - initContainerStatuses: - description: 'InitContainerStatuses is a slice of images present in .Spec.InitContainer[*].Image to their respective digests and their container name. The digests are resolved during the creation of Revision. ContainerStatuses holds the container name and image digests for both serving and non serving containers. ref: http://bit.ly/image-digests' - type: array - items: - description: ContainerStatus holds the information of container name and image digest value - type: object - properties: - imageDigest: - type: string - name: - type: string - logUrl: - description: LogURL specifies the generated logging url for this particular revision based on the revision url template specified in the controller's config. - type: string - observedGeneration: - description: ObservedGeneration is the 'Generation' of the Service that was last processed by the controller. - type: integer - format: int64 - ---- -# Copyright 2019 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -# Note: The schema part of the spec is auto-generated by hack/update-schemas.sh. - -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - name: routes.serving.knative.dev - labels: - app.kubernetes.io/name: knative-serving - app.kubernetes.io/version: "1.8.3" - knative.dev/crd-install: "true" - duck.knative.dev/addressable: "true" -spec: - group: serving.knative.dev - names: - kind: Route - plural: routes - singular: route - categories: - - all - - knative - - serving - shortNames: - - rt - scope: Namespaced - versions: - - name: v1 - served: true - storage: true - subresources: - status: {} - additionalPrinterColumns: - - name: URL - type: string - jsonPath: .status.url - - name: Ready - type: string - jsonPath: ".status.conditions[?(@.type=='Ready')].status" - - name: Reason - type: string - jsonPath: ".status.conditions[?(@.type=='Ready')].reason" - schema: - openAPIV3Schema: - description: 'Route is responsible for configuring ingress over a collection of Revisions. Some of the Revisions a Route distributes traffic over may be specified by referencing the Configuration responsible for creating them; in these cases the Route is additionally responsible for monitoring the Configuration for "latest ready revision" changes, and smoothly rolling out latest revisions. See also: https://github.com/knative/serving/blob/main/docs/spec/overview.md#route' - type: object - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - description: Spec holds the desired state of the Route (from the client). - type: object - properties: - traffic: - description: Traffic specifies how to distribute traffic over a collection of revisions and configurations. - type: array - items: - description: TrafficTarget holds a single entry of the routing table for a Route. - type: object - properties: - configurationName: - description: ConfigurationName of a configuration to whose latest revision we will send this portion of traffic. When the "status.latestReadyRevisionName" of the referenced configuration changes, we will automatically migrate traffic from the prior "latest ready" revision to the new one. This field is never set in Route's status, only its spec. This is mutually exclusive with RevisionName. - type: string - latestRevision: - description: LatestRevision may be optionally provided to indicate that the latest ready Revision of the Configuration should be used for this traffic target. When provided LatestRevision must be true if RevisionName is empty; it must be false when RevisionName is non-empty. - type: boolean - percent: - description: 'Percent indicates that percentage based routing should be used and the value indicates the percent of traffic that is be routed to this Revision or Configuration. `0` (zero) mean no traffic, `100` means all traffic. When percentage based routing is being used the follow rules apply: - the sum of all percent values must equal 100 - when not specified, the implied value for `percent` is zero for that particular Revision or Configuration' - type: integer - format: int64 - revisionName: - description: RevisionName of a specific revision to which to send this portion of traffic. This is mutually exclusive with ConfigurationName. - type: string - tag: - description: Tag is optionally used to expose a dedicated url for referencing this target exclusively. - type: string - url: - description: URL displays the URL for accessing named traffic targets. URL is displayed in status, and is disallowed on spec. URL must contain a scheme (e.g. http://) and a hostname, but may not contain anything else (e.g. basic auth, url path, etc.) - type: string - status: - description: Status communicates the observed state of the Route (from the controller). - type: object - properties: - address: - description: Address holds the information needed for a Route to be the target of an event. - type: object - properties: - url: - type: string - annotations: - description: Annotations is additional Status fields for the Resource to save some additional State as well as convey more information to the user. This is roughly akin to Annotations on any k8s resource, just the reconciler conveying richer information outwards. - type: object - additionalProperties: - type: string - conditions: - description: Conditions the latest available observations of a resource's current state. - type: array - items: - description: 'Condition defines a readiness condition for a Knative resource. See: https://github.com/kubernetes/community/blob/master/contributors/devel/sig-architecture/api-conventions.md#typical-status-properties' - type: object - required: - - status - - type - properties: - lastTransitionTime: - description: LastTransitionTime is the last time the condition transitioned from one status to another. We use VolatileTime in place of metav1.Time to exclude this from creating equality.Semantic differences (all other things held constant). - type: string - message: - description: A human readable message indicating details about the transition. - type: string - reason: - description: The reason for the condition's last transition. - type: string - severity: - description: Severity with which to treat failures of this type of condition. When this is not specified, it defaults to Error. - type: string - status: - description: Status of the condition, one of True, False, Unknown. - type: string - type: - description: Type of condition. - type: string - observedGeneration: - description: ObservedGeneration is the 'Generation' of the Service that was last processed by the controller. - type: integer - format: int64 - traffic: - description: Traffic holds the configured traffic distribution. These entries will always contain RevisionName references. When ConfigurationName appears in the spec, this will hold the LatestReadyRevisionName that we last observed. - type: array - items: - description: TrafficTarget holds a single entry of the routing table for a Route. - type: object - properties: - configurationName: - description: ConfigurationName of a configuration to whose latest revision we will send this portion of traffic. When the "status.latestReadyRevisionName" of the referenced configuration changes, we will automatically migrate traffic from the prior "latest ready" revision to the new one. This field is never set in Route's status, only its spec. This is mutually exclusive with RevisionName. - type: string - latestRevision: - description: LatestRevision may be optionally provided to indicate that the latest ready Revision of the Configuration should be used for this traffic target. When provided LatestRevision must be true if RevisionName is empty; it must be false when RevisionName is non-empty. - type: boolean - percent: - description: 'Percent indicates that percentage based routing should be used and the value indicates the percent of traffic that is be routed to this Revision or Configuration. `0` (zero) mean no traffic, `100` means all traffic. When percentage based routing is being used the follow rules apply: - the sum of all percent values must equal 100 - when not specified, the implied value for `percent` is zero for that particular Revision or Configuration' - type: integer - format: int64 - revisionName: - description: RevisionName of a specific revision to which to send this portion of traffic. This is mutually exclusive with ConfigurationName. - type: string - tag: - description: Tag is optionally used to expose a dedicated url for referencing this target exclusively. - type: string - url: - description: URL displays the URL for accessing named traffic targets. URL is displayed in status, and is disallowed on spec. URL must contain a scheme (e.g. http://) and a hostname, but may not contain anything else (e.g. basic auth, url path, etc.) - type: string - url: - description: URL holds the url that will distribute traffic over the provided traffic targets. It generally has the form http[s]://{route-name}.{route-namespace}.{cluster-level-suffix} - type: string - ---- -# Copyright 2019 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - name: serverlessservices.networking.internal.knative.dev - labels: - app.kubernetes.io/name: knative-serving - app.kubernetes.io/component: networking - app.kubernetes.io/version: "1.8.3" - knative.dev/crd-install: "true" -spec: - group: networking.internal.knative.dev - versions: - - name: v1alpha1 - served: true - storage: true - subresources: - status: {} - schema: - openAPIV3Schema: - description: 'ServerlessService is a proxy for the K8s service objects containing the endpoints for the revision, whether those are endpoints of the activator or revision pods. See: https://knative.page.link/naxz for details.' - type: object - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - description: 'Spec is the desired state of the ServerlessService. More info: https://github.com/kubernetes/community/blob/master/contributors/devel/sig-architecture/api-conventions.md#spec-and-status' - type: object - required: - - objectRef - - protocolType - properties: - mode: - description: Mode describes the mode of operation of the ServerlessService. - type: string - numActivators: - description: NumActivators contains number of Activators that this revision should be assigned. O means — assign all. - type: integer - format: int32 - objectRef: - description: ObjectRef defines the resource that this ServerlessService is responsible for making "serverless". - type: object - properties: - apiVersion: - description: API version of the referent. - type: string - fieldPath: - description: 'If referring to a piece of an object instead of an entire object, this string should contain a valid JSON/Go field access statement, such as desiredState.manifest.containers[2]. For example, if the object reference is to a container within a pod, this would take on a value like: "spec.containers{name}" (where "name" refers to the name of the container that triggered the event) or if no container name is specified "spec.containers[2]" (container with index 2 in this pod). This syntax is chosen only to have some well-defined way of referencing a part of an object. TODO: this design is not final and this field is subject to change in the future.' - type: string - kind: - description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - namespace: - description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' - type: string - resourceVersion: - description: 'Specific resourceVersion to which this reference is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency' - type: string - uid: - description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids' - type: string - x-kubernetes-map-type: atomic - protocolType: - description: The application-layer protocol. Matches `RevisionProtocolType` set on the owning pa/revision. serving imports networking, so just use string. - type: string - status: - description: 'Status is the current state of the ServerlessService. More info: https://github.com/kubernetes/community/blob/master/contributors/devel/sig-architecture/api-conventions.md#spec-and-status' - type: object - properties: - annotations: - description: Annotations is additional Status fields for the Resource to save some additional State as well as convey more information to the user. This is roughly akin to Annotations on any k8s resource, just the reconciler conveying richer information outwards. - type: object - additionalProperties: - type: string - conditions: - description: Conditions the latest available observations of a resource's current state. - type: array - items: - description: 'Condition defines a readiness condition for a Knative resource. See: https://github.com/kubernetes/community/blob/master/contributors/devel/sig-architecture/api-conventions.md#typical-status-properties' - type: object - required: - - status - - type - properties: - lastTransitionTime: - description: LastTransitionTime is the last time the condition transitioned from one status to another. We use VolatileTime in place of metav1.Time to exclude this from creating equality.Semantic differences (all other things held constant). - type: string - message: - description: A human readable message indicating details about the transition. - type: string - reason: - description: The reason for the condition's last transition. - type: string - severity: - description: Severity with which to treat failures of this type of condition. When this is not specified, it defaults to Error. - type: string - status: - description: Status of the condition, one of True, False, Unknown. - type: string - type: - description: Type of condition. - type: string - observedGeneration: - description: ObservedGeneration is the 'Generation' of the Service that was last processed by the controller. - type: integer - format: int64 - privateServiceName: - description: PrivateServiceName holds the name of a core K8s Service resource that load balances over the user service pods backing this Revision. - type: string - serviceName: - description: ServiceName holds the name of a core K8s Service resource that load balances over the pods backing this Revision (activator or revision). - type: string - additionalPrinterColumns: - - name: Mode - type: string - jsonPath: ".spec.mode" - - name: Activators - type: integer - jsonPath: ".spec.numActivators" - - name: ServiceName - type: string - jsonPath: ".status.serviceName" - - name: PrivateServiceName - type: string - jsonPath: ".status.privateServiceName" - - name: Ready - type: string - jsonPath: ".status.conditions[?(@.type=='Ready')].status" - - name: Reason - type: string - jsonPath: ".status.conditions[?(@.type=='Ready')].reason" - names: - kind: ServerlessService - plural: serverlessservices - singular: serverlessservice - categories: - - knative-internal - - networking - shortNames: - - sks - scope: Namespaced - ---- -# Copyright 2019 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -# Note: The schema part of the spec is auto-generated by hack/update-schemas.sh. - -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - name: services.serving.knative.dev - labels: - app.kubernetes.io/name: knative-serving - app.kubernetes.io/version: "1.8.3" - knative.dev/crd-install: "true" - duck.knative.dev/addressable: "true" - duck.knative.dev/podspecable: "true" -spec: - group: serving.knative.dev - names: - kind: Service - plural: services - singular: service - categories: - - all - - knative - - serving - shortNames: - - kservice - - ksvc - scope: Namespaced - versions: - - name: v1 - served: true - storage: true - subresources: - status: {} - additionalPrinterColumns: - - name: URL - type: string - jsonPath: .status.url - - name: LatestCreated - type: string - jsonPath: .status.latestCreatedRevisionName - - name: LatestReady - type: string - jsonPath: .status.latestReadyRevisionName - - name: Ready - type: string - jsonPath: ".status.conditions[?(@.type=='Ready')].status" - - name: Reason - type: string - jsonPath: ".status.conditions[?(@.type=='Ready')].reason" - schema: - openAPIV3Schema: - description: "Service acts as a top-level container that manages a Route and Configuration which implement a network service. Service exists to provide a singular abstraction which can be access controlled, reasoned about, and which encapsulates software lifecycle decisions such as rollout policy and team resource ownership. Service acts only as an orchestrator of the underlying Routes and Configurations (much as a kubernetes Deployment orchestrates ReplicaSets), and its usage is optional but recommended. \n The Service's controller will track the statuses of its owned Configuration and Route, reflecting their statuses and conditions as its own. \n See also: https://github.com/knative/serving/blob/main/docs/spec/overview.md#service" - type: object - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - description: ServiceSpec represents the configuration for the Service object. A Service's specification is the union of the specifications for a Route and Configuration. The Service restricts what can be expressed in these fields, e.g. the Route must reference the provided Configuration; however, these limitations also enable friendlier defaulting, e.g. Route never needs a Configuration name, and may be defaulted to the appropriate "run latest" spec. - type: object - properties: - template: - description: Template holds the latest specification for the Revision to be stamped out. - type: object - properties: - metadata: - type: object - properties: - annotations: - type: object - additionalProperties: - type: string - finalizers: - type: array - items: - type: string - labels: - type: object - additionalProperties: - type: string - name: - type: string - namespace: - type: string - x-kubernetes-preserve-unknown-fields: true - spec: - description: RevisionSpec holds the desired state of the Revision (from the client). - type: object - required: - - containers - properties: - affinity: - description: This is accessible behind a feature flag - kubernetes.podspec-affinity - type: object - x-kubernetes-preserve-unknown-fields: true - automountServiceAccountToken: - description: AutomountServiceAccountToken indicates whether a service account token should be automatically mounted. - type: boolean - containerConcurrency: - description: ContainerConcurrency specifies the maximum allowed in-flight (concurrent) requests per container of the Revision. Defaults to `0` which means concurrency to the application is not limited, and the system decides the target concurrency for the autoscaler. - type: integer - format: int64 - containers: - description: List of containers belonging to the pod. Containers cannot currently be added or removed. There must be at least one container in a Pod. Cannot be updated. - type: array - items: - description: A single application container that you want to run within a pod. - type: object - properties: - args: - description: 'Arguments to the entrypoint. The container image''s CMD is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container''s environment. If a variable cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)" will produce the string literal "$(VAR_NAME)". Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell' - type: array - items: - type: string - command: - description: 'Entrypoint array. Not executed within a shell. The container image''s ENTRYPOINT is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container''s environment. If a variable cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)" will produce the string literal "$(VAR_NAME)". Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell' - type: array - items: - type: string - env: - description: List of environment variables to set in the container. Cannot be updated. - type: array - items: - description: EnvVar represents an environment variable present in a Container. - type: object - required: - - name - properties: - name: - description: Name of the environment variable. Must be a C_IDENTIFIER. - type: string - value: - description: 'Variable references $(VAR_NAME) are expanded using the previously defined environment variables in the container and any service environment variables. If a variable cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)" will produce the string literal "$(VAR_NAME)". Escaped references will never be expanded, regardless of whether the variable exists or not. Defaults to "".' - type: string - valueFrom: - description: Source for the environment variable's value. Cannot be used if value is not empty. - type: object - properties: - configMapKeyRef: - description: Selects a key of a ConfigMap. - type: object - required: - - key - properties: - key: - description: The key to select. - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?' - type: string - optional: - description: Specify whether the ConfigMap or its key must be defined - type: boolean - x-kubernetes-map-type: atomic - fieldRef: - description: This is accessible behind a feature flag - kubernetes.podspec-fieldref - type: object - x-kubernetes-preserve-unknown-fields: true - x-kubernetes-map-type: atomic - resourceFieldRef: - description: This is accessible behind a feature flag - kubernetes.podspec-fieldref - type: object - x-kubernetes-preserve-unknown-fields: true - x-kubernetes-map-type: atomic - secretKeyRef: - description: Selects a key of a secret in the pod's namespace - type: object - required: - - key - properties: - key: - description: The key of the secret to select from. Must be a valid secret key. - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?' - type: string - optional: - description: Specify whether the Secret or its key must be defined - type: boolean - x-kubernetes-map-type: atomic - envFrom: - description: List of sources to populate environment variables in the container. The keys defined within a source must be a C_IDENTIFIER. All invalid keys will be reported as an event when the container is starting. When a key exists in multiple sources, the value associated with the last source will take precedence. Values defined by an Env with a duplicate key will take precedence. Cannot be updated. - type: array - items: - description: EnvFromSource represents the source of a set of ConfigMaps - type: object - properties: - configMapRef: - description: The ConfigMap to select from - type: object - properties: - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?' - type: string - optional: - description: Specify whether the ConfigMap must be defined - type: boolean - x-kubernetes-map-type: atomic - prefix: - description: An optional identifier to prepend to each key in the ConfigMap. Must be a C_IDENTIFIER. - type: string - secretRef: - description: The Secret to select from - type: object - properties: - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?' - type: string - optional: - description: Specify whether the Secret must be defined - type: boolean - x-kubernetes-map-type: atomic - image: - description: 'Container image name. More info: https://kubernetes.io/docs/concepts/containers/images This field is optional to allow higher level config management to default or override container images in workload controllers like Deployments and StatefulSets.' - type: string - imagePullPolicy: - description: 'Image pull policy. One of Always, Never, IfNotPresent. Defaults to Always if :latest tag is specified, or IfNotPresent otherwise. Cannot be updated. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images' - type: string - livenessProbe: - description: 'Periodic probe of container liveness. Container will be restarted if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' - type: object - properties: - exec: - description: Exec specifies the action to take. - type: object - properties: - command: - description: Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. - type: array - items: - type: string - failureThreshold: - description: Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1. - type: integer - format: int32 - httpGet: - description: HTTPGet specifies the http request to perform. - type: object - properties: - host: - description: Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. - type: string - httpHeaders: - description: Custom headers to set in the request. HTTP allows repeated headers. - type: array - items: - description: HTTPHeader describes a custom header to be used in HTTP probes - type: object - required: - - name - - value - properties: - name: - description: The header field name - type: string - value: - description: The header field value - type: string - path: - description: Path to access on the HTTP server. - type: string - port: - description: Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - scheme: - description: Scheme to use for connecting to the host. Defaults to HTTP. - type: string - initialDelaySeconds: - description: 'Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' - type: integer - format: int32 - periodSeconds: - description: How often (in seconds) to perform the probe. - type: integer - format: int32 - successThreshold: - description: Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1. - type: integer - format: int32 - tcpSocket: - description: TCPSocket specifies an action involving a TCP port. - type: object - properties: - host: - description: 'Optional: Host name to connect to, defaults to the pod IP.' - type: string - port: - description: Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - timeoutSeconds: - description: 'Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' - type: integer - format: int32 - name: - description: Name of the container specified as a DNS_LABEL. Each container in a pod must have a unique name (DNS_LABEL). Cannot be updated. - type: string - ports: - description: List of ports to expose from the container. Not specifying a port here DOES NOT prevent that port from being exposed. Any port which is listening on the default "0.0.0.0" address inside a container will be accessible from the network. Modifying this array with strategic merge patch may corrupt the data. For more information See https://github.com/kubernetes/kubernetes/issues/108255. Cannot be updated. - type: array - items: - description: ContainerPort represents a network port in a single container. - type: object - required: - - containerPort - properties: - containerPort: - description: Number of port to expose on the pod's IP address. This must be a valid port number, 0 < x < 65536. - type: integer - format: int32 - name: - description: If specified, this must be an IANA_SVC_NAME and unique within the pod. Each named port in a pod must have a unique name. Name for the port that can be referred to by services. - type: string - protocol: - description: Protocol for port. Must be UDP, TCP, or SCTP. Defaults to "TCP". - type: string - default: TCP - x-kubernetes-list-map-keys: - - containerPort - - protocol - x-kubernetes-list-type: map - readinessProbe: - description: 'Periodic probe of container service readiness. Container will be removed from service endpoints if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' - type: object - properties: - exec: - description: Exec specifies the action to take. - type: object - properties: - command: - description: Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. - type: array - items: - type: string - failureThreshold: - description: Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1. - type: integer - format: int32 - httpGet: - description: HTTPGet specifies the http request to perform. - type: object - properties: - host: - description: Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. - type: string - httpHeaders: - description: Custom headers to set in the request. HTTP allows repeated headers. - type: array - items: - description: HTTPHeader describes a custom header to be used in HTTP probes - type: object - required: - - name - - value - properties: - name: - description: The header field name - type: string - value: - description: The header field value - type: string - path: - description: Path to access on the HTTP server. - type: string - port: - description: Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - scheme: - description: Scheme to use for connecting to the host. Defaults to HTTP. - type: string - initialDelaySeconds: - description: 'Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' - type: integer - format: int32 - periodSeconds: - description: How often (in seconds) to perform the probe. - type: integer - format: int32 - successThreshold: - description: Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1. - type: integer - format: int32 - tcpSocket: - description: TCPSocket specifies an action involving a TCP port. - type: object - properties: - host: - description: 'Optional: Host name to connect to, defaults to the pod IP.' - type: string - port: - description: Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - timeoutSeconds: - description: 'Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' - type: integer - format: int32 - resources: - description: 'Compute Resources required by this container. Cannot be updated. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' - type: object - properties: - limits: - description: 'Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' - type: object - additionalProperties: - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - requests: - description: 'Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' - type: object - additionalProperties: - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - securityContext: - description: 'SecurityContext defines the security options the container should be run with. If set, the fields of SecurityContext override the equivalent fields of PodSecurityContext. More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/' - type: object - properties: - allowPrivilegeEscalation: - description: 'AllowPrivilegeEscalation controls whether a process can gain more privileges than its parent process. This bool directly controls if the no_new_privs flag will be set on the container process. AllowPrivilegeEscalation is true always when the container is: 1) run as Privileged 2) has CAP_SYS_ADMIN Note that this field cannot be set when spec.os.name is windows.' - type: boolean - capabilities: - description: The capabilities to add/drop when running containers. Defaults to the default set of capabilities granted by the container runtime. Note that this field cannot be set when spec.os.name is windows. - type: object - properties: - add: - description: This is accessible behind a feature flag - kubernetes.containerspec-addcapabilities - type: array - items: - description: Capability represent POSIX capabilities type - type: string - drop: - description: Removed capabilities - type: array - items: - description: Capability represent POSIX capabilities type - type: string - readOnlyRootFilesystem: - description: Whether this container has a read-only root filesystem. Default is false. Note that this field cannot be set when spec.os.name is windows. - type: boolean - runAsGroup: - description: The GID to run the entrypoint of the container process. Uses runtime default if unset. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is windows. - type: integer - format: int64 - runAsNonRoot: - description: Indicates that the container must run as a non-root user. If true, the Kubelet will validate the image at runtime to ensure that it does not run as UID 0 (root) and fail to start the container if it does. If unset or false, no such validation will be performed. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. - type: boolean - runAsUser: - description: The UID to run the entrypoint of the container process. Defaults to user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is windows. - type: integer - format: int64 - terminationMessagePath: - description: 'Optional: Path at which the file to which the container''s termination message will be written is mounted into the container''s filesystem. Message written is intended to be brief final status, such as an assertion failure message. Will be truncated by the node if greater than 4096 bytes. The total message length across all containers will be limited to 12kb. Defaults to /dev/termination-log. Cannot be updated.' - type: string - terminationMessagePolicy: - description: Indicate how the termination message should be populated. File will use the contents of terminationMessagePath to populate the container status message on both success and failure. FallbackToLogsOnError will use the last chunk of container log output if the termination message file is empty and the container exited with an error. The log output is limited to 2048 bytes or 80 lines, whichever is smaller. Defaults to File. Cannot be updated. - type: string - volumeMounts: - description: Pod volumes to mount into the container's filesystem. Cannot be updated. - type: array - items: - description: VolumeMount describes a mounting of a Volume within a container. - type: object - required: - - mountPath - - name - properties: - mountPath: - description: Path within the container at which the volume should be mounted. Must not contain ':'. - type: string - name: - description: This must match the Name of a Volume. - type: string - readOnly: - description: Mounted read-only if true, read-write otherwise (false or unspecified). Defaults to false. - type: boolean - subPath: - description: Path within the volume from which the container's volume should be mounted. Defaults to "" (volume's root). - type: string - workingDir: - description: Container's working directory. If not specified, the container runtime's default will be used, which might be configured in the container image. Cannot be updated. - type: string - dnsConfig: - description: This is accessible behind a feature flag - kubernetes.podspec-dnsconfig - type: object - x-kubernetes-preserve-unknown-fields: true - dnsPolicy: - description: This is accessible behind a feature flag - kubernetes.podspec-dnspolicy - type: string - enableServiceLinks: - description: 'EnableServiceLinks indicates whether information about services should be injected into pod''s environment variables, matching the syntax of Docker links. Optional: Knative defaults this to false.' - type: boolean - hostAliases: - description: This is accessible behind a feature flag - kubernetes.podspec-hostaliases - type: array - items: - description: This is accessible behind a feature flag - kubernetes.podspec-hostaliases - type: object - x-kubernetes-preserve-unknown-fields: true - idleTimeoutSeconds: - description: IdleTimeoutSeconds is the maximum duration in seconds a request will be allowed to stay open while not receiving any bytes from the user's application. If unspecified, a system default will be provided. - type: integer - format: int64 - imagePullSecrets: - description: 'ImagePullSecrets is an optional list of references to secrets in the same namespace to use for pulling any of the images used by this PodSpec. If specified, these secrets will be passed to individual puller implementations for them to use. More info: https://kubernetes.io/docs/concepts/containers/images#specifying-imagepullsecrets-on-a-pod' - type: array - items: - description: LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. - type: object - properties: - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?' - type: string - x-kubernetes-map-type: atomic - initContainers: - description: 'List of initialization containers belonging to the pod. Init containers are executed in order prior to containers being started. If any init container fails, the pod is considered to have failed and is handled according to its restartPolicy. The name for an init container or normal container must be unique among all containers. Init containers may not have Lifecycle actions, Readiness probes, Liveness probes, or Startup probes. The resourceRequirements of an init container are taken into account during scheduling by finding the highest request/limit for each resource type, and then using the max of of that value or the sum of the normal containers. Limits are applied to init containers in a similar fashion. Init containers cannot currently be added or removed. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/init-containers/' - type: array - items: - description: This is accessible behind a feature flag - kubernetes.podspec-init-containers - type: object - x-kubernetes-preserve-unknown-fields: true - nodeSelector: - description: This is accessible behind a feature flag - kubernetes.podspec-nodeselector - type: object - x-kubernetes-preserve-unknown-fields: true - x-kubernetes-map-type: atomic - priorityClassName: - description: This is accessible behind a feature flag - kubernetes.podspec-priorityclassname - type: string - x-kubernetes-preserve-unknown-fields: true - responseStartTimeoutSeconds: - description: ResponseStartTimeoutSeconds is the maximum duration in seconds that the request routing layer will wait for a request delivered to a container to begin sending any network traffic. - type: integer - format: int64 - runtimeClassName: - description: This is accessible behind a feature flag - kubernetes.podspec-runtimeclassname - type: string - x-kubernetes-preserve-unknown-fields: true - schedulerName: - description: This is accessible behind a feature flag - kubernetes.podspec-schedulername - type: string - x-kubernetes-preserve-unknown-fields: true - securityContext: - description: This is accessible behind a feature flag - kubernetes.podspec-securitycontext - type: object - x-kubernetes-preserve-unknown-fields: true - serviceAccountName: - description: 'ServiceAccountName is the name of the ServiceAccount to use to run this pod. More info: https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/' - type: string - timeoutSeconds: - description: TimeoutSeconds is the maximum duration in seconds that the request instance is allowed to respond to a request. If unspecified, a system default will be provided. - type: integer - format: int64 - tolerations: - description: This is accessible behind a feature flag - kubernetes.podspec-tolerations - type: array - items: - description: This is accessible behind a feature flag - kubernetes.podspec-tolerations - type: object - x-kubernetes-preserve-unknown-fields: true - topologySpreadConstraints: - description: This is accessible behind a feature flag - kubernetes.podspec-topologyspreadconstraints - type: array - items: - description: This is accessible behind a feature flag - kubernetes.podspec-topologyspreadconstraints - type: object - x-kubernetes-preserve-unknown-fields: true - volumes: - description: 'List of volumes that can be mounted by containers belonging to the pod. More info: https://kubernetes.io/docs/concepts/storage/volumes' - type: array - items: - description: Volume represents a named volume in a pod that may be accessed by any container in the pod. - type: object - required: - - name - properties: - configMap: - description: configMap represents a configMap that should populate this volume - type: object - properties: - defaultMode: - description: 'defaultMode is optional: mode bits used to set permissions on created files by default. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. Defaults to 0644. Directories within the path are not affected by this setting. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.' - type: integer - format: int32 - items: - description: items if unspecified, each key-value pair in the Data field of the referenced ConfigMap will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the ConfigMap, the volume setup will error unless it is marked optional. Paths must be relative and may not contain the '..' path or start with '..'. - type: array - items: - description: Maps a string key to a path within a volume. - type: object - required: - - key - - path - properties: - key: - description: key is the key to project. - type: string - mode: - description: 'mode is Optional: mode bits used to set permissions on this file. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.' - type: integer - format: int32 - path: - description: path is the relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'. - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?' - type: string - optional: - description: optional specify whether the ConfigMap or its keys must be defined - type: boolean - x-kubernetes-map-type: atomic - emptyDir: - description: This is accessible behind a feature flag - kubernetes.podspec-emptydir - type: object - x-kubernetes-preserve-unknown-fields: true - name: - description: 'name of the volume. Must be a DNS_LABEL and unique within the pod. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - persistentVolumeClaim: - description: This is accessible behind a feature flag - kubernetes.podspec-persistent-volume-claim - type: object - x-kubernetes-preserve-unknown-fields: true - projected: - description: projected items for all in one resources secrets, configmaps, and downward API - type: object - properties: - defaultMode: - description: defaultMode are the mode bits used to set permissions on created files by default. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. Directories within the path are not affected by this setting. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. - type: integer - format: int32 - sources: - description: sources is the list of volume projections - type: array - items: - description: Projection that may be projected along with other supported volume types - type: object - properties: - configMap: - description: configMap information about the configMap data to project - type: object - properties: - items: - description: items if unspecified, each key-value pair in the Data field of the referenced ConfigMap will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the ConfigMap, the volume setup will error unless it is marked optional. Paths must be relative and may not contain the '..' path or start with '..'. - type: array - items: - description: Maps a string key to a path within a volume. - type: object - required: - - key - - path - properties: - key: - description: key is the key to project. - type: string - mode: - description: 'mode is Optional: mode bits used to set permissions on this file. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.' - type: integer - format: int32 - path: - description: path is the relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'. - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?' - type: string - optional: - description: optional specify whether the ConfigMap or its keys must be defined - type: boolean - x-kubernetes-map-type: atomic - secret: - description: secret information about the secret data to project - type: object - properties: - items: - description: items if unspecified, each key-value pair in the Data field of the referenced Secret will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the Secret, the volume setup will error unless it is marked optional. Paths must be relative and may not contain the '..' path or start with '..'. - type: array - items: - description: Maps a string key to a path within a volume. - type: object - required: - - key - - path - properties: - key: - description: key is the key to project. - type: string - mode: - description: 'mode is Optional: mode bits used to set permissions on this file. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.' - type: integer - format: int32 - path: - description: path is the relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'. - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?' - type: string - optional: - description: optional field specify whether the Secret or its key must be defined - type: boolean - x-kubernetes-map-type: atomic - serviceAccountToken: - description: serviceAccountToken is information about the serviceAccountToken data to project - type: object - required: - - path - properties: - audience: - description: audience is the intended audience of the token. A recipient of a token must identify itself with an identifier specified in the audience of the token, and otherwise should reject the token. The audience defaults to the identifier of the apiserver. - type: string - expirationSeconds: - description: expirationSeconds is the requested duration of validity of the service account token. As the token approaches expiration, the kubelet volume plugin will proactively rotate the service account token. The kubelet will start trying to rotate the token if the token is older than 80 percent of its time to live or if the token is older than 24 hours.Defaults to 1 hour and must be at least 10 minutes. - type: integer - format: int64 - path: - description: path is the path relative to the mount point of the file to project the token into. - type: string - secret: - description: 'secret represents a secret that should populate this volume. More info: https://kubernetes.io/docs/concepts/storage/volumes#secret' - type: object - properties: - defaultMode: - description: 'defaultMode is Optional: mode bits used to set permissions on created files by default. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. Defaults to 0644. Directories within the path are not affected by this setting. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.' - type: integer - format: int32 - items: - description: items If unspecified, each key-value pair in the Data field of the referenced Secret will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the Secret, the volume setup will error unless it is marked optional. Paths must be relative and may not contain the '..' path or start with '..'. - type: array - items: - description: Maps a string key to a path within a volume. - type: object - required: - - key - - path - properties: - key: - description: key is the key to project. - type: string - mode: - description: 'mode is Optional: mode bits used to set permissions on this file. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.' - type: integer - format: int32 - path: - description: path is the relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'. - type: string - optional: - description: optional field specify whether the Secret or its keys must be defined - type: boolean - secretName: - description: 'secretName is the name of the secret in the pod''s namespace to use. More info: https://kubernetes.io/docs/concepts/storage/volumes#secret' - type: string - traffic: - description: Traffic specifies how to distribute traffic over a collection of revisions and configurations. - type: array - items: - description: TrafficTarget holds a single entry of the routing table for a Route. - type: object - properties: - configurationName: - description: ConfigurationName of a configuration to whose latest revision we will send this portion of traffic. When the "status.latestReadyRevisionName" of the referenced configuration changes, we will automatically migrate traffic from the prior "latest ready" revision to the new one. This field is never set in Route's status, only its spec. This is mutually exclusive with RevisionName. - type: string - latestRevision: - description: LatestRevision may be optionally provided to indicate that the latest ready Revision of the Configuration should be used for this traffic target. When provided LatestRevision must be true if RevisionName is empty; it must be false when RevisionName is non-empty. - type: boolean - percent: - description: 'Percent indicates that percentage based routing should be used and the value indicates the percent of traffic that is be routed to this Revision or Configuration. `0` (zero) mean no traffic, `100` means all traffic. When percentage based routing is being used the follow rules apply: - the sum of all percent values must equal 100 - when not specified, the implied value for `percent` is zero for that particular Revision or Configuration' - type: integer - format: int64 - revisionName: - description: RevisionName of a specific revision to which to send this portion of traffic. This is mutually exclusive with ConfigurationName. - type: string - tag: - description: Tag is optionally used to expose a dedicated url for referencing this target exclusively. - type: string - url: - description: URL displays the URL for accessing named traffic targets. URL is displayed in status, and is disallowed on spec. URL must contain a scheme (e.g. http://) and a hostname, but may not contain anything else (e.g. basic auth, url path, etc.) - type: string - status: - description: ServiceStatus represents the Status stanza of the Service resource. - type: object - properties: - address: - description: Address holds the information needed for a Route to be the target of an event. - type: object - properties: - url: - type: string - annotations: - description: Annotations is additional Status fields for the Resource to save some additional State as well as convey more information to the user. This is roughly akin to Annotations on any k8s resource, just the reconciler conveying richer information outwards. - type: object - additionalProperties: - type: string - conditions: - description: Conditions the latest available observations of a resource's current state. - type: array - items: - description: 'Condition defines a readiness condition for a Knative resource. See: https://github.com/kubernetes/community/blob/master/contributors/devel/sig-architecture/api-conventions.md#typical-status-properties' - type: object - required: - - status - - type - properties: - lastTransitionTime: - description: LastTransitionTime is the last time the condition transitioned from one status to another. We use VolatileTime in place of metav1.Time to exclude this from creating equality.Semantic differences (all other things held constant). - type: string - message: - description: A human readable message indicating details about the transition. - type: string - reason: - description: The reason for the condition's last transition. - type: string - severity: - description: Severity with which to treat failures of this type of condition. When this is not specified, it defaults to Error. - type: string - status: - description: Status of the condition, one of True, False, Unknown. - type: string - type: - description: Type of condition. - type: string - latestCreatedRevisionName: - description: LatestCreatedRevisionName is the last revision that was created from this Configuration. It might not be ready yet, for that use LatestReadyRevisionName. - type: string - latestReadyRevisionName: - description: LatestReadyRevisionName holds the name of the latest Revision stamped out from this Configuration that has had its "Ready" condition become "True". - type: string - observedGeneration: - description: ObservedGeneration is the 'Generation' of the Service that was last processed by the controller. - type: integer - format: int64 - traffic: - description: Traffic holds the configured traffic distribution. These entries will always contain RevisionName references. When ConfigurationName appears in the spec, this will hold the LatestReadyRevisionName that we last observed. - type: array - items: - description: TrafficTarget holds a single entry of the routing table for a Route. - type: object - properties: - configurationName: - description: ConfigurationName of a configuration to whose latest revision we will send this portion of traffic. When the "status.latestReadyRevisionName" of the referenced configuration changes, we will automatically migrate traffic from the prior "latest ready" revision to the new one. This field is never set in Route's status, only its spec. This is mutually exclusive with RevisionName. - type: string - latestRevision: - description: LatestRevision may be optionally provided to indicate that the latest ready Revision of the Configuration should be used for this traffic target. When provided LatestRevision must be true if RevisionName is empty; it must be false when RevisionName is non-empty. - type: boolean - percent: - description: 'Percent indicates that percentage based routing should be used and the value indicates the percent of traffic that is be routed to this Revision or Configuration. `0` (zero) mean no traffic, `100` means all traffic. When percentage based routing is being used the follow rules apply: - the sum of all percent values must equal 100 - when not specified, the implied value for `percent` is zero for that particular Revision or Configuration' - type: integer - format: int64 - revisionName: - description: RevisionName of a specific revision to which to send this portion of traffic. This is mutually exclusive with ConfigurationName. - type: string - tag: - description: Tag is optionally used to expose a dedicated url for referencing this target exclusively. - type: string - url: - description: URL displays the URL for accessing named traffic targets. URL is displayed in status, and is disallowed on spec. URL must contain a scheme (e.g. http://) and a hostname, but may not contain anything else (e.g. basic auth, url path, etc.) - type: string - url: - description: URL holds the url that will distribute traffic over the provided traffic targets. It generally has the form http[s]://{route-name}.{route-namespace}.{cluster-level-suffix} - type: string - ---- -# Copyright 2018 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - name: images.caching.internal.knative.dev - labels: - app.kubernetes.io/name: knative-serving - app.kubernetes.io/version: "1.8.3" - knative.dev/crd-install: "true" -spec: - group: caching.internal.knative.dev - names: - kind: Image - plural: images - singular: image - categories: - - knative-internal - - caching - scope: Namespaced - versions: - - name: v1alpha1 - served: true - storage: true - subresources: - status: {} - schema: - openAPIV3Schema: - description: Image is a Knative abstraction that encapsulates the interface by which Knative components express a desire to have a particular image cached. - type: object - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - description: Spec holds the desired state of the Image (from the client). - type: object - required: - - image - properties: - image: - description: Image is the name of the container image url to cache across the cluster. - type: string - imagePullSecrets: - description: ImagePullSecrets contains the names of the Kubernetes Secrets containing login information used by the Pods which will run this container. - type: array - items: - description: LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. - type: object - properties: - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?' - type: string - x-kubernetes-map-type: atomic - serviceAccountName: - description: 'ServiceAccountName is the name of the Kubernetes ServiceAccount as which the Pods will run this container. This is potentially used to authenticate the image pull if the service account has attached pull secrets. For more information: https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/#add-imagepullsecrets-to-a-service-account' - type: string - status: - description: Status communicates the observed state of the Image (from the controller). - type: object - properties: - annotations: - description: Annotations is additional Status fields for the Resource to save some additional State as well as convey more information to the user. This is roughly akin to Annotations on any k8s resource, just the reconciler conveying richer information outwards. - type: object - additionalProperties: - type: string - conditions: - description: Conditions the latest available observations of a resource's current state. - type: array - items: - description: 'Condition defines a readiness condition for a Knative resource. See: https://github.com/kubernetes/community/blob/master/contributors/devel/sig-architecture/api-conventions.md#typical-status-properties' - type: object - required: - - status - - type - properties: - lastTransitionTime: - description: LastTransitionTime is the last time the condition transitioned from one status to another. We use VolatileTime in place of metav1.Time to exclude this from creating equality.Semantic differences (all other things held constant). - type: string - message: - description: A human readable message indicating details about the transition. - type: string - reason: - description: The reason for the condition's last transition. - type: string - severity: - description: Severity with which to treat failures of this type of condition. When this is not specified, it defaults to Error. - type: string - status: - description: Status of the condition, one of True, False, Unknown. - type: string - type: - description: Type of condition. - type: string - observedGeneration: - description: ObservedGeneration is the 'Generation' of the Service that was last processed by the controller. - type: integer - format: int64 - additionalPrinterColumns: - - name: Image - type: string - jsonPath: .spec.image - ---- diff --git a/cmd/operator/kodata/knative-serving/1.8.3/2-serving-core.yaml b/cmd/operator/kodata/knative-serving/1.8.3/2-serving-core.yaml deleted file mode 100644 index 8661471619..0000000000 --- a/cmd/operator/kodata/knative-serving/1.8.3/2-serving-core.yaml +++ /dev/null @@ -1,6917 +0,0 @@ -# Copyright 2018 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: v1 -kind: Namespace -metadata: - name: knative-serving - labels: - app.kubernetes.io/name: knative-serving - app.kubernetes.io/version: "1.8.3" - ---- -# Copyright 2019 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -# Use this aggregated ClusterRole when you need readonly access to "Addressables" -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRole -metadata: - # Named like this to avoid clashing with eventing's existing `addressable-resolver` role - # (which should be identical, but isn't guaranteed to be installed alongside serving). - name: knative-serving-aggregated-addressable-resolver - labels: - app.kubernetes.io/version: "1.8.3" - app.kubernetes.io/name: knative-serving -aggregationRule: - clusterRoleSelectors: - - matchLabels: - duck.knative.dev/addressable: "true" ---- -kind: ClusterRole -apiVersion: rbac.authorization.k8s.io/v1 -metadata: - name: knative-serving-addressable-resolver - labels: - app.kubernetes.io/version: "1.8.3" - app.kubernetes.io/name: knative-serving - # Labeled to facilitate aggregated cluster roles that act on Addressables. - duck.knative.dev/addressable: "true" -# Do not use this role directly. These rules will be added to the "addressable-resolver" role. -rules: - - apiGroups: - - serving.knative.dev - resources: - - routes - - routes/status - - services - - services/status - verbs: - - get - - list - - watch - ---- -# Copyright 2019 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -kind: ClusterRole -apiVersion: rbac.authorization.k8s.io/v1 -metadata: - name: knative-serving-namespaced-admin - labels: - rbac.authorization.k8s.io/aggregate-to-admin: "true" - app.kubernetes.io/version: "1.8.3" - app.kubernetes.io/name: knative-serving -rules: - - apiGroups: ["serving.knative.dev"] - resources: ["*"] - verbs: ["*"] - - apiGroups: ["networking.internal.knative.dev", "autoscaling.internal.knative.dev", "caching.internal.knative.dev"] - resources: ["*"] - verbs: ["get", "list", "watch"] ---- -kind: ClusterRole -apiVersion: rbac.authorization.k8s.io/v1 -metadata: - name: knative-serving-namespaced-edit - labels: - rbac.authorization.k8s.io/aggregate-to-edit: "true" - app.kubernetes.io/version: "1.8.3" - app.kubernetes.io/name: knative-serving -rules: - - apiGroups: ["serving.knative.dev"] - resources: ["*"] - verbs: ["create", "update", "patch", "delete"] - - apiGroups: ["networking.internal.knative.dev", "autoscaling.internal.knative.dev", "caching.internal.knative.dev"] - resources: ["*"] - verbs: ["get", "list", "watch"] ---- -kind: ClusterRole -apiVersion: rbac.authorization.k8s.io/v1 -metadata: - name: knative-serving-namespaced-view - labels: - rbac.authorization.k8s.io/aggregate-to-view: "true" - app.kubernetes.io/version: "1.8.3" - app.kubernetes.io/name: knative-serving -rules: - - apiGroups: ["serving.knative.dev", "networking.internal.knative.dev", "autoscaling.internal.knative.dev", "caching.internal.knative.dev"] - resources: ["*"] - verbs: ["get", "list", "watch"] - ---- -# Copyright 2019 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -kind: ClusterRole -apiVersion: rbac.authorization.k8s.io/v1 -metadata: - name: knative-serving-core - labels: - serving.knative.dev/controller: "true" - app.kubernetes.io/version: "1.8.3" - app.kubernetes.io/name: knative-serving -rules: - - apiGroups: [""] - resources: ["pods", "namespaces", "secrets", "configmaps", "endpoints", "services", "events", "serviceaccounts"] - verbs: ["get", "list", "create", "update", "delete", "patch", "watch"] - - apiGroups: [""] - resources: ["endpoints/restricted"] # Permission for RestrictedEndpointsAdmission - verbs: ["create"] - - apiGroups: [""] - resources: ["namespaces/finalizers"] # finalizers are needed for the owner reference of the webhook - verbs: ["update"] - - apiGroups: ["apps"] - resources: ["deployments", "deployments/finalizers"] # finalizers are needed for the owner reference of the webhook - verbs: ["get", "list", "create", "update", "delete", "patch", "watch"] - - apiGroups: ["admissionregistration.k8s.io"] - resources: ["mutatingwebhookconfigurations", "validatingwebhookconfigurations"] - verbs: ["get", "list", "create", "update", "delete", "patch", "watch"] - - apiGroups: ["apiextensions.k8s.io"] - resources: ["customresourcedefinitions", "customresourcedefinitions/status"] - verbs: ["get", "list", "create", "update", "delete", "patch", "watch"] - - apiGroups: ["autoscaling"] - resources: ["horizontalpodautoscalers"] - verbs: ["get", "list", "create", "update", "delete", "patch", "watch"] - - apiGroups: ["coordination.k8s.io"] - resources: ["leases"] - verbs: ["get", "list", "create", "update", "delete", "patch", "watch"] - - apiGroups: ["serving.knative.dev", "autoscaling.internal.knative.dev", "networking.internal.knative.dev"] - resources: ["*", "*/status", "*/finalizers"] - verbs: ["get", "list", "create", "update", "delete", "deletecollection", "patch", "watch"] - - apiGroups: ["caching.internal.knative.dev"] - resources: ["images"] - verbs: ["get", "list", "create", "update", "delete", "patch", "watch"] - ---- -# Copyright 2019 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -kind: ClusterRole -apiVersion: rbac.authorization.k8s.io/v1 -metadata: - name: knative-serving-podspecable-binding - labels: - app.kubernetes.io/version: "1.8.3" - app.kubernetes.io/name: knative-serving - # Labeled to facilitate aggregated cluster roles that act on PodSpecables. - duck.knative.dev/podspecable: "true" -# Do not use this role directly. These rules will be added to the "podspecable-binder" role. -rules: - - apiGroups: - - serving.knative.dev - resources: - - configurations - - services - verbs: - - list - - watch - - patch - ---- -# Copyright 2018 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: v1 -kind: ServiceAccount -metadata: - name: controller - namespace: knative-serving - labels: - app.kubernetes.io/component: controller - app.kubernetes.io/name: knative-serving - app.kubernetes.io/version: "1.8.3" ---- -kind: ClusterRole -apiVersion: rbac.authorization.k8s.io/v1 -metadata: - name: knative-serving-admin - labels: - app.kubernetes.io/name: knative-serving - app.kubernetes.io/version: "1.8.3" -aggregationRule: - clusterRoleSelectors: - - matchLabels: - serving.knative.dev/controller: "true" ---- -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRoleBinding -metadata: - name: knative-serving-controller-admin - labels: - app.kubernetes.io/component: controller - app.kubernetes.io/name: knative-serving - app.kubernetes.io/version: "1.8.3" -subjects: - - kind: ServiceAccount - name: controller - namespace: knative-serving -roleRef: - kind: ClusterRole - name: knative-serving-admin - apiGroup: rbac.authorization.k8s.io ---- -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRoleBinding -metadata: - name: knative-serving-controller-addressable-resolver - labels: - app.kubernetes.io/component: controller - app.kubernetes.io/name: knative-serving - app.kubernetes.io/version: "1.8.3" -subjects: - - kind: ServiceAccount - name: controller - namespace: knative-serving -roleRef: - kind: ClusterRole - name: knative-serving-aggregated-addressable-resolver - apiGroup: rbac.authorization.k8s.io - ---- -# Copyright 2018 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - name: images.caching.internal.knative.dev - labels: - app.kubernetes.io/name: knative-serving - app.kubernetes.io/version: "1.8.3" - knative.dev/crd-install: "true" -spec: - group: caching.internal.knative.dev - names: - kind: Image - plural: images - singular: image - categories: - - knative-internal - - caching - scope: Namespaced - versions: - - name: v1alpha1 - served: true - storage: true - subresources: - status: {} - schema: - openAPIV3Schema: - description: Image is a Knative abstraction that encapsulates the interface by which Knative components express a desire to have a particular image cached. - type: object - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - description: Spec holds the desired state of the Image (from the client). - type: object - required: - - image - properties: - image: - description: Image is the name of the container image url to cache across the cluster. - type: string - imagePullSecrets: - description: ImagePullSecrets contains the names of the Kubernetes Secrets containing login information used by the Pods which will run this container. - type: array - items: - description: LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. - type: object - properties: - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?' - type: string - x-kubernetes-map-type: atomic - serviceAccountName: - description: 'ServiceAccountName is the name of the Kubernetes ServiceAccount as which the Pods will run this container. This is potentially used to authenticate the image pull if the service account has attached pull secrets. For more information: https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/#add-imagepullsecrets-to-a-service-account' - type: string - status: - description: Status communicates the observed state of the Image (from the controller). - type: object - properties: - annotations: - description: Annotations is additional Status fields for the Resource to save some additional State as well as convey more information to the user. This is roughly akin to Annotations on any k8s resource, just the reconciler conveying richer information outwards. - type: object - additionalProperties: - type: string - conditions: - description: Conditions the latest available observations of a resource's current state. - type: array - items: - description: 'Condition defines a readiness condition for a Knative resource. See: https://github.com/kubernetes/community/blob/master/contributors/devel/sig-architecture/api-conventions.md#typical-status-properties' - type: object - required: - - status - - type - properties: - lastTransitionTime: - description: LastTransitionTime is the last time the condition transitioned from one status to another. We use VolatileTime in place of metav1.Time to exclude this from creating equality.Semantic differences (all other things held constant). - type: string - message: - description: A human readable message indicating details about the transition. - type: string - reason: - description: The reason for the condition's last transition. - type: string - severity: - description: Severity with which to treat failures of this type of condition. When this is not specified, it defaults to Error. - type: string - status: - description: Status of the condition, one of True, False, Unknown. - type: string - type: - description: Type of condition. - type: string - observedGeneration: - description: ObservedGeneration is the 'Generation' of the Service that was last processed by the controller. - type: integer - format: int64 - additionalPrinterColumns: - - name: Image - type: string - jsonPath: .spec.image - ---- -# Copyright 2020 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - name: certificates.networking.internal.knative.dev - labels: - app.kubernetes.io/name: knative-serving - app.kubernetes.io/component: networking - app.kubernetes.io/version: "1.8.3" - knative.dev/crd-install: "true" -spec: - group: networking.internal.knative.dev - versions: - - name: v1alpha1 - served: true - storage: true - subresources: - status: {} - schema: - openAPIV3Schema: - description: Certificate is responsible for provisioning a SSL certificate for the given hosts. It is a Knative abstraction for various SSL certificate provisioning solutions (such as cert-manager or self-signed SSL certificate). - type: object - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - description: 'Spec is the desired state of the Certificate. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status' - type: object - required: - - dnsNames - - secretName - properties: - dnsNames: - description: DNSNames is a list of DNS names the Certificate could support. The wildcard format of DNSNames (e.g. *.default.example.com) is supported. - type: array - items: - type: string - secretName: - description: SecretName is the name of the secret resource to store the SSL certificate in. - type: string - status: - description: 'Status is the current state of the Certificate. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status' - type: object - properties: - annotations: - description: Annotations is additional Status fields for the Resource to save some additional State as well as convey more information to the user. This is roughly akin to Annotations on any k8s resource, just the reconciler conveying richer information outwards. - type: object - additionalProperties: - type: string - conditions: - description: Conditions the latest available observations of a resource's current state. - type: array - items: - description: 'Condition defines a readiness condition for a Knative resource. See: https://github.com/kubernetes/community/blob/master/contributors/devel/sig-architecture/api-conventions.md#typical-status-properties' - type: object - required: - - status - - type - properties: - lastTransitionTime: - description: LastTransitionTime is the last time the condition transitioned from one status to another. We use VolatileTime in place of metav1.Time to exclude this from creating equality.Semantic differences (all other things held constant). - type: string - message: - description: A human readable message indicating details about the transition. - type: string - reason: - description: The reason for the condition's last transition. - type: string - severity: - description: Severity with which to treat failures of this type of condition. When this is not specified, it defaults to Error. - type: string - status: - description: Status of the condition, one of True, False, Unknown. - type: string - type: - description: Type of condition. - type: string - http01Challenges: - description: HTTP01Challenges is a list of HTTP01 challenges that need to be fulfilled in order to get the TLS certificate.. - type: array - items: - description: HTTP01Challenge defines the status of a HTTP01 challenge that a certificate needs to fulfill. - type: object - properties: - serviceName: - description: ServiceName is the name of the service to serve HTTP01 challenge requests. - type: string - serviceNamespace: - description: ServiceNamespace is the namespace of the service to serve HTTP01 challenge requests. - type: string - servicePort: - description: ServicePort is the port of the service to serve HTTP01 challenge requests. - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - url: - description: URL is the URL that the HTTP01 challenge is expected to serve on. - type: string - notAfter: - description: The expiration time of the TLS certificate stored in the secret named by this resource in spec.secretName. - type: string - format: date-time - observedGeneration: - description: ObservedGeneration is the 'Generation' of the Service that was last processed by the controller. - type: integer - format: int64 - additionalPrinterColumns: - - name: Ready - type: string - jsonPath: ".status.conditions[?(@.type==\"Ready\")].status" - - name: Reason - type: string - jsonPath: ".status.conditions[?(@.type==\"Ready\")].reason" - names: - kind: Certificate - plural: certificates - singular: certificate - categories: - - knative-internal - - networking - shortNames: - - kcert - scope: Namespaced - ---- -# Copyright 2019 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -# Note: The schema part of the spec is auto-generated by hack/update-schemas.sh. - -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - name: configurations.serving.knative.dev - labels: - app.kubernetes.io/name: knative-serving - app.kubernetes.io/version: "1.8.3" - knative.dev/crd-install: "true" - duck.knative.dev/podspecable: "true" -spec: - group: serving.knative.dev - names: - kind: Configuration - plural: configurations - singular: configuration - categories: - - all - - knative - - serving - shortNames: - - config - - cfg - scope: Namespaced - versions: - - name: v1 - served: true - storage: true - subresources: - status: {} - additionalPrinterColumns: - - name: LatestCreated - type: string - jsonPath: .status.latestCreatedRevisionName - - name: LatestReady - type: string - jsonPath: .status.latestReadyRevisionName - - name: Ready - type: string - jsonPath: ".status.conditions[?(@.type=='Ready')].status" - - name: Reason - type: string - jsonPath: ".status.conditions[?(@.type=='Ready')].reason" - schema: - openAPIV3Schema: - description: 'Configuration represents the "floating HEAD" of a linear history of Revisions. Users create new Revisions by updating the Configuration''s spec. The "latest created" revision''s name is available under status, as is the "latest ready" revision''s name. See also: https://github.com/knative/serving/blob/main/docs/spec/overview.md#configuration' - type: object - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - description: ConfigurationSpec holds the desired state of the Configuration (from the client). - type: object - properties: - template: - description: Template holds the latest specification for the Revision to be stamped out. - type: object - properties: - metadata: - type: object - properties: - annotations: - type: object - additionalProperties: - type: string - finalizers: - type: array - items: - type: string - labels: - type: object - additionalProperties: - type: string - name: - type: string - namespace: - type: string - x-kubernetes-preserve-unknown-fields: true - spec: - description: RevisionSpec holds the desired state of the Revision (from the client). - type: object - required: - - containers - properties: - affinity: - description: This is accessible behind a feature flag - kubernetes.podspec-affinity - type: object - x-kubernetes-preserve-unknown-fields: true - automountServiceAccountToken: - description: AutomountServiceAccountToken indicates whether a service account token should be automatically mounted. - type: boolean - containerConcurrency: - description: ContainerConcurrency specifies the maximum allowed in-flight (concurrent) requests per container of the Revision. Defaults to `0` which means concurrency to the application is not limited, and the system decides the target concurrency for the autoscaler. - type: integer - format: int64 - containers: - description: List of containers belonging to the pod. Containers cannot currently be added or removed. There must be at least one container in a Pod. Cannot be updated. - type: array - items: - description: A single application container that you want to run within a pod. - type: object - properties: - args: - description: 'Arguments to the entrypoint. The container image''s CMD is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container''s environment. If a variable cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)" will produce the string literal "$(VAR_NAME)". Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell' - type: array - items: - type: string - command: - description: 'Entrypoint array. Not executed within a shell. The container image''s ENTRYPOINT is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container''s environment. If a variable cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)" will produce the string literal "$(VAR_NAME)". Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell' - type: array - items: - type: string - env: - description: List of environment variables to set in the container. Cannot be updated. - type: array - items: - description: EnvVar represents an environment variable present in a Container. - type: object - required: - - name - properties: - name: - description: Name of the environment variable. Must be a C_IDENTIFIER. - type: string - value: - description: 'Variable references $(VAR_NAME) are expanded using the previously defined environment variables in the container and any service environment variables. If a variable cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)" will produce the string literal "$(VAR_NAME)". Escaped references will never be expanded, regardless of whether the variable exists or not. Defaults to "".' - type: string - valueFrom: - description: Source for the environment variable's value. Cannot be used if value is not empty. - type: object - properties: - configMapKeyRef: - description: Selects a key of a ConfigMap. - type: object - required: - - key - properties: - key: - description: The key to select. - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?' - type: string - optional: - description: Specify whether the ConfigMap or its key must be defined - type: boolean - x-kubernetes-map-type: atomic - fieldRef: - description: This is accessible behind a feature flag - kubernetes.podspec-fieldref - type: object - x-kubernetes-preserve-unknown-fields: true - x-kubernetes-map-type: atomic - resourceFieldRef: - description: This is accessible behind a feature flag - kubernetes.podspec-fieldref - type: object - x-kubernetes-preserve-unknown-fields: true - x-kubernetes-map-type: atomic - secretKeyRef: - description: Selects a key of a secret in the pod's namespace - type: object - required: - - key - properties: - key: - description: The key of the secret to select from. Must be a valid secret key. - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?' - type: string - optional: - description: Specify whether the Secret or its key must be defined - type: boolean - x-kubernetes-map-type: atomic - envFrom: - description: List of sources to populate environment variables in the container. The keys defined within a source must be a C_IDENTIFIER. All invalid keys will be reported as an event when the container is starting. When a key exists in multiple sources, the value associated with the last source will take precedence. Values defined by an Env with a duplicate key will take precedence. Cannot be updated. - type: array - items: - description: EnvFromSource represents the source of a set of ConfigMaps - type: object - properties: - configMapRef: - description: The ConfigMap to select from - type: object - properties: - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?' - type: string - optional: - description: Specify whether the ConfigMap must be defined - type: boolean - x-kubernetes-map-type: atomic - prefix: - description: An optional identifier to prepend to each key in the ConfigMap. Must be a C_IDENTIFIER. - type: string - secretRef: - description: The Secret to select from - type: object - properties: - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?' - type: string - optional: - description: Specify whether the Secret must be defined - type: boolean - x-kubernetes-map-type: atomic - image: - description: 'Container image name. More info: https://kubernetes.io/docs/concepts/containers/images This field is optional to allow higher level config management to default or override container images in workload controllers like Deployments and StatefulSets.' - type: string - imagePullPolicy: - description: 'Image pull policy. One of Always, Never, IfNotPresent. Defaults to Always if :latest tag is specified, or IfNotPresent otherwise. Cannot be updated. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images' - type: string - livenessProbe: - description: 'Periodic probe of container liveness. Container will be restarted if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' - type: object - properties: - exec: - description: Exec specifies the action to take. - type: object - properties: - command: - description: Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. - type: array - items: - type: string - failureThreshold: - description: Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1. - type: integer - format: int32 - httpGet: - description: HTTPGet specifies the http request to perform. - type: object - properties: - host: - description: Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. - type: string - httpHeaders: - description: Custom headers to set in the request. HTTP allows repeated headers. - type: array - items: - description: HTTPHeader describes a custom header to be used in HTTP probes - type: object - required: - - name - - value - properties: - name: - description: The header field name - type: string - value: - description: The header field value - type: string - path: - description: Path to access on the HTTP server. - type: string - port: - description: Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - scheme: - description: Scheme to use for connecting to the host. Defaults to HTTP. - type: string - initialDelaySeconds: - description: 'Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' - type: integer - format: int32 - periodSeconds: - description: How often (in seconds) to perform the probe. - type: integer - format: int32 - successThreshold: - description: Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1. - type: integer - format: int32 - tcpSocket: - description: TCPSocket specifies an action involving a TCP port. - type: object - properties: - host: - description: 'Optional: Host name to connect to, defaults to the pod IP.' - type: string - port: - description: Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - timeoutSeconds: - description: 'Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' - type: integer - format: int32 - name: - description: Name of the container specified as a DNS_LABEL. Each container in a pod must have a unique name (DNS_LABEL). Cannot be updated. - type: string - ports: - description: List of ports to expose from the container. Not specifying a port here DOES NOT prevent that port from being exposed. Any port which is listening on the default "0.0.0.0" address inside a container will be accessible from the network. Modifying this array with strategic merge patch may corrupt the data. For more information See https://github.com/kubernetes/kubernetes/issues/108255. Cannot be updated. - type: array - items: - description: ContainerPort represents a network port in a single container. - type: object - required: - - containerPort - properties: - containerPort: - description: Number of port to expose on the pod's IP address. This must be a valid port number, 0 < x < 65536. - type: integer - format: int32 - name: - description: If specified, this must be an IANA_SVC_NAME and unique within the pod. Each named port in a pod must have a unique name. Name for the port that can be referred to by services. - type: string - protocol: - description: Protocol for port. Must be UDP, TCP, or SCTP. Defaults to "TCP". - type: string - default: TCP - x-kubernetes-list-map-keys: - - containerPort - - protocol - x-kubernetes-list-type: map - readinessProbe: - description: 'Periodic probe of container service readiness. Container will be removed from service endpoints if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' - type: object - properties: - exec: - description: Exec specifies the action to take. - type: object - properties: - command: - description: Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. - type: array - items: - type: string - failureThreshold: - description: Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1. - type: integer - format: int32 - httpGet: - description: HTTPGet specifies the http request to perform. - type: object - properties: - host: - description: Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. - type: string - httpHeaders: - description: Custom headers to set in the request. HTTP allows repeated headers. - type: array - items: - description: HTTPHeader describes a custom header to be used in HTTP probes - type: object - required: - - name - - value - properties: - name: - description: The header field name - type: string - value: - description: The header field value - type: string - path: - description: Path to access on the HTTP server. - type: string - port: - description: Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - scheme: - description: Scheme to use for connecting to the host. Defaults to HTTP. - type: string - initialDelaySeconds: - description: 'Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' - type: integer - format: int32 - periodSeconds: - description: How often (in seconds) to perform the probe. - type: integer - format: int32 - successThreshold: - description: Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1. - type: integer - format: int32 - tcpSocket: - description: TCPSocket specifies an action involving a TCP port. - type: object - properties: - host: - description: 'Optional: Host name to connect to, defaults to the pod IP.' - type: string - port: - description: Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - timeoutSeconds: - description: 'Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' - type: integer - format: int32 - resources: - description: 'Compute Resources required by this container. Cannot be updated. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' - type: object - properties: - limits: - description: 'Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' - type: object - additionalProperties: - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - requests: - description: 'Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' - type: object - additionalProperties: - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - securityContext: - description: 'SecurityContext defines the security options the container should be run with. If set, the fields of SecurityContext override the equivalent fields of PodSecurityContext. More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/' - type: object - properties: - allowPrivilegeEscalation: - description: 'AllowPrivilegeEscalation controls whether a process can gain more privileges than its parent process. This bool directly controls if the no_new_privs flag will be set on the container process. AllowPrivilegeEscalation is true always when the container is: 1) run as Privileged 2) has CAP_SYS_ADMIN Note that this field cannot be set when spec.os.name is windows.' - type: boolean - capabilities: - description: The capabilities to add/drop when running containers. Defaults to the default set of capabilities granted by the container runtime. Note that this field cannot be set when spec.os.name is windows. - type: object - properties: - add: - description: This is accessible behind a feature flag - kubernetes.containerspec-addcapabilities - type: array - items: - description: Capability represent POSIX capabilities type - type: string - drop: - description: Removed capabilities - type: array - items: - description: Capability represent POSIX capabilities type - type: string - readOnlyRootFilesystem: - description: Whether this container has a read-only root filesystem. Default is false. Note that this field cannot be set when spec.os.name is windows. - type: boolean - runAsGroup: - description: The GID to run the entrypoint of the container process. Uses runtime default if unset. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is windows. - type: integer - format: int64 - runAsNonRoot: - description: Indicates that the container must run as a non-root user. If true, the Kubelet will validate the image at runtime to ensure that it does not run as UID 0 (root) and fail to start the container if it does. If unset or false, no such validation will be performed. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. - type: boolean - runAsUser: - description: The UID to run the entrypoint of the container process. Defaults to user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is windows. - type: integer - format: int64 - terminationMessagePath: - description: 'Optional: Path at which the file to which the container''s termination message will be written is mounted into the container''s filesystem. Message written is intended to be brief final status, such as an assertion failure message. Will be truncated by the node if greater than 4096 bytes. The total message length across all containers will be limited to 12kb. Defaults to /dev/termination-log. Cannot be updated.' - type: string - terminationMessagePolicy: - description: Indicate how the termination message should be populated. File will use the contents of terminationMessagePath to populate the container status message on both success and failure. FallbackToLogsOnError will use the last chunk of container log output if the termination message file is empty and the container exited with an error. The log output is limited to 2048 bytes or 80 lines, whichever is smaller. Defaults to File. Cannot be updated. - type: string - volumeMounts: - description: Pod volumes to mount into the container's filesystem. Cannot be updated. - type: array - items: - description: VolumeMount describes a mounting of a Volume within a container. - type: object - required: - - mountPath - - name - properties: - mountPath: - description: Path within the container at which the volume should be mounted. Must not contain ':'. - type: string - name: - description: This must match the Name of a Volume. - type: string - readOnly: - description: Mounted read-only if true, read-write otherwise (false or unspecified). Defaults to false. - type: boolean - subPath: - description: Path within the volume from which the container's volume should be mounted. Defaults to "" (volume's root). - type: string - workingDir: - description: Container's working directory. If not specified, the container runtime's default will be used, which might be configured in the container image. Cannot be updated. - type: string - dnsConfig: - description: This is accessible behind a feature flag - kubernetes.podspec-dnsconfig - type: object - x-kubernetes-preserve-unknown-fields: true - dnsPolicy: - description: This is accessible behind a feature flag - kubernetes.podspec-dnspolicy - type: string - enableServiceLinks: - description: 'EnableServiceLinks indicates whether information about services should be injected into pod''s environment variables, matching the syntax of Docker links. Optional: Knative defaults this to false.' - type: boolean - hostAliases: - description: This is accessible behind a feature flag - kubernetes.podspec-hostaliases - type: array - items: - description: This is accessible behind a feature flag - kubernetes.podspec-hostaliases - type: object - x-kubernetes-preserve-unknown-fields: true - idleTimeoutSeconds: - description: IdleTimeoutSeconds is the maximum duration in seconds a request will be allowed to stay open while not receiving any bytes from the user's application. If unspecified, a system default will be provided. - type: integer - format: int64 - imagePullSecrets: - description: 'ImagePullSecrets is an optional list of references to secrets in the same namespace to use for pulling any of the images used by this PodSpec. If specified, these secrets will be passed to individual puller implementations for them to use. More info: https://kubernetes.io/docs/concepts/containers/images#specifying-imagepullsecrets-on-a-pod' - type: array - items: - description: LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. - type: object - properties: - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?' - type: string - x-kubernetes-map-type: atomic - initContainers: - description: 'List of initialization containers belonging to the pod. Init containers are executed in order prior to containers being started. If any init container fails, the pod is considered to have failed and is handled according to its restartPolicy. The name for an init container or normal container must be unique among all containers. Init containers may not have Lifecycle actions, Readiness probes, Liveness probes, or Startup probes. The resourceRequirements of an init container are taken into account during scheduling by finding the highest request/limit for each resource type, and then using the max of of that value or the sum of the normal containers. Limits are applied to init containers in a similar fashion. Init containers cannot currently be added or removed. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/init-containers/' - type: array - items: - description: This is accessible behind a feature flag - kubernetes.podspec-init-containers - type: object - x-kubernetes-preserve-unknown-fields: true - nodeSelector: - description: This is accessible behind a feature flag - kubernetes.podspec-nodeselector - type: object - x-kubernetes-preserve-unknown-fields: true - x-kubernetes-map-type: atomic - priorityClassName: - description: This is accessible behind a feature flag - kubernetes.podspec-priorityclassname - type: string - x-kubernetes-preserve-unknown-fields: true - responseStartTimeoutSeconds: - description: ResponseStartTimeoutSeconds is the maximum duration in seconds that the request routing layer will wait for a request delivered to a container to begin sending any network traffic. - type: integer - format: int64 - runtimeClassName: - description: This is accessible behind a feature flag - kubernetes.podspec-runtimeclassname - type: string - x-kubernetes-preserve-unknown-fields: true - schedulerName: - description: This is accessible behind a feature flag - kubernetes.podspec-schedulername - type: string - x-kubernetes-preserve-unknown-fields: true - securityContext: - description: This is accessible behind a feature flag - kubernetes.podspec-securitycontext - type: object - x-kubernetes-preserve-unknown-fields: true - serviceAccountName: - description: 'ServiceAccountName is the name of the ServiceAccount to use to run this pod. More info: https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/' - type: string - timeoutSeconds: - description: TimeoutSeconds is the maximum duration in seconds that the request instance is allowed to respond to a request. If unspecified, a system default will be provided. - type: integer - format: int64 - tolerations: - description: This is accessible behind a feature flag - kubernetes.podspec-tolerations - type: array - items: - description: This is accessible behind a feature flag - kubernetes.podspec-tolerations - type: object - x-kubernetes-preserve-unknown-fields: true - topologySpreadConstraints: - description: This is accessible behind a feature flag - kubernetes.podspec-topologyspreadconstraints - type: array - items: - description: This is accessible behind a feature flag - kubernetes.podspec-topologyspreadconstraints - type: object - x-kubernetes-preserve-unknown-fields: true - volumes: - description: 'List of volumes that can be mounted by containers belonging to the pod. More info: https://kubernetes.io/docs/concepts/storage/volumes' - type: array - items: - description: Volume represents a named volume in a pod that may be accessed by any container in the pod. - type: object - required: - - name - properties: - configMap: - description: configMap represents a configMap that should populate this volume - type: object - properties: - defaultMode: - description: 'defaultMode is optional: mode bits used to set permissions on created files by default. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. Defaults to 0644. Directories within the path are not affected by this setting. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.' - type: integer - format: int32 - items: - description: items if unspecified, each key-value pair in the Data field of the referenced ConfigMap will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the ConfigMap, the volume setup will error unless it is marked optional. Paths must be relative and may not contain the '..' path or start with '..'. - type: array - items: - description: Maps a string key to a path within a volume. - type: object - required: - - key - - path - properties: - key: - description: key is the key to project. - type: string - mode: - description: 'mode is Optional: mode bits used to set permissions on this file. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.' - type: integer - format: int32 - path: - description: path is the relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'. - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?' - type: string - optional: - description: optional specify whether the ConfigMap or its keys must be defined - type: boolean - x-kubernetes-map-type: atomic - emptyDir: - description: This is accessible behind a feature flag - kubernetes.podspec-emptydir - type: object - x-kubernetes-preserve-unknown-fields: true - name: - description: 'name of the volume. Must be a DNS_LABEL and unique within the pod. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - persistentVolumeClaim: - description: This is accessible behind a feature flag - kubernetes.podspec-persistent-volume-claim - type: object - x-kubernetes-preserve-unknown-fields: true - projected: - description: projected items for all in one resources secrets, configmaps, and downward API - type: object - properties: - defaultMode: - description: defaultMode are the mode bits used to set permissions on created files by default. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. Directories within the path are not affected by this setting. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. - type: integer - format: int32 - sources: - description: sources is the list of volume projections - type: array - items: - description: Projection that may be projected along with other supported volume types - type: object - properties: - configMap: - description: configMap information about the configMap data to project - type: object - properties: - items: - description: items if unspecified, each key-value pair in the Data field of the referenced ConfigMap will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the ConfigMap, the volume setup will error unless it is marked optional. Paths must be relative and may not contain the '..' path or start with '..'. - type: array - items: - description: Maps a string key to a path within a volume. - type: object - required: - - key - - path - properties: - key: - description: key is the key to project. - type: string - mode: - description: 'mode is Optional: mode bits used to set permissions on this file. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.' - type: integer - format: int32 - path: - description: path is the relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'. - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?' - type: string - optional: - description: optional specify whether the ConfigMap or its keys must be defined - type: boolean - x-kubernetes-map-type: atomic - secret: - description: secret information about the secret data to project - type: object - properties: - items: - description: items if unspecified, each key-value pair in the Data field of the referenced Secret will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the Secret, the volume setup will error unless it is marked optional. Paths must be relative and may not contain the '..' path or start with '..'. - type: array - items: - description: Maps a string key to a path within a volume. - type: object - required: - - key - - path - properties: - key: - description: key is the key to project. - type: string - mode: - description: 'mode is Optional: mode bits used to set permissions on this file. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.' - type: integer - format: int32 - path: - description: path is the relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'. - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?' - type: string - optional: - description: optional field specify whether the Secret or its key must be defined - type: boolean - x-kubernetes-map-type: atomic - serviceAccountToken: - description: serviceAccountToken is information about the serviceAccountToken data to project - type: object - required: - - path - properties: - audience: - description: audience is the intended audience of the token. A recipient of a token must identify itself with an identifier specified in the audience of the token, and otherwise should reject the token. The audience defaults to the identifier of the apiserver. - type: string - expirationSeconds: - description: expirationSeconds is the requested duration of validity of the service account token. As the token approaches expiration, the kubelet volume plugin will proactively rotate the service account token. The kubelet will start trying to rotate the token if the token is older than 80 percent of its time to live or if the token is older than 24 hours.Defaults to 1 hour and must be at least 10 minutes. - type: integer - format: int64 - path: - description: path is the path relative to the mount point of the file to project the token into. - type: string - secret: - description: 'secret represents a secret that should populate this volume. More info: https://kubernetes.io/docs/concepts/storage/volumes#secret' - type: object - properties: - defaultMode: - description: 'defaultMode is Optional: mode bits used to set permissions on created files by default. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. Defaults to 0644. Directories within the path are not affected by this setting. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.' - type: integer - format: int32 - items: - description: items If unspecified, each key-value pair in the Data field of the referenced Secret will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the Secret, the volume setup will error unless it is marked optional. Paths must be relative and may not contain the '..' path or start with '..'. - type: array - items: - description: Maps a string key to a path within a volume. - type: object - required: - - key - - path - properties: - key: - description: key is the key to project. - type: string - mode: - description: 'mode is Optional: mode bits used to set permissions on this file. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.' - type: integer - format: int32 - path: - description: path is the relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'. - type: string - optional: - description: optional field specify whether the Secret or its keys must be defined - type: boolean - secretName: - description: 'secretName is the name of the secret in the pod''s namespace to use. More info: https://kubernetes.io/docs/concepts/storage/volumes#secret' - type: string - status: - description: ConfigurationStatus communicates the observed state of the Configuration (from the controller). - type: object - properties: - annotations: - description: Annotations is additional Status fields for the Resource to save some additional State as well as convey more information to the user. This is roughly akin to Annotations on any k8s resource, just the reconciler conveying richer information outwards. - type: object - additionalProperties: - type: string - conditions: - description: Conditions the latest available observations of a resource's current state. - type: array - items: - description: 'Condition defines a readiness condition for a Knative resource. See: https://github.com/kubernetes/community/blob/master/contributors/devel/sig-architecture/api-conventions.md#typical-status-properties' - type: object - required: - - status - - type - properties: - lastTransitionTime: - description: LastTransitionTime is the last time the condition transitioned from one status to another. We use VolatileTime in place of metav1.Time to exclude this from creating equality.Semantic differences (all other things held constant). - type: string - message: - description: A human readable message indicating details about the transition. - type: string - reason: - description: The reason for the condition's last transition. - type: string - severity: - description: Severity with which to treat failures of this type of condition. When this is not specified, it defaults to Error. - type: string - status: - description: Status of the condition, one of True, False, Unknown. - type: string - type: - description: Type of condition. - type: string - latestCreatedRevisionName: - description: LatestCreatedRevisionName is the last revision that was created from this Configuration. It might not be ready yet, for that use LatestReadyRevisionName. - type: string - latestReadyRevisionName: - description: LatestReadyRevisionName holds the name of the latest Revision stamped out from this Configuration that has had its "Ready" condition become "True". - type: string - observedGeneration: - description: ObservedGeneration is the 'Generation' of the Service that was last processed by the controller. - type: integer - format: int64 - ---- -# Copyright 2020 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - name: clusterdomainclaims.networking.internal.knative.dev - labels: - app.kubernetes.io/name: knative-serving - app.kubernetes.io/component: networking - app.kubernetes.io/version: "1.8.3" - knative.dev/crd-install: "true" -spec: - group: networking.internal.knative.dev - versions: - - name: v1alpha1 - served: true - storage: true - subresources: - status: {} - schema: - openAPIV3Schema: - description: ClusterDomainClaim is a cluster-wide reservation for a particular domain name. - type: object - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - description: 'Spec is the desired state of the ClusterDomainClaim. More info: https://github.com/kubernetes/community/blob/master/contributors/devel/sig-architecture/api-conventions.md#spec-and-status' - type: object - required: - - namespace - properties: - namespace: - description: Namespace is the namespace which is allowed to create a DomainMapping using this ClusterDomainClaim's name. - type: string - names: - kind: ClusterDomainClaim - plural: clusterdomainclaims - singular: clusterdomainclaim - categories: - - knative-internal - - networking - shortNames: - - cdc - scope: Cluster - ---- -# Copyright 2020 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - name: domainmappings.serving.knative.dev - labels: - app.kubernetes.io/name: knative-serving - app.kubernetes.io/version: "1.8.3" - knative.dev/crd-install: "true" -spec: - group: serving.knative.dev - versions: - - name: v1beta1 - served: true - storage: false - subresources: - status: {} - additionalPrinterColumns: - - name: URL - type: string - jsonPath: .status.url - - name: Ready - type: string - jsonPath: ".status.conditions[?(@.type=='Ready')].status" - - name: Reason - type: string - jsonPath: ".status.conditions[?(@.type=='Ready')].reason" - "schema": - "openAPIV3Schema": - description: DomainMapping is a mapping from a custom hostname to an Addressable. - type: object - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - description: 'Spec is the desired state of the DomainMapping. More info: https://github.com/kubernetes/community/blob/master/contributors/devel/sig-architecture/api-conventions.md#spec-and-status' - type: object - required: - - ref - properties: - ref: - description: "Ref specifies the target of the Domain Mapping. \n The object identified by the Ref must be an Addressable with a URL of the form `{name}.{namespace}.{domain}` where `{domain}` is the cluster domain, and `{name}` and `{namespace}` are the name and namespace of a Kubernetes Service. \n This contract is satisfied by Knative types such as Knative Services and Knative Routes, and by Kubernetes Services." - type: object - required: - - kind - - name - properties: - apiVersion: - description: API version of the referent. - type: string - group: - description: 'Group of the API, without the version of the group. This can be used as an alternative to the APIVersion, and then resolved using ResolveGroup. Note: This API is EXPERIMENTAL and might break anytime. For more details: https://github.com/knative/eventing/issues/5086' - type: string - kind: - description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - namespace: - description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ This is optional field, it gets defaulted to the object holding it if left out.' - type: string - tls: - description: TLS allows the DomainMapping to terminate TLS traffic with an existing secret. - type: object - required: - - secretName - properties: - secretName: - description: SecretName is the name of the existing secret used to terminate TLS traffic. - type: string - status: - description: 'Status is the current state of the DomainMapping. More info: https://github.com/kubernetes/community/blob/master/contributors/devel/sig-architecture/api-conventions.md#spec-and-status' - type: object - properties: - address: - description: Address holds the information needed for a DomainMapping to be the target of an event. - type: object - properties: - url: - type: string - annotations: - description: Annotations is additional Status fields for the Resource to save some additional State as well as convey more information to the user. This is roughly akin to Annotations on any k8s resource, just the reconciler conveying richer information outwards. - type: object - additionalProperties: - type: string - conditions: - description: Conditions the latest available observations of a resource's current state. - type: array - items: - description: 'Condition defines a readiness condition for a Knative resource. See: https://github.com/kubernetes/community/blob/master/contributors/devel/sig-architecture/api-conventions.md#typical-status-properties' - type: object - required: - - status - - type - properties: - lastTransitionTime: - description: LastTransitionTime is the last time the condition transitioned from one status to another. We use VolatileTime in place of metav1.Time to exclude this from creating equality.Semantic differences (all other things held constant). - type: string - message: - description: A human readable message indicating details about the transition. - type: string - reason: - description: The reason for the condition's last transition. - type: string - severity: - description: Severity with which to treat failures of this type of condition. When this is not specified, it defaults to Error. - type: string - status: - description: Status of the condition, one of True, False, Unknown. - type: string - type: - description: Type of condition. - type: string - observedGeneration: - description: ObservedGeneration is the 'Generation' of the Service that was last processed by the controller. - type: integer - format: int64 - url: - description: URL is the URL of this DomainMapping. - type: string - - name: v1alpha1 - served: true - storage: true - subresources: - status: {} - schema: - openAPIV3Schema: - description: DomainMapping is a mapping from a custom hostname to an Addressable. - type: object - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - description: 'Spec is the desired state of the DomainMapping. More info: https://github.com/kubernetes/community/blob/master/contributors/devel/sig-architecture/api-conventions.md#spec-and-status' - type: object - required: - - ref - properties: - ref: - description: "Ref specifies the target of the Domain Mapping. \n The object identified by the Ref must be an Addressable with a URL of the form `{name}.{namespace}.{domain}` where `{domain}` is the cluster domain, and `{name}` and `{namespace}` are the name and namespace of a Kubernetes Service. \n This contract is satisfied by Knative types such as Knative Services and Knative Routes, and by Kubernetes Services." - type: object - required: - - kind - - name - properties: - apiVersion: - description: API version of the referent. - type: string - group: - description: 'Group of the API, without the version of the group. This can be used as an alternative to the APIVersion, and then resolved using ResolveGroup. Note: This API is EXPERIMENTAL and might break anytime. For more details: https://github.com/knative/eventing/issues/5086' - type: string - kind: - description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - namespace: - description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ This is optional field, it gets defaulted to the object holding it if left out.' - type: string - tls: - description: TLS allows the DomainMapping to terminate TLS traffic with an existing secret. - type: object - required: - - secretName - properties: - secretName: - description: SecretName is the name of the existing secret used to terminate TLS traffic. - type: string - status: - description: 'Status is the current state of the DomainMapping. More info: https://github.com/kubernetes/community/blob/master/contributors/devel/sig-architecture/api-conventions.md#spec-and-status' - type: object - properties: - address: - description: Address holds the information needed for a DomainMapping to be the target of an event. - type: object - properties: - url: - type: string - annotations: - description: Annotations is additional Status fields for the Resource to save some additional State as well as convey more information to the user. This is roughly akin to Annotations on any k8s resource, just the reconciler conveying richer information outwards. - type: object - additionalProperties: - type: string - conditions: - description: Conditions the latest available observations of a resource's current state. - type: array - items: - description: 'Condition defines a readiness condition for a Knative resource. See: https://github.com/kubernetes/community/blob/master/contributors/devel/sig-architecture/api-conventions.md#typical-status-properties' - type: object - required: - - status - - type - properties: - lastTransitionTime: - description: LastTransitionTime is the last time the condition transitioned from one status to another. We use VolatileTime in place of metav1.Time to exclude this from creating equality.Semantic differences (all other things held constant). - type: string - message: - description: A human readable message indicating details about the transition. - type: string - reason: - description: The reason for the condition's last transition. - type: string - severity: - description: Severity with which to treat failures of this type of condition. When this is not specified, it defaults to Error. - type: string - status: - description: Status of the condition, one of True, False, Unknown. - type: string - type: - description: Type of condition. - type: string - observedGeneration: - description: ObservedGeneration is the 'Generation' of the Service that was last processed by the controller. - type: integer - format: int64 - url: - description: URL is the URL of this DomainMapping. - type: string - additionalPrinterColumns: - - name: URL - type: string - jsonPath: .status.url - - name: Ready - type: string - jsonPath: ".status.conditions[?(@.type=='Ready')].status" - - name: Reason - type: string - jsonPath: ".status.conditions[?(@.type=='Ready')].reason" - names: - kind: DomainMapping - plural: domainmappings - singular: domainmapping - categories: - - all - - knative - - serving - shortNames: - - dm - scope: Namespaced - ---- -# Copyright 2020 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - name: ingresses.networking.internal.knative.dev - labels: - app.kubernetes.io/name: knative-serving - app.kubernetes.io/component: networking - app.kubernetes.io/version: "1.8.3" - knative.dev/crd-install: "true" -spec: - group: networking.internal.knative.dev - versions: - - name: v1alpha1 - served: true - storage: true - subresources: - status: {} - schema: - openAPIV3Schema: - description: "Ingress is a collection of rules that allow inbound connections to reach the endpoints defined by a backend. An Ingress can be configured to give services externally-reachable URLs, load balance traffic, offer name based virtual hosting, etc. \n This is heavily based on K8s Ingress https://godoc.org/k8s.io/api/networking/v1beta1#Ingress which some highlighted modifications." - type: object - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - description: 'Spec is the desired state of the Ingress. More info: https://github.com/kubernetes/community/blob/master/contributors/devel/sig-architecture/api-conventions.md#spec-and-status' - type: object - properties: - httpOption: - description: 'HTTPOption is the option of HTTP. It has the following two values: `HTTPOptionEnabled`, `HTTPOptionRedirected`' - type: string - rules: - description: A list of host rules used to configure the Ingress. - type: array - items: - description: IngressRule represents the rules mapping the paths under a specified host to the related backend services. Incoming requests are first evaluated for a host match, then routed to the backend associated with the matching IngressRuleValue. - type: object - properties: - hosts: - description: 'Host is the fully qualified domain name of a network host, as defined by RFC 3986. Note the following deviations from the "host" part of the URI as defined in the RFC: 1. IPs are not allowed. Currently a rule value can only apply to the IP in the Spec of the parent . 2. The `:` delimiter is not respected because ports are not allowed. Currently the port of an Ingress is implicitly :80 for http and :443 for https. Both these may change in the future. If the host is unspecified, the Ingress routes all traffic based on the specified IngressRuleValue. If multiple matching Hosts were provided, the first rule will take precedent.' - type: array - items: - type: string - http: - description: HTTP represents a rule to apply against incoming requests. If the rule is satisfied, the request is routed to the specified backend. - type: object - required: - - paths - properties: - paths: - description: "A collection of paths that map requests to backends. \n If they are multiple matching paths, the first match takes precedence." - type: array - items: - description: HTTPIngressPath associates a path regex with a backend. Incoming URLs matching the path are forwarded to the backend. - type: object - required: - - splits - properties: - appendHeaders: - description: "AppendHeaders allow specifying additional HTTP headers to add before forwarding a request to the destination service. \n NOTE: This differs from K8s Ingress which doesn't allow header appending." - type: object - additionalProperties: - type: string - headers: - description: Headers defines header matching rules which is a map from a header name to HeaderMatch which specify a matching condition. When a request matched with all the header matching rules, the request is routed by the corresponding ingress rule. If it is empty, the headers are not used for matching - type: object - additionalProperties: - description: HeaderMatch represents a matching value of Headers in HTTPIngressPath. Currently, only the exact matching is supported. - type: object - required: - - exact - properties: - exact: - type: string - path: - description: Path represents a literal prefix to which this rule should apply. Currently it can contain characters disallowed from the conventional "path" part of a URL as defined by RFC 3986. Paths must begin with a '/'. If unspecified, the path defaults to a catch all sending traffic to the backend. - type: string - rewriteHost: - description: "RewriteHost rewrites the incoming request's host header. \n This field is currently experimental and not supported by all Ingress implementations." - type: string - splits: - description: Splits defines the referenced service endpoints to which the traffic will be forwarded to. - type: array - items: - description: IngressBackendSplit describes all endpoints for a given service and port. - type: object - required: - - serviceName - - serviceNamespace - - servicePort - properties: - appendHeaders: - description: "AppendHeaders allow specifying additional HTTP headers to add before forwarding a request to the destination service. \n NOTE: This differs from K8s Ingress which doesn't allow header appending." - type: object - additionalProperties: - type: string - percent: - description: "Specifies the split percentage, a number between 0 and 100. If only one split is specified, we default to 100. \n NOTE: This differs from K8s Ingress to allow percentage split." - type: integer - serviceName: - description: Specifies the name of the referenced service. - type: string - serviceNamespace: - description: "Specifies the namespace of the referenced service. \n NOTE: This differs from K8s Ingress to allow routing to different namespaces." - type: string - servicePort: - description: Specifies the port of the referenced service. - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - visibility: - description: Visibility signifies whether this rule should `ClusterLocal`. If it's not specified then it defaults to `ExternalIP`. - type: string - tls: - description: 'TLS configuration. Currently Ingress only supports a single TLS port: 443. If multiple members of this list specify different hosts, they will be multiplexed on the same port according to the hostname specified through the SNI TLS extension, if the ingress controller fulfilling the ingress supports SNI.' - type: array - items: - description: IngressTLS describes the transport layer security associated with an Ingress. - type: object - properties: - hosts: - description: Hosts is a list of hosts included in the TLS certificate. The values in this list must match the name/s used in the tlsSecret. Defaults to the wildcard host setting for the loadbalancer controller fulfilling this Ingress, if left unspecified. - type: array - items: - type: string - secretName: - description: SecretName is the name of the secret used to terminate SSL traffic. - type: string - secretNamespace: - description: SecretNamespace is the namespace of the secret used to terminate SSL traffic. If not set the namespace should be assumed to be the same as the Ingress. If set the secret should have the same namespace as the Ingress otherwise the behaviour is undefined and not supported. - type: string - status: - description: 'Status is the current state of the Ingress. More info: https://github.com/kubernetes/community/blob/master/contributors/devel/sig-architecture/api-conventions.md#spec-and-status' - type: object - properties: - annotations: - description: Annotations is additional Status fields for the Resource to save some additional State as well as convey more information to the user. This is roughly akin to Annotations on any k8s resource, just the reconciler conveying richer information outwards. - type: object - additionalProperties: - type: string - conditions: - description: Conditions the latest available observations of a resource's current state. - type: array - items: - description: 'Condition defines a readiness condition for a Knative resource. See: https://github.com/kubernetes/community/blob/master/contributors/devel/sig-architecture/api-conventions.md#typical-status-properties' - type: object - required: - - status - - type - properties: - lastTransitionTime: - description: LastTransitionTime is the last time the condition transitioned from one status to another. We use VolatileTime in place of metav1.Time to exclude this from creating equality.Semantic differences (all other things held constant). - type: string - message: - description: A human readable message indicating details about the transition. - type: string - reason: - description: The reason for the condition's last transition. - type: string - severity: - description: Severity with which to treat failures of this type of condition. When this is not specified, it defaults to Error. - type: string - status: - description: Status of the condition, one of True, False, Unknown. - type: string - type: - description: Type of condition. - type: string - observedGeneration: - description: ObservedGeneration is the 'Generation' of the Service that was last processed by the controller. - type: integer - format: int64 - privateLoadBalancer: - description: PrivateLoadBalancer contains the current status of the load-balancer. - type: object - properties: - ingress: - description: Ingress is a list containing ingress points for the load-balancer. Traffic intended for the service should be sent to these ingress points. - type: array - items: - description: 'LoadBalancerIngressStatus represents the status of a load-balancer ingress point: traffic intended for the service should be sent to an ingress point.' - type: object - properties: - domain: - description: Domain is set for load-balancer ingress points that are DNS based (typically AWS load-balancers) - type: string - domainInternal: - description: "DomainInternal is set if there is a cluster-local DNS name to access the Ingress. \n NOTE: This differs from K8s Ingress, since we also desire to have a cluster-local DNS name to allow routing in case of not having a mesh." - type: string - ip: - description: IP is set for load-balancer ingress points that are IP based (typically GCE or OpenStack load-balancers) - type: string - meshOnly: - description: MeshOnly is set if the Ingress is only load-balanced through a Service mesh. - type: boolean - publicLoadBalancer: - description: PublicLoadBalancer contains the current status of the load-balancer. - type: object - properties: - ingress: - description: Ingress is a list containing ingress points for the load-balancer. Traffic intended for the service should be sent to these ingress points. - type: array - items: - description: 'LoadBalancerIngressStatus represents the status of a load-balancer ingress point: traffic intended for the service should be sent to an ingress point.' - type: object - properties: - domain: - description: Domain is set for load-balancer ingress points that are DNS based (typically AWS load-balancers) - type: string - domainInternal: - description: "DomainInternal is set if there is a cluster-local DNS name to access the Ingress. \n NOTE: This differs from K8s Ingress, since we also desire to have a cluster-local DNS name to allow routing in case of not having a mesh." - type: string - ip: - description: IP is set for load-balancer ingress points that are IP based (typically GCE or OpenStack load-balancers) - type: string - meshOnly: - description: MeshOnly is set if the Ingress is only load-balanced through a Service mesh. - type: boolean - additionalPrinterColumns: - - name: Ready - type: string - jsonPath: ".status.conditions[?(@.type=='Ready')].status" - - name: Reason - type: string - jsonPath: ".status.conditions[?(@.type=='Ready')].reason" - names: - kind: Ingress - plural: ingresses - singular: ingress - categories: - - knative-internal - - networking - shortNames: - - kingress - - king - scope: Namespaced - ---- -# Copyright 2019 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -# Note: The schema part of the spec is auto-generated by hack/update-schemas.sh. - -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - name: metrics.autoscaling.internal.knative.dev - labels: - app.kubernetes.io/name: knative-serving - app.kubernetes.io/version: "1.8.3" - knative.dev/crd-install: "true" -spec: - group: autoscaling.internal.knative.dev - names: - kind: Metric - plural: metrics - singular: metric - categories: - - knative-internal - - autoscaling - scope: Namespaced - versions: - - name: v1alpha1 - served: true - storage: true - subresources: - status: {} - additionalPrinterColumns: - - name: Ready - type: string - jsonPath: ".status.conditions[?(@.type=='Ready')].status" - - name: Reason - type: string - jsonPath: ".status.conditions[?(@.type=='Ready')].reason" - schema: - openAPIV3Schema: - description: Metric represents a resource to configure the metric collector with. - type: object - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - description: Spec holds the desired state of the Metric (from the client). - type: object - required: - - panicWindow - - scrapeTarget - - stableWindow - properties: - panicWindow: - description: PanicWindow is the aggregation window for metrics where quick reactions are needed. - type: integer - format: int64 - scrapeTarget: - description: ScrapeTarget is the K8s service that publishes the metric endpoint. - type: string - stableWindow: - description: StableWindow is the aggregation window for metrics in a stable state. - type: integer - format: int64 - status: - description: Status communicates the observed state of the Metric (from the controller). - type: object - properties: - annotations: - description: Annotations is additional Status fields for the Resource to save some additional State as well as convey more information to the user. This is roughly akin to Annotations on any k8s resource, just the reconciler conveying richer information outwards. - type: object - additionalProperties: - type: string - conditions: - description: Conditions the latest available observations of a resource's current state. - type: array - items: - description: 'Condition defines a readiness condition for a Knative resource. See: https://github.com/kubernetes/community/blob/master/contributors/devel/sig-architecture/api-conventions.md#typical-status-properties' - type: object - required: - - status - - type - properties: - lastTransitionTime: - description: LastTransitionTime is the last time the condition transitioned from one status to another. We use VolatileTime in place of metav1.Time to exclude this from creating equality.Semantic differences (all other things held constant). - type: string - message: - description: A human readable message indicating details about the transition. - type: string - reason: - description: The reason for the condition's last transition. - type: string - severity: - description: Severity with which to treat failures of this type of condition. When this is not specified, it defaults to Error. - type: string - status: - description: Status of the condition, one of True, False, Unknown. - type: string - type: - description: Type of condition. - type: string - observedGeneration: - description: ObservedGeneration is the 'Generation' of the Service that was last processed by the controller. - type: integer - format: int64 - ---- -# Copyright 2018 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -# Note: The schema part of the spec is auto-generated by hack/update-schemas.sh. - -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - name: podautoscalers.autoscaling.internal.knative.dev - labels: - app.kubernetes.io/name: knative-serving - app.kubernetes.io/version: "1.8.3" - knative.dev/crd-install: "true" -spec: - group: autoscaling.internal.knative.dev - names: - kind: PodAutoscaler - plural: podautoscalers - singular: podautoscaler - categories: - - knative-internal - - autoscaling - shortNames: - - kpa - - pa - scope: Namespaced - versions: - - name: v1alpha1 - served: true - storage: true - subresources: - status: {} - additionalPrinterColumns: - - name: DesiredScale - type: integer - jsonPath: ".status.desiredScale" - - name: ActualScale - type: integer - jsonPath: ".status.actualScale" - - name: Ready - type: string - jsonPath: ".status.conditions[?(@.type=='Ready')].status" - - name: Reason - type: string - jsonPath: ".status.conditions[?(@.type=='Ready')].reason" - schema: - openAPIV3Schema: - description: 'PodAutoscaler is a Knative abstraction that encapsulates the interface by which Knative components instantiate autoscalers. This definition is an abstraction that may be backed by multiple definitions. For more information, see the Knative Pluggability presentation: https://docs.google.com/presentation/d/19vW9HFZ6Puxt31biNZF3uLRejDmu82rxJIk1cWmxF7w/edit' - type: object - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - description: Spec holds the desired state of the PodAutoscaler (from the client). - type: object - required: - - protocolType - - scaleTargetRef - properties: - containerConcurrency: - description: ContainerConcurrency specifies the maximum allowed in-flight (concurrent) requests per container of the Revision. Defaults to `0` which means unlimited concurrency. - type: integer - format: int64 - protocolType: - description: The application-layer protocol. Matches `ProtocolType` inferred from the revision spec. - type: string - reachability: - description: Reachability specifies whether or not the `ScaleTargetRef` can be reached (ie. has a route). Defaults to `ReachabilityUnknown` - type: string - scaleTargetRef: - description: ScaleTargetRef defines the /scale-able resource that this PodAutoscaler is responsible for quickly right-sizing. - type: object - properties: - apiVersion: - description: API version of the referent. - type: string - kind: - description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - x-kubernetes-map-type: atomic - status: - description: Status communicates the observed state of the PodAutoscaler (from the controller). - type: object - required: - - metricsServiceName - - serviceName - properties: - actualScale: - description: ActualScale shows the actual number of replicas for the revision. - type: integer - format: int32 - annotations: - description: Annotations is additional Status fields for the Resource to save some additional State as well as convey more information to the user. This is roughly akin to Annotations on any k8s resource, just the reconciler conveying richer information outwards. - type: object - additionalProperties: - type: string - conditions: - description: Conditions the latest available observations of a resource's current state. - type: array - items: - description: 'Condition defines a readiness condition for a Knative resource. See: https://github.com/kubernetes/community/blob/master/contributors/devel/sig-architecture/api-conventions.md#typical-status-properties' - type: object - required: - - status - - type - properties: - lastTransitionTime: - description: LastTransitionTime is the last time the condition transitioned from one status to another. We use VolatileTime in place of metav1.Time to exclude this from creating equality.Semantic differences (all other things held constant). - type: string - message: - description: A human readable message indicating details about the transition. - type: string - reason: - description: The reason for the condition's last transition. - type: string - severity: - description: Severity with which to treat failures of this type of condition. When this is not specified, it defaults to Error. - type: string - status: - description: Status of the condition, one of True, False, Unknown. - type: string - type: - description: Type of condition. - type: string - desiredScale: - description: DesiredScale shows the current desired number of replicas for the revision. - type: integer - format: int32 - metricsServiceName: - description: MetricsServiceName is the K8s Service name that provides revision metrics. The service is managed by the PA object. - type: string - observedGeneration: - description: ObservedGeneration is the 'Generation' of the Service that was last processed by the controller. - type: integer - format: int64 - serviceName: - description: ServiceName is the K8s Service name that serves the revision, scaled by this PA. The service is created and owned by the ServerlessService object owned by this PA. - type: string - ---- -# Copyright 2019 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -# Note: The schema part of the spec is auto-generated by hack/update-schemas.sh. - -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - name: revisions.serving.knative.dev - labels: - app.kubernetes.io/name: knative-serving - app.kubernetes.io/version: "1.8.3" - knative.dev/crd-install: "true" -spec: - group: serving.knative.dev - names: - kind: Revision - plural: revisions - singular: revision - categories: - - all - - knative - - serving - shortNames: - - rev - scope: Namespaced - versions: - - name: v1 - served: true - storage: true - subresources: - status: {} - additionalPrinterColumns: - - name: Config Name - type: string - jsonPath: ".metadata.labels['serving\\.knative\\.dev/configuration']" - - name: K8s Service Name - type: string - jsonPath: ".status.serviceName" - - name: Generation - type: string # int in string form :( - jsonPath: ".metadata.labels['serving\\.knative\\.dev/configurationGeneration']" - - name: Ready - type: string - jsonPath: ".status.conditions[?(@.type=='Ready')].status" - - name: Reason - type: string - jsonPath: ".status.conditions[?(@.type=='Ready')].reason" - - name: Actual Replicas - type: integer - jsonPath: ".status.actualReplicas" - - name: Desired Replicas - type: integer - jsonPath: ".status.desiredReplicas" - schema: - openAPIV3Schema: - description: "Revision is an immutable snapshot of code and configuration. A revision references a container image. Revisions are created by updates to a Configuration. \n See also: https://github.com/knative/serving/blob/main/docs/spec/overview.md#revision" - type: object - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - description: RevisionSpec holds the desired state of the Revision (from the client). - type: object - required: - - containers - properties: - affinity: - description: This is accessible behind a feature flag - kubernetes.podspec-affinity - type: object - x-kubernetes-preserve-unknown-fields: true - automountServiceAccountToken: - description: AutomountServiceAccountToken indicates whether a service account token should be automatically mounted. - type: boolean - containerConcurrency: - description: ContainerConcurrency specifies the maximum allowed in-flight (concurrent) requests per container of the Revision. Defaults to `0` which means concurrency to the application is not limited, and the system decides the target concurrency for the autoscaler. - type: integer - format: int64 - containers: - description: List of containers belonging to the pod. Containers cannot currently be added or removed. There must be at least one container in a Pod. Cannot be updated. - type: array - items: - description: A single application container that you want to run within a pod. - type: object - properties: - args: - description: 'Arguments to the entrypoint. The container image''s CMD is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container''s environment. If a variable cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)" will produce the string literal "$(VAR_NAME)". Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell' - type: array - items: - type: string - command: - description: 'Entrypoint array. Not executed within a shell. The container image''s ENTRYPOINT is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container''s environment. If a variable cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)" will produce the string literal "$(VAR_NAME)". Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell' - type: array - items: - type: string - env: - description: List of environment variables to set in the container. Cannot be updated. - type: array - items: - description: EnvVar represents an environment variable present in a Container. - type: object - required: - - name - properties: - name: - description: Name of the environment variable. Must be a C_IDENTIFIER. - type: string - value: - description: 'Variable references $(VAR_NAME) are expanded using the previously defined environment variables in the container and any service environment variables. If a variable cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)" will produce the string literal "$(VAR_NAME)". Escaped references will never be expanded, regardless of whether the variable exists or not. Defaults to "".' - type: string - valueFrom: - description: Source for the environment variable's value. Cannot be used if value is not empty. - type: object - properties: - configMapKeyRef: - description: Selects a key of a ConfigMap. - type: object - required: - - key - properties: - key: - description: The key to select. - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?' - type: string - optional: - description: Specify whether the ConfigMap or its key must be defined - type: boolean - x-kubernetes-map-type: atomic - fieldRef: - description: This is accessible behind a feature flag - kubernetes.podspec-fieldref - type: object - x-kubernetes-preserve-unknown-fields: true - x-kubernetes-map-type: atomic - resourceFieldRef: - description: This is accessible behind a feature flag - kubernetes.podspec-fieldref - type: object - x-kubernetes-preserve-unknown-fields: true - x-kubernetes-map-type: atomic - secretKeyRef: - description: Selects a key of a secret in the pod's namespace - type: object - required: - - key - properties: - key: - description: The key of the secret to select from. Must be a valid secret key. - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?' - type: string - optional: - description: Specify whether the Secret or its key must be defined - type: boolean - x-kubernetes-map-type: atomic - envFrom: - description: List of sources to populate environment variables in the container. The keys defined within a source must be a C_IDENTIFIER. All invalid keys will be reported as an event when the container is starting. When a key exists in multiple sources, the value associated with the last source will take precedence. Values defined by an Env with a duplicate key will take precedence. Cannot be updated. - type: array - items: - description: EnvFromSource represents the source of a set of ConfigMaps - type: object - properties: - configMapRef: - description: The ConfigMap to select from - type: object - properties: - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?' - type: string - optional: - description: Specify whether the ConfigMap must be defined - type: boolean - x-kubernetes-map-type: atomic - prefix: - description: An optional identifier to prepend to each key in the ConfigMap. Must be a C_IDENTIFIER. - type: string - secretRef: - description: The Secret to select from - type: object - properties: - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?' - type: string - optional: - description: Specify whether the Secret must be defined - type: boolean - x-kubernetes-map-type: atomic - image: - description: 'Container image name. More info: https://kubernetes.io/docs/concepts/containers/images This field is optional to allow higher level config management to default or override container images in workload controllers like Deployments and StatefulSets.' - type: string - imagePullPolicy: - description: 'Image pull policy. One of Always, Never, IfNotPresent. Defaults to Always if :latest tag is specified, or IfNotPresent otherwise. Cannot be updated. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images' - type: string - livenessProbe: - description: 'Periodic probe of container liveness. Container will be restarted if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' - type: object - properties: - exec: - description: Exec specifies the action to take. - type: object - properties: - command: - description: Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. - type: array - items: - type: string - failureThreshold: - description: Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1. - type: integer - format: int32 - httpGet: - description: HTTPGet specifies the http request to perform. - type: object - properties: - host: - description: Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. - type: string - httpHeaders: - description: Custom headers to set in the request. HTTP allows repeated headers. - type: array - items: - description: HTTPHeader describes a custom header to be used in HTTP probes - type: object - required: - - name - - value - properties: - name: - description: The header field name - type: string - value: - description: The header field value - type: string - path: - description: Path to access on the HTTP server. - type: string - port: - description: Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - scheme: - description: Scheme to use for connecting to the host. Defaults to HTTP. - type: string - initialDelaySeconds: - description: 'Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' - type: integer - format: int32 - periodSeconds: - description: How often (in seconds) to perform the probe. - type: integer - format: int32 - successThreshold: - description: Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1. - type: integer - format: int32 - tcpSocket: - description: TCPSocket specifies an action involving a TCP port. - type: object - properties: - host: - description: 'Optional: Host name to connect to, defaults to the pod IP.' - type: string - port: - description: Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - timeoutSeconds: - description: 'Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' - type: integer - format: int32 - name: - description: Name of the container specified as a DNS_LABEL. Each container in a pod must have a unique name (DNS_LABEL). Cannot be updated. - type: string - ports: - description: List of ports to expose from the container. Not specifying a port here DOES NOT prevent that port from being exposed. Any port which is listening on the default "0.0.0.0" address inside a container will be accessible from the network. Modifying this array with strategic merge patch may corrupt the data. For more information See https://github.com/kubernetes/kubernetes/issues/108255. Cannot be updated. - type: array - items: - description: ContainerPort represents a network port in a single container. - type: object - required: - - containerPort - properties: - containerPort: - description: Number of port to expose on the pod's IP address. This must be a valid port number, 0 < x < 65536. - type: integer - format: int32 - name: - description: If specified, this must be an IANA_SVC_NAME and unique within the pod. Each named port in a pod must have a unique name. Name for the port that can be referred to by services. - type: string - protocol: - description: Protocol for port. Must be UDP, TCP, or SCTP. Defaults to "TCP". - type: string - default: TCP - x-kubernetes-list-map-keys: - - containerPort - - protocol - x-kubernetes-list-type: map - readinessProbe: - description: 'Periodic probe of container service readiness. Container will be removed from service endpoints if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' - type: object - properties: - exec: - description: Exec specifies the action to take. - type: object - properties: - command: - description: Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. - type: array - items: - type: string - failureThreshold: - description: Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1. - type: integer - format: int32 - httpGet: - description: HTTPGet specifies the http request to perform. - type: object - properties: - host: - description: Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. - type: string - httpHeaders: - description: Custom headers to set in the request. HTTP allows repeated headers. - type: array - items: - description: HTTPHeader describes a custom header to be used in HTTP probes - type: object - required: - - name - - value - properties: - name: - description: The header field name - type: string - value: - description: The header field value - type: string - path: - description: Path to access on the HTTP server. - type: string - port: - description: Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - scheme: - description: Scheme to use for connecting to the host. Defaults to HTTP. - type: string - initialDelaySeconds: - description: 'Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' - type: integer - format: int32 - periodSeconds: - description: How often (in seconds) to perform the probe. - type: integer - format: int32 - successThreshold: - description: Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1. - type: integer - format: int32 - tcpSocket: - description: TCPSocket specifies an action involving a TCP port. - type: object - properties: - host: - description: 'Optional: Host name to connect to, defaults to the pod IP.' - type: string - port: - description: Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - timeoutSeconds: - description: 'Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' - type: integer - format: int32 - resources: - description: 'Compute Resources required by this container. Cannot be updated. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' - type: object - properties: - limits: - description: 'Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' - type: object - additionalProperties: - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - requests: - description: 'Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' - type: object - additionalProperties: - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - securityContext: - description: 'SecurityContext defines the security options the container should be run with. If set, the fields of SecurityContext override the equivalent fields of PodSecurityContext. More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/' - type: object - properties: - allowPrivilegeEscalation: - description: 'AllowPrivilegeEscalation controls whether a process can gain more privileges than its parent process. This bool directly controls if the no_new_privs flag will be set on the container process. AllowPrivilegeEscalation is true always when the container is: 1) run as Privileged 2) has CAP_SYS_ADMIN Note that this field cannot be set when spec.os.name is windows.' - type: boolean - capabilities: - description: The capabilities to add/drop when running containers. Defaults to the default set of capabilities granted by the container runtime. Note that this field cannot be set when spec.os.name is windows. - type: object - properties: - add: - description: This is accessible behind a feature flag - kubernetes.containerspec-addcapabilities - type: array - items: - description: Capability represent POSIX capabilities type - type: string - drop: - description: Removed capabilities - type: array - items: - description: Capability represent POSIX capabilities type - type: string - readOnlyRootFilesystem: - description: Whether this container has a read-only root filesystem. Default is false. Note that this field cannot be set when spec.os.name is windows. - type: boolean - runAsGroup: - description: The GID to run the entrypoint of the container process. Uses runtime default if unset. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is windows. - type: integer - format: int64 - runAsNonRoot: - description: Indicates that the container must run as a non-root user. If true, the Kubelet will validate the image at runtime to ensure that it does not run as UID 0 (root) and fail to start the container if it does. If unset or false, no such validation will be performed. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. - type: boolean - runAsUser: - description: The UID to run the entrypoint of the container process. Defaults to user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is windows. - type: integer - format: int64 - terminationMessagePath: - description: 'Optional: Path at which the file to which the container''s termination message will be written is mounted into the container''s filesystem. Message written is intended to be brief final status, such as an assertion failure message. Will be truncated by the node if greater than 4096 bytes. The total message length across all containers will be limited to 12kb. Defaults to /dev/termination-log. Cannot be updated.' - type: string - terminationMessagePolicy: - description: Indicate how the termination message should be populated. File will use the contents of terminationMessagePath to populate the container status message on both success and failure. FallbackToLogsOnError will use the last chunk of container log output if the termination message file is empty and the container exited with an error. The log output is limited to 2048 bytes or 80 lines, whichever is smaller. Defaults to File. Cannot be updated. - type: string - volumeMounts: - description: Pod volumes to mount into the container's filesystem. Cannot be updated. - type: array - items: - description: VolumeMount describes a mounting of a Volume within a container. - type: object - required: - - mountPath - - name - properties: - mountPath: - description: Path within the container at which the volume should be mounted. Must not contain ':'. - type: string - name: - description: This must match the Name of a Volume. - type: string - readOnly: - description: Mounted read-only if true, read-write otherwise (false or unspecified). Defaults to false. - type: boolean - subPath: - description: Path within the volume from which the container's volume should be mounted. Defaults to "" (volume's root). - type: string - workingDir: - description: Container's working directory. If not specified, the container runtime's default will be used, which might be configured in the container image. Cannot be updated. - type: string - dnsConfig: - description: This is accessible behind a feature flag - kubernetes.podspec-dnsconfig - type: object - x-kubernetes-preserve-unknown-fields: true - dnsPolicy: - description: This is accessible behind a feature flag - kubernetes.podspec-dnspolicy - type: string - enableServiceLinks: - description: 'EnableServiceLinks indicates whether information about services should be injected into pod''s environment variables, matching the syntax of Docker links. Optional: Knative defaults this to false.' - type: boolean - hostAliases: - description: This is accessible behind a feature flag - kubernetes.podspec-hostaliases - type: array - items: - description: This is accessible behind a feature flag - kubernetes.podspec-hostaliases - type: object - x-kubernetes-preserve-unknown-fields: true - idleTimeoutSeconds: - description: IdleTimeoutSeconds is the maximum duration in seconds a request will be allowed to stay open while not receiving any bytes from the user's application. If unspecified, a system default will be provided. - type: integer - format: int64 - imagePullSecrets: - description: 'ImagePullSecrets is an optional list of references to secrets in the same namespace to use for pulling any of the images used by this PodSpec. If specified, these secrets will be passed to individual puller implementations for them to use. More info: https://kubernetes.io/docs/concepts/containers/images#specifying-imagepullsecrets-on-a-pod' - type: array - items: - description: LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. - type: object - properties: - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?' - type: string - x-kubernetes-map-type: atomic - initContainers: - description: 'List of initialization containers belonging to the pod. Init containers are executed in order prior to containers being started. If any init container fails, the pod is considered to have failed and is handled according to its restartPolicy. The name for an init container or normal container must be unique among all containers. Init containers may not have Lifecycle actions, Readiness probes, Liveness probes, or Startup probes. The resourceRequirements of an init container are taken into account during scheduling by finding the highest request/limit for each resource type, and then using the max of of that value or the sum of the normal containers. Limits are applied to init containers in a similar fashion. Init containers cannot currently be added or removed. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/init-containers/' - type: array - items: - description: This is accessible behind a feature flag - kubernetes.podspec-init-containers - type: object - x-kubernetes-preserve-unknown-fields: true - nodeSelector: - description: This is accessible behind a feature flag - kubernetes.podspec-nodeselector - type: object - x-kubernetes-preserve-unknown-fields: true - x-kubernetes-map-type: atomic - priorityClassName: - description: This is accessible behind a feature flag - kubernetes.podspec-priorityclassname - type: string - x-kubernetes-preserve-unknown-fields: true - responseStartTimeoutSeconds: - description: ResponseStartTimeoutSeconds is the maximum duration in seconds that the request routing layer will wait for a request delivered to a container to begin sending any network traffic. - type: integer - format: int64 - runtimeClassName: - description: This is accessible behind a feature flag - kubernetes.podspec-runtimeclassname - type: string - x-kubernetes-preserve-unknown-fields: true - schedulerName: - description: This is accessible behind a feature flag - kubernetes.podspec-schedulername - type: string - x-kubernetes-preserve-unknown-fields: true - securityContext: - description: This is accessible behind a feature flag - kubernetes.podspec-securitycontext - type: object - x-kubernetes-preserve-unknown-fields: true - serviceAccountName: - description: 'ServiceAccountName is the name of the ServiceAccount to use to run this pod. More info: https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/' - type: string - timeoutSeconds: - description: TimeoutSeconds is the maximum duration in seconds that the request instance is allowed to respond to a request. If unspecified, a system default will be provided. - type: integer - format: int64 - tolerations: - description: This is accessible behind a feature flag - kubernetes.podspec-tolerations - type: array - items: - description: This is accessible behind a feature flag - kubernetes.podspec-tolerations - type: object - x-kubernetes-preserve-unknown-fields: true - topologySpreadConstraints: - description: This is accessible behind a feature flag - kubernetes.podspec-topologyspreadconstraints - type: array - items: - description: This is accessible behind a feature flag - kubernetes.podspec-topologyspreadconstraints - type: object - x-kubernetes-preserve-unknown-fields: true - volumes: - description: 'List of volumes that can be mounted by containers belonging to the pod. More info: https://kubernetes.io/docs/concepts/storage/volumes' - type: array - items: - description: Volume represents a named volume in a pod that may be accessed by any container in the pod. - type: object - required: - - name - properties: - configMap: - description: configMap represents a configMap that should populate this volume - type: object - properties: - defaultMode: - description: 'defaultMode is optional: mode bits used to set permissions on created files by default. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. Defaults to 0644. Directories within the path are not affected by this setting. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.' - type: integer - format: int32 - items: - description: items if unspecified, each key-value pair in the Data field of the referenced ConfigMap will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the ConfigMap, the volume setup will error unless it is marked optional. Paths must be relative and may not contain the '..' path or start with '..'. - type: array - items: - description: Maps a string key to a path within a volume. - type: object - required: - - key - - path - properties: - key: - description: key is the key to project. - type: string - mode: - description: 'mode is Optional: mode bits used to set permissions on this file. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.' - type: integer - format: int32 - path: - description: path is the relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'. - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?' - type: string - optional: - description: optional specify whether the ConfigMap or its keys must be defined - type: boolean - x-kubernetes-map-type: atomic - emptyDir: - description: This is accessible behind a feature flag - kubernetes.podspec-emptydir - type: object - x-kubernetes-preserve-unknown-fields: true - name: - description: 'name of the volume. Must be a DNS_LABEL and unique within the pod. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - persistentVolumeClaim: - description: This is accessible behind a feature flag - kubernetes.podspec-persistent-volume-claim - type: object - x-kubernetes-preserve-unknown-fields: true - projected: - description: projected items for all in one resources secrets, configmaps, and downward API - type: object - properties: - defaultMode: - description: defaultMode are the mode bits used to set permissions on created files by default. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. Directories within the path are not affected by this setting. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. - type: integer - format: int32 - sources: - description: sources is the list of volume projections - type: array - items: - description: Projection that may be projected along with other supported volume types - type: object - properties: - configMap: - description: configMap information about the configMap data to project - type: object - properties: - items: - description: items if unspecified, each key-value pair in the Data field of the referenced ConfigMap will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the ConfigMap, the volume setup will error unless it is marked optional. Paths must be relative and may not contain the '..' path or start with '..'. - type: array - items: - description: Maps a string key to a path within a volume. - type: object - required: - - key - - path - properties: - key: - description: key is the key to project. - type: string - mode: - description: 'mode is Optional: mode bits used to set permissions on this file. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.' - type: integer - format: int32 - path: - description: path is the relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'. - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?' - type: string - optional: - description: optional specify whether the ConfigMap or its keys must be defined - type: boolean - x-kubernetes-map-type: atomic - secret: - description: secret information about the secret data to project - type: object - properties: - items: - description: items if unspecified, each key-value pair in the Data field of the referenced Secret will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the Secret, the volume setup will error unless it is marked optional. Paths must be relative and may not contain the '..' path or start with '..'. - type: array - items: - description: Maps a string key to a path within a volume. - type: object - required: - - key - - path - properties: - key: - description: key is the key to project. - type: string - mode: - description: 'mode is Optional: mode bits used to set permissions on this file. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.' - type: integer - format: int32 - path: - description: path is the relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'. - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?' - type: string - optional: - description: optional field specify whether the Secret or its key must be defined - type: boolean - x-kubernetes-map-type: atomic - serviceAccountToken: - description: serviceAccountToken is information about the serviceAccountToken data to project - type: object - required: - - path - properties: - audience: - description: audience is the intended audience of the token. A recipient of a token must identify itself with an identifier specified in the audience of the token, and otherwise should reject the token. The audience defaults to the identifier of the apiserver. - type: string - expirationSeconds: - description: expirationSeconds is the requested duration of validity of the service account token. As the token approaches expiration, the kubelet volume plugin will proactively rotate the service account token. The kubelet will start trying to rotate the token if the token is older than 80 percent of its time to live or if the token is older than 24 hours.Defaults to 1 hour and must be at least 10 minutes. - type: integer - format: int64 - path: - description: path is the path relative to the mount point of the file to project the token into. - type: string - secret: - description: 'secret represents a secret that should populate this volume. More info: https://kubernetes.io/docs/concepts/storage/volumes#secret' - type: object - properties: - defaultMode: - description: 'defaultMode is Optional: mode bits used to set permissions on created files by default. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. Defaults to 0644. Directories within the path are not affected by this setting. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.' - type: integer - format: int32 - items: - description: items If unspecified, each key-value pair in the Data field of the referenced Secret will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the Secret, the volume setup will error unless it is marked optional. Paths must be relative and may not contain the '..' path or start with '..'. - type: array - items: - description: Maps a string key to a path within a volume. - type: object - required: - - key - - path - properties: - key: - description: key is the key to project. - type: string - mode: - description: 'mode is Optional: mode bits used to set permissions on this file. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.' - type: integer - format: int32 - path: - description: path is the relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'. - type: string - optional: - description: optional field specify whether the Secret or its keys must be defined - type: boolean - secretName: - description: 'secretName is the name of the secret in the pod''s namespace to use. More info: https://kubernetes.io/docs/concepts/storage/volumes#secret' - type: string - status: - description: RevisionStatus communicates the observed state of the Revision (from the controller). - type: object - properties: - actualReplicas: - description: ActualReplicas reflects the amount of ready pods running this revision. - type: integer - format: int32 - annotations: - description: Annotations is additional Status fields for the Resource to save some additional State as well as convey more information to the user. This is roughly akin to Annotations on any k8s resource, just the reconciler conveying richer information outwards. - type: object - additionalProperties: - type: string - conditions: - description: Conditions the latest available observations of a resource's current state. - type: array - items: - description: 'Condition defines a readiness condition for a Knative resource. See: https://github.com/kubernetes/community/blob/master/contributors/devel/sig-architecture/api-conventions.md#typical-status-properties' - type: object - required: - - status - - type - properties: - lastTransitionTime: - description: LastTransitionTime is the last time the condition transitioned from one status to another. We use VolatileTime in place of metav1.Time to exclude this from creating equality.Semantic differences (all other things held constant). - type: string - message: - description: A human readable message indicating details about the transition. - type: string - reason: - description: The reason for the condition's last transition. - type: string - severity: - description: Severity with which to treat failures of this type of condition. When this is not specified, it defaults to Error. - type: string - status: - description: Status of the condition, one of True, False, Unknown. - type: string - type: - description: Type of condition. - type: string - containerStatuses: - description: 'ContainerStatuses is a slice of images present in .Spec.Container[*].Image to their respective digests and their container name. The digests are resolved during the creation of Revision. ContainerStatuses holds the container name and image digests for both serving and non serving containers. ref: http://bit.ly/image-digests' - type: array - items: - description: ContainerStatus holds the information of container name and image digest value - type: object - properties: - imageDigest: - type: string - name: - type: string - desiredReplicas: - description: DesiredReplicas reflects the desired amount of pods running this revision. - type: integer - format: int32 - initContainerStatuses: - description: 'InitContainerStatuses is a slice of images present in .Spec.InitContainer[*].Image to their respective digests and their container name. The digests are resolved during the creation of Revision. ContainerStatuses holds the container name and image digests for both serving and non serving containers. ref: http://bit.ly/image-digests' - type: array - items: - description: ContainerStatus holds the information of container name and image digest value - type: object - properties: - imageDigest: - type: string - name: - type: string - logUrl: - description: LogURL specifies the generated logging url for this particular revision based on the revision url template specified in the controller's config. - type: string - observedGeneration: - description: ObservedGeneration is the 'Generation' of the Service that was last processed by the controller. - type: integer - format: int64 - ---- -# Copyright 2019 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -# Note: The schema part of the spec is auto-generated by hack/update-schemas.sh. - -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - name: routes.serving.knative.dev - labels: - app.kubernetes.io/name: knative-serving - app.kubernetes.io/version: "1.8.3" - knative.dev/crd-install: "true" - duck.knative.dev/addressable: "true" -spec: - group: serving.knative.dev - names: - kind: Route - plural: routes - singular: route - categories: - - all - - knative - - serving - shortNames: - - rt - scope: Namespaced - versions: - - name: v1 - served: true - storage: true - subresources: - status: {} - additionalPrinterColumns: - - name: URL - type: string - jsonPath: .status.url - - name: Ready - type: string - jsonPath: ".status.conditions[?(@.type=='Ready')].status" - - name: Reason - type: string - jsonPath: ".status.conditions[?(@.type=='Ready')].reason" - schema: - openAPIV3Schema: - description: 'Route is responsible for configuring ingress over a collection of Revisions. Some of the Revisions a Route distributes traffic over may be specified by referencing the Configuration responsible for creating them; in these cases the Route is additionally responsible for monitoring the Configuration for "latest ready revision" changes, and smoothly rolling out latest revisions. See also: https://github.com/knative/serving/blob/main/docs/spec/overview.md#route' - type: object - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - description: Spec holds the desired state of the Route (from the client). - type: object - properties: - traffic: - description: Traffic specifies how to distribute traffic over a collection of revisions and configurations. - type: array - items: - description: TrafficTarget holds a single entry of the routing table for a Route. - type: object - properties: - configurationName: - description: ConfigurationName of a configuration to whose latest revision we will send this portion of traffic. When the "status.latestReadyRevisionName" of the referenced configuration changes, we will automatically migrate traffic from the prior "latest ready" revision to the new one. This field is never set in Route's status, only its spec. This is mutually exclusive with RevisionName. - type: string - latestRevision: - description: LatestRevision may be optionally provided to indicate that the latest ready Revision of the Configuration should be used for this traffic target. When provided LatestRevision must be true if RevisionName is empty; it must be false when RevisionName is non-empty. - type: boolean - percent: - description: 'Percent indicates that percentage based routing should be used and the value indicates the percent of traffic that is be routed to this Revision or Configuration. `0` (zero) mean no traffic, `100` means all traffic. When percentage based routing is being used the follow rules apply: - the sum of all percent values must equal 100 - when not specified, the implied value for `percent` is zero for that particular Revision or Configuration' - type: integer - format: int64 - revisionName: - description: RevisionName of a specific revision to which to send this portion of traffic. This is mutually exclusive with ConfigurationName. - type: string - tag: - description: Tag is optionally used to expose a dedicated url for referencing this target exclusively. - type: string - url: - description: URL displays the URL for accessing named traffic targets. URL is displayed in status, and is disallowed on spec. URL must contain a scheme (e.g. http://) and a hostname, but may not contain anything else (e.g. basic auth, url path, etc.) - type: string - status: - description: Status communicates the observed state of the Route (from the controller). - type: object - properties: - address: - description: Address holds the information needed for a Route to be the target of an event. - type: object - properties: - url: - type: string - annotations: - description: Annotations is additional Status fields for the Resource to save some additional State as well as convey more information to the user. This is roughly akin to Annotations on any k8s resource, just the reconciler conveying richer information outwards. - type: object - additionalProperties: - type: string - conditions: - description: Conditions the latest available observations of a resource's current state. - type: array - items: - description: 'Condition defines a readiness condition for a Knative resource. See: https://github.com/kubernetes/community/blob/master/contributors/devel/sig-architecture/api-conventions.md#typical-status-properties' - type: object - required: - - status - - type - properties: - lastTransitionTime: - description: LastTransitionTime is the last time the condition transitioned from one status to another. We use VolatileTime in place of metav1.Time to exclude this from creating equality.Semantic differences (all other things held constant). - type: string - message: - description: A human readable message indicating details about the transition. - type: string - reason: - description: The reason for the condition's last transition. - type: string - severity: - description: Severity with which to treat failures of this type of condition. When this is not specified, it defaults to Error. - type: string - status: - description: Status of the condition, one of True, False, Unknown. - type: string - type: - description: Type of condition. - type: string - observedGeneration: - description: ObservedGeneration is the 'Generation' of the Service that was last processed by the controller. - type: integer - format: int64 - traffic: - description: Traffic holds the configured traffic distribution. These entries will always contain RevisionName references. When ConfigurationName appears in the spec, this will hold the LatestReadyRevisionName that we last observed. - type: array - items: - description: TrafficTarget holds a single entry of the routing table for a Route. - type: object - properties: - configurationName: - description: ConfigurationName of a configuration to whose latest revision we will send this portion of traffic. When the "status.latestReadyRevisionName" of the referenced configuration changes, we will automatically migrate traffic from the prior "latest ready" revision to the new one. This field is never set in Route's status, only its spec. This is mutually exclusive with RevisionName. - type: string - latestRevision: - description: LatestRevision may be optionally provided to indicate that the latest ready Revision of the Configuration should be used for this traffic target. When provided LatestRevision must be true if RevisionName is empty; it must be false when RevisionName is non-empty. - type: boolean - percent: - description: 'Percent indicates that percentage based routing should be used and the value indicates the percent of traffic that is be routed to this Revision or Configuration. `0` (zero) mean no traffic, `100` means all traffic. When percentage based routing is being used the follow rules apply: - the sum of all percent values must equal 100 - when not specified, the implied value for `percent` is zero for that particular Revision or Configuration' - type: integer - format: int64 - revisionName: - description: RevisionName of a specific revision to which to send this portion of traffic. This is mutually exclusive with ConfigurationName. - type: string - tag: - description: Tag is optionally used to expose a dedicated url for referencing this target exclusively. - type: string - url: - description: URL displays the URL for accessing named traffic targets. URL is displayed in status, and is disallowed on spec. URL must contain a scheme (e.g. http://) and a hostname, but may not contain anything else (e.g. basic auth, url path, etc.) - type: string - url: - description: URL holds the url that will distribute traffic over the provided traffic targets. It generally has the form http[s]://{route-name}.{route-namespace}.{cluster-level-suffix} - type: string - ---- -# Copyright 2019 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - name: serverlessservices.networking.internal.knative.dev - labels: - app.kubernetes.io/name: knative-serving - app.kubernetes.io/component: networking - app.kubernetes.io/version: "1.8.3" - knative.dev/crd-install: "true" -spec: - group: networking.internal.knative.dev - versions: - - name: v1alpha1 - served: true - storage: true - subresources: - status: {} - schema: - openAPIV3Schema: - description: 'ServerlessService is a proxy for the K8s service objects containing the endpoints for the revision, whether those are endpoints of the activator or revision pods. See: https://knative.page.link/naxz for details.' - type: object - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - description: 'Spec is the desired state of the ServerlessService. More info: https://github.com/kubernetes/community/blob/master/contributors/devel/sig-architecture/api-conventions.md#spec-and-status' - type: object - required: - - objectRef - - protocolType - properties: - mode: - description: Mode describes the mode of operation of the ServerlessService. - type: string - numActivators: - description: NumActivators contains number of Activators that this revision should be assigned. O means — assign all. - type: integer - format: int32 - objectRef: - description: ObjectRef defines the resource that this ServerlessService is responsible for making "serverless". - type: object - properties: - apiVersion: - description: API version of the referent. - type: string - fieldPath: - description: 'If referring to a piece of an object instead of an entire object, this string should contain a valid JSON/Go field access statement, such as desiredState.manifest.containers[2]. For example, if the object reference is to a container within a pod, this would take on a value like: "spec.containers{name}" (where "name" refers to the name of the container that triggered the event) or if no container name is specified "spec.containers[2]" (container with index 2 in this pod). This syntax is chosen only to have some well-defined way of referencing a part of an object. TODO: this design is not final and this field is subject to change in the future.' - type: string - kind: - description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - namespace: - description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' - type: string - resourceVersion: - description: 'Specific resourceVersion to which this reference is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency' - type: string - uid: - description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids' - type: string - x-kubernetes-map-type: atomic - protocolType: - description: The application-layer protocol. Matches `RevisionProtocolType` set on the owning pa/revision. serving imports networking, so just use string. - type: string - status: - description: 'Status is the current state of the ServerlessService. More info: https://github.com/kubernetes/community/blob/master/contributors/devel/sig-architecture/api-conventions.md#spec-and-status' - type: object - properties: - annotations: - description: Annotations is additional Status fields for the Resource to save some additional State as well as convey more information to the user. This is roughly akin to Annotations on any k8s resource, just the reconciler conveying richer information outwards. - type: object - additionalProperties: - type: string - conditions: - description: Conditions the latest available observations of a resource's current state. - type: array - items: - description: 'Condition defines a readiness condition for a Knative resource. See: https://github.com/kubernetes/community/blob/master/contributors/devel/sig-architecture/api-conventions.md#typical-status-properties' - type: object - required: - - status - - type - properties: - lastTransitionTime: - description: LastTransitionTime is the last time the condition transitioned from one status to another. We use VolatileTime in place of metav1.Time to exclude this from creating equality.Semantic differences (all other things held constant). - type: string - message: - description: A human readable message indicating details about the transition. - type: string - reason: - description: The reason for the condition's last transition. - type: string - severity: - description: Severity with which to treat failures of this type of condition. When this is not specified, it defaults to Error. - type: string - status: - description: Status of the condition, one of True, False, Unknown. - type: string - type: - description: Type of condition. - type: string - observedGeneration: - description: ObservedGeneration is the 'Generation' of the Service that was last processed by the controller. - type: integer - format: int64 - privateServiceName: - description: PrivateServiceName holds the name of a core K8s Service resource that load balances over the user service pods backing this Revision. - type: string - serviceName: - description: ServiceName holds the name of a core K8s Service resource that load balances over the pods backing this Revision (activator or revision). - type: string - additionalPrinterColumns: - - name: Mode - type: string - jsonPath: ".spec.mode" - - name: Activators - type: integer - jsonPath: ".spec.numActivators" - - name: ServiceName - type: string - jsonPath: ".status.serviceName" - - name: PrivateServiceName - type: string - jsonPath: ".status.privateServiceName" - - name: Ready - type: string - jsonPath: ".status.conditions[?(@.type=='Ready')].status" - - name: Reason - type: string - jsonPath: ".status.conditions[?(@.type=='Ready')].reason" - names: - kind: ServerlessService - plural: serverlessservices - singular: serverlessservice - categories: - - knative-internal - - networking - shortNames: - - sks - scope: Namespaced - ---- -# Copyright 2019 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -# Note: The schema part of the spec is auto-generated by hack/update-schemas.sh. - -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - name: services.serving.knative.dev - labels: - app.kubernetes.io/name: knative-serving - app.kubernetes.io/version: "1.8.3" - knative.dev/crd-install: "true" - duck.knative.dev/addressable: "true" - duck.knative.dev/podspecable: "true" -spec: - group: serving.knative.dev - names: - kind: Service - plural: services - singular: service - categories: - - all - - knative - - serving - shortNames: - - kservice - - ksvc - scope: Namespaced - versions: - - name: v1 - served: true - storage: true - subresources: - status: {} - additionalPrinterColumns: - - name: URL - type: string - jsonPath: .status.url - - name: LatestCreated - type: string - jsonPath: .status.latestCreatedRevisionName - - name: LatestReady - type: string - jsonPath: .status.latestReadyRevisionName - - name: Ready - type: string - jsonPath: ".status.conditions[?(@.type=='Ready')].status" - - name: Reason - type: string - jsonPath: ".status.conditions[?(@.type=='Ready')].reason" - schema: - openAPIV3Schema: - description: "Service acts as a top-level container that manages a Route and Configuration which implement a network service. Service exists to provide a singular abstraction which can be access controlled, reasoned about, and which encapsulates software lifecycle decisions such as rollout policy and team resource ownership. Service acts only as an orchestrator of the underlying Routes and Configurations (much as a kubernetes Deployment orchestrates ReplicaSets), and its usage is optional but recommended. \n The Service's controller will track the statuses of its owned Configuration and Route, reflecting their statuses and conditions as its own. \n See also: https://github.com/knative/serving/blob/main/docs/spec/overview.md#service" - type: object - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - description: ServiceSpec represents the configuration for the Service object. A Service's specification is the union of the specifications for a Route and Configuration. The Service restricts what can be expressed in these fields, e.g. the Route must reference the provided Configuration; however, these limitations also enable friendlier defaulting, e.g. Route never needs a Configuration name, and may be defaulted to the appropriate "run latest" spec. - type: object - properties: - template: - description: Template holds the latest specification for the Revision to be stamped out. - type: object - properties: - metadata: - type: object - properties: - annotations: - type: object - additionalProperties: - type: string - finalizers: - type: array - items: - type: string - labels: - type: object - additionalProperties: - type: string - name: - type: string - namespace: - type: string - x-kubernetes-preserve-unknown-fields: true - spec: - description: RevisionSpec holds the desired state of the Revision (from the client). - type: object - required: - - containers - properties: - affinity: - description: This is accessible behind a feature flag - kubernetes.podspec-affinity - type: object - x-kubernetes-preserve-unknown-fields: true - automountServiceAccountToken: - description: AutomountServiceAccountToken indicates whether a service account token should be automatically mounted. - type: boolean - containerConcurrency: - description: ContainerConcurrency specifies the maximum allowed in-flight (concurrent) requests per container of the Revision. Defaults to `0` which means concurrency to the application is not limited, and the system decides the target concurrency for the autoscaler. - type: integer - format: int64 - containers: - description: List of containers belonging to the pod. Containers cannot currently be added or removed. There must be at least one container in a Pod. Cannot be updated. - type: array - items: - description: A single application container that you want to run within a pod. - type: object - properties: - args: - description: 'Arguments to the entrypoint. The container image''s CMD is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container''s environment. If a variable cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)" will produce the string literal "$(VAR_NAME)". Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell' - type: array - items: - type: string - command: - description: 'Entrypoint array. Not executed within a shell. The container image''s ENTRYPOINT is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container''s environment. If a variable cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)" will produce the string literal "$(VAR_NAME)". Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell' - type: array - items: - type: string - env: - description: List of environment variables to set in the container. Cannot be updated. - type: array - items: - description: EnvVar represents an environment variable present in a Container. - type: object - required: - - name - properties: - name: - description: Name of the environment variable. Must be a C_IDENTIFIER. - type: string - value: - description: 'Variable references $(VAR_NAME) are expanded using the previously defined environment variables in the container and any service environment variables. If a variable cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)" will produce the string literal "$(VAR_NAME)". Escaped references will never be expanded, regardless of whether the variable exists or not. Defaults to "".' - type: string - valueFrom: - description: Source for the environment variable's value. Cannot be used if value is not empty. - type: object - properties: - configMapKeyRef: - description: Selects a key of a ConfigMap. - type: object - required: - - key - properties: - key: - description: The key to select. - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?' - type: string - optional: - description: Specify whether the ConfigMap or its key must be defined - type: boolean - x-kubernetes-map-type: atomic - fieldRef: - description: This is accessible behind a feature flag - kubernetes.podspec-fieldref - type: object - x-kubernetes-preserve-unknown-fields: true - x-kubernetes-map-type: atomic - resourceFieldRef: - description: This is accessible behind a feature flag - kubernetes.podspec-fieldref - type: object - x-kubernetes-preserve-unknown-fields: true - x-kubernetes-map-type: atomic - secretKeyRef: - description: Selects a key of a secret in the pod's namespace - type: object - required: - - key - properties: - key: - description: The key of the secret to select from. Must be a valid secret key. - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?' - type: string - optional: - description: Specify whether the Secret or its key must be defined - type: boolean - x-kubernetes-map-type: atomic - envFrom: - description: List of sources to populate environment variables in the container. The keys defined within a source must be a C_IDENTIFIER. All invalid keys will be reported as an event when the container is starting. When a key exists in multiple sources, the value associated with the last source will take precedence. Values defined by an Env with a duplicate key will take precedence. Cannot be updated. - type: array - items: - description: EnvFromSource represents the source of a set of ConfigMaps - type: object - properties: - configMapRef: - description: The ConfigMap to select from - type: object - properties: - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?' - type: string - optional: - description: Specify whether the ConfigMap must be defined - type: boolean - x-kubernetes-map-type: atomic - prefix: - description: An optional identifier to prepend to each key in the ConfigMap. Must be a C_IDENTIFIER. - type: string - secretRef: - description: The Secret to select from - type: object - properties: - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?' - type: string - optional: - description: Specify whether the Secret must be defined - type: boolean - x-kubernetes-map-type: atomic - image: - description: 'Container image name. More info: https://kubernetes.io/docs/concepts/containers/images This field is optional to allow higher level config management to default or override container images in workload controllers like Deployments and StatefulSets.' - type: string - imagePullPolicy: - description: 'Image pull policy. One of Always, Never, IfNotPresent. Defaults to Always if :latest tag is specified, or IfNotPresent otherwise. Cannot be updated. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images' - type: string - livenessProbe: - description: 'Periodic probe of container liveness. Container will be restarted if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' - type: object - properties: - exec: - description: Exec specifies the action to take. - type: object - properties: - command: - description: Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. - type: array - items: - type: string - failureThreshold: - description: Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1. - type: integer - format: int32 - httpGet: - description: HTTPGet specifies the http request to perform. - type: object - properties: - host: - description: Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. - type: string - httpHeaders: - description: Custom headers to set in the request. HTTP allows repeated headers. - type: array - items: - description: HTTPHeader describes a custom header to be used in HTTP probes - type: object - required: - - name - - value - properties: - name: - description: The header field name - type: string - value: - description: The header field value - type: string - path: - description: Path to access on the HTTP server. - type: string - port: - description: Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - scheme: - description: Scheme to use for connecting to the host. Defaults to HTTP. - type: string - initialDelaySeconds: - description: 'Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' - type: integer - format: int32 - periodSeconds: - description: How often (in seconds) to perform the probe. - type: integer - format: int32 - successThreshold: - description: Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1. - type: integer - format: int32 - tcpSocket: - description: TCPSocket specifies an action involving a TCP port. - type: object - properties: - host: - description: 'Optional: Host name to connect to, defaults to the pod IP.' - type: string - port: - description: Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - timeoutSeconds: - description: 'Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' - type: integer - format: int32 - name: - description: Name of the container specified as a DNS_LABEL. Each container in a pod must have a unique name (DNS_LABEL). Cannot be updated. - type: string - ports: - description: List of ports to expose from the container. Not specifying a port here DOES NOT prevent that port from being exposed. Any port which is listening on the default "0.0.0.0" address inside a container will be accessible from the network. Modifying this array with strategic merge patch may corrupt the data. For more information See https://github.com/kubernetes/kubernetes/issues/108255. Cannot be updated. - type: array - items: - description: ContainerPort represents a network port in a single container. - type: object - required: - - containerPort - properties: - containerPort: - description: Number of port to expose on the pod's IP address. This must be a valid port number, 0 < x < 65536. - type: integer - format: int32 - name: - description: If specified, this must be an IANA_SVC_NAME and unique within the pod. Each named port in a pod must have a unique name. Name for the port that can be referred to by services. - type: string - protocol: - description: Protocol for port. Must be UDP, TCP, or SCTP. Defaults to "TCP". - type: string - default: TCP - x-kubernetes-list-map-keys: - - containerPort - - protocol - x-kubernetes-list-type: map - readinessProbe: - description: 'Periodic probe of container service readiness. Container will be removed from service endpoints if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' - type: object - properties: - exec: - description: Exec specifies the action to take. - type: object - properties: - command: - description: Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. - type: array - items: - type: string - failureThreshold: - description: Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1. - type: integer - format: int32 - httpGet: - description: HTTPGet specifies the http request to perform. - type: object - properties: - host: - description: Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. - type: string - httpHeaders: - description: Custom headers to set in the request. HTTP allows repeated headers. - type: array - items: - description: HTTPHeader describes a custom header to be used in HTTP probes - type: object - required: - - name - - value - properties: - name: - description: The header field name - type: string - value: - description: The header field value - type: string - path: - description: Path to access on the HTTP server. - type: string - port: - description: Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - scheme: - description: Scheme to use for connecting to the host. Defaults to HTTP. - type: string - initialDelaySeconds: - description: 'Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' - type: integer - format: int32 - periodSeconds: - description: How often (in seconds) to perform the probe. - type: integer - format: int32 - successThreshold: - description: Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1. - type: integer - format: int32 - tcpSocket: - description: TCPSocket specifies an action involving a TCP port. - type: object - properties: - host: - description: 'Optional: Host name to connect to, defaults to the pod IP.' - type: string - port: - description: Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - timeoutSeconds: - description: 'Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' - type: integer - format: int32 - resources: - description: 'Compute Resources required by this container. Cannot be updated. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' - type: object - properties: - limits: - description: 'Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' - type: object - additionalProperties: - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - requests: - description: 'Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' - type: object - additionalProperties: - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - securityContext: - description: 'SecurityContext defines the security options the container should be run with. If set, the fields of SecurityContext override the equivalent fields of PodSecurityContext. More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/' - type: object - properties: - allowPrivilegeEscalation: - description: 'AllowPrivilegeEscalation controls whether a process can gain more privileges than its parent process. This bool directly controls if the no_new_privs flag will be set on the container process. AllowPrivilegeEscalation is true always when the container is: 1) run as Privileged 2) has CAP_SYS_ADMIN Note that this field cannot be set when spec.os.name is windows.' - type: boolean - capabilities: - description: The capabilities to add/drop when running containers. Defaults to the default set of capabilities granted by the container runtime. Note that this field cannot be set when spec.os.name is windows. - type: object - properties: - add: - description: This is accessible behind a feature flag - kubernetes.containerspec-addcapabilities - type: array - items: - description: Capability represent POSIX capabilities type - type: string - drop: - description: Removed capabilities - type: array - items: - description: Capability represent POSIX capabilities type - type: string - readOnlyRootFilesystem: - description: Whether this container has a read-only root filesystem. Default is false. Note that this field cannot be set when spec.os.name is windows. - type: boolean - runAsGroup: - description: The GID to run the entrypoint of the container process. Uses runtime default if unset. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is windows. - type: integer - format: int64 - runAsNonRoot: - description: Indicates that the container must run as a non-root user. If true, the Kubelet will validate the image at runtime to ensure that it does not run as UID 0 (root) and fail to start the container if it does. If unset or false, no such validation will be performed. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. - type: boolean - runAsUser: - description: The UID to run the entrypoint of the container process. Defaults to user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is windows. - type: integer - format: int64 - terminationMessagePath: - description: 'Optional: Path at which the file to which the container''s termination message will be written is mounted into the container''s filesystem. Message written is intended to be brief final status, such as an assertion failure message. Will be truncated by the node if greater than 4096 bytes. The total message length across all containers will be limited to 12kb. Defaults to /dev/termination-log. Cannot be updated.' - type: string - terminationMessagePolicy: - description: Indicate how the termination message should be populated. File will use the contents of terminationMessagePath to populate the container status message on both success and failure. FallbackToLogsOnError will use the last chunk of container log output if the termination message file is empty and the container exited with an error. The log output is limited to 2048 bytes or 80 lines, whichever is smaller. Defaults to File. Cannot be updated. - type: string - volumeMounts: - description: Pod volumes to mount into the container's filesystem. Cannot be updated. - type: array - items: - description: VolumeMount describes a mounting of a Volume within a container. - type: object - required: - - mountPath - - name - properties: - mountPath: - description: Path within the container at which the volume should be mounted. Must not contain ':'. - type: string - name: - description: This must match the Name of a Volume. - type: string - readOnly: - description: Mounted read-only if true, read-write otherwise (false or unspecified). Defaults to false. - type: boolean - subPath: - description: Path within the volume from which the container's volume should be mounted. Defaults to "" (volume's root). - type: string - workingDir: - description: Container's working directory. If not specified, the container runtime's default will be used, which might be configured in the container image. Cannot be updated. - type: string - dnsConfig: - description: This is accessible behind a feature flag - kubernetes.podspec-dnsconfig - type: object - x-kubernetes-preserve-unknown-fields: true - dnsPolicy: - description: This is accessible behind a feature flag - kubernetes.podspec-dnspolicy - type: string - enableServiceLinks: - description: 'EnableServiceLinks indicates whether information about services should be injected into pod''s environment variables, matching the syntax of Docker links. Optional: Knative defaults this to false.' - type: boolean - hostAliases: - description: This is accessible behind a feature flag - kubernetes.podspec-hostaliases - type: array - items: - description: This is accessible behind a feature flag - kubernetes.podspec-hostaliases - type: object - x-kubernetes-preserve-unknown-fields: true - idleTimeoutSeconds: - description: IdleTimeoutSeconds is the maximum duration in seconds a request will be allowed to stay open while not receiving any bytes from the user's application. If unspecified, a system default will be provided. - type: integer - format: int64 - imagePullSecrets: - description: 'ImagePullSecrets is an optional list of references to secrets in the same namespace to use for pulling any of the images used by this PodSpec. If specified, these secrets will be passed to individual puller implementations for them to use. More info: https://kubernetes.io/docs/concepts/containers/images#specifying-imagepullsecrets-on-a-pod' - type: array - items: - description: LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. - type: object - properties: - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?' - type: string - x-kubernetes-map-type: atomic - initContainers: - description: 'List of initialization containers belonging to the pod. Init containers are executed in order prior to containers being started. If any init container fails, the pod is considered to have failed and is handled according to its restartPolicy. The name for an init container or normal container must be unique among all containers. Init containers may not have Lifecycle actions, Readiness probes, Liveness probes, or Startup probes. The resourceRequirements of an init container are taken into account during scheduling by finding the highest request/limit for each resource type, and then using the max of of that value or the sum of the normal containers. Limits are applied to init containers in a similar fashion. Init containers cannot currently be added or removed. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/init-containers/' - type: array - items: - description: This is accessible behind a feature flag - kubernetes.podspec-init-containers - type: object - x-kubernetes-preserve-unknown-fields: true - nodeSelector: - description: This is accessible behind a feature flag - kubernetes.podspec-nodeselector - type: object - x-kubernetes-preserve-unknown-fields: true - x-kubernetes-map-type: atomic - priorityClassName: - description: This is accessible behind a feature flag - kubernetes.podspec-priorityclassname - type: string - x-kubernetes-preserve-unknown-fields: true - responseStartTimeoutSeconds: - description: ResponseStartTimeoutSeconds is the maximum duration in seconds that the request routing layer will wait for a request delivered to a container to begin sending any network traffic. - type: integer - format: int64 - runtimeClassName: - description: This is accessible behind a feature flag - kubernetes.podspec-runtimeclassname - type: string - x-kubernetes-preserve-unknown-fields: true - schedulerName: - description: This is accessible behind a feature flag - kubernetes.podspec-schedulername - type: string - x-kubernetes-preserve-unknown-fields: true - securityContext: - description: This is accessible behind a feature flag - kubernetes.podspec-securitycontext - type: object - x-kubernetes-preserve-unknown-fields: true - serviceAccountName: - description: 'ServiceAccountName is the name of the ServiceAccount to use to run this pod. More info: https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/' - type: string - timeoutSeconds: - description: TimeoutSeconds is the maximum duration in seconds that the request instance is allowed to respond to a request. If unspecified, a system default will be provided. - type: integer - format: int64 - tolerations: - description: This is accessible behind a feature flag - kubernetes.podspec-tolerations - type: array - items: - description: This is accessible behind a feature flag - kubernetes.podspec-tolerations - type: object - x-kubernetes-preserve-unknown-fields: true - topologySpreadConstraints: - description: This is accessible behind a feature flag - kubernetes.podspec-topologyspreadconstraints - type: array - items: - description: This is accessible behind a feature flag - kubernetes.podspec-topologyspreadconstraints - type: object - x-kubernetes-preserve-unknown-fields: true - volumes: - description: 'List of volumes that can be mounted by containers belonging to the pod. More info: https://kubernetes.io/docs/concepts/storage/volumes' - type: array - items: - description: Volume represents a named volume in a pod that may be accessed by any container in the pod. - type: object - required: - - name - properties: - configMap: - description: configMap represents a configMap that should populate this volume - type: object - properties: - defaultMode: - description: 'defaultMode is optional: mode bits used to set permissions on created files by default. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. Defaults to 0644. Directories within the path are not affected by this setting. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.' - type: integer - format: int32 - items: - description: items if unspecified, each key-value pair in the Data field of the referenced ConfigMap will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the ConfigMap, the volume setup will error unless it is marked optional. Paths must be relative and may not contain the '..' path or start with '..'. - type: array - items: - description: Maps a string key to a path within a volume. - type: object - required: - - key - - path - properties: - key: - description: key is the key to project. - type: string - mode: - description: 'mode is Optional: mode bits used to set permissions on this file. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.' - type: integer - format: int32 - path: - description: path is the relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'. - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?' - type: string - optional: - description: optional specify whether the ConfigMap or its keys must be defined - type: boolean - x-kubernetes-map-type: atomic - emptyDir: - description: This is accessible behind a feature flag - kubernetes.podspec-emptydir - type: object - x-kubernetes-preserve-unknown-fields: true - name: - description: 'name of the volume. Must be a DNS_LABEL and unique within the pod. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - persistentVolumeClaim: - description: This is accessible behind a feature flag - kubernetes.podspec-persistent-volume-claim - type: object - x-kubernetes-preserve-unknown-fields: true - projected: - description: projected items for all in one resources secrets, configmaps, and downward API - type: object - properties: - defaultMode: - description: defaultMode are the mode bits used to set permissions on created files by default. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. Directories within the path are not affected by this setting. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. - type: integer - format: int32 - sources: - description: sources is the list of volume projections - type: array - items: - description: Projection that may be projected along with other supported volume types - type: object - properties: - configMap: - description: configMap information about the configMap data to project - type: object - properties: - items: - description: items if unspecified, each key-value pair in the Data field of the referenced ConfigMap will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the ConfigMap, the volume setup will error unless it is marked optional. Paths must be relative and may not contain the '..' path or start with '..'. - type: array - items: - description: Maps a string key to a path within a volume. - type: object - required: - - key - - path - properties: - key: - description: key is the key to project. - type: string - mode: - description: 'mode is Optional: mode bits used to set permissions on this file. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.' - type: integer - format: int32 - path: - description: path is the relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'. - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?' - type: string - optional: - description: optional specify whether the ConfigMap or its keys must be defined - type: boolean - x-kubernetes-map-type: atomic - secret: - description: secret information about the secret data to project - type: object - properties: - items: - description: items if unspecified, each key-value pair in the Data field of the referenced Secret will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the Secret, the volume setup will error unless it is marked optional. Paths must be relative and may not contain the '..' path or start with '..'. - type: array - items: - description: Maps a string key to a path within a volume. - type: object - required: - - key - - path - properties: - key: - description: key is the key to project. - type: string - mode: - description: 'mode is Optional: mode bits used to set permissions on this file. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.' - type: integer - format: int32 - path: - description: path is the relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'. - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?' - type: string - optional: - description: optional field specify whether the Secret or its key must be defined - type: boolean - x-kubernetes-map-type: atomic - serviceAccountToken: - description: serviceAccountToken is information about the serviceAccountToken data to project - type: object - required: - - path - properties: - audience: - description: audience is the intended audience of the token. A recipient of a token must identify itself with an identifier specified in the audience of the token, and otherwise should reject the token. The audience defaults to the identifier of the apiserver. - type: string - expirationSeconds: - description: expirationSeconds is the requested duration of validity of the service account token. As the token approaches expiration, the kubelet volume plugin will proactively rotate the service account token. The kubelet will start trying to rotate the token if the token is older than 80 percent of its time to live or if the token is older than 24 hours.Defaults to 1 hour and must be at least 10 minutes. - type: integer - format: int64 - path: - description: path is the path relative to the mount point of the file to project the token into. - type: string - secret: - description: 'secret represents a secret that should populate this volume. More info: https://kubernetes.io/docs/concepts/storage/volumes#secret' - type: object - properties: - defaultMode: - description: 'defaultMode is Optional: mode bits used to set permissions on created files by default. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. Defaults to 0644. Directories within the path are not affected by this setting. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.' - type: integer - format: int32 - items: - description: items If unspecified, each key-value pair in the Data field of the referenced Secret will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the Secret, the volume setup will error unless it is marked optional. Paths must be relative and may not contain the '..' path or start with '..'. - type: array - items: - description: Maps a string key to a path within a volume. - type: object - required: - - key - - path - properties: - key: - description: key is the key to project. - type: string - mode: - description: 'mode is Optional: mode bits used to set permissions on this file. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.' - type: integer - format: int32 - path: - description: path is the relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'. - type: string - optional: - description: optional field specify whether the Secret or its keys must be defined - type: boolean - secretName: - description: 'secretName is the name of the secret in the pod''s namespace to use. More info: https://kubernetes.io/docs/concepts/storage/volumes#secret' - type: string - traffic: - description: Traffic specifies how to distribute traffic over a collection of revisions and configurations. - type: array - items: - description: TrafficTarget holds a single entry of the routing table for a Route. - type: object - properties: - configurationName: - description: ConfigurationName of a configuration to whose latest revision we will send this portion of traffic. When the "status.latestReadyRevisionName" of the referenced configuration changes, we will automatically migrate traffic from the prior "latest ready" revision to the new one. This field is never set in Route's status, only its spec. This is mutually exclusive with RevisionName. - type: string - latestRevision: - description: LatestRevision may be optionally provided to indicate that the latest ready Revision of the Configuration should be used for this traffic target. When provided LatestRevision must be true if RevisionName is empty; it must be false when RevisionName is non-empty. - type: boolean - percent: - description: 'Percent indicates that percentage based routing should be used and the value indicates the percent of traffic that is be routed to this Revision or Configuration. `0` (zero) mean no traffic, `100` means all traffic. When percentage based routing is being used the follow rules apply: - the sum of all percent values must equal 100 - when not specified, the implied value for `percent` is zero for that particular Revision or Configuration' - type: integer - format: int64 - revisionName: - description: RevisionName of a specific revision to which to send this portion of traffic. This is mutually exclusive with ConfigurationName. - type: string - tag: - description: Tag is optionally used to expose a dedicated url for referencing this target exclusively. - type: string - url: - description: URL displays the URL for accessing named traffic targets. URL is displayed in status, and is disallowed on spec. URL must contain a scheme (e.g. http://) and a hostname, but may not contain anything else (e.g. basic auth, url path, etc.) - type: string - status: - description: ServiceStatus represents the Status stanza of the Service resource. - type: object - properties: - address: - description: Address holds the information needed for a Route to be the target of an event. - type: object - properties: - url: - type: string - annotations: - description: Annotations is additional Status fields for the Resource to save some additional State as well as convey more information to the user. This is roughly akin to Annotations on any k8s resource, just the reconciler conveying richer information outwards. - type: object - additionalProperties: - type: string - conditions: - description: Conditions the latest available observations of a resource's current state. - type: array - items: - description: 'Condition defines a readiness condition for a Knative resource. See: https://github.com/kubernetes/community/blob/master/contributors/devel/sig-architecture/api-conventions.md#typical-status-properties' - type: object - required: - - status - - type - properties: - lastTransitionTime: - description: LastTransitionTime is the last time the condition transitioned from one status to another. We use VolatileTime in place of metav1.Time to exclude this from creating equality.Semantic differences (all other things held constant). - type: string - message: - description: A human readable message indicating details about the transition. - type: string - reason: - description: The reason for the condition's last transition. - type: string - severity: - description: Severity with which to treat failures of this type of condition. When this is not specified, it defaults to Error. - type: string - status: - description: Status of the condition, one of True, False, Unknown. - type: string - type: - description: Type of condition. - type: string - latestCreatedRevisionName: - description: LatestCreatedRevisionName is the last revision that was created from this Configuration. It might not be ready yet, for that use LatestReadyRevisionName. - type: string - latestReadyRevisionName: - description: LatestReadyRevisionName holds the name of the latest Revision stamped out from this Configuration that has had its "Ready" condition become "True". - type: string - observedGeneration: - description: ObservedGeneration is the 'Generation' of the Service that was last processed by the controller. - type: integer - format: int64 - traffic: - description: Traffic holds the configured traffic distribution. These entries will always contain RevisionName references. When ConfigurationName appears in the spec, this will hold the LatestReadyRevisionName that we last observed. - type: array - items: - description: TrafficTarget holds a single entry of the routing table for a Route. - type: object - properties: - configurationName: - description: ConfigurationName of a configuration to whose latest revision we will send this portion of traffic. When the "status.latestReadyRevisionName" of the referenced configuration changes, we will automatically migrate traffic from the prior "latest ready" revision to the new one. This field is never set in Route's status, only its spec. This is mutually exclusive with RevisionName. - type: string - latestRevision: - description: LatestRevision may be optionally provided to indicate that the latest ready Revision of the Configuration should be used for this traffic target. When provided LatestRevision must be true if RevisionName is empty; it must be false when RevisionName is non-empty. - type: boolean - percent: - description: 'Percent indicates that percentage based routing should be used and the value indicates the percent of traffic that is be routed to this Revision or Configuration. `0` (zero) mean no traffic, `100` means all traffic. When percentage based routing is being used the follow rules apply: - the sum of all percent values must equal 100 - when not specified, the implied value for `percent` is zero for that particular Revision or Configuration' - type: integer - format: int64 - revisionName: - description: RevisionName of a specific revision to which to send this portion of traffic. This is mutually exclusive with ConfigurationName. - type: string - tag: - description: Tag is optionally used to expose a dedicated url for referencing this target exclusively. - type: string - url: - description: URL displays the URL for accessing named traffic targets. URL is displayed in status, and is disallowed on spec. URL must contain a scheme (e.g. http://) and a hostname, but may not contain anything else (e.g. basic auth, url path, etc.) - type: string - url: - description: URL holds the url that will distribute traffic over the provided traffic targets. It generally has the form http[s]://{route-name}.{route-namespace}.{cluster-level-suffix} - type: string - ---- -# Copyright 2022 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: v1 -kind: Secret -metadata: - # Do not drop -ctrl-ca suffix as control-protocol requires it. - # https://github.com/knative-sandbox/control-protocol/blob/main/pkg/certificates/reconciler/controller.go - name: serving-certs-ctrl-ca - namespace: knative-serving - -# The data is populated when internal-encryption is enabled. ---- -apiVersion: v1 -kind: Secret -metadata: - name: knative-serving-certs - namespace: knative-serving - labels: - serving-certs-ctrl: "data-plane" - networking.internal.knative.dev/certificate-uid: "serving-certs" -# The data is populated when internal-encryption is enabled. - ---- -# Copyright 2018 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: caching.internal.knative.dev/v1alpha1 -kind: Image -metadata: - name: queue-proxy - namespace: knative-serving - labels: - app.kubernetes.io/component: queue-proxy - app.kubernetes.io/name: knative-serving - app.kubernetes.io/version: "1.8.3" -spec: - # This is the Go import path for the binary that is containerized - # and substituted here. - image: gcr.io/knative-releases/knative.dev/serving/cmd/queue@sha256:f78383554ed81895ff230217f3e0ce9bf9ff2048d4303cc9fb36342ac3f470b3 - ---- -# Copyright 2018 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: v1 -kind: ConfigMap -metadata: - name: config-autoscaler - namespace: knative-serving - labels: - app.kubernetes.io/component: autoscaler - app.kubernetes.io/name: knative-serving - app.kubernetes.io/version: "1.8.3" - annotations: - knative.dev/example-checksum: "47c2487f" -data: - _example: | - ################################ - # # - # EXAMPLE CONFIGURATION # - # # - ################################ - - # This block is not actually functional configuration, - # but serves to illustrate the available configuration - # options and document them in a way that is accessible - # to users that `kubectl edit` this config map. - # - # These sample configuration options may be copied out of - # this example block and unindented to be in the data block - # to actually change the configuration. - - # The Revision ContainerConcurrency field specifies the maximum number - # of requests the Container can handle at once. Container concurrency - # target percentage is how much of that maximum to use in a stable - # state. E.g. if a Revision specifies ContainerConcurrency of 10, then - # the Autoscaler will try to maintain 7 concurrent connections per pod - # on average. - # Note: this limit will be applied to container concurrency set at every - # level (ConfigMap, Revision Spec or Annotation). - # For legacy and backwards compatibility reasons, this value also accepts - # fractional values in (0, 1] interval (i.e. 0.7 ⇒ 70%). - # Thus minimal percentage value must be greater than 1.0, or it will be - # treated as a fraction. - # NOTE: that this value does not affect actual number of concurrent requests - # the user container may receive, but only the average number of requests - # that the revision pods will receive. - container-concurrency-target-percentage: "70" - - # The container concurrency target default is what the Autoscaler will - # try to maintain when concurrency is used as the scaling metric for the - # Revision and the Revision specifies unlimited concurrency. - # When revision explicitly specifies container concurrency, that value - # will be used as a scaling target for autoscaler. - # When specifying unlimited concurrency, the autoscaler will - # horizontally scale the application based on this target concurrency. - # This is what we call "soft limit" in the documentation, i.e. it only - # affects number of pods and does not affect the number of requests - # individual pod processes. - # The value must be a positive number such that the value multiplied - # by container-concurrency-target-percentage is greater than 0.01. - # NOTE: that this value will be adjusted by application of - # container-concurrency-target-percentage, i.e. by default - # the system will target on average 70 concurrent requests - # per revision pod. - # NOTE: Only one metric can be used for autoscaling a Revision. - container-concurrency-target-default: "100" - - # The requests per second (RPS) target default is what the Autoscaler will - # try to maintain when RPS is used as the scaling metric for a Revision and - # the Revision specifies unlimited RPS. Even when specifying unlimited RPS, - # the autoscaler will horizontally scale the application based on this - # target RPS. - # Must be greater than 1.0. - # NOTE: Only one metric can be used for autoscaling a Revision. - requests-per-second-target-default: "200" - - # The target burst capacity specifies the size of burst in concurrent - # requests that the system operator expects the system will receive. - # Autoscaler will try to protect the system from queueing by introducing - # Activator in the request path if the current spare capacity of the - # service is less than this setting. - # If this setting is 0, then Activator will be in the request path only - # when the revision is scaled to 0. - # If this setting is > 0 and container-concurrency-target-percentage is - # 100% or 1.0, then activator will always be in the request path. - # -1 denotes unlimited target-burst-capacity and activator will always - # be in the request path. - # Other negative values are invalid. - target-burst-capacity: "211" - - # When operating in a stable mode, the autoscaler operates on the - # average concurrency over the stable window. - # Stable window must be in whole seconds. - stable-window: "60s" - - # When observed average concurrency during the panic window reaches - # panic-threshold-percentage the target concurrency, the autoscaler - # enters panic mode. When operating in panic mode, the autoscaler - # scales on the average concurrency over the panic window which is - # panic-window-percentage of the stable-window. - # Must be in the [1, 100] range. - # When computing the panic window it will be rounded to the closest - # whole second, at least 1s. - panic-window-percentage: "10.0" - - # The percentage of the container concurrency target at which to - # enter panic mode when reached within the panic window. - panic-threshold-percentage: "200.0" - - # Max scale up rate limits the rate at which the autoscaler will - # increase pod count. It is the maximum ratio of desired pods versus - # observed pods. - # Cannot be less or equal to 1. - # I.e with value of 2.0 the number of pods can at most go N to 2N - # over single Autoscaler period (2s), but at least N to - # N+1, if Autoscaler needs to scale up. - max-scale-up-rate: "1000.0" - - # Max scale down rate limits the rate at which the autoscaler will - # decrease pod count. It is the maximum ratio of observed pods versus - # desired pods. - # Cannot be less or equal to 1. - # I.e. with value of 2.0 the number of pods can at most go N to N/2 - # over single Autoscaler evaluation period (2s), but at - # least N to N-1, if Autoscaler needs to scale down. - max-scale-down-rate: "2.0" - - # Scale to zero feature flag. - enable-scale-to-zero: "true" - - # Scale to zero grace period is the time an inactive revision is left - # running before it is scaled to zero (must be positive, but recommended - # at least a few seconds if running with mesh networking). - # This is the upper limit and is provided not to enforce timeout after - # the revision stopped receiving requests for stable window, but to - # ensure network reprogramming to put activator in the path has completed. - # If the system determines that a shorter period is satisfactory, - # then the system will only wait that amount of time before scaling to 0. - # NOTE: this period might actually be 0, if activator has been - # in the request path sufficiently long. - # If there is necessity for the last pod to linger longer use - # scale-to-zero-pod-retention-period flag. - scale-to-zero-grace-period: "30s" - - # Scale to zero pod retention period defines the minimum amount - # of time the last pod will remain after Autoscaler has decided to - # scale to zero. - # This flag is for the situations where the pod startup is very expensive - # and the traffic is bursty (requiring smaller windows for fast action), - # but patchy. - # The larger of this flag and `scale-to-zero-grace-period` will effectively - # determine how the last pod will hang around. - scale-to-zero-pod-retention-period: "0s" - - # pod-autoscaler-class specifies the default pod autoscaler class - # that should be used if none is specified. If omitted, - # the Knative Pod Autoscaler (KPA) is used by default. - pod-autoscaler-class: "kpa.autoscaling.knative.dev" - - # The capacity of a single activator task. - # The `unit` is one concurrent request proxied by the activator. - # activator-capacity must be at least 1. - # This value is used for computation of the Activator subset size. - # See the algorithm here: http://bit.ly/38XiCZ3. - # TODO(vagababov): tune after actual benchmarking. - activator-capacity: "100.0" - - # initial-scale is the cluster-wide default value for the initial target - # scale of a revision after creation, unless overridden by the - # "autoscaling.knative.dev/initialScale" annotation. - # This value must be greater than 0 unless allow-zero-initial-scale is true. - initial-scale: "1" - - # allow-zero-initial-scale controls whether either the cluster-wide initial-scale flag, - # or the "autoscaling.knative.dev/initialScale" annotation, can be set to 0. - allow-zero-initial-scale: "false" - - # min-scale is the cluster-wide default value for the min scale of a revision, - # unless overridden by the "autoscaling.knative.dev/minScale" annotation. - min-scale: "0" - - # max-scale is the cluster-wide default value for the max scale of a revision, - # unless overridden by the "autoscaling.knative.dev/maxScale" annotation. - # If set to 0, the revision has no maximum scale. - max-scale: "0" - - # scale-down-delay is the amount of time that must pass at reduced - # concurrency before a scale down decision is applied. This can be useful, - # for example, to maintain replica count and avoid a cold start penalty if - # more requests come in within the scale down delay period. - # The default, 0s, imposes no delay at all. - scale-down-delay: "0s" - - # max-scale-limit sets the maximum permitted value for the max scale of a revision. - # When this is set to a positive value, a revision with a maxScale above that value - # (including a maxScale of "0" = unlimited) is disallowed. - # A value of zero (the default) allows any limit, including unlimited. - max-scale-limit: "0" - ---- -# Copyright 2019 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: v1 -kind: ConfigMap -metadata: - name: config-defaults - namespace: knative-serving - labels: - app.kubernetes.io/name: knative-serving - app.kubernetes.io/component: controller - app.kubernetes.io/version: "1.8.3" - annotations: - knative.dev/example-checksum: "e7973912" -data: - _example: | - ################################ - # # - # EXAMPLE CONFIGURATION # - # # - ################################ - - # This block is not actually functional configuration, - # but serves to illustrate the available configuration - # options and document them in a way that is accessible - # to users that `kubectl edit` this config map. - # - # These sample configuration options may be copied out of - # this example block and unindented to be in the data block - # to actually change the configuration. - - # revision-timeout-seconds contains the default number of - # seconds to use for the revision's per-request timeout, if - # none is specified. - revision-timeout-seconds: "300" # 5 minutes - - # max-revision-timeout-seconds contains the maximum number of - # seconds that can be used for revision-timeout-seconds. - # This value must be greater than or equal to revision-timeout-seconds. - # If omitted, the system default is used (600 seconds). - # - # If this value is increased, the activator's terminationGraceTimeSeconds - # should also be increased to prevent in-flight requests being disrupted. - max-revision-timeout-seconds: "600" # 10 minutes - - # revision-response-start-timeout-seconds contains the default number of - # seconds a request will be allowed to stay open while waiting to - # receive any bytes from the user's application, if none is specified. - # - # This defaults to 'revision-timeout-seconds' - revision-response-start-timeout-seconds: "300" - - # revision-idle-timeout-seconds contains the default number of - # seconds a request will be allowed to stay open while not receiving any - # bytes from the user's application, if none is specified. - revision-idle-timeout-seconds: "0" # infinite - - # revision-cpu-request contains the cpu allocation to assign - # to revisions by default. If omitted, no value is specified - # and the system default is used. - # Below is an example of setting revision-cpu-request. - # By default, it is not set by Knative. - revision-cpu-request: "400m" # 0.4 of a CPU (aka 400 milli-CPU) - - # revision-memory-request contains the memory allocation to assign - # to revisions by default. If omitted, no value is specified - # and the system default is used. - # Below is an example of setting revision-memory-request. - # By default, it is not set by Knative. - revision-memory-request: "100M" # 100 megabytes of memory - - # revision-ephemeral-storage-request contains the ephemeral storage - # allocation to assign to revisions by default. If omitted, no value is - # specified and the system default is used. - revision-ephemeral-storage-request: "500M" # 500 megabytes of storage - - # revision-cpu-limit contains the cpu allocation to limit - # revisions to by default. If omitted, no value is specified - # and the system default is used. - # Below is an example of setting revision-cpu-limit. - # By default, it is not set by Knative. - revision-cpu-limit: "1000m" # 1 CPU (aka 1000 milli-CPU) - - # revision-memory-limit contains the memory allocation to limit - # revisions to by default. If omitted, no value is specified - # and the system default is used. - # Below is an example of setting revision-memory-limit. - # By default, it is not set by Knative. - revision-memory-limit: "200M" # 200 megabytes of memory - - # revision-ephemeral-storage-limit contains the ephemeral storage - # allocation to limit revisions to by default. If omitted, no value is - # specified and the system default is used. - revision-ephemeral-storage-limit: "750M" # 750 megabytes of storage - - # container-name-template contains a template for the default - # container name, if none is specified. This field supports - # Go templating and is supplied with the ObjectMeta of the - # enclosing Service or Configuration, so values such as - # {{.Name}} are also valid. - container-name-template: "user-container" - - # init-container-name-template contains a template for the default - # init container name, if none is specified. This field supports - # Go templating and is supplied with the ObjectMeta of the - # enclosing Service or Configuration, so values such as - # {{.Name}} are also valid. - init-container-name-template: "init-container" - - # container-concurrency specifies the maximum number - # of requests the Container can handle at once, and requests - # above this threshold are queued. Setting a value of zero - # disables this throttling and lets through as many requests as - # the pod receives. - container-concurrency: "0" - - # The container concurrency max limit is an operator setting ensuring that - # the individual revisions cannot have arbitrary large concurrency - # values, or autoscaling targets. `container-concurrency` default setting - # must be at or below this value. - # - # Must be greater than 1. - # - # Note: even with this set, a user can choose a containerConcurrency - # of 0 (i.e. unbounded) unless allow-container-concurrency-zero is - # set to "false". - container-concurrency-max-limit: "1000" - - # allow-container-concurrency-zero controls whether users can - # specify 0 (i.e. unbounded) for containerConcurrency. - allow-container-concurrency-zero: "true" - - # enable-service-links specifies the default value used for the - # enableServiceLinks field of the PodSpec, when it is omitted by the user. - # See: https://kubernetes.io/docs/concepts/services-networking/connect-applications-service/#accessing-the-service - # - # This is a tri-state flag with possible values of (true|false|default). - # - # In environments with large number of services it is suggested - # to set this value to `false`. - # See https://github.com/knative/serving/issues/8498. - enable-service-links: "false" - ---- -# Copyright 2019 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: v1 -kind: ConfigMap -metadata: - name: config-deployment - namespace: knative-serving - labels: - app.kubernetes.io/name: knative-serving - app.kubernetes.io/component: controller - app.kubernetes.io/version: "1.8.3" - annotations: - knative.dev/example-checksum: "dd7ee769" -data: - # This is the Go import path for the binary that is containerized - # and substituted here. - queue-sidecar-image: gcr.io/knative-releases/knative.dev/serving/cmd/queue@sha256:f78383554ed81895ff230217f3e0ce9bf9ff2048d4303cc9fb36342ac3f470b3 - _example: |- - ################################ - # # - # EXAMPLE CONFIGURATION # - # # - ################################ - - # This block is not actually functional configuration, - # but serves to illustrate the available configuration - # options and document them in a way that is accessible - # to users that `kubectl edit` this config map. - # - # These sample configuration options may be copied out of - # this example block and unindented to be in the data block - # to actually change the configuration. - - # List of repositories for which tag to digest resolving should be skipped - registries-skipping-tag-resolving: "kind.local,ko.local,dev.local" - - # Maximum time allowed for an image's digests to be resolved. - digest-resolution-timeout: "10s" - - # Duration we wait for the deployment to be ready before considering it failed. - progress-deadline: "600s" - - # Sets the queue proxy's CPU request. - # If omitted, a default value (currently "25m"), is used. - queue-sidecar-cpu-request: "25m" - - # Sets the queue proxy's CPU limit. - # If omitted, no value is specified and the system default is used. - queue-sidecar-cpu-limit: "1000m" - - # Sets the queue proxy's memory request. - # If omitted, no value is specified and the system default is used. - queue-sidecar-memory-request: "400Mi" - - # Sets the queue proxy's memory limit. - # If omitted, no value is specified and the system default is used. - queue-sidecar-memory-limit: "800Mi" - - # Sets the queue proxy's ephemeral storage request. - # If omitted, no value is specified and the system default is used. - queue-sidecar-ephemeral-storage-request: "512Mi" - - # Sets the queue proxy's ephemeral storage limit. - # If omitted, no value is specified and the system default is used. - queue-sidecar-ephemeral-storage-limit: "1024Mi" - - # The freezer service endpoint that queue-proxy calls when its traffic drops to zero or - # scales up from zero. - # - # Freezer service is available at: https://github.com/knative-sandbox/container-freezer - # or users may write their own service. - # - # The value will need to include both the host and the port that will be accessed. - # For the host, $HOST_IP can be passed, and the appropriate host IP value will be swapped - # in at runtime, which will enable the freezer daemonset to be reachable via the node IP. - # - # As an example: - # concurrency-state-endpoint: "http://$HOST_IP:9696" - # - # If not set, queue proxy takes no action (this is the default behavior). - # - # When enabled, a serviceAccountToken will be mounted to queue-proxy using - # a projected volume. This requires the Service Account Token Volume Projection feature - # to be enabled. For details, see this link: - # https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/#service-account-token-volume-projection - # - # NOTE THAT THIS IS AN EXPERIMENTAL / ALPHA FEATURE - concurrency-state-endpoint: "" - ---- -# Copyright 2018 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: v1 -kind: ConfigMap -metadata: - name: config-domain - namespace: knative-serving - labels: - app.kubernetes.io/name: knative-serving - app.kubernetes.io/component: controller - app.kubernetes.io/version: "1.8.3" - annotations: - knative.dev/example-checksum: "26c09de5" -data: - _example: | - ################################ - # # - # EXAMPLE CONFIGURATION # - # # - ################################ - - # This block is not actually functional configuration, - # but serves to illustrate the available configuration - # options and document them in a way that is accessible - # to users that `kubectl edit` this config map. - # - # These sample configuration options may be copied out of - # this example block and unindented to be in the data block - # to actually change the configuration. - - # Default value for domain. - # Routes having the cluster domain suffix (by default 'svc.cluster.local') - # will not be exposed through Ingress. You can define your own label - # selector to assign that domain suffix to your Route here, or you can set - # the label - # "networking.knative.dev/visibility=cluster-local" - # to achieve the same effect. This shows how to make routes having - # the label app=secret only exposed to the local cluster. - svc.cluster.local: | - selector: - app: secret - - # These are example settings of domain. - # example.com will be used for all routes, but it is the least-specific rule so it - # will only be used if no other domain matches. - example.com: | - - # example.org will be used for routes having app=nonprofit. - example.org: | - selector: - app: nonprofit - ---- -# Copyright 2020 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: v1 -kind: ConfigMap -metadata: - name: config-features - namespace: knative-serving - labels: - app.kubernetes.io/name: knative-serving - app.kubernetes.io/component: controller - app.kubernetes.io/version: "1.8.3" - annotations: - knative.dev/example-checksum: "691a192e" -data: - _example: |- - ################################ - # # - # EXAMPLE CONFIGURATION # - # # - ################################ - - # This block is not actually functional configuration, - # but serves to illustrate the available configuration - # options and document them in a way that is accessible - # to users that `kubectl edit` this config map. - # - # These sample configuration options may be copied out of - # this example block and unindented to be in the data block - # to actually change the configuration. - - # Indicates whether multi container support is enabled - # - # WARNING: Cannot safely be disabled once enabled. - # See: https://knative.dev/docs/serving/feature-flags/#multi-containers - multi-container: "enabled" - - # Indicates whether Kubernetes affinity support is enabled - # - # WARNING: Cannot safely be disabled once enabled. - # See: https://knative.dev/docs/serving/feature-flags/#kubernetes-node-affinity - kubernetes.podspec-affinity: "disabled" - - # Indicates whether Kubernetes topologySpreadConstraints support is enabled - # - # WARNING: Cannot safely be disabled once enabled. - # See: https://knative.dev/docs/serving/feature-flags/#kubernetes-topology-spread-constraints - kubernetes.podspec-topologyspreadconstraints: "disabled" - - # Indicates whether Kubernetes hostAliases support is enabled - # - # WARNING: Cannot safely be disabled once enabled. - # See: https://knative.dev/docs/serving/feature-flags/#kubernetes-host-aliases - kubernetes.podspec-hostaliases: "disabled" - - # Indicates whether Kubernetes nodeSelector support is enabled - # - # WARNING: Cannot safely be disabled once enabled. - # See: https://knative.dev/docs/serving/feature-flags/#kubernetes-node-selector - kubernetes.podspec-nodeselector: "disabled" - - # Indicates whether Kubernetes tolerations support is enabled - # - # WARNING: Cannot safely be disabled once enabled - # See: https://knative.dev/docs/serving/feature-flags/#kubernetes-toleration - kubernetes.podspec-tolerations: "disabled" - - # Indicates whether Kubernetes FieldRef support is enabled - # - # WARNING: Cannot safely be disabled once enabled. - # See: https://knative.dev/docs/serving/feature-flags/#kubernetes-fieldref - kubernetes.podspec-fieldref: "disabled" - - # Indicates whether Kubernetes RuntimeClassName support is enabled - # - # WARNING: Cannot safely be disabled once enabled. - # See: https://knative.dev/docs/serving/feature-flags/#kubernetes-runtime-class - kubernetes.podspec-runtimeclassname: "disabled" - - # Indicates whether Kubernetes DNSPolicy support is enabled - # - # WARNING: Cannot safely be disabled once enabled. - # See: https://knative.dev/docs/serving/feature-flags/#kubernetes-dnspolicy - kubernetes.podspec-dnspolicy: "disabled" - - # Indicates whether Kubernetes DNSConfig support is enabled - # - # WARNING: Cannot safely be disabled once enabled. - # See: https://knative.dev/docs/serving/feature-flags/#kubernetes-dnsconfig - kubernetes.podspec-dnsconfig: "disabled" - - # This feature allows end-users to set a subset of fields on the Pod's SecurityContext - # - # When set to "enabled" or "allowed" it allows the following - # PodSecurityContext properties: - # - FSGroup - # - RunAsGroup - # - RunAsNonRoot - # - SupplementalGroups - # - RunAsUser - # - SeccompProfile - # - # This feature flag should be used with caution as the PodSecurityContext - # properties may have a side-effect on non-user sidecar containers that come - # from Knative or your service mesh - # - # WARNING: Cannot safely be disabled once enabled. - # See: https://knative.dev/docs/serving/feature-flags/#kubernetes-security-context - kubernetes.podspec-securitycontext: "disabled" - - # Indicates whether Kubernetes PriorityClassName support is enabled - # - # WARNING: Cannot safely be disabled once enabled. - # See: https://knative.dev/docs/serving/feature-flags/#kubernetes-priority-class-name - kubernetes.podspec-priorityclassname: "disabled" - - # Indicates whether Kubernetes SchedulerName support is enabled - # - # WARNING: Cannot safely be disabled once enabled. - # See: https://knative.dev/docs/serving/feature-flags/#kubernetes-scheduler-name - kubernetes.podspec-schedulername: "disabled" - - # This feature flag allows end-users to add a subset of capabilities on the Pod's SecurityContext. - # - # When set to "enabled" or "allowed" it allows capabilities to be added to the container. - # For a list of possible capabilities, see https://man7.org/linux/man-pages/man7/capabilities.7.html - kubernetes.containerspec-addcapabilities: "disabled" - - # This feature validates PodSpecs from the validating webhook - # against the K8s API Server. - # - # When "enabled", the server will always run the extra validation. - # When "allowed", the server will not run the dry-run validation by default. - # However, clients may enable the behavior on an individual Service by - # attaching the following metadata annotation: "features.knative.dev/podspec-dryrun":"enabled". - # See: https://knative.dev/docs/serving/feature-flags/#kubernetes-dry-run - kubernetes.podspec-dryrun: "allowed" - - # Controls whether tag header based routing feature are enabled or not. - # 1. Enabled: enabling tag header based routing - # 2. Disabled: disabling tag header based routing - # See: https://knative.dev/docs/serving/feature-flags/#tag-header-based-routing - tag-header-based-routing: "disabled" - - # Controls whether http2 auto-detection should be enabled or not. - # 1. Enabled: http2 connection will be attempted via upgrade. - # 2. Disabled: http2 connection will only be attempted when port name is set to "h2c". - autodetect-http2: "disabled" - - # Controls whether volume support for EmptyDir is enabled or not. - # 1. Enabled: enabling EmptyDir volume support - # 2. Disabled: disabling EmptyDir volume support - kubernetes.podspec-volumes-emptydir: "enabled" - - # Controls whether init containers support is enabled or not. - # 1. Enabled: enabling init containers support - # 2. Disabled: disabling init containers support - kubernetes.podspec-init-containers: "disabled" - - # Controls whether persistent volume claim support is enabled or not. - # 1. Enabled: enabling persistent volume claim support - # 2. Disabled: disabling persistent volume claim support - kubernetes.podspec-persistent-volume-claim: "disabled" - - # Controls whether write access for persistent volumes is enabled or not. - # 1. Enabled: enabling write access for persistent volumes - # 2. Disabled: disabling write access for persistent volumes - kubernetes.podspec-persistent-volume-write: "disabled" - - # Controls if the queue proxy podInfo feature is enabled, allowed or disabled - # - # This feature should be enabled/allowed when using queue proxy Options (Extensions) - # Enabling will mount a podInfo volume to the queue proxy container. - # The volume will contains an 'annotations' file (from the pod's annotation field). - # The annotations in this file include the Service annotations set by the client creating the service. - # If mounted, the annotations can be accessed by queue proxy extensions at /etc/podinfo/annnotations - # - # 1. "enabled": always mount a podInfo volume - # 2. "disabled": never mount a podInfo volume - # 3. "allowed": by default, do not mount a podInfo volume - # However, a client may mount the podInfo volume on an individual Service by attaching - # the following metadata annotation to the Service: "features.knative.dev/queueproxy-podinfo":"enabled". - # - # NOTE THAT THIS IS AN EXPERIMENTAL / ALPHA FEATURE - queueproxy.mount-podinfo: "disabled" - ---- -# Copyright 2018 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: v1 -kind: ConfigMap -metadata: - name: config-gc - namespace: knative-serving - labels: - app.kubernetes.io/name: knative-serving - app.kubernetes.io/component: controller - app.kubernetes.io/version: "1.8.3" - annotations: - knative.dev/example-checksum: "aa3813a8" -data: - _example: | - ################################ - # # - # EXAMPLE CONFIGURATION # - # # - ################################ - - # This block is not actually functional configuration, - # but serves to illustrate the available configuration - # options and document them in a way that is accessible - # to users that `kubectl edit` this config map. - # - # These sample configuration options may be copied out of - # this example block and unindented to be in the data block - # to actually change the configuration. - - # --------------------------------------- - # Garbage Collector Settings - # --------------------------------------- - # - # Active - # * Revisions which are referenced by a Route are considered active. - # * Individual revisions may be marked with the annotation - # "serving.knative.dev/no-gc":"true" to be permanently considered active. - # * Active revisions are not considered for GC. - # Retention - # * Revisions are retained if they are any of the following: - # 1. Active - # 2. Were created within "retain-since-create-time" - # 3. Were last referenced by a route within - # "retain-since-last-active-time" - # 4. There are fewer than "min-non-active-revisions" - # If none of these conditions are met, or if the count of revisions exceed - # "max-non-active-revisions", they will be deleted by GC. - # The special value "disabled" may be used to turn off these limits. - # - # Example config to immediately collect any inactive revision: - # min-non-active-revisions: "0" - # max-non-active-revisions: "0" - # retain-since-create-time: "disabled" - # retain-since-last-active-time: "disabled" - # - # Example config to always keep around the last ten non-active revisions: - # retain-since-create-time: "disabled" - # retain-since-last-active-time: "disabled" - # max-non-active-revisions: "10" - # - # Example config to disable all garbage collection: - # retain-since-create-time: "disabled" - # retain-since-last-active-time: "disabled" - # max-non-active-revisions: "disabled" - # - # Example config to keep recently deployed or active revisions, - # always maintain the last two in case of rollback, and prevent - # burst activity from exploding the count of old revisions: - # retain-since-create-time: "48h" - # retain-since-last-active-time: "15h" - # min-non-active-revisions: "2" - # max-non-active-revisions: "1000" - - # Duration since creation before considering a revision for GC or "disabled". - retain-since-create-time: "48h" - - # Duration since active before considering a revision for GC or "disabled". - retain-since-last-active-time: "15h" - - # Minimum number of non-active revisions to retain. - min-non-active-revisions: "20" - - # Maximum number of non-active revisions to retain - # or "disabled" to disable any maximum limit. - max-non-active-revisions: "1000" - ---- -# Copyright 2020 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: v1 -kind: ConfigMap -metadata: - name: config-leader-election - namespace: knative-serving - labels: - app.kubernetes.io/name: knative-serving - app.kubernetes.io/component: controller - app.kubernetes.io/version: "1.8.3" - annotations: - knative.dev/example-checksum: "f4b71f57" -data: - _example: | - ################################ - # # - # EXAMPLE CONFIGURATION # - # # - ################################ - - # This block is not actually functional configuration, - # but serves to illustrate the available configuration - # options and document them in a way that is accessible - # to users that `kubectl edit` this config map. - # - # These sample configuration options may be copied out of - # this example block and unindented to be in the data block - # to actually change the configuration. - - # lease-duration is how long non-leaders will wait to try to acquire the - # lock; 15 seconds is the value used by core kubernetes controllers. - lease-duration: "60s" - - # renew-deadline is how long a leader will try to renew the lease before - # giving up; 10 seconds is the value used by core kubernetes controllers. - renew-deadline: "40s" - - # retry-period is how long the leader election client waits between tries of - # actions; 2 seconds is the value used by core kubernetes controllers. - retry-period: "10s" - - # buckets is the number of buckets used to partition key space of each - # Reconciler. If this number is M and the replica number of the controller - # is N, the N replicas will compete for the M buckets. The owner of a - # bucket will take care of the reconciling for the keys partitioned into - # that bucket. - buckets: "1" - ---- -# Copyright 2018 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: v1 -kind: ConfigMap -metadata: - name: config-logging - namespace: knative-serving - labels: - app.kubernetes.io/version: "1.8.3" - app.kubernetes.io/component: logging - app.kubernetes.io/name: knative-serving - annotations: - knative.dev/example-checksum: "b0f3c6f2" -data: - _example: | - ################################ - # # - # EXAMPLE CONFIGURATION # - # # - ################################ - - # This block is not actually functional configuration, - # but serves to illustrate the available configuration - # options and document them in a way that is accessible - # to users that `kubectl edit` this config map. - # - # These sample configuration options may be copied out of - # this example block and unindented to be in the data block - # to actually change the configuration. - - # Common configuration for all Knative codebase - zap-logger-config: | - { - "level": "info", - "development": false, - "outputPaths": ["stdout"], - "errorOutputPaths": ["stderr"], - "encoding": "json", - "encoderConfig": { - "timeKey": "timestamp", - "levelKey": "severity", - "nameKey": "logger", - "callerKey": "caller", - "messageKey": "message", - "stacktraceKey": "stacktrace", - "lineEnding": "", - "levelEncoder": "", - "timeEncoder": "iso8601", - "durationEncoder": "", - "callerEncoder": "" - } - } - - # Log level overrides - # For all components except the queue proxy, - # changes are picked up immediately. - # For queue proxy, changes require recreation of the pods. - loglevel.controller: "info" - loglevel.autoscaler: "info" - loglevel.queueproxy: "info" - loglevel.webhook: "info" - loglevel.activator: "info" - loglevel.hpaautoscaler: "info" - loglevel.net-certmanager-controller: "info" - loglevel.net-istio-controller: "info" - loglevel.net-contour-controller: "info" - ---- -# Copyright 2018 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: v1 -kind: ConfigMap -metadata: - name: config-network - namespace: knative-serving - labels: - app.kubernetes.io/name: knative-serving - app.kubernetes.io/component: networking - app.kubernetes.io/version: "1.8.3" - annotations: - knative.dev/example-checksum: "73d96d1b" -data: - _example: | - ################################ - # # - # EXAMPLE CONFIGURATION # - # # - ################################ - - # This block is not actually functional configuration, - # but serves to illustrate the available configuration - # options and document them in a way that is accessible - # to users that `kubectl edit` this config map. - # - # These sample configuration options may be copied out of - # this example block and unindented to be in the data block - # to actually change the configuration. - - # ingress-class specifies the default ingress class - # to use when not dictated by Route annotation. - # - # If not specified, will use the Istio ingress. - # - # Note that changing the Ingress class of an existing Route - # will result in undefined behavior. Therefore it is best to only - # update this value during the setup of Knative, to avoid getting - # undefined behavior. - ingress-class: "istio.ingress.networking.knative.dev" - - # certificate-class specifies the default Certificate class - # to use when not dictated by Route annotation. - # - # If not specified, will use the Cert-Manager Certificate. - # - # Note that changing the Certificate class of an existing Route - # will result in undefined behavior. Therefore it is best to only - # update this value during the setup of Knative, to avoid getting - # undefined behavior. - certificate-class: "cert-manager.certificate.networking.knative.dev" - - # namespace-wildcard-cert-selector specifies a LabelSelector which - # determines which namespaces should have a wildcard certificate - # provisioned. - # - # Use an empty value to disable the feature (this is the default): - # namespace-wildcard-cert-selector: "" - # - # Use an empty object to enable for all namespaces - # namespace-wildcard-cert-selector: {} - # - # Useful labels include the "kubernetes.io/metadata.name" label to - # avoid provisioning a certifcate for the "kube-system" namespaces. - # Use the following selector to match pre-1.0 behavior of using - # "networking.knative.dev/disableWildcardCert" to exclude namespaces: - # - # matchExpressions: - # - key: "networking.knative.dev/disableWildcardCert" - # operator: "NotIn" - # values: ["true"] - namespace-wildcard-cert-selector: "" - - # domain-template specifies the golang text template string to use - # when constructing the Knative service's DNS name. The default - # value is "{{.Name}}.{{.Namespace}}.{{.Domain}}". - # - # Valid variables defined in the template include Name, Namespace, Domain, - # Labels, and Annotations. Name will be the result of the tagTemplate - # below, if a tag is specified for the route. - # - # Changing this value might be necessary when the extra levels in - # the domain name generated is problematic for wildcard certificates - # that only support a single level of domain name added to the - # certificate's domain. In those cases you might consider using a value - # of "{{.Name}}-{{.Namespace}}.{{.Domain}}", or removing the Namespace - # entirely from the template. When choosing a new value be thoughtful - # of the potential for conflicts - for example, when users choose to use - # characters such as `-` in their service, or namespace, names. - # {{.Annotations}} or {{.Labels}} can be used for any customization in the - # go template if needed. - # We strongly recommend keeping namespace part of the template to avoid - # domain name clashes: - # eg. '{{.Name}}-{{.Namespace}}.{{ index .Annotations "sub"}}.{{.Domain}}' - # and you have an annotation {"sub":"foo"}, then the generated template - # would be {Name}-{Namespace}.foo.{Domain} - domain-template: "{{.Name}}.{{.Namespace}}.{{.Domain}}" - - # tagTemplate specifies the golang text template string to use - # when constructing the DNS name for "tags" within the traffic blocks - # of Routes and Configuration. This is used in conjunction with the - # domainTemplate above to determine the full URL for the tag. - tag-template: "{{.Tag}}-{{.Name}}" - - # Controls whether TLS certificates are automatically provisioned and - # installed in the Knative ingress to terminate external TLS connection. - # 1. Enabled: enabling auto-TLS feature. - # 2. Disabled: disabling auto-TLS feature. - auto-tls: "Disabled" - - # Controls the behavior of the HTTP endpoint for the Knative ingress. - # It requires autoTLS to be enabled. - # 1. Enabled: The Knative ingress will be able to serve HTTP connection. - # 2. Redirected: The Knative ingress will send a 301 redirect for all - # http connections, asking the clients to use HTTPS. - # - # "Disabled" option is deprecated. - http-protocol: "Enabled" - - # rollout-duration contains the minimal duration in seconds over which the - # Configuration traffic targets are rolled out to the newest revision. - rollout-duration: "0" - - # autocreate-cluster-domain-claims controls whether ClusterDomainClaims should - # be automatically created (and deleted) as needed when DomainMappings are - # reconciled. - # - # If this is "false" (the default), the cluster administrator is - # responsible for creating ClusterDomainClaims and delegating them to - # namespaces via their spec.Namespace field. This setting should be used in - # multitenant environments which need to control which namespace can use a - # particular domain name in a domain mapping. - # - # If this is "true", users are able to associate arbitrary names with their - # services via the DomainMapping feature. - autocreate-cluster-domain-claims: "false" - - # If true, networking plugins can add additional information to deployed - # applications to make their pods directly accessible via their IPs even if mesh is - # enabled and thus direct-addressability is usually not possible. - # Consumers like Knative Serving can use this setting to adjust their behavior - # accordingly, i.e. to drop fallback solutions for non-pod-addressable systems. - # - # NOTE: This flag is in an alpha state and is mostly here to enable internal testing - # for now. Use with caution. - enable-mesh-pod-addressability: "false" - - # mesh-compatibility-mode indicates whether consumers of network plugins - # should directly contact Pod IPs (most efficient), or should use the - # Cluster IP (less efficient, needed when mesh is enabled unless - # `enable-mesh-pod-addressability`, above, is set). - # Permitted values are: - # - "auto" (default): automatically determine which mesh mode to use by trying Pod IP and falling back to Cluster IP as needed. - # - "enabled": always use Cluster IP and do not attempt to use Pod IPs. - # - "disabled": always use Pod IPs and do not fall back to Cluster IP on failure. - mesh-compatibility-mode: "auto" - - # Defines the scheme used for external URLs if autoTLS is not enabled. - # This can be used for making Knative report all URLs as "HTTPS" for example, if you're - # fronting Knative with an external loadbalancer that deals with TLS termination and - # Knative doesn't know about that otherwise. - default-external-scheme: "http" - - # internal-encryption indicates whether internal traffic is encrypted or not. - # If this is "true", the following traffic are encrypted: - # - ingress to activator - # - ingress to queue-proxy - # - activator to queue-proxy - # - # NOTE: This flag is in an alpha state and is mostly here to enable internal testing - # for now. Use with caution. - internal-encryption: "false" - ---- -# Copyright 2018 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: v1 -kind: ConfigMap -metadata: - name: config-observability - namespace: knative-serving - labels: - app.kubernetes.io/name: knative-serving - app.kubernetes.io/component: observability - app.kubernetes.io/version: "1.8.3" - annotations: - knative.dev/example-checksum: "fed4756e" -data: - _example: | - ################################ - # # - # EXAMPLE CONFIGURATION # - # # - ################################ - - # This block is not actually functional configuration, - # but serves to illustrate the available configuration - # options and document them in a way that is accessible - # to users that `kubectl edit` this config map. - # - # These sample configuration options may be copied out of - # this example block and unindented to be in the data block - # to actually change the configuration. - - # logging.enable-var-log-collection defaults to false. - # The fluentd daemon set will be set up to collect /var/log if - # this flag is true. - logging.enable-var-log-collection: "false" - - # logging.revision-url-template provides a template to use for producing the - # logging URL that is injected into the status of each Revision. - logging.revision-url-template: "http://logging.example.com/?revisionUID=${REVISION_UID}" - - # If non-empty, this enables queue proxy writing user request logs to stdout, excluding probe - # requests. - # NB: after 0.18 release logging.enable-request-log must be explicitly set to true - # in order for request logging to be enabled. - # - # The value determines the shape of the request logs and it must be a valid go text/template. - # It is important to keep this as a single line. Multiple lines are parsed as separate entities - # by most collection agents and will split the request logs into multiple records. - # - # The following fields and functions are available to the template: - # - # Request: An http.Request (see https://golang.org/pkg/net/http/#Request) - # representing an HTTP request received by the server. - # - # Response: - # struct { - # Code int // HTTP status code (see https://www.iana.org/assignments/http-status-codes/http-status-codes.xhtml) - # Size int // An int representing the size of the response. - # Latency float64 // A float64 representing the latency of the response in seconds. - # } - # - # Revision: - # struct { - # Name string // Knative revision name - # Namespace string // Knative revision namespace - # Service string // Knative service name - # Configuration string // Knative configuration name - # PodName string // Name of the pod hosting the revision - # PodIP string // IP of the pod hosting the revision - # } - # - logging.request-log-template: '{"httpRequest": {"requestMethod": "{{.Request.Method}}", "requestUrl": "{{js .Request.RequestURI}}", "requestSize": "{{.Request.ContentLength}}", "status": {{.Response.Code}}, "responseSize": "{{.Response.Size}}", "userAgent": "{{js .Request.UserAgent}}", "remoteIp": "{{js .Request.RemoteAddr}}", "serverIp": "{{.Revision.PodIP}}", "referer": "{{js .Request.Referer}}", "latency": "{{.Response.Latency}}s", "protocol": "{{.Request.Proto}}"}, "traceId": "{{index .Request.Header "X-B3-Traceid"}}"}' - - # If true, the request logging will be enabled. - # NB: up to and including Knative version 0.18 if logging.request-log-template is non-empty, this value - # will be ignored. - logging.enable-request-log: "false" - - # If true, this enables queue proxy writing request logs for probe requests to stdout. - # It uses the same template for user requests, i.e. logging.request-log-template. - logging.enable-probe-request-log: "false" - - # metrics.backend-destination field specifies the system metrics destination. - # It supports either prometheus (the default) or opencensus. - metrics.backend-destination: prometheus - - # metrics.request-metrics-backend-destination specifies the request metrics - # destination. It enables queue proxy to send request metrics. - # Currently supported values: prometheus (the default), opencensus. - metrics.request-metrics-backend-destination: prometheus - - # profiling.enable indicates whether it is allowed to retrieve runtime profiling data from - # the pods via an HTTP server in the format expected by the pprof visualization tool. When - # enabled, the Knative Serving pods expose the profiling data on an alternate HTTP port 8008. - # The HTTP context root for profiling is then /debug/pprof/. - profiling.enable: "false" - ---- -# Copyright 2019 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: v1 -kind: ConfigMap -metadata: - name: config-tracing - namespace: knative-serving - labels: - app.kubernetes.io/name: knative-serving - app.kubernetes.io/component: tracing - app.kubernetes.io/version: "1.8.3" - annotations: - knative.dev/example-checksum: "26614636" -data: - _example: | - ################################ - # # - # EXAMPLE CONFIGURATION # - # # - ################################ - - # This block is not actually functional configuration, - # but serves to illustrate the available configuration - # options and document them in a way that is accessible - # to users that `kubectl edit` this config map. - # - # These sample configuration options may be copied out of - # this example block and unindented to be in the data block - # to actually change the configuration. - # - # This may be "zipkin" or "none" (default) - backend: "none" - - # URL to zipkin collector where traces are sent. - # This must be specified when backend is "zipkin" - zipkin-endpoint: "http://zipkin.istio-system.svc.cluster.local:9411/api/v2/spans" - - # Enable zipkin debug mode. This allows all spans to be sent to the server - # bypassing sampling. - debug: "false" - - # Percentage (0-1) of requests to trace - sample-rate: "0.1" - ---- -# Copyright 2020 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: autoscaling/v2 -kind: HorizontalPodAutoscaler -metadata: - name: activator - namespace: knative-serving - labels: - app.kubernetes.io/component: activator - app.kubernetes.io/name: knative-serving - app.kubernetes.io/version: "1.8.3" -spec: - minReplicas: 1 - maxReplicas: 20 - scaleTargetRef: - apiVersion: apps/v1 - kind: Deployment - name: activator - metrics: - - type: Resource - resource: - name: cpu - target: - type: Utilization - # Percentage of the requested CPU - averageUtilization: 100 ---- -# Activator PDB. Currently we permit unavailability of 20% of tasks at the same time. -# Given the subsetting and that the activators are partially stateful systems, we want -# a slow rollout of the new versions and slow migration during node upgrades. -apiVersion: policy/v1 -kind: PodDisruptionBudget -metadata: - name: activator-pdb - namespace: knative-serving - labels: - app.kubernetes.io/component: activator - app.kubernetes.io/name: knative-serving - app.kubernetes.io/version: "1.8.3" -spec: - minAvailable: 80% - selector: - matchLabels: - app: activator - ---- -# Copyright 2018 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: apps/v1 -kind: Deployment -metadata: - name: activator - namespace: knative-serving - labels: - app.kubernetes.io/component: activator - app.kubernetes.io/version: "1.8.3" - app.kubernetes.io/name: knative-serving -spec: - selector: - matchLabels: - app: activator - role: activator - template: - metadata: - annotations: - cluster-autoscaler.kubernetes.io/safe-to-evict: "false" - labels: - app: activator - role: activator - app.kubernetes.io/component: activator - app.kubernetes.io/name: knative-serving - app.kubernetes.io/version: "1.8.3" - spec: - serviceAccountName: controller - containers: - - name: activator - # This is the Go import path for the binary that is containerized - # and substituted here. - image: gcr.io/knative-releases/knative.dev/serving/cmd/activator@sha256:24c6c8de9a6872ca796a13d1e8324a4dd250aacc5094975b60ce235122abb97f - # The numbers are based on performance test results from - # https://github.com/knative/serving/issues/1625#issuecomment-511930023 - resources: - requests: - cpu: 300m - memory: 60Mi - limits: - cpu: 1000m - memory: 600Mi - env: - # Run Activator with GC collection when newly generated memory is 500%. - - name: GOGC - value: "500" - - name: POD_NAME - valueFrom: - fieldRef: - fieldPath: metadata.name - - name: POD_IP - valueFrom: - fieldRef: - fieldPath: status.podIP - - name: SYSTEM_NAMESPACE - valueFrom: - fieldRef: - fieldPath: metadata.namespace - - name: CONFIG_LOGGING_NAME - value: config-logging - - name: CONFIG_OBSERVABILITY_NAME - value: config-observability - # TODO(https://github.com/knative/pkg/pull/953): Remove stackdriver specific config - - name: METRICS_DOMAIN - value: knative.dev/internal/serving - securityContext: - allowPrivilegeEscalation: false - readOnlyRootFilesystem: true - runAsNonRoot: true - capabilities: - drop: - - ALL - seccompProfile: - type: RuntimeDefault - ports: - - name: metrics - containerPort: 9090 - - name: profiling - containerPort: 8008 - - name: http1 - containerPort: 8012 - - name: h2c - containerPort: 8013 - readinessProbe: - httpGet: - port: 8012 - httpHeaders: - - name: k-kubelet-probe - value: "activator" - periodSeconds: 5 - failureThreshold: 5 - livenessProbe: - httpGet: - port: 8012 - httpHeaders: - - name: k-kubelet-probe - value: "activator" - periodSeconds: 10 - failureThreshold: 12 - initialDelaySeconds: 15 - # The activator (often) sits on the dataplane, and may proxy long (e.g. - # streaming, websockets) requests. We give a long grace period for the - # activator to "lame duck" and drain outstanding requests before we - # forcibly terminate the pod (and outstanding connections). This value - # should be at least as large as the upper bound on the Revision's - # timeoutSeconds property to avoid servicing events disrupting - # connections. - terminationGracePeriodSeconds: 600 ---- -apiVersion: v1 -kind: Service -metadata: - name: activator-service - namespace: knative-serving - labels: - app: activator - app.kubernetes.io/component: activator - app.kubernetes.io/version: "1.8.3" - app.kubernetes.io/name: knative-serving -spec: - selector: - app: activator - ports: - # Define metrics and profiling for them to be accessible within service meshes. - - name: http-metrics - port: 9090 - targetPort: 9090 - - name: http-profiling - port: 8008 - targetPort: 8008 - - name: http - port: 80 - targetPort: 8012 - - name: http2 - port: 81 - targetPort: 8013 - - name: https - port: 443 - targetPort: 8112 - type: ClusterIP - ---- -# Copyright 2018 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: apps/v1 -kind: Deployment -metadata: - name: autoscaler - namespace: knative-serving - labels: - app.kubernetes.io/component: autoscaler - app.kubernetes.io/name: knative-serving - app.kubernetes.io/version: "1.8.3" -spec: - replicas: 1 - selector: - matchLabels: - app: autoscaler - strategy: - type: RollingUpdate - rollingUpdate: - maxUnavailable: 0 - template: - metadata: - annotations: - cluster-autoscaler.kubernetes.io/safe-to-evict: "false" - labels: - app: autoscaler - app.kubernetes.io/component: autoscaler - app.kubernetes.io/name: knative-serving - app.kubernetes.io/version: "1.8.3" - spec: - # To avoid node becoming SPOF, spread our replicas to different nodes. - affinity: - podAntiAffinity: - preferredDuringSchedulingIgnoredDuringExecution: - - podAffinityTerm: - labelSelector: - matchLabels: - app: autoscaler - topologyKey: kubernetes.io/hostname - weight: 100 - serviceAccountName: controller - containers: - - name: autoscaler - # This is the Go import path for the binary that is containerized - # and substituted here. - image: gcr.io/knative-releases/knative.dev/serving/cmd/autoscaler@sha256:f26a8b516112413cbba4244b36202354d1c98ed209301b255c55958213708a78 - resources: - requests: - cpu: 100m - memory: 100Mi - limits: - cpu: 1000m - memory: 1000Mi - env: - - name: POD_NAME - valueFrom: - fieldRef: - fieldPath: metadata.name - - name: POD_IP - valueFrom: - fieldRef: - fieldPath: status.podIP - - name: SYSTEM_NAMESPACE - valueFrom: - fieldRef: - fieldPath: metadata.namespace - - name: CONFIG_LOGGING_NAME - value: config-logging - - name: CONFIG_OBSERVABILITY_NAME - value: config-observability - # TODO(https://github.com/knative/pkg/pull/953): Remove stackdriver specific config - - name: METRICS_DOMAIN - value: knative.dev/serving - securityContext: - allowPrivilegeEscalation: false - readOnlyRootFilesystem: true - runAsNonRoot: true - capabilities: - drop: - - ALL - seccompProfile: - type: RuntimeDefault - ports: - - name: metrics - containerPort: 9090 - - name: profiling - containerPort: 8008 - - name: websocket - containerPort: 8080 - readinessProbe: - httpGet: - port: 8080 - httpHeaders: - - name: k-kubelet-probe - value: "autoscaler" - livenessProbe: - httpGet: - port: 8080 - httpHeaders: - - name: k-kubelet-probe - value: "autoscaler" - failureThreshold: 6 ---- -apiVersion: v1 -kind: Service -metadata: - labels: - app: autoscaler - app.kubernetes.io/component: autoscaler - app.kubernetes.io/name: knative-serving - app.kubernetes.io/version: "1.8.3" - name: autoscaler - namespace: knative-serving -spec: - ports: - # Define metrics and profiling for them to be accessible within service meshes. - - name: http-metrics - port: 9090 - targetPort: 9090 - - name: http-profiling - port: 8008 - targetPort: 8008 - - name: http - port: 8080 - targetPort: 8080 - selector: - app: autoscaler - ---- -# Copyright 2018 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: apps/v1 -kind: Deployment -metadata: - name: controller - namespace: knative-serving - labels: - app.kubernetes.io/component: controller - app.kubernetes.io/name: knative-serving - app.kubernetes.io/version: "1.8.3" -spec: - selector: - matchLabels: - app: controller - template: - metadata: - annotations: - cluster-autoscaler.kubernetes.io/safe-to-evict: "true" - labels: - app: controller - app.kubernetes.io/component: controller - app.kubernetes.io/name: knative-serving - app.kubernetes.io/version: "1.8.3" - spec: - # To avoid node becoming SPOF, spread our replicas to different nodes. - affinity: - podAntiAffinity: - preferredDuringSchedulingIgnoredDuringExecution: - - podAffinityTerm: - labelSelector: - matchLabels: - app: controller - topologyKey: kubernetes.io/hostname - weight: 100 - serviceAccountName: controller - containers: - - name: controller - # This is the Go import path for the binary that is containerized - # and substituted here. - image: gcr.io/knative-releases/knative.dev/serving/cmd/controller@sha256:ea48ea2f2433cc7e5c25940e79465ca7226750260faaa1724b95dd8cfac92034 - resources: - requests: - cpu: 100m - memory: 100Mi - limits: - cpu: 1000m - memory: 1000Mi - env: - - name: POD_NAME - valueFrom: - fieldRef: - fieldPath: metadata.name - - name: SYSTEM_NAMESPACE - valueFrom: - fieldRef: - fieldPath: metadata.namespace - - name: CONFIG_LOGGING_NAME - value: config-logging - - name: CONFIG_OBSERVABILITY_NAME - value: config-observability - # TODO(https://github.com/knative/pkg/pull/953): Remove stackdriver specific config - - name: METRICS_DOMAIN - value: knative.dev/internal/serving - securityContext: - allowPrivilegeEscalation: false - readOnlyRootFilesystem: true - runAsNonRoot: true - capabilities: - drop: - - ALL - seccompProfile: - type: RuntimeDefault - ports: - - name: metrics - containerPort: 9090 - - name: profiling - containerPort: 8008 ---- -apiVersion: v1 -kind: Service -metadata: - labels: - app: controller - app.kubernetes.io/component: controller - app.kubernetes.io/name: knative-serving - app.kubernetes.io/version: "1.8.3" - name: controller - namespace: knative-serving -spec: - ports: - # Define metrics and profiling for them to be accessible within service meshes. - - name: http-metrics - port: 9090 - targetPort: 9090 - - name: http-profiling - port: 8008 - targetPort: 8008 - selector: - app: controller - ---- -# Copyright 2020 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: apps/v1 -kind: Deployment -metadata: - name: domain-mapping - namespace: knative-serving - labels: - app.kubernetes.io/component: domain-mapping - app.kubernetes.io/name: knative-serving - app.kubernetes.io/version: "1.8.3" -spec: - selector: - matchLabels: - app: domain-mapping - template: - metadata: - annotations: - cluster-autoscaler.kubernetes.io/safe-to-evict: "true" - labels: - app: domain-mapping - app.kubernetes.io/component: domain-mapping - app.kubernetes.io/name: knative-serving - app.kubernetes.io/version: "1.8.3" - spec: - # To avoid node becoming SPOF, spread our replicas to different nodes. - affinity: - podAntiAffinity: - preferredDuringSchedulingIgnoredDuringExecution: - - podAffinityTerm: - labelSelector: - matchLabels: - app: domain-mapping - topologyKey: kubernetes.io/hostname - weight: 100 - serviceAccountName: controller - containers: - - name: domain-mapping - # This is the Go import path for the binary that is containerized - # and substituted here. - image: gcr.io/knative-releases/knative.dev/serving/cmd/domain-mapping@sha256:9197c51406208c8f3cc98c2b1f69ed2ba8b88e11cf765616700abecc5dd18350 - resources: - requests: - cpu: 30m - memory: 40Mi - limits: - cpu: 300m - memory: 400Mi - env: - - name: SYSTEM_NAMESPACE - valueFrom: - fieldRef: - fieldPath: metadata.namespace - - name: CONFIG_LOGGING_NAME - value: config-logging - - name: CONFIG_OBSERVABILITY_NAME - value: config-observability - # TODO(https://github.com/knative/pkg/pull/953): Remove stackdriver specific config - - name: METRICS_DOMAIN - value: knative.dev/serving - securityContext: - allowPrivilegeEscalation: false - readOnlyRootFilesystem: true - runAsNonRoot: true - capabilities: - drop: - - ALL - seccompProfile: - type: RuntimeDefault - ports: - - name: metrics - containerPort: 9090 - - name: profiling - containerPort: 8008 - ---- -# Copyright 2020 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: apps/v1 -kind: Deployment -metadata: - name: domainmapping-webhook - namespace: knative-serving - labels: - app.kubernetes.io/component: domain-mapping - app.kubernetes.io/name: knative-serving - app.kubernetes.io/version: "1.8.3" -spec: - selector: - matchLabels: - app: domainmapping-webhook - role: domainmapping-webhook - template: - metadata: - annotations: - cluster-autoscaler.kubernetes.io/safe-to-evict: "false" - labels: - app: domainmapping-webhook - role: domainmapping-webhook - app.kubernetes.io/component: domain-mapping - app.kubernetes.io/name: knative-serving - app.kubernetes.io/version: "1.8.3" - spec: - # To avoid node becoming SPOF, spread our replicas to different nodes. - affinity: - podAntiAffinity: - preferredDuringSchedulingIgnoredDuringExecution: - - podAffinityTerm: - labelSelector: - matchLabels: - app: domainmapping-webhook - topologyKey: kubernetes.io/hostname - weight: 100 - serviceAccountName: controller - containers: - - name: domainmapping-webhook - # This is the Go import path for the binary that is containerized - # and substituted here. - image: gcr.io/knative-releases/knative.dev/serving/cmd/domain-mapping-webhook@sha256:1b6e7f382c878f8ac168ce36a92f1af4dbdac0f61aae9e73fe899486786a4bbf - resources: - requests: - cpu: 100m - memory: 100Mi - limits: - cpu: 500m - memory: 500Mi - env: - - name: POD_NAME - valueFrom: - fieldRef: - fieldPath: metadata.name - - name: SYSTEM_NAMESPACE - valueFrom: - fieldRef: - fieldPath: metadata.namespace - - name: CONFIG_LOGGING_NAME - value: config-logging - - name: CONFIG_OBSERVABILITY_NAME - value: config-observability - - name: WEBHOOK_PORT - value: "8443" - # TODO(https://github.com/knative/pkg/pull/953): Remove stackdriver specific config - - name: METRICS_DOMAIN - value: knative.dev/serving - securityContext: - allowPrivilegeEscalation: false - readOnlyRootFilesystem: true - runAsNonRoot: true - capabilities: - drop: - - ALL - seccompProfile: - type: RuntimeDefault - ports: - - name: metrics - containerPort: 9090 - - name: profiling - containerPort: 8008 - - name: https-webhook - containerPort: 8443 - readinessProbe: - periodSeconds: 1 - httpGet: - scheme: HTTPS - port: 8443 - httpHeaders: - - name: k-kubelet-probe - value: "webhook" - livenessProbe: - periodSeconds: 1 - httpGet: - scheme: HTTPS - port: 8443 - httpHeaders: - - name: k-kubelet-probe - value: "webhook" - failureThreshold: 6 - initialDelaySeconds: 20 - # Our webhook should gracefully terminate by lame ducking first, set this to a sufficiently - # high value that we respect whatever value it has configured for the lame duck grace period. - terminationGracePeriodSeconds: 300 ---- -apiVersion: v1 -kind: Service -metadata: - labels: - role: domainmapping-webhook - app.kubernetes.io/component: domain-mapping - app.kubernetes.io/name: knative-serving - app.kubernetes.io/version: "1.8.3" - name: domainmapping-webhook - namespace: knative-serving -spec: - ports: - # Define metrics and profiling for them to be accessible within service meshes. - - name: http-metrics - port: 9090 - targetPort: 9090 - - name: http-profiling - port: 8008 - targetPort: 8008 - - name: https-webhook - port: 443 - targetPort: 8443 - selector: - role: domainmapping-webhook - ---- -# Copyright 2020 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: autoscaling/v2 -kind: HorizontalPodAutoscaler -metadata: - name: webhook - namespace: knative-serving - labels: - app.kubernetes.io/component: webhook - app.kubernetes.io/name: knative-serving - app.kubernetes.io/version: "1.8.3" -spec: - minReplicas: 1 - maxReplicas: 5 - scaleTargetRef: - apiVersion: apps/v1 - kind: Deployment - name: webhook - metrics: - - type: Resource - resource: - name: cpu - target: - type: Utilization - # Percentage of the requested CPU - averageUtilization: 100 ---- -# Webhook PDB. -apiVersion: policy/v1 -kind: PodDisruptionBudget -metadata: - name: webhook-pdb - namespace: knative-serving - labels: - app.kubernetes.io/component: webhook - app.kubernetes.io/name: knative-serving - app.kubernetes.io/version: "1.8.3" -spec: - minAvailable: 80% - selector: - matchLabels: - app: webhook - ---- -# Copyright 2018 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: apps/v1 -kind: Deployment -metadata: - name: webhook - namespace: knative-serving - labels: - app.kubernetes.io/component: webhook - app.kubernetes.io/version: "1.8.3" - app.kubernetes.io/name: knative-serving -spec: - selector: - matchLabels: - app: webhook - role: webhook - template: - metadata: - annotations: - cluster-autoscaler.kubernetes.io/safe-to-evict: "false" - labels: - app: webhook - role: webhook - app.kubernetes.io/version: "1.8.3" - app.kubernetes.io/name: knative-serving - spec: - # To avoid node becoming SPOF, spread our replicas to different nodes. - affinity: - podAntiAffinity: - preferredDuringSchedulingIgnoredDuringExecution: - - podAffinityTerm: - labelSelector: - matchLabels: - app: webhook - topologyKey: kubernetes.io/hostname - weight: 100 - serviceAccountName: controller - containers: - - name: webhook - # This is the Go import path for the binary that is containerized - # and substituted here. - image: gcr.io/knative-releases/knative.dev/serving/cmd/webhook@sha256:e271d46b5168e25e9742f6f33a461cfcdc17b2460d4355fff7fe0c71fc1e4378 - resources: - requests: - cpu: 100m - memory: 100Mi - limits: - cpu: 500m - memory: 500Mi - env: - - name: POD_NAME - valueFrom: - fieldRef: - fieldPath: metadata.name - - name: SYSTEM_NAMESPACE - valueFrom: - fieldRef: - fieldPath: metadata.namespace - - name: CONFIG_LOGGING_NAME - value: config-logging - - name: CONFIG_OBSERVABILITY_NAME - value: config-observability - - name: WEBHOOK_NAME - value: webhook - - name: WEBHOOK_PORT - value: "8443" - # TODO(https://github.com/knative/pkg/pull/953): Remove stackdriver specific config - - name: METRICS_DOMAIN - value: knative.dev/internal/serving - securityContext: - allowPrivilegeEscalation: false - readOnlyRootFilesystem: true - runAsNonRoot: true - capabilities: - drop: - - ALL - seccompProfile: - type: RuntimeDefault - ports: - - name: metrics - containerPort: 9090 - - name: profiling - containerPort: 8008 - - name: https-webhook - containerPort: 8443 - readinessProbe: - periodSeconds: 1 - httpGet: - scheme: HTTPS - port: 8443 - httpHeaders: - - name: k-kubelet-probe - value: "webhook" - livenessProbe: - periodSeconds: 1 - httpGet: - scheme: HTTPS - port: 8443 - httpHeaders: - - name: k-kubelet-probe - value: "webhook" - failureThreshold: 6 - initialDelaySeconds: 20 - # Our webhook should gracefully terminate by lame ducking first, set this to a sufficiently - # high value that we respect whatever value it has configured for the lame duck grace period. - terminationGracePeriodSeconds: 300 ---- -apiVersion: v1 -kind: Service -metadata: - labels: - role: webhook - app.kubernetes.io/component: webhook - app.kubernetes.io/version: "1.8.3" - app.kubernetes.io/name: knative-serving - name: webhook - namespace: knative-serving -spec: - ports: - # Define metrics and profiling for them to be accessible within service meshes. - - name: http-metrics - port: 9090 - targetPort: 9090 - - name: http-profiling - port: 8008 - targetPort: 8008 - - name: https-webhook - port: 443 - targetPort: 8443 - selector: - role: webhook - ---- -# Copyright 2020 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: admissionregistration.k8s.io/v1 -kind: ValidatingWebhookConfiguration -metadata: - name: config.webhook.serving.knative.dev - labels: - app.kubernetes.io/component: webhook - app.kubernetes.io/name: knative-serving - app.kubernetes.io/version: "1.8.3" -webhooks: - - admissionReviewVersions: ["v1", "v1beta1"] - clientConfig: - service: - name: webhook - namespace: knative-serving - failurePolicy: Fail - sideEffects: None - name: config.webhook.serving.knative.dev - objectSelector: - matchExpressions: - - key: app.kubernetes.io/name - operator: In - values: ["knative-serving"] - - key: app.kubernetes.io/component - operator: In - values: ["autoscaler", "controller", "logging", "networking", "observability", "tracing"] - timeoutSeconds: 10 - ---- -# Copyright 2020 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: admissionregistration.k8s.io/v1 -kind: MutatingWebhookConfiguration -metadata: - name: webhook.serving.knative.dev - labels: - app.kubernetes.io/component: webhook - app.kubernetes.io/name: knative-serving - app.kubernetes.io/version: "1.8.3" -webhooks: - - admissionReviewVersions: ["v1", "v1beta1"] - clientConfig: - service: - name: webhook - namespace: knative-serving - failurePolicy: Fail - sideEffects: None - name: webhook.serving.knative.dev - timeoutSeconds: 10 - rules: - - apiGroups: - - autoscaling.internal.knative.dev - - networking.internal.knative.dev - - serving.knative.dev - apiVersions: - - "*" - operations: - - CREATE - - UPDATE - scope: "*" - resources: - - metrics - - podautoscalers - - certificates - - ingresses - - serverlessservices - - configurations - - revisions - - routes - - services - ---- -# Copyright 2020 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: admissionregistration.k8s.io/v1 -kind: MutatingWebhookConfiguration -metadata: - name: webhook.domainmapping.serving.knative.dev - labels: - app.kubernetes.io/component: domain-mapping - app.kubernetes.io/name: knative-serving - app.kubernetes.io/version: "1.8.3" -webhooks: - - admissionReviewVersions: ["v1", "v1beta1"] - clientConfig: - service: - name: domainmapping-webhook - namespace: knative-serving - failurePolicy: Fail - sideEffects: None - name: webhook.domainmapping.serving.knative.dev - timeoutSeconds: 10 - rules: - - apiGroups: - - serving.knative.dev - apiVersions: - - "*" - operations: - - CREATE - - UPDATE - scope: "*" - resources: - - domainmappings - - domainmappings/status - ---- -# Copyright 2020 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: v1 -kind: Secret -metadata: - name: domainmapping-webhook-certs - namespace: knative-serving - labels: - app.kubernetes.io/component: domain-mapping - app.kubernetes.io/name: knative-serving - app.kubernetes.io/version: "1.8.3" -# The data is populated at install time. - ---- -# Copyright 2020 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: admissionregistration.k8s.io/v1 -kind: ValidatingWebhookConfiguration -metadata: - name: validation.webhook.domainmapping.serving.knative.dev - labels: - app.kubernetes.io/component: domain-mapping - app.kubernetes.io/name: knative-serving - app.kubernetes.io/version: "1.8.3" -webhooks: - - admissionReviewVersions: ["v1", "v1beta1"] - clientConfig: - service: - name: domainmapping-webhook - namespace: knative-serving - failurePolicy: Fail - sideEffects: None - name: validation.webhook.domainmapping.serving.knative.dev - timeoutSeconds: 10 - rules: - - apiGroups: - - serving.knative.dev - apiVersions: - - "*" - operations: - - CREATE - - UPDATE - - DELETE - scope: "*" - resources: - - domainmappings - - domainmappings/status - ---- -# Copyright 2020 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: admissionregistration.k8s.io/v1 -kind: ValidatingWebhookConfiguration -metadata: - name: validation.webhook.serving.knative.dev - labels: - app.kubernetes.io/component: webhook - app.kubernetes.io/name: knative-serving - app.kubernetes.io/version: "1.8.3" -webhooks: - - admissionReviewVersions: ["v1", "v1beta1"] - clientConfig: - service: - name: webhook - namespace: knative-serving - failurePolicy: Fail - sideEffects: None - name: validation.webhook.serving.knative.dev - timeoutSeconds: 10 - rules: - - apiGroups: - - autoscaling.internal.knative.dev - - networking.internal.knative.dev - - serving.knative.dev - apiVersions: - - "*" - operations: - - CREATE - - UPDATE - - DELETE - scope: "*" - resources: - - metrics - - podautoscalers - - certificates - - ingresses - - serverlessservices - - configurations - - revisions - - routes - - services - ---- -# Copyright 2020 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: v1 -kind: Secret -metadata: - name: webhook-certs - namespace: knative-serving - labels: - app.kubernetes.io/component: webhook - app.kubernetes.io/name: knative-serving - app.kubernetes.io/version: "1.8.3" -# The data is populated at install time. - ---- diff --git a/cmd/operator/kodata/knative-serving/1.8.3/3-serving-hpa.yaml b/cmd/operator/kodata/knative-serving/1.8.3/3-serving-hpa.yaml deleted file mode 100644 index ecfba1d621..0000000000 --- a/cmd/operator/kodata/knative-serving/1.8.3/3-serving-hpa.yaml +++ /dev/null @@ -1,112 +0,0 @@ -# Copyright 2019 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: apps/v1 -kind: Deployment -metadata: - name: autoscaler-hpa - namespace: knative-serving - labels: - autoscaling.knative.dev/autoscaler-provider: hpa - app.kubernetes.io/component: autoscaler-hpa - app.kubernetes.io/name: knative-serving - app.kubernetes.io/version: "1.8.3" -spec: - selector: - matchLabels: - app: autoscaler-hpa - template: - metadata: - annotations: - cluster-autoscaler.kubernetes.io/safe-to-evict: "true" - labels: - app: autoscaler-hpa - app.kubernetes.io/component: autoscaler-hpa - app.kubernetes.io/name: knative-serving - app.kubernetes.io/version: "1.8.3" - spec: - # To avoid node becoming SPOF, spread our replicas to different nodes. - affinity: - podAntiAffinity: - preferredDuringSchedulingIgnoredDuringExecution: - - podAffinityTerm: - labelSelector: - matchLabels: - app: autoscaler-hpa - topologyKey: kubernetes.io/hostname - weight: 100 - serviceAccountName: controller - containers: - - name: autoscaler-hpa - # This is the Go import path for the binary that is containerized - # and substituted here. - image: gcr.io/knative-releases/knative.dev/serving/cmd/autoscaler-hpa@sha256:456bbce2636a26675c38986502bcef91c25d7ef1c28da203861d42c673102188 - resources: - requests: - cpu: 30m - memory: 40Mi - limits: - cpu: 300m - memory: 400Mi - env: - - name: SYSTEM_NAMESPACE - valueFrom: - fieldRef: - fieldPath: metadata.namespace - - name: CONFIG_LOGGING_NAME - value: config-logging - - name: CONFIG_OBSERVABILITY_NAME - value: config-observability - # TODO(https://github.com/knative/pkg/pull/953): Remove stackdriver specific config - - name: METRICS_DOMAIN - value: knative.dev/serving - securityContext: - allowPrivilegeEscalation: false - readOnlyRootFilesystem: true - runAsNonRoot: true - capabilities: - drop: - - ALL - seccompProfile: - type: RuntimeDefault - ports: - - name: metrics - containerPort: 9090 - - name: profiling - containerPort: 8008 ---- -apiVersion: v1 -kind: Service -metadata: - labels: - app: autoscaler-hpa - autoscaling.knative.dev/autoscaler-provider: hpa - app.kubernetes.io/component: autoscaler-hpa - app.kubernetes.io/name: knative-serving - app.kubernetes.io/version: "1.8.3" - name: autoscaler-hpa - namespace: knative-serving -spec: - ports: - # Define metrics and profiling for them to be accessible within service meshes. - - name: http-metrics - port: 9090 - targetPort: 9090 - - name: http-profiling - port: 8008 - targetPort: 8008 - selector: - app: autoscaler-hpa - ---- diff --git a/cmd/operator/kodata/knative-serving/1.8.3/4-serving-post-install-jobs.yaml b/cmd/operator/kodata/knative-serving/1.8.3/4-serving-post-install-jobs.yaml deleted file mode 100644 index c4ebc3958b..0000000000 --- a/cmd/operator/kodata/knative-serving/1.8.3/4-serving-post-install-jobs.yaml +++ /dev/null @@ -1,70 +0,0 @@ - ---- -# /tmp/knative.RIZ7CG6p/tmp.ObkRQU2FHH/serving-storage-version-migration.yaml -# Copyright 2020 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: batch/v1 -kind: Job -metadata: - generateName: storage-version-migration-serving- - namespace: knative-serving - labels: - app: storage-version-migration-serving - app.kubernetes.io/name: knative-serving - app.kubernetes.io/component: storage-version-migration-job - app.kubernetes.io/version: "1.8.3" -spec: - ttlSecondsAfterFinished: 600 - backoffLimit: 10 - template: - metadata: - annotations: - sidecar.istio.io/inject: "false" - labels: - app: storage-version-migration-serving - app.kubernetes.io/name: knative-serving - app.kubernetes.io/component: storage-version-migration-job - app.kubernetes.io/version: "1.8.3" - spec: - serviceAccountName: controller - restartPolicy: OnFailure - containers: - - name: migrate - # This is the Go import path for the binary that is containerized - # and substituted here. - image: gcr.io/knative-releases/knative.dev/pkg/apiextensions/storageversion/cmd/migrate@sha256:b57e1f0a597cdb065271389230359979b129f6fa7f9549c5678a9806884be003 - args: - - "services.serving.knative.dev" - - "configurations.serving.knative.dev" - - "revisions.serving.knative.dev" - - "routes.serving.knative.dev" - resources: - requests: - cpu: 100m - memory: 100Mi - limits: - cpu: 1000m - memory: 1000Mi - securityContext: - allowPrivilegeEscalation: false - readOnlyRootFilesystem: true - runAsNonRoot: true - capabilities: - drop: - - ALL - seccompProfile: - type: RuntimeDefault - ---- diff --git a/cmd/operator/kodata/knative-serving/1.8.4/1-serving-crds.yaml b/cmd/operator/kodata/knative-serving/1.8.4/1-serving-crds.yaml deleted file mode 100644 index ebbeeecfae..0000000000 --- a/cmd/operator/kodata/knative-serving/1.8.4/1-serving-crds.yaml +++ /dev/null @@ -1,4032 +0,0 @@ -# Copyright 2020 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - name: certificates.networking.internal.knative.dev - labels: - app.kubernetes.io/name: knative-serving - app.kubernetes.io/component: networking - app.kubernetes.io/version: "1.8.4" - knative.dev/crd-install: "true" -spec: - group: networking.internal.knative.dev - versions: - - name: v1alpha1 - served: true - storage: true - subresources: - status: {} - schema: - openAPIV3Schema: - description: Certificate is responsible for provisioning a SSL certificate for the given hosts. It is a Knative abstraction for various SSL certificate provisioning solutions (such as cert-manager or self-signed SSL certificate). - type: object - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - description: 'Spec is the desired state of the Certificate. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status' - type: object - required: - - dnsNames - - secretName - properties: - dnsNames: - description: DNSNames is a list of DNS names the Certificate could support. The wildcard format of DNSNames (e.g. *.default.example.com) is supported. - type: array - items: - type: string - secretName: - description: SecretName is the name of the secret resource to store the SSL certificate in. - type: string - status: - description: 'Status is the current state of the Certificate. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status' - type: object - properties: - annotations: - description: Annotations is additional Status fields for the Resource to save some additional State as well as convey more information to the user. This is roughly akin to Annotations on any k8s resource, just the reconciler conveying richer information outwards. - type: object - additionalProperties: - type: string - conditions: - description: Conditions the latest available observations of a resource's current state. - type: array - items: - description: 'Condition defines a readiness condition for a Knative resource. See: https://github.com/kubernetes/community/blob/master/contributors/devel/sig-architecture/api-conventions.md#typical-status-properties' - type: object - required: - - status - - type - properties: - lastTransitionTime: - description: LastTransitionTime is the last time the condition transitioned from one status to another. We use VolatileTime in place of metav1.Time to exclude this from creating equality.Semantic differences (all other things held constant). - type: string - message: - description: A human readable message indicating details about the transition. - type: string - reason: - description: The reason for the condition's last transition. - type: string - severity: - description: Severity with which to treat failures of this type of condition. When this is not specified, it defaults to Error. - type: string - status: - description: Status of the condition, one of True, False, Unknown. - type: string - type: - description: Type of condition. - type: string - http01Challenges: - description: HTTP01Challenges is a list of HTTP01 challenges that need to be fulfilled in order to get the TLS certificate.. - type: array - items: - description: HTTP01Challenge defines the status of a HTTP01 challenge that a certificate needs to fulfill. - type: object - properties: - serviceName: - description: ServiceName is the name of the service to serve HTTP01 challenge requests. - type: string - serviceNamespace: - description: ServiceNamespace is the namespace of the service to serve HTTP01 challenge requests. - type: string - servicePort: - description: ServicePort is the port of the service to serve HTTP01 challenge requests. - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - url: - description: URL is the URL that the HTTP01 challenge is expected to serve on. - type: string - notAfter: - description: The expiration time of the TLS certificate stored in the secret named by this resource in spec.secretName. - type: string - format: date-time - observedGeneration: - description: ObservedGeneration is the 'Generation' of the Service that was last processed by the controller. - type: integer - format: int64 - additionalPrinterColumns: - - name: Ready - type: string - jsonPath: ".status.conditions[?(@.type==\"Ready\")].status" - - name: Reason - type: string - jsonPath: ".status.conditions[?(@.type==\"Ready\")].reason" - names: - kind: Certificate - plural: certificates - singular: certificate - categories: - - knative-internal - - networking - shortNames: - - kcert - scope: Namespaced - ---- -# Copyright 2019 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -# Note: The schema part of the spec is auto-generated by hack/update-schemas.sh. - -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - name: configurations.serving.knative.dev - labels: - app.kubernetes.io/name: knative-serving - app.kubernetes.io/version: "1.8.4" - knative.dev/crd-install: "true" - duck.knative.dev/podspecable: "true" -spec: - group: serving.knative.dev - names: - kind: Configuration - plural: configurations - singular: configuration - categories: - - all - - knative - - serving - shortNames: - - config - - cfg - scope: Namespaced - versions: - - name: v1 - served: true - storage: true - subresources: - status: {} - additionalPrinterColumns: - - name: LatestCreated - type: string - jsonPath: .status.latestCreatedRevisionName - - name: LatestReady - type: string - jsonPath: .status.latestReadyRevisionName - - name: Ready - type: string - jsonPath: ".status.conditions[?(@.type=='Ready')].status" - - name: Reason - type: string - jsonPath: ".status.conditions[?(@.type=='Ready')].reason" - schema: - openAPIV3Schema: - description: 'Configuration represents the "floating HEAD" of a linear history of Revisions. Users create new Revisions by updating the Configuration''s spec. The "latest created" revision''s name is available under status, as is the "latest ready" revision''s name. See also: https://github.com/knative/serving/blob/main/docs/spec/overview.md#configuration' - type: object - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - description: ConfigurationSpec holds the desired state of the Configuration (from the client). - type: object - properties: - template: - description: Template holds the latest specification for the Revision to be stamped out. - type: object - properties: - metadata: - type: object - properties: - annotations: - type: object - additionalProperties: - type: string - finalizers: - type: array - items: - type: string - labels: - type: object - additionalProperties: - type: string - name: - type: string - namespace: - type: string - x-kubernetes-preserve-unknown-fields: true - spec: - description: RevisionSpec holds the desired state of the Revision (from the client). - type: object - required: - - containers - properties: - affinity: - description: This is accessible behind a feature flag - kubernetes.podspec-affinity - type: object - x-kubernetes-preserve-unknown-fields: true - automountServiceAccountToken: - description: AutomountServiceAccountToken indicates whether a service account token should be automatically mounted. - type: boolean - containerConcurrency: - description: ContainerConcurrency specifies the maximum allowed in-flight (concurrent) requests per container of the Revision. Defaults to `0` which means concurrency to the application is not limited, and the system decides the target concurrency for the autoscaler. - type: integer - format: int64 - containers: - description: List of containers belonging to the pod. Containers cannot currently be added or removed. There must be at least one container in a Pod. Cannot be updated. - type: array - items: - description: A single application container that you want to run within a pod. - type: object - properties: - args: - description: 'Arguments to the entrypoint. The container image''s CMD is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container''s environment. If a variable cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)" will produce the string literal "$(VAR_NAME)". Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell' - type: array - items: - type: string - command: - description: 'Entrypoint array. Not executed within a shell. The container image''s ENTRYPOINT is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container''s environment. If a variable cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)" will produce the string literal "$(VAR_NAME)". Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell' - type: array - items: - type: string - env: - description: List of environment variables to set in the container. Cannot be updated. - type: array - items: - description: EnvVar represents an environment variable present in a Container. - type: object - required: - - name - properties: - name: - description: Name of the environment variable. Must be a C_IDENTIFIER. - type: string - value: - description: 'Variable references $(VAR_NAME) are expanded using the previously defined environment variables in the container and any service environment variables. If a variable cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)" will produce the string literal "$(VAR_NAME)". Escaped references will never be expanded, regardless of whether the variable exists or not. Defaults to "".' - type: string - valueFrom: - description: Source for the environment variable's value. Cannot be used if value is not empty. - type: object - properties: - configMapKeyRef: - description: Selects a key of a ConfigMap. - type: object - required: - - key - properties: - key: - description: The key to select. - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?' - type: string - optional: - description: Specify whether the ConfigMap or its key must be defined - type: boolean - x-kubernetes-map-type: atomic - fieldRef: - description: This is accessible behind a feature flag - kubernetes.podspec-fieldref - type: object - x-kubernetes-preserve-unknown-fields: true - x-kubernetes-map-type: atomic - resourceFieldRef: - description: This is accessible behind a feature flag - kubernetes.podspec-fieldref - type: object - x-kubernetes-preserve-unknown-fields: true - x-kubernetes-map-type: atomic - secretKeyRef: - description: Selects a key of a secret in the pod's namespace - type: object - required: - - key - properties: - key: - description: The key of the secret to select from. Must be a valid secret key. - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?' - type: string - optional: - description: Specify whether the Secret or its key must be defined - type: boolean - x-kubernetes-map-type: atomic - envFrom: - description: List of sources to populate environment variables in the container. The keys defined within a source must be a C_IDENTIFIER. All invalid keys will be reported as an event when the container is starting. When a key exists in multiple sources, the value associated with the last source will take precedence. Values defined by an Env with a duplicate key will take precedence. Cannot be updated. - type: array - items: - description: EnvFromSource represents the source of a set of ConfigMaps - type: object - properties: - configMapRef: - description: The ConfigMap to select from - type: object - properties: - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?' - type: string - optional: - description: Specify whether the ConfigMap must be defined - type: boolean - x-kubernetes-map-type: atomic - prefix: - description: An optional identifier to prepend to each key in the ConfigMap. Must be a C_IDENTIFIER. - type: string - secretRef: - description: The Secret to select from - type: object - properties: - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?' - type: string - optional: - description: Specify whether the Secret must be defined - type: boolean - x-kubernetes-map-type: atomic - image: - description: 'Container image name. More info: https://kubernetes.io/docs/concepts/containers/images This field is optional to allow higher level config management to default or override container images in workload controllers like Deployments and StatefulSets.' - type: string - imagePullPolicy: - description: 'Image pull policy. One of Always, Never, IfNotPresent. Defaults to Always if :latest tag is specified, or IfNotPresent otherwise. Cannot be updated. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images' - type: string - livenessProbe: - description: 'Periodic probe of container liveness. Container will be restarted if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' - type: object - properties: - exec: - description: Exec specifies the action to take. - type: object - properties: - command: - description: Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. - type: array - items: - type: string - failureThreshold: - description: Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1. - type: integer - format: int32 - httpGet: - description: HTTPGet specifies the http request to perform. - type: object - properties: - host: - description: Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. - type: string - httpHeaders: - description: Custom headers to set in the request. HTTP allows repeated headers. - type: array - items: - description: HTTPHeader describes a custom header to be used in HTTP probes - type: object - required: - - name - - value - properties: - name: - description: The header field name - type: string - value: - description: The header field value - type: string - path: - description: Path to access on the HTTP server. - type: string - port: - description: Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - scheme: - description: Scheme to use for connecting to the host. Defaults to HTTP. - type: string - initialDelaySeconds: - description: 'Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' - type: integer - format: int32 - periodSeconds: - description: How often (in seconds) to perform the probe. - type: integer - format: int32 - successThreshold: - description: Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1. - type: integer - format: int32 - tcpSocket: - description: TCPSocket specifies an action involving a TCP port. - type: object - properties: - host: - description: 'Optional: Host name to connect to, defaults to the pod IP.' - type: string - port: - description: Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - timeoutSeconds: - description: 'Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' - type: integer - format: int32 - name: - description: Name of the container specified as a DNS_LABEL. Each container in a pod must have a unique name (DNS_LABEL). Cannot be updated. - type: string - ports: - description: List of ports to expose from the container. Not specifying a port here DOES NOT prevent that port from being exposed. Any port which is listening on the default "0.0.0.0" address inside a container will be accessible from the network. Modifying this array with strategic merge patch may corrupt the data. For more information See https://github.com/kubernetes/kubernetes/issues/108255. Cannot be updated. - type: array - items: - description: ContainerPort represents a network port in a single container. - type: object - required: - - containerPort - properties: - containerPort: - description: Number of port to expose on the pod's IP address. This must be a valid port number, 0 < x < 65536. - type: integer - format: int32 - name: - description: If specified, this must be an IANA_SVC_NAME and unique within the pod. Each named port in a pod must have a unique name. Name for the port that can be referred to by services. - type: string - protocol: - description: Protocol for port. Must be UDP, TCP, or SCTP. Defaults to "TCP". - type: string - default: TCP - x-kubernetes-list-map-keys: - - containerPort - - protocol - x-kubernetes-list-type: map - readinessProbe: - description: 'Periodic probe of container service readiness. Container will be removed from service endpoints if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' - type: object - properties: - exec: - description: Exec specifies the action to take. - type: object - properties: - command: - description: Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. - type: array - items: - type: string - failureThreshold: - description: Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1. - type: integer - format: int32 - httpGet: - description: HTTPGet specifies the http request to perform. - type: object - properties: - host: - description: Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. - type: string - httpHeaders: - description: Custom headers to set in the request. HTTP allows repeated headers. - type: array - items: - description: HTTPHeader describes a custom header to be used in HTTP probes - type: object - required: - - name - - value - properties: - name: - description: The header field name - type: string - value: - description: The header field value - type: string - path: - description: Path to access on the HTTP server. - type: string - port: - description: Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - scheme: - description: Scheme to use for connecting to the host. Defaults to HTTP. - type: string - initialDelaySeconds: - description: 'Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' - type: integer - format: int32 - periodSeconds: - description: How often (in seconds) to perform the probe. - type: integer - format: int32 - successThreshold: - description: Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1. - type: integer - format: int32 - tcpSocket: - description: TCPSocket specifies an action involving a TCP port. - type: object - properties: - host: - description: 'Optional: Host name to connect to, defaults to the pod IP.' - type: string - port: - description: Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - timeoutSeconds: - description: 'Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' - type: integer - format: int32 - resources: - description: 'Compute Resources required by this container. Cannot be updated. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' - type: object - properties: - limits: - description: 'Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' - type: object - additionalProperties: - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - requests: - description: 'Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' - type: object - additionalProperties: - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - securityContext: - description: 'SecurityContext defines the security options the container should be run with. If set, the fields of SecurityContext override the equivalent fields of PodSecurityContext. More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/' - type: object - properties: - allowPrivilegeEscalation: - description: 'AllowPrivilegeEscalation controls whether a process can gain more privileges than its parent process. This bool directly controls if the no_new_privs flag will be set on the container process. AllowPrivilegeEscalation is true always when the container is: 1) run as Privileged 2) has CAP_SYS_ADMIN Note that this field cannot be set when spec.os.name is windows.' - type: boolean - capabilities: - description: The capabilities to add/drop when running containers. Defaults to the default set of capabilities granted by the container runtime. Note that this field cannot be set when spec.os.name is windows. - type: object - properties: - add: - description: This is accessible behind a feature flag - kubernetes.containerspec-addcapabilities - type: array - items: - description: Capability represent POSIX capabilities type - type: string - drop: - description: Removed capabilities - type: array - items: - description: Capability represent POSIX capabilities type - type: string - readOnlyRootFilesystem: - description: Whether this container has a read-only root filesystem. Default is false. Note that this field cannot be set when spec.os.name is windows. - type: boolean - runAsGroup: - description: The GID to run the entrypoint of the container process. Uses runtime default if unset. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is windows. - type: integer - format: int64 - runAsNonRoot: - description: Indicates that the container must run as a non-root user. If true, the Kubelet will validate the image at runtime to ensure that it does not run as UID 0 (root) and fail to start the container if it does. If unset or false, no such validation will be performed. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. - type: boolean - runAsUser: - description: The UID to run the entrypoint of the container process. Defaults to user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is windows. - type: integer - format: int64 - terminationMessagePath: - description: 'Optional: Path at which the file to which the container''s termination message will be written is mounted into the container''s filesystem. Message written is intended to be brief final status, such as an assertion failure message. Will be truncated by the node if greater than 4096 bytes. The total message length across all containers will be limited to 12kb. Defaults to /dev/termination-log. Cannot be updated.' - type: string - terminationMessagePolicy: - description: Indicate how the termination message should be populated. File will use the contents of terminationMessagePath to populate the container status message on both success and failure. FallbackToLogsOnError will use the last chunk of container log output if the termination message file is empty and the container exited with an error. The log output is limited to 2048 bytes or 80 lines, whichever is smaller. Defaults to File. Cannot be updated. - type: string - volumeMounts: - description: Pod volumes to mount into the container's filesystem. Cannot be updated. - type: array - items: - description: VolumeMount describes a mounting of a Volume within a container. - type: object - required: - - mountPath - - name - properties: - mountPath: - description: Path within the container at which the volume should be mounted. Must not contain ':'. - type: string - name: - description: This must match the Name of a Volume. - type: string - readOnly: - description: Mounted read-only if true, read-write otherwise (false or unspecified). Defaults to false. - type: boolean - subPath: - description: Path within the volume from which the container's volume should be mounted. Defaults to "" (volume's root). - type: string - workingDir: - description: Container's working directory. If not specified, the container runtime's default will be used, which might be configured in the container image. Cannot be updated. - type: string - dnsConfig: - description: This is accessible behind a feature flag - kubernetes.podspec-dnsconfig - type: object - x-kubernetes-preserve-unknown-fields: true - dnsPolicy: - description: This is accessible behind a feature flag - kubernetes.podspec-dnspolicy - type: string - enableServiceLinks: - description: 'EnableServiceLinks indicates whether information about services should be injected into pod''s environment variables, matching the syntax of Docker links. Optional: Knative defaults this to false.' - type: boolean - hostAliases: - description: This is accessible behind a feature flag - kubernetes.podspec-hostaliases - type: array - items: - description: This is accessible behind a feature flag - kubernetes.podspec-hostaliases - type: object - x-kubernetes-preserve-unknown-fields: true - idleTimeoutSeconds: - description: IdleTimeoutSeconds is the maximum duration in seconds a request will be allowed to stay open while not receiving any bytes from the user's application. If unspecified, a system default will be provided. - type: integer - format: int64 - imagePullSecrets: - description: 'ImagePullSecrets is an optional list of references to secrets in the same namespace to use for pulling any of the images used by this PodSpec. If specified, these secrets will be passed to individual puller implementations for them to use. More info: https://kubernetes.io/docs/concepts/containers/images#specifying-imagepullsecrets-on-a-pod' - type: array - items: - description: LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. - type: object - properties: - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?' - type: string - x-kubernetes-map-type: atomic - initContainers: - description: 'List of initialization containers belonging to the pod. Init containers are executed in order prior to containers being started. If any init container fails, the pod is considered to have failed and is handled according to its restartPolicy. The name for an init container or normal container must be unique among all containers. Init containers may not have Lifecycle actions, Readiness probes, Liveness probes, or Startup probes. The resourceRequirements of an init container are taken into account during scheduling by finding the highest request/limit for each resource type, and then using the max of of that value or the sum of the normal containers. Limits are applied to init containers in a similar fashion. Init containers cannot currently be added or removed. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/init-containers/' - type: array - items: - description: This is accessible behind a feature flag - kubernetes.podspec-init-containers - type: object - x-kubernetes-preserve-unknown-fields: true - nodeSelector: - description: This is accessible behind a feature flag - kubernetes.podspec-nodeselector - type: object - x-kubernetes-preserve-unknown-fields: true - x-kubernetes-map-type: atomic - priorityClassName: - description: This is accessible behind a feature flag - kubernetes.podspec-priorityclassname - type: string - x-kubernetes-preserve-unknown-fields: true - responseStartTimeoutSeconds: - description: ResponseStartTimeoutSeconds is the maximum duration in seconds that the request routing layer will wait for a request delivered to a container to begin sending any network traffic. - type: integer - format: int64 - runtimeClassName: - description: This is accessible behind a feature flag - kubernetes.podspec-runtimeclassname - type: string - x-kubernetes-preserve-unknown-fields: true - schedulerName: - description: This is accessible behind a feature flag - kubernetes.podspec-schedulername - type: string - x-kubernetes-preserve-unknown-fields: true - securityContext: - description: This is accessible behind a feature flag - kubernetes.podspec-securitycontext - type: object - x-kubernetes-preserve-unknown-fields: true - serviceAccountName: - description: 'ServiceAccountName is the name of the ServiceAccount to use to run this pod. More info: https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/' - type: string - timeoutSeconds: - description: TimeoutSeconds is the maximum duration in seconds that the request instance is allowed to respond to a request. If unspecified, a system default will be provided. - type: integer - format: int64 - tolerations: - description: This is accessible behind a feature flag - kubernetes.podspec-tolerations - type: array - items: - description: This is accessible behind a feature flag - kubernetes.podspec-tolerations - type: object - x-kubernetes-preserve-unknown-fields: true - topologySpreadConstraints: - description: This is accessible behind a feature flag - kubernetes.podspec-topologyspreadconstraints - type: array - items: - description: This is accessible behind a feature flag - kubernetes.podspec-topologyspreadconstraints - type: object - x-kubernetes-preserve-unknown-fields: true - volumes: - description: 'List of volumes that can be mounted by containers belonging to the pod. More info: https://kubernetes.io/docs/concepts/storage/volumes' - type: array - items: - description: Volume represents a named volume in a pod that may be accessed by any container in the pod. - type: object - required: - - name - properties: - configMap: - description: configMap represents a configMap that should populate this volume - type: object - properties: - defaultMode: - description: 'defaultMode is optional: mode bits used to set permissions on created files by default. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. Defaults to 0644. Directories within the path are not affected by this setting. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.' - type: integer - format: int32 - items: - description: items if unspecified, each key-value pair in the Data field of the referenced ConfigMap will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the ConfigMap, the volume setup will error unless it is marked optional. Paths must be relative and may not contain the '..' path or start with '..'. - type: array - items: - description: Maps a string key to a path within a volume. - type: object - required: - - key - - path - properties: - key: - description: key is the key to project. - type: string - mode: - description: 'mode is Optional: mode bits used to set permissions on this file. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.' - type: integer - format: int32 - path: - description: path is the relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'. - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?' - type: string - optional: - description: optional specify whether the ConfigMap or its keys must be defined - type: boolean - x-kubernetes-map-type: atomic - emptyDir: - description: This is accessible behind a feature flag - kubernetes.podspec-emptydir - type: object - x-kubernetes-preserve-unknown-fields: true - name: - description: 'name of the volume. Must be a DNS_LABEL and unique within the pod. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - persistentVolumeClaim: - description: This is accessible behind a feature flag - kubernetes.podspec-persistent-volume-claim - type: object - x-kubernetes-preserve-unknown-fields: true - projected: - description: projected items for all in one resources secrets, configmaps, and downward API - type: object - properties: - defaultMode: - description: defaultMode are the mode bits used to set permissions on created files by default. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. Directories within the path are not affected by this setting. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. - type: integer - format: int32 - sources: - description: sources is the list of volume projections - type: array - items: - description: Projection that may be projected along with other supported volume types - type: object - properties: - configMap: - description: configMap information about the configMap data to project - type: object - properties: - items: - description: items if unspecified, each key-value pair in the Data field of the referenced ConfigMap will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the ConfigMap, the volume setup will error unless it is marked optional. Paths must be relative and may not contain the '..' path or start with '..'. - type: array - items: - description: Maps a string key to a path within a volume. - type: object - required: - - key - - path - properties: - key: - description: key is the key to project. - type: string - mode: - description: 'mode is Optional: mode bits used to set permissions on this file. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.' - type: integer - format: int32 - path: - description: path is the relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'. - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?' - type: string - optional: - description: optional specify whether the ConfigMap or its keys must be defined - type: boolean - x-kubernetes-map-type: atomic - secret: - description: secret information about the secret data to project - type: object - properties: - items: - description: items if unspecified, each key-value pair in the Data field of the referenced Secret will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the Secret, the volume setup will error unless it is marked optional. Paths must be relative and may not contain the '..' path or start with '..'. - type: array - items: - description: Maps a string key to a path within a volume. - type: object - required: - - key - - path - properties: - key: - description: key is the key to project. - type: string - mode: - description: 'mode is Optional: mode bits used to set permissions on this file. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.' - type: integer - format: int32 - path: - description: path is the relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'. - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?' - type: string - optional: - description: optional field specify whether the Secret or its key must be defined - type: boolean - x-kubernetes-map-type: atomic - serviceAccountToken: - description: serviceAccountToken is information about the serviceAccountToken data to project - type: object - required: - - path - properties: - audience: - description: audience is the intended audience of the token. A recipient of a token must identify itself with an identifier specified in the audience of the token, and otherwise should reject the token. The audience defaults to the identifier of the apiserver. - type: string - expirationSeconds: - description: expirationSeconds is the requested duration of validity of the service account token. As the token approaches expiration, the kubelet volume plugin will proactively rotate the service account token. The kubelet will start trying to rotate the token if the token is older than 80 percent of its time to live or if the token is older than 24 hours.Defaults to 1 hour and must be at least 10 minutes. - type: integer - format: int64 - path: - description: path is the path relative to the mount point of the file to project the token into. - type: string - secret: - description: 'secret represents a secret that should populate this volume. More info: https://kubernetes.io/docs/concepts/storage/volumes#secret' - type: object - properties: - defaultMode: - description: 'defaultMode is Optional: mode bits used to set permissions on created files by default. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. Defaults to 0644. Directories within the path are not affected by this setting. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.' - type: integer - format: int32 - items: - description: items If unspecified, each key-value pair in the Data field of the referenced Secret will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the Secret, the volume setup will error unless it is marked optional. Paths must be relative and may not contain the '..' path or start with '..'. - type: array - items: - description: Maps a string key to a path within a volume. - type: object - required: - - key - - path - properties: - key: - description: key is the key to project. - type: string - mode: - description: 'mode is Optional: mode bits used to set permissions on this file. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.' - type: integer - format: int32 - path: - description: path is the relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'. - type: string - optional: - description: optional field specify whether the Secret or its keys must be defined - type: boolean - secretName: - description: 'secretName is the name of the secret in the pod''s namespace to use. More info: https://kubernetes.io/docs/concepts/storage/volumes#secret' - type: string - status: - description: ConfigurationStatus communicates the observed state of the Configuration (from the controller). - type: object - properties: - annotations: - description: Annotations is additional Status fields for the Resource to save some additional State as well as convey more information to the user. This is roughly akin to Annotations on any k8s resource, just the reconciler conveying richer information outwards. - type: object - additionalProperties: - type: string - conditions: - description: Conditions the latest available observations of a resource's current state. - type: array - items: - description: 'Condition defines a readiness condition for a Knative resource. See: https://github.com/kubernetes/community/blob/master/contributors/devel/sig-architecture/api-conventions.md#typical-status-properties' - type: object - required: - - status - - type - properties: - lastTransitionTime: - description: LastTransitionTime is the last time the condition transitioned from one status to another. We use VolatileTime in place of metav1.Time to exclude this from creating equality.Semantic differences (all other things held constant). - type: string - message: - description: A human readable message indicating details about the transition. - type: string - reason: - description: The reason for the condition's last transition. - type: string - severity: - description: Severity with which to treat failures of this type of condition. When this is not specified, it defaults to Error. - type: string - status: - description: Status of the condition, one of True, False, Unknown. - type: string - type: - description: Type of condition. - type: string - latestCreatedRevisionName: - description: LatestCreatedRevisionName is the last revision that was created from this Configuration. It might not be ready yet, for that use LatestReadyRevisionName. - type: string - latestReadyRevisionName: - description: LatestReadyRevisionName holds the name of the latest Revision stamped out from this Configuration that has had its "Ready" condition become "True". - type: string - observedGeneration: - description: ObservedGeneration is the 'Generation' of the Service that was last processed by the controller. - type: integer - format: int64 - ---- -# Copyright 2020 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - name: clusterdomainclaims.networking.internal.knative.dev - labels: - app.kubernetes.io/name: knative-serving - app.kubernetes.io/component: networking - app.kubernetes.io/version: "1.8.4" - knative.dev/crd-install: "true" -spec: - group: networking.internal.knative.dev - versions: - - name: v1alpha1 - served: true - storage: true - subresources: - status: {} - schema: - openAPIV3Schema: - description: ClusterDomainClaim is a cluster-wide reservation for a particular domain name. - type: object - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - description: 'Spec is the desired state of the ClusterDomainClaim. More info: https://github.com/kubernetes/community/blob/master/contributors/devel/sig-architecture/api-conventions.md#spec-and-status' - type: object - required: - - namespace - properties: - namespace: - description: Namespace is the namespace which is allowed to create a DomainMapping using this ClusterDomainClaim's name. - type: string - names: - kind: ClusterDomainClaim - plural: clusterdomainclaims - singular: clusterdomainclaim - categories: - - knative-internal - - networking - shortNames: - - cdc - scope: Cluster - ---- -# Copyright 2020 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - name: domainmappings.serving.knative.dev - labels: - app.kubernetes.io/name: knative-serving - app.kubernetes.io/version: "1.8.4" - knative.dev/crd-install: "true" -spec: - group: serving.knative.dev - versions: - - name: v1beta1 - served: true - storage: false - subresources: - status: {} - additionalPrinterColumns: - - name: URL - type: string - jsonPath: .status.url - - name: Ready - type: string - jsonPath: ".status.conditions[?(@.type=='Ready')].status" - - name: Reason - type: string - jsonPath: ".status.conditions[?(@.type=='Ready')].reason" - "schema": - "openAPIV3Schema": - description: DomainMapping is a mapping from a custom hostname to an Addressable. - type: object - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - description: 'Spec is the desired state of the DomainMapping. More info: https://github.com/kubernetes/community/blob/master/contributors/devel/sig-architecture/api-conventions.md#spec-and-status' - type: object - required: - - ref - properties: - ref: - description: "Ref specifies the target of the Domain Mapping. \n The object identified by the Ref must be an Addressable with a URL of the form `{name}.{namespace}.{domain}` where `{domain}` is the cluster domain, and `{name}` and `{namespace}` are the name and namespace of a Kubernetes Service. \n This contract is satisfied by Knative types such as Knative Services and Knative Routes, and by Kubernetes Services." - type: object - required: - - kind - - name - properties: - apiVersion: - description: API version of the referent. - type: string - group: - description: 'Group of the API, without the version of the group. This can be used as an alternative to the APIVersion, and then resolved using ResolveGroup. Note: This API is EXPERIMENTAL and might break anytime. For more details: https://github.com/knative/eventing/issues/5086' - type: string - kind: - description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - namespace: - description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ This is optional field, it gets defaulted to the object holding it if left out.' - type: string - tls: - description: TLS allows the DomainMapping to terminate TLS traffic with an existing secret. - type: object - required: - - secretName - properties: - secretName: - description: SecretName is the name of the existing secret used to terminate TLS traffic. - type: string - status: - description: 'Status is the current state of the DomainMapping. More info: https://github.com/kubernetes/community/blob/master/contributors/devel/sig-architecture/api-conventions.md#spec-and-status' - type: object - properties: - address: - description: Address holds the information needed for a DomainMapping to be the target of an event. - type: object - properties: - url: - type: string - annotations: - description: Annotations is additional Status fields for the Resource to save some additional State as well as convey more information to the user. This is roughly akin to Annotations on any k8s resource, just the reconciler conveying richer information outwards. - type: object - additionalProperties: - type: string - conditions: - description: Conditions the latest available observations of a resource's current state. - type: array - items: - description: 'Condition defines a readiness condition for a Knative resource. See: https://github.com/kubernetes/community/blob/master/contributors/devel/sig-architecture/api-conventions.md#typical-status-properties' - type: object - required: - - status - - type - properties: - lastTransitionTime: - description: LastTransitionTime is the last time the condition transitioned from one status to another. We use VolatileTime in place of metav1.Time to exclude this from creating equality.Semantic differences (all other things held constant). - type: string - message: - description: A human readable message indicating details about the transition. - type: string - reason: - description: The reason for the condition's last transition. - type: string - severity: - description: Severity with which to treat failures of this type of condition. When this is not specified, it defaults to Error. - type: string - status: - description: Status of the condition, one of True, False, Unknown. - type: string - type: - description: Type of condition. - type: string - observedGeneration: - description: ObservedGeneration is the 'Generation' of the Service that was last processed by the controller. - type: integer - format: int64 - url: - description: URL is the URL of this DomainMapping. - type: string - - name: v1alpha1 - served: true - storage: true - subresources: - status: {} - schema: - openAPIV3Schema: - description: DomainMapping is a mapping from a custom hostname to an Addressable. - type: object - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - description: 'Spec is the desired state of the DomainMapping. More info: https://github.com/kubernetes/community/blob/master/contributors/devel/sig-architecture/api-conventions.md#spec-and-status' - type: object - required: - - ref - properties: - ref: - description: "Ref specifies the target of the Domain Mapping. \n The object identified by the Ref must be an Addressable with a URL of the form `{name}.{namespace}.{domain}` where `{domain}` is the cluster domain, and `{name}` and `{namespace}` are the name and namespace of a Kubernetes Service. \n This contract is satisfied by Knative types such as Knative Services and Knative Routes, and by Kubernetes Services." - type: object - required: - - kind - - name - properties: - apiVersion: - description: API version of the referent. - type: string - group: - description: 'Group of the API, without the version of the group. This can be used as an alternative to the APIVersion, and then resolved using ResolveGroup. Note: This API is EXPERIMENTAL and might break anytime. For more details: https://github.com/knative/eventing/issues/5086' - type: string - kind: - description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - namespace: - description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ This is optional field, it gets defaulted to the object holding it if left out.' - type: string - tls: - description: TLS allows the DomainMapping to terminate TLS traffic with an existing secret. - type: object - required: - - secretName - properties: - secretName: - description: SecretName is the name of the existing secret used to terminate TLS traffic. - type: string - status: - description: 'Status is the current state of the DomainMapping. More info: https://github.com/kubernetes/community/blob/master/contributors/devel/sig-architecture/api-conventions.md#spec-and-status' - type: object - properties: - address: - description: Address holds the information needed for a DomainMapping to be the target of an event. - type: object - properties: - url: - type: string - annotations: - description: Annotations is additional Status fields for the Resource to save some additional State as well as convey more information to the user. This is roughly akin to Annotations on any k8s resource, just the reconciler conveying richer information outwards. - type: object - additionalProperties: - type: string - conditions: - description: Conditions the latest available observations of a resource's current state. - type: array - items: - description: 'Condition defines a readiness condition for a Knative resource. See: https://github.com/kubernetes/community/blob/master/contributors/devel/sig-architecture/api-conventions.md#typical-status-properties' - type: object - required: - - status - - type - properties: - lastTransitionTime: - description: LastTransitionTime is the last time the condition transitioned from one status to another. We use VolatileTime in place of metav1.Time to exclude this from creating equality.Semantic differences (all other things held constant). - type: string - message: - description: A human readable message indicating details about the transition. - type: string - reason: - description: The reason for the condition's last transition. - type: string - severity: - description: Severity with which to treat failures of this type of condition. When this is not specified, it defaults to Error. - type: string - status: - description: Status of the condition, one of True, False, Unknown. - type: string - type: - description: Type of condition. - type: string - observedGeneration: - description: ObservedGeneration is the 'Generation' of the Service that was last processed by the controller. - type: integer - format: int64 - url: - description: URL is the URL of this DomainMapping. - type: string - additionalPrinterColumns: - - name: URL - type: string - jsonPath: .status.url - - name: Ready - type: string - jsonPath: ".status.conditions[?(@.type=='Ready')].status" - - name: Reason - type: string - jsonPath: ".status.conditions[?(@.type=='Ready')].reason" - names: - kind: DomainMapping - plural: domainmappings - singular: domainmapping - categories: - - all - - knative - - serving - shortNames: - - dm - scope: Namespaced - ---- -# Copyright 2020 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - name: ingresses.networking.internal.knative.dev - labels: - app.kubernetes.io/name: knative-serving - app.kubernetes.io/component: networking - app.kubernetes.io/version: "1.8.4" - knative.dev/crd-install: "true" -spec: - group: networking.internal.knative.dev - versions: - - name: v1alpha1 - served: true - storage: true - subresources: - status: {} - schema: - openAPIV3Schema: - description: "Ingress is a collection of rules that allow inbound connections to reach the endpoints defined by a backend. An Ingress can be configured to give services externally-reachable URLs, load balance traffic, offer name based virtual hosting, etc. \n This is heavily based on K8s Ingress https://godoc.org/k8s.io/api/networking/v1beta1#Ingress which some highlighted modifications." - type: object - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - description: 'Spec is the desired state of the Ingress. More info: https://github.com/kubernetes/community/blob/master/contributors/devel/sig-architecture/api-conventions.md#spec-and-status' - type: object - properties: - httpOption: - description: 'HTTPOption is the option of HTTP. It has the following two values: `HTTPOptionEnabled`, `HTTPOptionRedirected`' - type: string - rules: - description: A list of host rules used to configure the Ingress. - type: array - items: - description: IngressRule represents the rules mapping the paths under a specified host to the related backend services. Incoming requests are first evaluated for a host match, then routed to the backend associated with the matching IngressRuleValue. - type: object - properties: - hosts: - description: 'Host is the fully qualified domain name of a network host, as defined by RFC 3986. Note the following deviations from the "host" part of the URI as defined in the RFC: 1. IPs are not allowed. Currently a rule value can only apply to the IP in the Spec of the parent . 2. The `:` delimiter is not respected because ports are not allowed. Currently the port of an Ingress is implicitly :80 for http and :443 for https. Both these may change in the future. If the host is unspecified, the Ingress routes all traffic based on the specified IngressRuleValue. If multiple matching Hosts were provided, the first rule will take precedent.' - type: array - items: - type: string - http: - description: HTTP represents a rule to apply against incoming requests. If the rule is satisfied, the request is routed to the specified backend. - type: object - required: - - paths - properties: - paths: - description: "A collection of paths that map requests to backends. \n If they are multiple matching paths, the first match takes precedence." - type: array - items: - description: HTTPIngressPath associates a path regex with a backend. Incoming URLs matching the path are forwarded to the backend. - type: object - required: - - splits - properties: - appendHeaders: - description: "AppendHeaders allow specifying additional HTTP headers to add before forwarding a request to the destination service. \n NOTE: This differs from K8s Ingress which doesn't allow header appending." - type: object - additionalProperties: - type: string - headers: - description: Headers defines header matching rules which is a map from a header name to HeaderMatch which specify a matching condition. When a request matched with all the header matching rules, the request is routed by the corresponding ingress rule. If it is empty, the headers are not used for matching - type: object - additionalProperties: - description: HeaderMatch represents a matching value of Headers in HTTPIngressPath. Currently, only the exact matching is supported. - type: object - required: - - exact - properties: - exact: - type: string - path: - description: Path represents a literal prefix to which this rule should apply. Currently it can contain characters disallowed from the conventional "path" part of a URL as defined by RFC 3986. Paths must begin with a '/'. If unspecified, the path defaults to a catch all sending traffic to the backend. - type: string - rewriteHost: - description: "RewriteHost rewrites the incoming request's host header. \n This field is currently experimental and not supported by all Ingress implementations." - type: string - splits: - description: Splits defines the referenced service endpoints to which the traffic will be forwarded to. - type: array - items: - description: IngressBackendSplit describes all endpoints for a given service and port. - type: object - required: - - serviceName - - serviceNamespace - - servicePort - properties: - appendHeaders: - description: "AppendHeaders allow specifying additional HTTP headers to add before forwarding a request to the destination service. \n NOTE: This differs from K8s Ingress which doesn't allow header appending." - type: object - additionalProperties: - type: string - percent: - description: "Specifies the split percentage, a number between 0 and 100. If only one split is specified, we default to 100. \n NOTE: This differs from K8s Ingress to allow percentage split." - type: integer - serviceName: - description: Specifies the name of the referenced service. - type: string - serviceNamespace: - description: "Specifies the namespace of the referenced service. \n NOTE: This differs from K8s Ingress to allow routing to different namespaces." - type: string - servicePort: - description: Specifies the port of the referenced service. - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - visibility: - description: Visibility signifies whether this rule should `ClusterLocal`. If it's not specified then it defaults to `ExternalIP`. - type: string - tls: - description: 'TLS configuration. Currently Ingress only supports a single TLS port: 443. If multiple members of this list specify different hosts, they will be multiplexed on the same port according to the hostname specified through the SNI TLS extension, if the ingress controller fulfilling the ingress supports SNI.' - type: array - items: - description: IngressTLS describes the transport layer security associated with an Ingress. - type: object - properties: - hosts: - description: Hosts is a list of hosts included in the TLS certificate. The values in this list must match the name/s used in the tlsSecret. Defaults to the wildcard host setting for the loadbalancer controller fulfilling this Ingress, if left unspecified. - type: array - items: - type: string - secretName: - description: SecretName is the name of the secret used to terminate SSL traffic. - type: string - secretNamespace: - description: SecretNamespace is the namespace of the secret used to terminate SSL traffic. If not set the namespace should be assumed to be the same as the Ingress. If set the secret should have the same namespace as the Ingress otherwise the behaviour is undefined and not supported. - type: string - status: - description: 'Status is the current state of the Ingress. More info: https://github.com/kubernetes/community/blob/master/contributors/devel/sig-architecture/api-conventions.md#spec-and-status' - type: object - properties: - annotations: - description: Annotations is additional Status fields for the Resource to save some additional State as well as convey more information to the user. This is roughly akin to Annotations on any k8s resource, just the reconciler conveying richer information outwards. - type: object - additionalProperties: - type: string - conditions: - description: Conditions the latest available observations of a resource's current state. - type: array - items: - description: 'Condition defines a readiness condition for a Knative resource. See: https://github.com/kubernetes/community/blob/master/contributors/devel/sig-architecture/api-conventions.md#typical-status-properties' - type: object - required: - - status - - type - properties: - lastTransitionTime: - description: LastTransitionTime is the last time the condition transitioned from one status to another. We use VolatileTime in place of metav1.Time to exclude this from creating equality.Semantic differences (all other things held constant). - type: string - message: - description: A human readable message indicating details about the transition. - type: string - reason: - description: The reason for the condition's last transition. - type: string - severity: - description: Severity with which to treat failures of this type of condition. When this is not specified, it defaults to Error. - type: string - status: - description: Status of the condition, one of True, False, Unknown. - type: string - type: - description: Type of condition. - type: string - observedGeneration: - description: ObservedGeneration is the 'Generation' of the Service that was last processed by the controller. - type: integer - format: int64 - privateLoadBalancer: - description: PrivateLoadBalancer contains the current status of the load-balancer. - type: object - properties: - ingress: - description: Ingress is a list containing ingress points for the load-balancer. Traffic intended for the service should be sent to these ingress points. - type: array - items: - description: 'LoadBalancerIngressStatus represents the status of a load-balancer ingress point: traffic intended for the service should be sent to an ingress point.' - type: object - properties: - domain: - description: Domain is set for load-balancer ingress points that are DNS based (typically AWS load-balancers) - type: string - domainInternal: - description: "DomainInternal is set if there is a cluster-local DNS name to access the Ingress. \n NOTE: This differs from K8s Ingress, since we also desire to have a cluster-local DNS name to allow routing in case of not having a mesh." - type: string - ip: - description: IP is set for load-balancer ingress points that are IP based (typically GCE or OpenStack load-balancers) - type: string - meshOnly: - description: MeshOnly is set if the Ingress is only load-balanced through a Service mesh. - type: boolean - publicLoadBalancer: - description: PublicLoadBalancer contains the current status of the load-balancer. - type: object - properties: - ingress: - description: Ingress is a list containing ingress points for the load-balancer. Traffic intended for the service should be sent to these ingress points. - type: array - items: - description: 'LoadBalancerIngressStatus represents the status of a load-balancer ingress point: traffic intended for the service should be sent to an ingress point.' - type: object - properties: - domain: - description: Domain is set for load-balancer ingress points that are DNS based (typically AWS load-balancers) - type: string - domainInternal: - description: "DomainInternal is set if there is a cluster-local DNS name to access the Ingress. \n NOTE: This differs from K8s Ingress, since we also desire to have a cluster-local DNS name to allow routing in case of not having a mesh." - type: string - ip: - description: IP is set for load-balancer ingress points that are IP based (typically GCE or OpenStack load-balancers) - type: string - meshOnly: - description: MeshOnly is set if the Ingress is only load-balanced through a Service mesh. - type: boolean - additionalPrinterColumns: - - name: Ready - type: string - jsonPath: ".status.conditions[?(@.type=='Ready')].status" - - name: Reason - type: string - jsonPath: ".status.conditions[?(@.type=='Ready')].reason" - names: - kind: Ingress - plural: ingresses - singular: ingress - categories: - - knative-internal - - networking - shortNames: - - kingress - - king - scope: Namespaced - ---- -# Copyright 2019 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -# Note: The schema part of the spec is auto-generated by hack/update-schemas.sh. - -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - name: metrics.autoscaling.internal.knative.dev - labels: - app.kubernetes.io/name: knative-serving - app.kubernetes.io/version: "1.8.4" - knative.dev/crd-install: "true" -spec: - group: autoscaling.internal.knative.dev - names: - kind: Metric - plural: metrics - singular: metric - categories: - - knative-internal - - autoscaling - scope: Namespaced - versions: - - name: v1alpha1 - served: true - storage: true - subresources: - status: {} - additionalPrinterColumns: - - name: Ready - type: string - jsonPath: ".status.conditions[?(@.type=='Ready')].status" - - name: Reason - type: string - jsonPath: ".status.conditions[?(@.type=='Ready')].reason" - schema: - openAPIV3Schema: - description: Metric represents a resource to configure the metric collector with. - type: object - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - description: Spec holds the desired state of the Metric (from the client). - type: object - required: - - panicWindow - - scrapeTarget - - stableWindow - properties: - panicWindow: - description: PanicWindow is the aggregation window for metrics where quick reactions are needed. - type: integer - format: int64 - scrapeTarget: - description: ScrapeTarget is the K8s service that publishes the metric endpoint. - type: string - stableWindow: - description: StableWindow is the aggregation window for metrics in a stable state. - type: integer - format: int64 - status: - description: Status communicates the observed state of the Metric (from the controller). - type: object - properties: - annotations: - description: Annotations is additional Status fields for the Resource to save some additional State as well as convey more information to the user. This is roughly akin to Annotations on any k8s resource, just the reconciler conveying richer information outwards. - type: object - additionalProperties: - type: string - conditions: - description: Conditions the latest available observations of a resource's current state. - type: array - items: - description: 'Condition defines a readiness condition for a Knative resource. See: https://github.com/kubernetes/community/blob/master/contributors/devel/sig-architecture/api-conventions.md#typical-status-properties' - type: object - required: - - status - - type - properties: - lastTransitionTime: - description: LastTransitionTime is the last time the condition transitioned from one status to another. We use VolatileTime in place of metav1.Time to exclude this from creating equality.Semantic differences (all other things held constant). - type: string - message: - description: A human readable message indicating details about the transition. - type: string - reason: - description: The reason for the condition's last transition. - type: string - severity: - description: Severity with which to treat failures of this type of condition. When this is not specified, it defaults to Error. - type: string - status: - description: Status of the condition, one of True, False, Unknown. - type: string - type: - description: Type of condition. - type: string - observedGeneration: - description: ObservedGeneration is the 'Generation' of the Service that was last processed by the controller. - type: integer - format: int64 - ---- -# Copyright 2018 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -# Note: The schema part of the spec is auto-generated by hack/update-schemas.sh. - -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - name: podautoscalers.autoscaling.internal.knative.dev - labels: - app.kubernetes.io/name: knative-serving - app.kubernetes.io/version: "1.8.4" - knative.dev/crd-install: "true" -spec: - group: autoscaling.internal.knative.dev - names: - kind: PodAutoscaler - plural: podautoscalers - singular: podautoscaler - categories: - - knative-internal - - autoscaling - shortNames: - - kpa - - pa - scope: Namespaced - versions: - - name: v1alpha1 - served: true - storage: true - subresources: - status: {} - additionalPrinterColumns: - - name: DesiredScale - type: integer - jsonPath: ".status.desiredScale" - - name: ActualScale - type: integer - jsonPath: ".status.actualScale" - - name: Ready - type: string - jsonPath: ".status.conditions[?(@.type=='Ready')].status" - - name: Reason - type: string - jsonPath: ".status.conditions[?(@.type=='Ready')].reason" - schema: - openAPIV3Schema: - description: 'PodAutoscaler is a Knative abstraction that encapsulates the interface by which Knative components instantiate autoscalers. This definition is an abstraction that may be backed by multiple definitions. For more information, see the Knative Pluggability presentation: https://docs.google.com/presentation/d/19vW9HFZ6Puxt31biNZF3uLRejDmu82rxJIk1cWmxF7w/edit' - type: object - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - description: Spec holds the desired state of the PodAutoscaler (from the client). - type: object - required: - - protocolType - - scaleTargetRef - properties: - containerConcurrency: - description: ContainerConcurrency specifies the maximum allowed in-flight (concurrent) requests per container of the Revision. Defaults to `0` which means unlimited concurrency. - type: integer - format: int64 - protocolType: - description: The application-layer protocol. Matches `ProtocolType` inferred from the revision spec. - type: string - reachability: - description: Reachability specifies whether or not the `ScaleTargetRef` can be reached (ie. has a route). Defaults to `ReachabilityUnknown` - type: string - scaleTargetRef: - description: ScaleTargetRef defines the /scale-able resource that this PodAutoscaler is responsible for quickly right-sizing. - type: object - properties: - apiVersion: - description: API version of the referent. - type: string - kind: - description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - x-kubernetes-map-type: atomic - status: - description: Status communicates the observed state of the PodAutoscaler (from the controller). - type: object - required: - - metricsServiceName - - serviceName - properties: - actualScale: - description: ActualScale shows the actual number of replicas for the revision. - type: integer - format: int32 - annotations: - description: Annotations is additional Status fields for the Resource to save some additional State as well as convey more information to the user. This is roughly akin to Annotations on any k8s resource, just the reconciler conveying richer information outwards. - type: object - additionalProperties: - type: string - conditions: - description: Conditions the latest available observations of a resource's current state. - type: array - items: - description: 'Condition defines a readiness condition for a Knative resource. See: https://github.com/kubernetes/community/blob/master/contributors/devel/sig-architecture/api-conventions.md#typical-status-properties' - type: object - required: - - status - - type - properties: - lastTransitionTime: - description: LastTransitionTime is the last time the condition transitioned from one status to another. We use VolatileTime in place of metav1.Time to exclude this from creating equality.Semantic differences (all other things held constant). - type: string - message: - description: A human readable message indicating details about the transition. - type: string - reason: - description: The reason for the condition's last transition. - type: string - severity: - description: Severity with which to treat failures of this type of condition. When this is not specified, it defaults to Error. - type: string - status: - description: Status of the condition, one of True, False, Unknown. - type: string - type: - description: Type of condition. - type: string - desiredScale: - description: DesiredScale shows the current desired number of replicas for the revision. - type: integer - format: int32 - metricsServiceName: - description: MetricsServiceName is the K8s Service name that provides revision metrics. The service is managed by the PA object. - type: string - observedGeneration: - description: ObservedGeneration is the 'Generation' of the Service that was last processed by the controller. - type: integer - format: int64 - serviceName: - description: ServiceName is the K8s Service name that serves the revision, scaled by this PA. The service is created and owned by the ServerlessService object owned by this PA. - type: string - ---- -# Copyright 2019 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -# Note: The schema part of the spec is auto-generated by hack/update-schemas.sh. - -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - name: revisions.serving.knative.dev - labels: - app.kubernetes.io/name: knative-serving - app.kubernetes.io/version: "1.8.4" - knative.dev/crd-install: "true" -spec: - group: serving.knative.dev - names: - kind: Revision - plural: revisions - singular: revision - categories: - - all - - knative - - serving - shortNames: - - rev - scope: Namespaced - versions: - - name: v1 - served: true - storage: true - subresources: - status: {} - additionalPrinterColumns: - - name: Config Name - type: string - jsonPath: ".metadata.labels['serving\\.knative\\.dev/configuration']" - - name: K8s Service Name - type: string - jsonPath: ".status.serviceName" - - name: Generation - type: string # int in string form :( - jsonPath: ".metadata.labels['serving\\.knative\\.dev/configurationGeneration']" - - name: Ready - type: string - jsonPath: ".status.conditions[?(@.type=='Ready')].status" - - name: Reason - type: string - jsonPath: ".status.conditions[?(@.type=='Ready')].reason" - - name: Actual Replicas - type: integer - jsonPath: ".status.actualReplicas" - - name: Desired Replicas - type: integer - jsonPath: ".status.desiredReplicas" - schema: - openAPIV3Schema: - description: "Revision is an immutable snapshot of code and configuration. A revision references a container image. Revisions are created by updates to a Configuration. \n See also: https://github.com/knative/serving/blob/main/docs/spec/overview.md#revision" - type: object - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - description: RevisionSpec holds the desired state of the Revision (from the client). - type: object - required: - - containers - properties: - affinity: - description: This is accessible behind a feature flag - kubernetes.podspec-affinity - type: object - x-kubernetes-preserve-unknown-fields: true - automountServiceAccountToken: - description: AutomountServiceAccountToken indicates whether a service account token should be automatically mounted. - type: boolean - containerConcurrency: - description: ContainerConcurrency specifies the maximum allowed in-flight (concurrent) requests per container of the Revision. Defaults to `0` which means concurrency to the application is not limited, and the system decides the target concurrency for the autoscaler. - type: integer - format: int64 - containers: - description: List of containers belonging to the pod. Containers cannot currently be added or removed. There must be at least one container in a Pod. Cannot be updated. - type: array - items: - description: A single application container that you want to run within a pod. - type: object - properties: - args: - description: 'Arguments to the entrypoint. The container image''s CMD is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container''s environment. If a variable cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)" will produce the string literal "$(VAR_NAME)". Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell' - type: array - items: - type: string - command: - description: 'Entrypoint array. Not executed within a shell. The container image''s ENTRYPOINT is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container''s environment. If a variable cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)" will produce the string literal "$(VAR_NAME)". Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell' - type: array - items: - type: string - env: - description: List of environment variables to set in the container. Cannot be updated. - type: array - items: - description: EnvVar represents an environment variable present in a Container. - type: object - required: - - name - properties: - name: - description: Name of the environment variable. Must be a C_IDENTIFIER. - type: string - value: - description: 'Variable references $(VAR_NAME) are expanded using the previously defined environment variables in the container and any service environment variables. If a variable cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)" will produce the string literal "$(VAR_NAME)". Escaped references will never be expanded, regardless of whether the variable exists or not. Defaults to "".' - type: string - valueFrom: - description: Source for the environment variable's value. Cannot be used if value is not empty. - type: object - properties: - configMapKeyRef: - description: Selects a key of a ConfigMap. - type: object - required: - - key - properties: - key: - description: The key to select. - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?' - type: string - optional: - description: Specify whether the ConfigMap or its key must be defined - type: boolean - x-kubernetes-map-type: atomic - fieldRef: - description: This is accessible behind a feature flag - kubernetes.podspec-fieldref - type: object - x-kubernetes-preserve-unknown-fields: true - x-kubernetes-map-type: atomic - resourceFieldRef: - description: This is accessible behind a feature flag - kubernetes.podspec-fieldref - type: object - x-kubernetes-preserve-unknown-fields: true - x-kubernetes-map-type: atomic - secretKeyRef: - description: Selects a key of a secret in the pod's namespace - type: object - required: - - key - properties: - key: - description: The key of the secret to select from. Must be a valid secret key. - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?' - type: string - optional: - description: Specify whether the Secret or its key must be defined - type: boolean - x-kubernetes-map-type: atomic - envFrom: - description: List of sources to populate environment variables in the container. The keys defined within a source must be a C_IDENTIFIER. All invalid keys will be reported as an event when the container is starting. When a key exists in multiple sources, the value associated with the last source will take precedence. Values defined by an Env with a duplicate key will take precedence. Cannot be updated. - type: array - items: - description: EnvFromSource represents the source of a set of ConfigMaps - type: object - properties: - configMapRef: - description: The ConfigMap to select from - type: object - properties: - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?' - type: string - optional: - description: Specify whether the ConfigMap must be defined - type: boolean - x-kubernetes-map-type: atomic - prefix: - description: An optional identifier to prepend to each key in the ConfigMap. Must be a C_IDENTIFIER. - type: string - secretRef: - description: The Secret to select from - type: object - properties: - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?' - type: string - optional: - description: Specify whether the Secret must be defined - type: boolean - x-kubernetes-map-type: atomic - image: - description: 'Container image name. More info: https://kubernetes.io/docs/concepts/containers/images This field is optional to allow higher level config management to default or override container images in workload controllers like Deployments and StatefulSets.' - type: string - imagePullPolicy: - description: 'Image pull policy. One of Always, Never, IfNotPresent. Defaults to Always if :latest tag is specified, or IfNotPresent otherwise. Cannot be updated. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images' - type: string - livenessProbe: - description: 'Periodic probe of container liveness. Container will be restarted if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' - type: object - properties: - exec: - description: Exec specifies the action to take. - type: object - properties: - command: - description: Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. - type: array - items: - type: string - failureThreshold: - description: Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1. - type: integer - format: int32 - httpGet: - description: HTTPGet specifies the http request to perform. - type: object - properties: - host: - description: Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. - type: string - httpHeaders: - description: Custom headers to set in the request. HTTP allows repeated headers. - type: array - items: - description: HTTPHeader describes a custom header to be used in HTTP probes - type: object - required: - - name - - value - properties: - name: - description: The header field name - type: string - value: - description: The header field value - type: string - path: - description: Path to access on the HTTP server. - type: string - port: - description: Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - scheme: - description: Scheme to use for connecting to the host. Defaults to HTTP. - type: string - initialDelaySeconds: - description: 'Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' - type: integer - format: int32 - periodSeconds: - description: How often (in seconds) to perform the probe. - type: integer - format: int32 - successThreshold: - description: Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1. - type: integer - format: int32 - tcpSocket: - description: TCPSocket specifies an action involving a TCP port. - type: object - properties: - host: - description: 'Optional: Host name to connect to, defaults to the pod IP.' - type: string - port: - description: Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - timeoutSeconds: - description: 'Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' - type: integer - format: int32 - name: - description: Name of the container specified as a DNS_LABEL. Each container in a pod must have a unique name (DNS_LABEL). Cannot be updated. - type: string - ports: - description: List of ports to expose from the container. Not specifying a port here DOES NOT prevent that port from being exposed. Any port which is listening on the default "0.0.0.0" address inside a container will be accessible from the network. Modifying this array with strategic merge patch may corrupt the data. For more information See https://github.com/kubernetes/kubernetes/issues/108255. Cannot be updated. - type: array - items: - description: ContainerPort represents a network port in a single container. - type: object - required: - - containerPort - properties: - containerPort: - description: Number of port to expose on the pod's IP address. This must be a valid port number, 0 < x < 65536. - type: integer - format: int32 - name: - description: If specified, this must be an IANA_SVC_NAME and unique within the pod. Each named port in a pod must have a unique name. Name for the port that can be referred to by services. - type: string - protocol: - description: Protocol for port. Must be UDP, TCP, or SCTP. Defaults to "TCP". - type: string - default: TCP - x-kubernetes-list-map-keys: - - containerPort - - protocol - x-kubernetes-list-type: map - readinessProbe: - description: 'Periodic probe of container service readiness. Container will be removed from service endpoints if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' - type: object - properties: - exec: - description: Exec specifies the action to take. - type: object - properties: - command: - description: Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. - type: array - items: - type: string - failureThreshold: - description: Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1. - type: integer - format: int32 - httpGet: - description: HTTPGet specifies the http request to perform. - type: object - properties: - host: - description: Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. - type: string - httpHeaders: - description: Custom headers to set in the request. HTTP allows repeated headers. - type: array - items: - description: HTTPHeader describes a custom header to be used in HTTP probes - type: object - required: - - name - - value - properties: - name: - description: The header field name - type: string - value: - description: The header field value - type: string - path: - description: Path to access on the HTTP server. - type: string - port: - description: Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - scheme: - description: Scheme to use for connecting to the host. Defaults to HTTP. - type: string - initialDelaySeconds: - description: 'Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' - type: integer - format: int32 - periodSeconds: - description: How often (in seconds) to perform the probe. - type: integer - format: int32 - successThreshold: - description: Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1. - type: integer - format: int32 - tcpSocket: - description: TCPSocket specifies an action involving a TCP port. - type: object - properties: - host: - description: 'Optional: Host name to connect to, defaults to the pod IP.' - type: string - port: - description: Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - timeoutSeconds: - description: 'Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' - type: integer - format: int32 - resources: - description: 'Compute Resources required by this container. Cannot be updated. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' - type: object - properties: - limits: - description: 'Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' - type: object - additionalProperties: - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - requests: - description: 'Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' - type: object - additionalProperties: - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - securityContext: - description: 'SecurityContext defines the security options the container should be run with. If set, the fields of SecurityContext override the equivalent fields of PodSecurityContext. More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/' - type: object - properties: - allowPrivilegeEscalation: - description: 'AllowPrivilegeEscalation controls whether a process can gain more privileges than its parent process. This bool directly controls if the no_new_privs flag will be set on the container process. AllowPrivilegeEscalation is true always when the container is: 1) run as Privileged 2) has CAP_SYS_ADMIN Note that this field cannot be set when spec.os.name is windows.' - type: boolean - capabilities: - description: The capabilities to add/drop when running containers. Defaults to the default set of capabilities granted by the container runtime. Note that this field cannot be set when spec.os.name is windows. - type: object - properties: - add: - description: This is accessible behind a feature flag - kubernetes.containerspec-addcapabilities - type: array - items: - description: Capability represent POSIX capabilities type - type: string - drop: - description: Removed capabilities - type: array - items: - description: Capability represent POSIX capabilities type - type: string - readOnlyRootFilesystem: - description: Whether this container has a read-only root filesystem. Default is false. Note that this field cannot be set when spec.os.name is windows. - type: boolean - runAsGroup: - description: The GID to run the entrypoint of the container process. Uses runtime default if unset. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is windows. - type: integer - format: int64 - runAsNonRoot: - description: Indicates that the container must run as a non-root user. If true, the Kubelet will validate the image at runtime to ensure that it does not run as UID 0 (root) and fail to start the container if it does. If unset or false, no such validation will be performed. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. - type: boolean - runAsUser: - description: The UID to run the entrypoint of the container process. Defaults to user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is windows. - type: integer - format: int64 - terminationMessagePath: - description: 'Optional: Path at which the file to which the container''s termination message will be written is mounted into the container''s filesystem. Message written is intended to be brief final status, such as an assertion failure message. Will be truncated by the node if greater than 4096 bytes. The total message length across all containers will be limited to 12kb. Defaults to /dev/termination-log. Cannot be updated.' - type: string - terminationMessagePolicy: - description: Indicate how the termination message should be populated. File will use the contents of terminationMessagePath to populate the container status message on both success and failure. FallbackToLogsOnError will use the last chunk of container log output if the termination message file is empty and the container exited with an error. The log output is limited to 2048 bytes or 80 lines, whichever is smaller. Defaults to File. Cannot be updated. - type: string - volumeMounts: - description: Pod volumes to mount into the container's filesystem. Cannot be updated. - type: array - items: - description: VolumeMount describes a mounting of a Volume within a container. - type: object - required: - - mountPath - - name - properties: - mountPath: - description: Path within the container at which the volume should be mounted. Must not contain ':'. - type: string - name: - description: This must match the Name of a Volume. - type: string - readOnly: - description: Mounted read-only if true, read-write otherwise (false or unspecified). Defaults to false. - type: boolean - subPath: - description: Path within the volume from which the container's volume should be mounted. Defaults to "" (volume's root). - type: string - workingDir: - description: Container's working directory. If not specified, the container runtime's default will be used, which might be configured in the container image. Cannot be updated. - type: string - dnsConfig: - description: This is accessible behind a feature flag - kubernetes.podspec-dnsconfig - type: object - x-kubernetes-preserve-unknown-fields: true - dnsPolicy: - description: This is accessible behind a feature flag - kubernetes.podspec-dnspolicy - type: string - enableServiceLinks: - description: 'EnableServiceLinks indicates whether information about services should be injected into pod''s environment variables, matching the syntax of Docker links. Optional: Knative defaults this to false.' - type: boolean - hostAliases: - description: This is accessible behind a feature flag - kubernetes.podspec-hostaliases - type: array - items: - description: This is accessible behind a feature flag - kubernetes.podspec-hostaliases - type: object - x-kubernetes-preserve-unknown-fields: true - idleTimeoutSeconds: - description: IdleTimeoutSeconds is the maximum duration in seconds a request will be allowed to stay open while not receiving any bytes from the user's application. If unspecified, a system default will be provided. - type: integer - format: int64 - imagePullSecrets: - description: 'ImagePullSecrets is an optional list of references to secrets in the same namespace to use for pulling any of the images used by this PodSpec. If specified, these secrets will be passed to individual puller implementations for them to use. More info: https://kubernetes.io/docs/concepts/containers/images#specifying-imagepullsecrets-on-a-pod' - type: array - items: - description: LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. - type: object - properties: - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?' - type: string - x-kubernetes-map-type: atomic - initContainers: - description: 'List of initialization containers belonging to the pod. Init containers are executed in order prior to containers being started. If any init container fails, the pod is considered to have failed and is handled according to its restartPolicy. The name for an init container or normal container must be unique among all containers. Init containers may not have Lifecycle actions, Readiness probes, Liveness probes, or Startup probes. The resourceRequirements of an init container are taken into account during scheduling by finding the highest request/limit for each resource type, and then using the max of of that value or the sum of the normal containers. Limits are applied to init containers in a similar fashion. Init containers cannot currently be added or removed. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/init-containers/' - type: array - items: - description: This is accessible behind a feature flag - kubernetes.podspec-init-containers - type: object - x-kubernetes-preserve-unknown-fields: true - nodeSelector: - description: This is accessible behind a feature flag - kubernetes.podspec-nodeselector - type: object - x-kubernetes-preserve-unknown-fields: true - x-kubernetes-map-type: atomic - priorityClassName: - description: This is accessible behind a feature flag - kubernetes.podspec-priorityclassname - type: string - x-kubernetes-preserve-unknown-fields: true - responseStartTimeoutSeconds: - description: ResponseStartTimeoutSeconds is the maximum duration in seconds that the request routing layer will wait for a request delivered to a container to begin sending any network traffic. - type: integer - format: int64 - runtimeClassName: - description: This is accessible behind a feature flag - kubernetes.podspec-runtimeclassname - type: string - x-kubernetes-preserve-unknown-fields: true - schedulerName: - description: This is accessible behind a feature flag - kubernetes.podspec-schedulername - type: string - x-kubernetes-preserve-unknown-fields: true - securityContext: - description: This is accessible behind a feature flag - kubernetes.podspec-securitycontext - type: object - x-kubernetes-preserve-unknown-fields: true - serviceAccountName: - description: 'ServiceAccountName is the name of the ServiceAccount to use to run this pod. More info: https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/' - type: string - timeoutSeconds: - description: TimeoutSeconds is the maximum duration in seconds that the request instance is allowed to respond to a request. If unspecified, a system default will be provided. - type: integer - format: int64 - tolerations: - description: This is accessible behind a feature flag - kubernetes.podspec-tolerations - type: array - items: - description: This is accessible behind a feature flag - kubernetes.podspec-tolerations - type: object - x-kubernetes-preserve-unknown-fields: true - topologySpreadConstraints: - description: This is accessible behind a feature flag - kubernetes.podspec-topologyspreadconstraints - type: array - items: - description: This is accessible behind a feature flag - kubernetes.podspec-topologyspreadconstraints - type: object - x-kubernetes-preserve-unknown-fields: true - volumes: - description: 'List of volumes that can be mounted by containers belonging to the pod. More info: https://kubernetes.io/docs/concepts/storage/volumes' - type: array - items: - description: Volume represents a named volume in a pod that may be accessed by any container in the pod. - type: object - required: - - name - properties: - configMap: - description: configMap represents a configMap that should populate this volume - type: object - properties: - defaultMode: - description: 'defaultMode is optional: mode bits used to set permissions on created files by default. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. Defaults to 0644. Directories within the path are not affected by this setting. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.' - type: integer - format: int32 - items: - description: items if unspecified, each key-value pair in the Data field of the referenced ConfigMap will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the ConfigMap, the volume setup will error unless it is marked optional. Paths must be relative and may not contain the '..' path or start with '..'. - type: array - items: - description: Maps a string key to a path within a volume. - type: object - required: - - key - - path - properties: - key: - description: key is the key to project. - type: string - mode: - description: 'mode is Optional: mode bits used to set permissions on this file. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.' - type: integer - format: int32 - path: - description: path is the relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'. - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?' - type: string - optional: - description: optional specify whether the ConfigMap or its keys must be defined - type: boolean - x-kubernetes-map-type: atomic - emptyDir: - description: This is accessible behind a feature flag - kubernetes.podspec-emptydir - type: object - x-kubernetes-preserve-unknown-fields: true - name: - description: 'name of the volume. Must be a DNS_LABEL and unique within the pod. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - persistentVolumeClaim: - description: This is accessible behind a feature flag - kubernetes.podspec-persistent-volume-claim - type: object - x-kubernetes-preserve-unknown-fields: true - projected: - description: projected items for all in one resources secrets, configmaps, and downward API - type: object - properties: - defaultMode: - description: defaultMode are the mode bits used to set permissions on created files by default. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. Directories within the path are not affected by this setting. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. - type: integer - format: int32 - sources: - description: sources is the list of volume projections - type: array - items: - description: Projection that may be projected along with other supported volume types - type: object - properties: - configMap: - description: configMap information about the configMap data to project - type: object - properties: - items: - description: items if unspecified, each key-value pair in the Data field of the referenced ConfigMap will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the ConfigMap, the volume setup will error unless it is marked optional. Paths must be relative and may not contain the '..' path or start with '..'. - type: array - items: - description: Maps a string key to a path within a volume. - type: object - required: - - key - - path - properties: - key: - description: key is the key to project. - type: string - mode: - description: 'mode is Optional: mode bits used to set permissions on this file. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.' - type: integer - format: int32 - path: - description: path is the relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'. - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?' - type: string - optional: - description: optional specify whether the ConfigMap or its keys must be defined - type: boolean - x-kubernetes-map-type: atomic - secret: - description: secret information about the secret data to project - type: object - properties: - items: - description: items if unspecified, each key-value pair in the Data field of the referenced Secret will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the Secret, the volume setup will error unless it is marked optional. Paths must be relative and may not contain the '..' path or start with '..'. - type: array - items: - description: Maps a string key to a path within a volume. - type: object - required: - - key - - path - properties: - key: - description: key is the key to project. - type: string - mode: - description: 'mode is Optional: mode bits used to set permissions on this file. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.' - type: integer - format: int32 - path: - description: path is the relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'. - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?' - type: string - optional: - description: optional field specify whether the Secret or its key must be defined - type: boolean - x-kubernetes-map-type: atomic - serviceAccountToken: - description: serviceAccountToken is information about the serviceAccountToken data to project - type: object - required: - - path - properties: - audience: - description: audience is the intended audience of the token. A recipient of a token must identify itself with an identifier specified in the audience of the token, and otherwise should reject the token. The audience defaults to the identifier of the apiserver. - type: string - expirationSeconds: - description: expirationSeconds is the requested duration of validity of the service account token. As the token approaches expiration, the kubelet volume plugin will proactively rotate the service account token. The kubelet will start trying to rotate the token if the token is older than 80 percent of its time to live or if the token is older than 24 hours.Defaults to 1 hour and must be at least 10 minutes. - type: integer - format: int64 - path: - description: path is the path relative to the mount point of the file to project the token into. - type: string - secret: - description: 'secret represents a secret that should populate this volume. More info: https://kubernetes.io/docs/concepts/storage/volumes#secret' - type: object - properties: - defaultMode: - description: 'defaultMode is Optional: mode bits used to set permissions on created files by default. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. Defaults to 0644. Directories within the path are not affected by this setting. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.' - type: integer - format: int32 - items: - description: items If unspecified, each key-value pair in the Data field of the referenced Secret will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the Secret, the volume setup will error unless it is marked optional. Paths must be relative and may not contain the '..' path or start with '..'. - type: array - items: - description: Maps a string key to a path within a volume. - type: object - required: - - key - - path - properties: - key: - description: key is the key to project. - type: string - mode: - description: 'mode is Optional: mode bits used to set permissions on this file. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.' - type: integer - format: int32 - path: - description: path is the relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'. - type: string - optional: - description: optional field specify whether the Secret or its keys must be defined - type: boolean - secretName: - description: 'secretName is the name of the secret in the pod''s namespace to use. More info: https://kubernetes.io/docs/concepts/storage/volumes#secret' - type: string - status: - description: RevisionStatus communicates the observed state of the Revision (from the controller). - type: object - properties: - actualReplicas: - description: ActualReplicas reflects the amount of ready pods running this revision. - type: integer - format: int32 - annotations: - description: Annotations is additional Status fields for the Resource to save some additional State as well as convey more information to the user. This is roughly akin to Annotations on any k8s resource, just the reconciler conveying richer information outwards. - type: object - additionalProperties: - type: string - conditions: - description: Conditions the latest available observations of a resource's current state. - type: array - items: - description: 'Condition defines a readiness condition for a Knative resource. See: https://github.com/kubernetes/community/blob/master/contributors/devel/sig-architecture/api-conventions.md#typical-status-properties' - type: object - required: - - status - - type - properties: - lastTransitionTime: - description: LastTransitionTime is the last time the condition transitioned from one status to another. We use VolatileTime in place of metav1.Time to exclude this from creating equality.Semantic differences (all other things held constant). - type: string - message: - description: A human readable message indicating details about the transition. - type: string - reason: - description: The reason for the condition's last transition. - type: string - severity: - description: Severity with which to treat failures of this type of condition. When this is not specified, it defaults to Error. - type: string - status: - description: Status of the condition, one of True, False, Unknown. - type: string - type: - description: Type of condition. - type: string - containerStatuses: - description: 'ContainerStatuses is a slice of images present in .Spec.Container[*].Image to their respective digests and their container name. The digests are resolved during the creation of Revision. ContainerStatuses holds the container name and image digests for both serving and non serving containers. ref: http://bit.ly/image-digests' - type: array - items: - description: ContainerStatus holds the information of container name and image digest value - type: object - properties: - imageDigest: - type: string - name: - type: string - desiredReplicas: - description: DesiredReplicas reflects the desired amount of pods running this revision. - type: integer - format: int32 - initContainerStatuses: - description: 'InitContainerStatuses is a slice of images present in .Spec.InitContainer[*].Image to their respective digests and their container name. The digests are resolved during the creation of Revision. ContainerStatuses holds the container name and image digests for both serving and non serving containers. ref: http://bit.ly/image-digests' - type: array - items: - description: ContainerStatus holds the information of container name and image digest value - type: object - properties: - imageDigest: - type: string - name: - type: string - logUrl: - description: LogURL specifies the generated logging url for this particular revision based on the revision url template specified in the controller's config. - type: string - observedGeneration: - description: ObservedGeneration is the 'Generation' of the Service that was last processed by the controller. - type: integer - format: int64 - ---- -# Copyright 2019 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -# Note: The schema part of the spec is auto-generated by hack/update-schemas.sh. - -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - name: routes.serving.knative.dev - labels: - app.kubernetes.io/name: knative-serving - app.kubernetes.io/version: "1.8.4" - knative.dev/crd-install: "true" - duck.knative.dev/addressable: "true" -spec: - group: serving.knative.dev - names: - kind: Route - plural: routes - singular: route - categories: - - all - - knative - - serving - shortNames: - - rt - scope: Namespaced - versions: - - name: v1 - served: true - storage: true - subresources: - status: {} - additionalPrinterColumns: - - name: URL - type: string - jsonPath: .status.url - - name: Ready - type: string - jsonPath: ".status.conditions[?(@.type=='Ready')].status" - - name: Reason - type: string - jsonPath: ".status.conditions[?(@.type=='Ready')].reason" - schema: - openAPIV3Schema: - description: 'Route is responsible for configuring ingress over a collection of Revisions. Some of the Revisions a Route distributes traffic over may be specified by referencing the Configuration responsible for creating them; in these cases the Route is additionally responsible for monitoring the Configuration for "latest ready revision" changes, and smoothly rolling out latest revisions. See also: https://github.com/knative/serving/blob/main/docs/spec/overview.md#route' - type: object - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - description: Spec holds the desired state of the Route (from the client). - type: object - properties: - traffic: - description: Traffic specifies how to distribute traffic over a collection of revisions and configurations. - type: array - items: - description: TrafficTarget holds a single entry of the routing table for a Route. - type: object - properties: - configurationName: - description: ConfigurationName of a configuration to whose latest revision we will send this portion of traffic. When the "status.latestReadyRevisionName" of the referenced configuration changes, we will automatically migrate traffic from the prior "latest ready" revision to the new one. This field is never set in Route's status, only its spec. This is mutually exclusive with RevisionName. - type: string - latestRevision: - description: LatestRevision may be optionally provided to indicate that the latest ready Revision of the Configuration should be used for this traffic target. When provided LatestRevision must be true if RevisionName is empty; it must be false when RevisionName is non-empty. - type: boolean - percent: - description: 'Percent indicates that percentage based routing should be used and the value indicates the percent of traffic that is be routed to this Revision or Configuration. `0` (zero) mean no traffic, `100` means all traffic. When percentage based routing is being used the follow rules apply: - the sum of all percent values must equal 100 - when not specified, the implied value for `percent` is zero for that particular Revision or Configuration' - type: integer - format: int64 - revisionName: - description: RevisionName of a specific revision to which to send this portion of traffic. This is mutually exclusive with ConfigurationName. - type: string - tag: - description: Tag is optionally used to expose a dedicated url for referencing this target exclusively. - type: string - url: - description: URL displays the URL for accessing named traffic targets. URL is displayed in status, and is disallowed on spec. URL must contain a scheme (e.g. http://) and a hostname, but may not contain anything else (e.g. basic auth, url path, etc.) - type: string - status: - description: Status communicates the observed state of the Route (from the controller). - type: object - properties: - address: - description: Address holds the information needed for a Route to be the target of an event. - type: object - properties: - url: - type: string - annotations: - description: Annotations is additional Status fields for the Resource to save some additional State as well as convey more information to the user. This is roughly akin to Annotations on any k8s resource, just the reconciler conveying richer information outwards. - type: object - additionalProperties: - type: string - conditions: - description: Conditions the latest available observations of a resource's current state. - type: array - items: - description: 'Condition defines a readiness condition for a Knative resource. See: https://github.com/kubernetes/community/blob/master/contributors/devel/sig-architecture/api-conventions.md#typical-status-properties' - type: object - required: - - status - - type - properties: - lastTransitionTime: - description: LastTransitionTime is the last time the condition transitioned from one status to another. We use VolatileTime in place of metav1.Time to exclude this from creating equality.Semantic differences (all other things held constant). - type: string - message: - description: A human readable message indicating details about the transition. - type: string - reason: - description: The reason for the condition's last transition. - type: string - severity: - description: Severity with which to treat failures of this type of condition. When this is not specified, it defaults to Error. - type: string - status: - description: Status of the condition, one of True, False, Unknown. - type: string - type: - description: Type of condition. - type: string - observedGeneration: - description: ObservedGeneration is the 'Generation' of the Service that was last processed by the controller. - type: integer - format: int64 - traffic: - description: Traffic holds the configured traffic distribution. These entries will always contain RevisionName references. When ConfigurationName appears in the spec, this will hold the LatestReadyRevisionName that we last observed. - type: array - items: - description: TrafficTarget holds a single entry of the routing table for a Route. - type: object - properties: - configurationName: - description: ConfigurationName of a configuration to whose latest revision we will send this portion of traffic. When the "status.latestReadyRevisionName" of the referenced configuration changes, we will automatically migrate traffic from the prior "latest ready" revision to the new one. This field is never set in Route's status, only its spec. This is mutually exclusive with RevisionName. - type: string - latestRevision: - description: LatestRevision may be optionally provided to indicate that the latest ready Revision of the Configuration should be used for this traffic target. When provided LatestRevision must be true if RevisionName is empty; it must be false when RevisionName is non-empty. - type: boolean - percent: - description: 'Percent indicates that percentage based routing should be used and the value indicates the percent of traffic that is be routed to this Revision or Configuration. `0` (zero) mean no traffic, `100` means all traffic. When percentage based routing is being used the follow rules apply: - the sum of all percent values must equal 100 - when not specified, the implied value for `percent` is zero for that particular Revision or Configuration' - type: integer - format: int64 - revisionName: - description: RevisionName of a specific revision to which to send this portion of traffic. This is mutually exclusive with ConfigurationName. - type: string - tag: - description: Tag is optionally used to expose a dedicated url for referencing this target exclusively. - type: string - url: - description: URL displays the URL for accessing named traffic targets. URL is displayed in status, and is disallowed on spec. URL must contain a scheme (e.g. http://) and a hostname, but may not contain anything else (e.g. basic auth, url path, etc.) - type: string - url: - description: URL holds the url that will distribute traffic over the provided traffic targets. It generally has the form http[s]://{route-name}.{route-namespace}.{cluster-level-suffix} - type: string - ---- -# Copyright 2019 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - name: serverlessservices.networking.internal.knative.dev - labels: - app.kubernetes.io/name: knative-serving - app.kubernetes.io/component: networking - app.kubernetes.io/version: "1.8.4" - knative.dev/crd-install: "true" -spec: - group: networking.internal.knative.dev - versions: - - name: v1alpha1 - served: true - storage: true - subresources: - status: {} - schema: - openAPIV3Schema: - description: 'ServerlessService is a proxy for the K8s service objects containing the endpoints for the revision, whether those are endpoints of the activator or revision pods. See: https://knative.page.link/naxz for details.' - type: object - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - description: 'Spec is the desired state of the ServerlessService. More info: https://github.com/kubernetes/community/blob/master/contributors/devel/sig-architecture/api-conventions.md#spec-and-status' - type: object - required: - - objectRef - - protocolType - properties: - mode: - description: Mode describes the mode of operation of the ServerlessService. - type: string - numActivators: - description: NumActivators contains number of Activators that this revision should be assigned. O means — assign all. - type: integer - format: int32 - objectRef: - description: ObjectRef defines the resource that this ServerlessService is responsible for making "serverless". - type: object - properties: - apiVersion: - description: API version of the referent. - type: string - fieldPath: - description: 'If referring to a piece of an object instead of an entire object, this string should contain a valid JSON/Go field access statement, such as desiredState.manifest.containers[2]. For example, if the object reference is to a container within a pod, this would take on a value like: "spec.containers{name}" (where "name" refers to the name of the container that triggered the event) or if no container name is specified "spec.containers[2]" (container with index 2 in this pod). This syntax is chosen only to have some well-defined way of referencing a part of an object. TODO: this design is not final and this field is subject to change in the future.' - type: string - kind: - description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - namespace: - description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' - type: string - resourceVersion: - description: 'Specific resourceVersion to which this reference is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency' - type: string - uid: - description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids' - type: string - x-kubernetes-map-type: atomic - protocolType: - description: The application-layer protocol. Matches `RevisionProtocolType` set on the owning pa/revision. serving imports networking, so just use string. - type: string - status: - description: 'Status is the current state of the ServerlessService. More info: https://github.com/kubernetes/community/blob/master/contributors/devel/sig-architecture/api-conventions.md#spec-and-status' - type: object - properties: - annotations: - description: Annotations is additional Status fields for the Resource to save some additional State as well as convey more information to the user. This is roughly akin to Annotations on any k8s resource, just the reconciler conveying richer information outwards. - type: object - additionalProperties: - type: string - conditions: - description: Conditions the latest available observations of a resource's current state. - type: array - items: - description: 'Condition defines a readiness condition for a Knative resource. See: https://github.com/kubernetes/community/blob/master/contributors/devel/sig-architecture/api-conventions.md#typical-status-properties' - type: object - required: - - status - - type - properties: - lastTransitionTime: - description: LastTransitionTime is the last time the condition transitioned from one status to another. We use VolatileTime in place of metav1.Time to exclude this from creating equality.Semantic differences (all other things held constant). - type: string - message: - description: A human readable message indicating details about the transition. - type: string - reason: - description: The reason for the condition's last transition. - type: string - severity: - description: Severity with which to treat failures of this type of condition. When this is not specified, it defaults to Error. - type: string - status: - description: Status of the condition, one of True, False, Unknown. - type: string - type: - description: Type of condition. - type: string - observedGeneration: - description: ObservedGeneration is the 'Generation' of the Service that was last processed by the controller. - type: integer - format: int64 - privateServiceName: - description: PrivateServiceName holds the name of a core K8s Service resource that load balances over the user service pods backing this Revision. - type: string - serviceName: - description: ServiceName holds the name of a core K8s Service resource that load balances over the pods backing this Revision (activator or revision). - type: string - additionalPrinterColumns: - - name: Mode - type: string - jsonPath: ".spec.mode" - - name: Activators - type: integer - jsonPath: ".spec.numActivators" - - name: ServiceName - type: string - jsonPath: ".status.serviceName" - - name: PrivateServiceName - type: string - jsonPath: ".status.privateServiceName" - - name: Ready - type: string - jsonPath: ".status.conditions[?(@.type=='Ready')].status" - - name: Reason - type: string - jsonPath: ".status.conditions[?(@.type=='Ready')].reason" - names: - kind: ServerlessService - plural: serverlessservices - singular: serverlessservice - categories: - - knative-internal - - networking - shortNames: - - sks - scope: Namespaced - ---- -# Copyright 2019 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -# Note: The schema part of the spec is auto-generated by hack/update-schemas.sh. - -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - name: services.serving.knative.dev - labels: - app.kubernetes.io/name: knative-serving - app.kubernetes.io/version: "1.8.4" - knative.dev/crd-install: "true" - duck.knative.dev/addressable: "true" - duck.knative.dev/podspecable: "true" -spec: - group: serving.knative.dev - names: - kind: Service - plural: services - singular: service - categories: - - all - - knative - - serving - shortNames: - - kservice - - ksvc - scope: Namespaced - versions: - - name: v1 - served: true - storage: true - subresources: - status: {} - additionalPrinterColumns: - - name: URL - type: string - jsonPath: .status.url - - name: LatestCreated - type: string - jsonPath: .status.latestCreatedRevisionName - - name: LatestReady - type: string - jsonPath: .status.latestReadyRevisionName - - name: Ready - type: string - jsonPath: ".status.conditions[?(@.type=='Ready')].status" - - name: Reason - type: string - jsonPath: ".status.conditions[?(@.type=='Ready')].reason" - schema: - openAPIV3Schema: - description: "Service acts as a top-level container that manages a Route and Configuration which implement a network service. Service exists to provide a singular abstraction which can be access controlled, reasoned about, and which encapsulates software lifecycle decisions such as rollout policy and team resource ownership. Service acts only as an orchestrator of the underlying Routes and Configurations (much as a kubernetes Deployment orchestrates ReplicaSets), and its usage is optional but recommended. \n The Service's controller will track the statuses of its owned Configuration and Route, reflecting their statuses and conditions as its own. \n See also: https://github.com/knative/serving/blob/main/docs/spec/overview.md#service" - type: object - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - description: ServiceSpec represents the configuration for the Service object. A Service's specification is the union of the specifications for a Route and Configuration. The Service restricts what can be expressed in these fields, e.g. the Route must reference the provided Configuration; however, these limitations also enable friendlier defaulting, e.g. Route never needs a Configuration name, and may be defaulted to the appropriate "run latest" spec. - type: object - properties: - template: - description: Template holds the latest specification for the Revision to be stamped out. - type: object - properties: - metadata: - type: object - properties: - annotations: - type: object - additionalProperties: - type: string - finalizers: - type: array - items: - type: string - labels: - type: object - additionalProperties: - type: string - name: - type: string - namespace: - type: string - x-kubernetes-preserve-unknown-fields: true - spec: - description: RevisionSpec holds the desired state of the Revision (from the client). - type: object - required: - - containers - properties: - affinity: - description: This is accessible behind a feature flag - kubernetes.podspec-affinity - type: object - x-kubernetes-preserve-unknown-fields: true - automountServiceAccountToken: - description: AutomountServiceAccountToken indicates whether a service account token should be automatically mounted. - type: boolean - containerConcurrency: - description: ContainerConcurrency specifies the maximum allowed in-flight (concurrent) requests per container of the Revision. Defaults to `0` which means concurrency to the application is not limited, and the system decides the target concurrency for the autoscaler. - type: integer - format: int64 - containers: - description: List of containers belonging to the pod. Containers cannot currently be added or removed. There must be at least one container in a Pod. Cannot be updated. - type: array - items: - description: A single application container that you want to run within a pod. - type: object - properties: - args: - description: 'Arguments to the entrypoint. The container image''s CMD is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container''s environment. If a variable cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)" will produce the string literal "$(VAR_NAME)". Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell' - type: array - items: - type: string - command: - description: 'Entrypoint array. Not executed within a shell. The container image''s ENTRYPOINT is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container''s environment. If a variable cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)" will produce the string literal "$(VAR_NAME)". Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell' - type: array - items: - type: string - env: - description: List of environment variables to set in the container. Cannot be updated. - type: array - items: - description: EnvVar represents an environment variable present in a Container. - type: object - required: - - name - properties: - name: - description: Name of the environment variable. Must be a C_IDENTIFIER. - type: string - value: - description: 'Variable references $(VAR_NAME) are expanded using the previously defined environment variables in the container and any service environment variables. If a variable cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)" will produce the string literal "$(VAR_NAME)". Escaped references will never be expanded, regardless of whether the variable exists or not. Defaults to "".' - type: string - valueFrom: - description: Source for the environment variable's value. Cannot be used if value is not empty. - type: object - properties: - configMapKeyRef: - description: Selects a key of a ConfigMap. - type: object - required: - - key - properties: - key: - description: The key to select. - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?' - type: string - optional: - description: Specify whether the ConfigMap or its key must be defined - type: boolean - x-kubernetes-map-type: atomic - fieldRef: - description: This is accessible behind a feature flag - kubernetes.podspec-fieldref - type: object - x-kubernetes-preserve-unknown-fields: true - x-kubernetes-map-type: atomic - resourceFieldRef: - description: This is accessible behind a feature flag - kubernetes.podspec-fieldref - type: object - x-kubernetes-preserve-unknown-fields: true - x-kubernetes-map-type: atomic - secretKeyRef: - description: Selects a key of a secret in the pod's namespace - type: object - required: - - key - properties: - key: - description: The key of the secret to select from. Must be a valid secret key. - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?' - type: string - optional: - description: Specify whether the Secret or its key must be defined - type: boolean - x-kubernetes-map-type: atomic - envFrom: - description: List of sources to populate environment variables in the container. The keys defined within a source must be a C_IDENTIFIER. All invalid keys will be reported as an event when the container is starting. When a key exists in multiple sources, the value associated with the last source will take precedence. Values defined by an Env with a duplicate key will take precedence. Cannot be updated. - type: array - items: - description: EnvFromSource represents the source of a set of ConfigMaps - type: object - properties: - configMapRef: - description: The ConfigMap to select from - type: object - properties: - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?' - type: string - optional: - description: Specify whether the ConfigMap must be defined - type: boolean - x-kubernetes-map-type: atomic - prefix: - description: An optional identifier to prepend to each key in the ConfigMap. Must be a C_IDENTIFIER. - type: string - secretRef: - description: The Secret to select from - type: object - properties: - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?' - type: string - optional: - description: Specify whether the Secret must be defined - type: boolean - x-kubernetes-map-type: atomic - image: - description: 'Container image name. More info: https://kubernetes.io/docs/concepts/containers/images This field is optional to allow higher level config management to default or override container images in workload controllers like Deployments and StatefulSets.' - type: string - imagePullPolicy: - description: 'Image pull policy. One of Always, Never, IfNotPresent. Defaults to Always if :latest tag is specified, or IfNotPresent otherwise. Cannot be updated. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images' - type: string - livenessProbe: - description: 'Periodic probe of container liveness. Container will be restarted if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' - type: object - properties: - exec: - description: Exec specifies the action to take. - type: object - properties: - command: - description: Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. - type: array - items: - type: string - failureThreshold: - description: Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1. - type: integer - format: int32 - httpGet: - description: HTTPGet specifies the http request to perform. - type: object - properties: - host: - description: Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. - type: string - httpHeaders: - description: Custom headers to set in the request. HTTP allows repeated headers. - type: array - items: - description: HTTPHeader describes a custom header to be used in HTTP probes - type: object - required: - - name - - value - properties: - name: - description: The header field name - type: string - value: - description: The header field value - type: string - path: - description: Path to access on the HTTP server. - type: string - port: - description: Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - scheme: - description: Scheme to use for connecting to the host. Defaults to HTTP. - type: string - initialDelaySeconds: - description: 'Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' - type: integer - format: int32 - periodSeconds: - description: How often (in seconds) to perform the probe. - type: integer - format: int32 - successThreshold: - description: Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1. - type: integer - format: int32 - tcpSocket: - description: TCPSocket specifies an action involving a TCP port. - type: object - properties: - host: - description: 'Optional: Host name to connect to, defaults to the pod IP.' - type: string - port: - description: Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - timeoutSeconds: - description: 'Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' - type: integer - format: int32 - name: - description: Name of the container specified as a DNS_LABEL. Each container in a pod must have a unique name (DNS_LABEL). Cannot be updated. - type: string - ports: - description: List of ports to expose from the container. Not specifying a port here DOES NOT prevent that port from being exposed. Any port which is listening on the default "0.0.0.0" address inside a container will be accessible from the network. Modifying this array with strategic merge patch may corrupt the data. For more information See https://github.com/kubernetes/kubernetes/issues/108255. Cannot be updated. - type: array - items: - description: ContainerPort represents a network port in a single container. - type: object - required: - - containerPort - properties: - containerPort: - description: Number of port to expose on the pod's IP address. This must be a valid port number, 0 < x < 65536. - type: integer - format: int32 - name: - description: If specified, this must be an IANA_SVC_NAME and unique within the pod. Each named port in a pod must have a unique name. Name for the port that can be referred to by services. - type: string - protocol: - description: Protocol for port. Must be UDP, TCP, or SCTP. Defaults to "TCP". - type: string - default: TCP - x-kubernetes-list-map-keys: - - containerPort - - protocol - x-kubernetes-list-type: map - readinessProbe: - description: 'Periodic probe of container service readiness. Container will be removed from service endpoints if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' - type: object - properties: - exec: - description: Exec specifies the action to take. - type: object - properties: - command: - description: Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. - type: array - items: - type: string - failureThreshold: - description: Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1. - type: integer - format: int32 - httpGet: - description: HTTPGet specifies the http request to perform. - type: object - properties: - host: - description: Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. - type: string - httpHeaders: - description: Custom headers to set in the request. HTTP allows repeated headers. - type: array - items: - description: HTTPHeader describes a custom header to be used in HTTP probes - type: object - required: - - name - - value - properties: - name: - description: The header field name - type: string - value: - description: The header field value - type: string - path: - description: Path to access on the HTTP server. - type: string - port: - description: Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - scheme: - description: Scheme to use for connecting to the host. Defaults to HTTP. - type: string - initialDelaySeconds: - description: 'Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' - type: integer - format: int32 - periodSeconds: - description: How often (in seconds) to perform the probe. - type: integer - format: int32 - successThreshold: - description: Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1. - type: integer - format: int32 - tcpSocket: - description: TCPSocket specifies an action involving a TCP port. - type: object - properties: - host: - description: 'Optional: Host name to connect to, defaults to the pod IP.' - type: string - port: - description: Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - timeoutSeconds: - description: 'Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' - type: integer - format: int32 - resources: - description: 'Compute Resources required by this container. Cannot be updated. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' - type: object - properties: - limits: - description: 'Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' - type: object - additionalProperties: - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - requests: - description: 'Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' - type: object - additionalProperties: - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - securityContext: - description: 'SecurityContext defines the security options the container should be run with. If set, the fields of SecurityContext override the equivalent fields of PodSecurityContext. More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/' - type: object - properties: - allowPrivilegeEscalation: - description: 'AllowPrivilegeEscalation controls whether a process can gain more privileges than its parent process. This bool directly controls if the no_new_privs flag will be set on the container process. AllowPrivilegeEscalation is true always when the container is: 1) run as Privileged 2) has CAP_SYS_ADMIN Note that this field cannot be set when spec.os.name is windows.' - type: boolean - capabilities: - description: The capabilities to add/drop when running containers. Defaults to the default set of capabilities granted by the container runtime. Note that this field cannot be set when spec.os.name is windows. - type: object - properties: - add: - description: This is accessible behind a feature flag - kubernetes.containerspec-addcapabilities - type: array - items: - description: Capability represent POSIX capabilities type - type: string - drop: - description: Removed capabilities - type: array - items: - description: Capability represent POSIX capabilities type - type: string - readOnlyRootFilesystem: - description: Whether this container has a read-only root filesystem. Default is false. Note that this field cannot be set when spec.os.name is windows. - type: boolean - runAsGroup: - description: The GID to run the entrypoint of the container process. Uses runtime default if unset. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is windows. - type: integer - format: int64 - runAsNonRoot: - description: Indicates that the container must run as a non-root user. If true, the Kubelet will validate the image at runtime to ensure that it does not run as UID 0 (root) and fail to start the container if it does. If unset or false, no such validation will be performed. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. - type: boolean - runAsUser: - description: The UID to run the entrypoint of the container process. Defaults to user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is windows. - type: integer - format: int64 - terminationMessagePath: - description: 'Optional: Path at which the file to which the container''s termination message will be written is mounted into the container''s filesystem. Message written is intended to be brief final status, such as an assertion failure message. Will be truncated by the node if greater than 4096 bytes. The total message length across all containers will be limited to 12kb. Defaults to /dev/termination-log. Cannot be updated.' - type: string - terminationMessagePolicy: - description: Indicate how the termination message should be populated. File will use the contents of terminationMessagePath to populate the container status message on both success and failure. FallbackToLogsOnError will use the last chunk of container log output if the termination message file is empty and the container exited with an error. The log output is limited to 2048 bytes or 80 lines, whichever is smaller. Defaults to File. Cannot be updated. - type: string - volumeMounts: - description: Pod volumes to mount into the container's filesystem. Cannot be updated. - type: array - items: - description: VolumeMount describes a mounting of a Volume within a container. - type: object - required: - - mountPath - - name - properties: - mountPath: - description: Path within the container at which the volume should be mounted. Must not contain ':'. - type: string - name: - description: This must match the Name of a Volume. - type: string - readOnly: - description: Mounted read-only if true, read-write otherwise (false or unspecified). Defaults to false. - type: boolean - subPath: - description: Path within the volume from which the container's volume should be mounted. Defaults to "" (volume's root). - type: string - workingDir: - description: Container's working directory. If not specified, the container runtime's default will be used, which might be configured in the container image. Cannot be updated. - type: string - dnsConfig: - description: This is accessible behind a feature flag - kubernetes.podspec-dnsconfig - type: object - x-kubernetes-preserve-unknown-fields: true - dnsPolicy: - description: This is accessible behind a feature flag - kubernetes.podspec-dnspolicy - type: string - enableServiceLinks: - description: 'EnableServiceLinks indicates whether information about services should be injected into pod''s environment variables, matching the syntax of Docker links. Optional: Knative defaults this to false.' - type: boolean - hostAliases: - description: This is accessible behind a feature flag - kubernetes.podspec-hostaliases - type: array - items: - description: This is accessible behind a feature flag - kubernetes.podspec-hostaliases - type: object - x-kubernetes-preserve-unknown-fields: true - idleTimeoutSeconds: - description: IdleTimeoutSeconds is the maximum duration in seconds a request will be allowed to stay open while not receiving any bytes from the user's application. If unspecified, a system default will be provided. - type: integer - format: int64 - imagePullSecrets: - description: 'ImagePullSecrets is an optional list of references to secrets in the same namespace to use for pulling any of the images used by this PodSpec. If specified, these secrets will be passed to individual puller implementations for them to use. More info: https://kubernetes.io/docs/concepts/containers/images#specifying-imagepullsecrets-on-a-pod' - type: array - items: - description: LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. - type: object - properties: - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?' - type: string - x-kubernetes-map-type: atomic - initContainers: - description: 'List of initialization containers belonging to the pod. Init containers are executed in order prior to containers being started. If any init container fails, the pod is considered to have failed and is handled according to its restartPolicy. The name for an init container or normal container must be unique among all containers. Init containers may not have Lifecycle actions, Readiness probes, Liveness probes, or Startup probes. The resourceRequirements of an init container are taken into account during scheduling by finding the highest request/limit for each resource type, and then using the max of of that value or the sum of the normal containers. Limits are applied to init containers in a similar fashion. Init containers cannot currently be added or removed. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/init-containers/' - type: array - items: - description: This is accessible behind a feature flag - kubernetes.podspec-init-containers - type: object - x-kubernetes-preserve-unknown-fields: true - nodeSelector: - description: This is accessible behind a feature flag - kubernetes.podspec-nodeselector - type: object - x-kubernetes-preserve-unknown-fields: true - x-kubernetes-map-type: atomic - priorityClassName: - description: This is accessible behind a feature flag - kubernetes.podspec-priorityclassname - type: string - x-kubernetes-preserve-unknown-fields: true - responseStartTimeoutSeconds: - description: ResponseStartTimeoutSeconds is the maximum duration in seconds that the request routing layer will wait for a request delivered to a container to begin sending any network traffic. - type: integer - format: int64 - runtimeClassName: - description: This is accessible behind a feature flag - kubernetes.podspec-runtimeclassname - type: string - x-kubernetes-preserve-unknown-fields: true - schedulerName: - description: This is accessible behind a feature flag - kubernetes.podspec-schedulername - type: string - x-kubernetes-preserve-unknown-fields: true - securityContext: - description: This is accessible behind a feature flag - kubernetes.podspec-securitycontext - type: object - x-kubernetes-preserve-unknown-fields: true - serviceAccountName: - description: 'ServiceAccountName is the name of the ServiceAccount to use to run this pod. More info: https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/' - type: string - timeoutSeconds: - description: TimeoutSeconds is the maximum duration in seconds that the request instance is allowed to respond to a request. If unspecified, a system default will be provided. - type: integer - format: int64 - tolerations: - description: This is accessible behind a feature flag - kubernetes.podspec-tolerations - type: array - items: - description: This is accessible behind a feature flag - kubernetes.podspec-tolerations - type: object - x-kubernetes-preserve-unknown-fields: true - topologySpreadConstraints: - description: This is accessible behind a feature flag - kubernetes.podspec-topologyspreadconstraints - type: array - items: - description: This is accessible behind a feature flag - kubernetes.podspec-topologyspreadconstraints - type: object - x-kubernetes-preserve-unknown-fields: true - volumes: - description: 'List of volumes that can be mounted by containers belonging to the pod. More info: https://kubernetes.io/docs/concepts/storage/volumes' - type: array - items: - description: Volume represents a named volume in a pod that may be accessed by any container in the pod. - type: object - required: - - name - properties: - configMap: - description: configMap represents a configMap that should populate this volume - type: object - properties: - defaultMode: - description: 'defaultMode is optional: mode bits used to set permissions on created files by default. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. Defaults to 0644. Directories within the path are not affected by this setting. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.' - type: integer - format: int32 - items: - description: items if unspecified, each key-value pair in the Data field of the referenced ConfigMap will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the ConfigMap, the volume setup will error unless it is marked optional. Paths must be relative and may not contain the '..' path or start with '..'. - type: array - items: - description: Maps a string key to a path within a volume. - type: object - required: - - key - - path - properties: - key: - description: key is the key to project. - type: string - mode: - description: 'mode is Optional: mode bits used to set permissions on this file. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.' - type: integer - format: int32 - path: - description: path is the relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'. - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?' - type: string - optional: - description: optional specify whether the ConfigMap or its keys must be defined - type: boolean - x-kubernetes-map-type: atomic - emptyDir: - description: This is accessible behind a feature flag - kubernetes.podspec-emptydir - type: object - x-kubernetes-preserve-unknown-fields: true - name: - description: 'name of the volume. Must be a DNS_LABEL and unique within the pod. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - persistentVolumeClaim: - description: This is accessible behind a feature flag - kubernetes.podspec-persistent-volume-claim - type: object - x-kubernetes-preserve-unknown-fields: true - projected: - description: projected items for all in one resources secrets, configmaps, and downward API - type: object - properties: - defaultMode: - description: defaultMode are the mode bits used to set permissions on created files by default. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. Directories within the path are not affected by this setting. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. - type: integer - format: int32 - sources: - description: sources is the list of volume projections - type: array - items: - description: Projection that may be projected along with other supported volume types - type: object - properties: - configMap: - description: configMap information about the configMap data to project - type: object - properties: - items: - description: items if unspecified, each key-value pair in the Data field of the referenced ConfigMap will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the ConfigMap, the volume setup will error unless it is marked optional. Paths must be relative and may not contain the '..' path or start with '..'. - type: array - items: - description: Maps a string key to a path within a volume. - type: object - required: - - key - - path - properties: - key: - description: key is the key to project. - type: string - mode: - description: 'mode is Optional: mode bits used to set permissions on this file. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.' - type: integer - format: int32 - path: - description: path is the relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'. - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?' - type: string - optional: - description: optional specify whether the ConfigMap or its keys must be defined - type: boolean - x-kubernetes-map-type: atomic - secret: - description: secret information about the secret data to project - type: object - properties: - items: - description: items if unspecified, each key-value pair in the Data field of the referenced Secret will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the Secret, the volume setup will error unless it is marked optional. Paths must be relative and may not contain the '..' path or start with '..'. - type: array - items: - description: Maps a string key to a path within a volume. - type: object - required: - - key - - path - properties: - key: - description: key is the key to project. - type: string - mode: - description: 'mode is Optional: mode bits used to set permissions on this file. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.' - type: integer - format: int32 - path: - description: path is the relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'. - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?' - type: string - optional: - description: optional field specify whether the Secret or its key must be defined - type: boolean - x-kubernetes-map-type: atomic - serviceAccountToken: - description: serviceAccountToken is information about the serviceAccountToken data to project - type: object - required: - - path - properties: - audience: - description: audience is the intended audience of the token. A recipient of a token must identify itself with an identifier specified in the audience of the token, and otherwise should reject the token. The audience defaults to the identifier of the apiserver. - type: string - expirationSeconds: - description: expirationSeconds is the requested duration of validity of the service account token. As the token approaches expiration, the kubelet volume plugin will proactively rotate the service account token. The kubelet will start trying to rotate the token if the token is older than 80 percent of its time to live or if the token is older than 24 hours.Defaults to 1 hour and must be at least 10 minutes. - type: integer - format: int64 - path: - description: path is the path relative to the mount point of the file to project the token into. - type: string - secret: - description: 'secret represents a secret that should populate this volume. More info: https://kubernetes.io/docs/concepts/storage/volumes#secret' - type: object - properties: - defaultMode: - description: 'defaultMode is Optional: mode bits used to set permissions on created files by default. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. Defaults to 0644. Directories within the path are not affected by this setting. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.' - type: integer - format: int32 - items: - description: items If unspecified, each key-value pair in the Data field of the referenced Secret will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the Secret, the volume setup will error unless it is marked optional. Paths must be relative and may not contain the '..' path or start with '..'. - type: array - items: - description: Maps a string key to a path within a volume. - type: object - required: - - key - - path - properties: - key: - description: key is the key to project. - type: string - mode: - description: 'mode is Optional: mode bits used to set permissions on this file. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.' - type: integer - format: int32 - path: - description: path is the relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'. - type: string - optional: - description: optional field specify whether the Secret or its keys must be defined - type: boolean - secretName: - description: 'secretName is the name of the secret in the pod''s namespace to use. More info: https://kubernetes.io/docs/concepts/storage/volumes#secret' - type: string - traffic: - description: Traffic specifies how to distribute traffic over a collection of revisions and configurations. - type: array - items: - description: TrafficTarget holds a single entry of the routing table for a Route. - type: object - properties: - configurationName: - description: ConfigurationName of a configuration to whose latest revision we will send this portion of traffic. When the "status.latestReadyRevisionName" of the referenced configuration changes, we will automatically migrate traffic from the prior "latest ready" revision to the new one. This field is never set in Route's status, only its spec. This is mutually exclusive with RevisionName. - type: string - latestRevision: - description: LatestRevision may be optionally provided to indicate that the latest ready Revision of the Configuration should be used for this traffic target. When provided LatestRevision must be true if RevisionName is empty; it must be false when RevisionName is non-empty. - type: boolean - percent: - description: 'Percent indicates that percentage based routing should be used and the value indicates the percent of traffic that is be routed to this Revision or Configuration. `0` (zero) mean no traffic, `100` means all traffic. When percentage based routing is being used the follow rules apply: - the sum of all percent values must equal 100 - when not specified, the implied value for `percent` is zero for that particular Revision or Configuration' - type: integer - format: int64 - revisionName: - description: RevisionName of a specific revision to which to send this portion of traffic. This is mutually exclusive with ConfigurationName. - type: string - tag: - description: Tag is optionally used to expose a dedicated url for referencing this target exclusively. - type: string - url: - description: URL displays the URL for accessing named traffic targets. URL is displayed in status, and is disallowed on spec. URL must contain a scheme (e.g. http://) and a hostname, but may not contain anything else (e.g. basic auth, url path, etc.) - type: string - status: - description: ServiceStatus represents the Status stanza of the Service resource. - type: object - properties: - address: - description: Address holds the information needed for a Route to be the target of an event. - type: object - properties: - url: - type: string - annotations: - description: Annotations is additional Status fields for the Resource to save some additional State as well as convey more information to the user. This is roughly akin to Annotations on any k8s resource, just the reconciler conveying richer information outwards. - type: object - additionalProperties: - type: string - conditions: - description: Conditions the latest available observations of a resource's current state. - type: array - items: - description: 'Condition defines a readiness condition for a Knative resource. See: https://github.com/kubernetes/community/blob/master/contributors/devel/sig-architecture/api-conventions.md#typical-status-properties' - type: object - required: - - status - - type - properties: - lastTransitionTime: - description: LastTransitionTime is the last time the condition transitioned from one status to another. We use VolatileTime in place of metav1.Time to exclude this from creating equality.Semantic differences (all other things held constant). - type: string - message: - description: A human readable message indicating details about the transition. - type: string - reason: - description: The reason for the condition's last transition. - type: string - severity: - description: Severity with which to treat failures of this type of condition. When this is not specified, it defaults to Error. - type: string - status: - description: Status of the condition, one of True, False, Unknown. - type: string - type: - description: Type of condition. - type: string - latestCreatedRevisionName: - description: LatestCreatedRevisionName is the last revision that was created from this Configuration. It might not be ready yet, for that use LatestReadyRevisionName. - type: string - latestReadyRevisionName: - description: LatestReadyRevisionName holds the name of the latest Revision stamped out from this Configuration that has had its "Ready" condition become "True". - type: string - observedGeneration: - description: ObservedGeneration is the 'Generation' of the Service that was last processed by the controller. - type: integer - format: int64 - traffic: - description: Traffic holds the configured traffic distribution. These entries will always contain RevisionName references. When ConfigurationName appears in the spec, this will hold the LatestReadyRevisionName that we last observed. - type: array - items: - description: TrafficTarget holds a single entry of the routing table for a Route. - type: object - properties: - configurationName: - description: ConfigurationName of a configuration to whose latest revision we will send this portion of traffic. When the "status.latestReadyRevisionName" of the referenced configuration changes, we will automatically migrate traffic from the prior "latest ready" revision to the new one. This field is never set in Route's status, only its spec. This is mutually exclusive with RevisionName. - type: string - latestRevision: - description: LatestRevision may be optionally provided to indicate that the latest ready Revision of the Configuration should be used for this traffic target. When provided LatestRevision must be true if RevisionName is empty; it must be false when RevisionName is non-empty. - type: boolean - percent: - description: 'Percent indicates that percentage based routing should be used and the value indicates the percent of traffic that is be routed to this Revision or Configuration. `0` (zero) mean no traffic, `100` means all traffic. When percentage based routing is being used the follow rules apply: - the sum of all percent values must equal 100 - when not specified, the implied value for `percent` is zero for that particular Revision or Configuration' - type: integer - format: int64 - revisionName: - description: RevisionName of a specific revision to which to send this portion of traffic. This is mutually exclusive with ConfigurationName. - type: string - tag: - description: Tag is optionally used to expose a dedicated url for referencing this target exclusively. - type: string - url: - description: URL displays the URL for accessing named traffic targets. URL is displayed in status, and is disallowed on spec. URL must contain a scheme (e.g. http://) and a hostname, but may not contain anything else (e.g. basic auth, url path, etc.) - type: string - url: - description: URL holds the url that will distribute traffic over the provided traffic targets. It generally has the form http[s]://{route-name}.{route-namespace}.{cluster-level-suffix} - type: string - ---- -# Copyright 2018 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - name: images.caching.internal.knative.dev - labels: - app.kubernetes.io/name: knative-serving - app.kubernetes.io/version: "1.8.4" - knative.dev/crd-install: "true" -spec: - group: caching.internal.knative.dev - names: - kind: Image - plural: images - singular: image - categories: - - knative-internal - - caching - scope: Namespaced - versions: - - name: v1alpha1 - served: true - storage: true - subresources: - status: {} - schema: - openAPIV3Schema: - description: Image is a Knative abstraction that encapsulates the interface by which Knative components express a desire to have a particular image cached. - type: object - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - description: Spec holds the desired state of the Image (from the client). - type: object - required: - - image - properties: - image: - description: Image is the name of the container image url to cache across the cluster. - type: string - imagePullSecrets: - description: ImagePullSecrets contains the names of the Kubernetes Secrets containing login information used by the Pods which will run this container. - type: array - items: - description: LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. - type: object - properties: - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?' - type: string - x-kubernetes-map-type: atomic - serviceAccountName: - description: 'ServiceAccountName is the name of the Kubernetes ServiceAccount as which the Pods will run this container. This is potentially used to authenticate the image pull if the service account has attached pull secrets. For more information: https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/#add-imagepullsecrets-to-a-service-account' - type: string - status: - description: Status communicates the observed state of the Image (from the controller). - type: object - properties: - annotations: - description: Annotations is additional Status fields for the Resource to save some additional State as well as convey more information to the user. This is roughly akin to Annotations on any k8s resource, just the reconciler conveying richer information outwards. - type: object - additionalProperties: - type: string - conditions: - description: Conditions the latest available observations of a resource's current state. - type: array - items: - description: 'Condition defines a readiness condition for a Knative resource. See: https://github.com/kubernetes/community/blob/master/contributors/devel/sig-architecture/api-conventions.md#typical-status-properties' - type: object - required: - - status - - type - properties: - lastTransitionTime: - description: LastTransitionTime is the last time the condition transitioned from one status to another. We use VolatileTime in place of metav1.Time to exclude this from creating equality.Semantic differences (all other things held constant). - type: string - message: - description: A human readable message indicating details about the transition. - type: string - reason: - description: The reason for the condition's last transition. - type: string - severity: - description: Severity with which to treat failures of this type of condition. When this is not specified, it defaults to Error. - type: string - status: - description: Status of the condition, one of True, False, Unknown. - type: string - type: - description: Type of condition. - type: string - observedGeneration: - description: ObservedGeneration is the 'Generation' of the Service that was last processed by the controller. - type: integer - format: int64 - additionalPrinterColumns: - - name: Image - type: string - jsonPath: .spec.image - ---- diff --git a/cmd/operator/kodata/knative-serving/1.8.4/2-serving-core.yaml b/cmd/operator/kodata/knative-serving/1.8.4/2-serving-core.yaml deleted file mode 100644 index af2b7ad380..0000000000 --- a/cmd/operator/kodata/knative-serving/1.8.4/2-serving-core.yaml +++ /dev/null @@ -1,6920 +0,0 @@ -# Copyright 2018 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: v1 -kind: Namespace -metadata: - name: knative-serving - labels: - app.kubernetes.io/name: knative-serving - app.kubernetes.io/version: "1.8.4" - ---- -# Copyright 2019 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -# Use this aggregated ClusterRole when you need readonly access to "Addressables" -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRole -metadata: - # Named like this to avoid clashing with eventing's existing `addressable-resolver` role - # (which should be identical, but isn't guaranteed to be installed alongside serving). - name: knative-serving-aggregated-addressable-resolver - labels: - app.kubernetes.io/version: "1.8.4" - app.kubernetes.io/name: knative-serving -aggregationRule: - clusterRoleSelectors: - - matchLabels: - duck.knative.dev/addressable: "true" ---- -kind: ClusterRole -apiVersion: rbac.authorization.k8s.io/v1 -metadata: - name: knative-serving-addressable-resolver - labels: - app.kubernetes.io/version: "1.8.4" - app.kubernetes.io/name: knative-serving - # Labeled to facilitate aggregated cluster roles that act on Addressables. - duck.knative.dev/addressable: "true" -# Do not use this role directly. These rules will be added to the "addressable-resolver" role. -rules: - - apiGroups: - - serving.knative.dev - resources: - - routes - - routes/status - - services - - services/status - verbs: - - get - - list - - watch - ---- -# Copyright 2019 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -kind: ClusterRole -apiVersion: rbac.authorization.k8s.io/v1 -metadata: - name: knative-serving-namespaced-admin - labels: - rbac.authorization.k8s.io/aggregate-to-admin: "true" - app.kubernetes.io/version: "1.8.4" - app.kubernetes.io/name: knative-serving -rules: - - apiGroups: ["serving.knative.dev"] - resources: ["*"] - verbs: ["*"] - - apiGroups: ["networking.internal.knative.dev", "autoscaling.internal.knative.dev", "caching.internal.knative.dev"] - resources: ["*"] - verbs: ["get", "list", "watch"] ---- -kind: ClusterRole -apiVersion: rbac.authorization.k8s.io/v1 -metadata: - name: knative-serving-namespaced-edit - labels: - rbac.authorization.k8s.io/aggregate-to-edit: "true" - app.kubernetes.io/version: "1.8.4" - app.kubernetes.io/name: knative-serving -rules: - - apiGroups: ["serving.knative.dev"] - resources: ["*"] - verbs: ["create", "update", "patch", "delete"] - - apiGroups: ["networking.internal.knative.dev", "autoscaling.internal.knative.dev", "caching.internal.knative.dev"] - resources: ["*"] - verbs: ["get", "list", "watch"] ---- -kind: ClusterRole -apiVersion: rbac.authorization.k8s.io/v1 -metadata: - name: knative-serving-namespaced-view - labels: - rbac.authorization.k8s.io/aggregate-to-view: "true" - app.kubernetes.io/version: "1.8.4" - app.kubernetes.io/name: knative-serving -rules: - - apiGroups: ["serving.knative.dev", "networking.internal.knative.dev", "autoscaling.internal.knative.dev", "caching.internal.knative.dev"] - resources: ["*"] - verbs: ["get", "list", "watch"] - ---- -# Copyright 2019 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -kind: ClusterRole -apiVersion: rbac.authorization.k8s.io/v1 -metadata: - name: knative-serving-core - labels: - serving.knative.dev/controller: "true" - app.kubernetes.io/version: "1.8.4" - app.kubernetes.io/name: knative-serving -rules: - - apiGroups: [""] - resources: ["pods", "namespaces", "secrets", "configmaps", "endpoints", "services", "events", "serviceaccounts"] - verbs: ["get", "list", "create", "update", "delete", "patch", "watch"] - - apiGroups: [""] - resources: ["endpoints/restricted"] # Permission for RestrictedEndpointsAdmission - verbs: ["create"] - - apiGroups: [""] - resources: ["namespaces/finalizers"] # finalizers are needed for the owner reference of the webhook - verbs: ["update"] - - apiGroups: ["apps"] - resources: ["deployments", "deployments/finalizers"] # finalizers are needed for the owner reference of the webhook - verbs: ["get", "list", "create", "update", "delete", "patch", "watch"] - - apiGroups: ["admissionregistration.k8s.io"] - resources: ["mutatingwebhookconfigurations", "validatingwebhookconfigurations"] - verbs: ["get", "list", "create", "update", "delete", "patch", "watch"] - - apiGroups: ["apiextensions.k8s.io"] - resources: ["customresourcedefinitions", "customresourcedefinitions/status"] - verbs: ["get", "list", "create", "update", "delete", "patch", "watch"] - - apiGroups: ["autoscaling"] - resources: ["horizontalpodautoscalers"] - verbs: ["get", "list", "create", "update", "delete", "patch", "watch"] - - apiGroups: ["coordination.k8s.io"] - resources: ["leases"] - verbs: ["get", "list", "create", "update", "delete", "patch", "watch"] - - apiGroups: ["serving.knative.dev", "autoscaling.internal.knative.dev", "networking.internal.knative.dev"] - resources: ["*", "*/status", "*/finalizers"] - verbs: ["get", "list", "create", "update", "delete", "deletecollection", "patch", "watch"] - - apiGroups: ["caching.internal.knative.dev"] - resources: ["images"] - verbs: ["get", "list", "create", "update", "delete", "patch", "watch"] - ---- -# Copyright 2019 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -kind: ClusterRole -apiVersion: rbac.authorization.k8s.io/v1 -metadata: - name: knative-serving-podspecable-binding - labels: - app.kubernetes.io/version: "1.8.4" - app.kubernetes.io/name: knative-serving - # Labeled to facilitate aggregated cluster roles that act on PodSpecables. - duck.knative.dev/podspecable: "true" -# Do not use this role directly. These rules will be added to the "podspecable-binder" role. -rules: - - apiGroups: - - serving.knative.dev - resources: - - configurations - - services - verbs: - - list - - watch - - patch - ---- -# Copyright 2018 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: v1 -kind: ServiceAccount -metadata: - name: controller - namespace: knative-serving - labels: - app.kubernetes.io/component: controller - app.kubernetes.io/name: knative-serving - app.kubernetes.io/version: "1.8.4" ---- -kind: ClusterRole -apiVersion: rbac.authorization.k8s.io/v1 -metadata: - name: knative-serving-admin - labels: - app.kubernetes.io/name: knative-serving - app.kubernetes.io/version: "1.8.4" -aggregationRule: - clusterRoleSelectors: - - matchLabels: - serving.knative.dev/controller: "true" ---- -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRoleBinding -metadata: - name: knative-serving-controller-admin - labels: - app.kubernetes.io/component: controller - app.kubernetes.io/name: knative-serving - app.kubernetes.io/version: "1.8.4" -subjects: - - kind: ServiceAccount - name: controller - namespace: knative-serving -roleRef: - kind: ClusterRole - name: knative-serving-admin - apiGroup: rbac.authorization.k8s.io ---- -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRoleBinding -metadata: - name: knative-serving-controller-addressable-resolver - labels: - app.kubernetes.io/component: controller - app.kubernetes.io/name: knative-serving - app.kubernetes.io/version: "1.8.4" -subjects: - - kind: ServiceAccount - name: controller - namespace: knative-serving -roleRef: - kind: ClusterRole - name: knative-serving-aggregated-addressable-resolver - apiGroup: rbac.authorization.k8s.io - ---- -# Copyright 2018 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - name: images.caching.internal.knative.dev - labels: - app.kubernetes.io/name: knative-serving - app.kubernetes.io/version: "1.8.4" - knative.dev/crd-install: "true" -spec: - group: caching.internal.knative.dev - names: - kind: Image - plural: images - singular: image - categories: - - knative-internal - - caching - scope: Namespaced - versions: - - name: v1alpha1 - served: true - storage: true - subresources: - status: {} - schema: - openAPIV3Schema: - description: Image is a Knative abstraction that encapsulates the interface by which Knative components express a desire to have a particular image cached. - type: object - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - description: Spec holds the desired state of the Image (from the client). - type: object - required: - - image - properties: - image: - description: Image is the name of the container image url to cache across the cluster. - type: string - imagePullSecrets: - description: ImagePullSecrets contains the names of the Kubernetes Secrets containing login information used by the Pods which will run this container. - type: array - items: - description: LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. - type: object - properties: - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?' - type: string - x-kubernetes-map-type: atomic - serviceAccountName: - description: 'ServiceAccountName is the name of the Kubernetes ServiceAccount as which the Pods will run this container. This is potentially used to authenticate the image pull if the service account has attached pull secrets. For more information: https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/#add-imagepullsecrets-to-a-service-account' - type: string - status: - description: Status communicates the observed state of the Image (from the controller). - type: object - properties: - annotations: - description: Annotations is additional Status fields for the Resource to save some additional State as well as convey more information to the user. This is roughly akin to Annotations on any k8s resource, just the reconciler conveying richer information outwards. - type: object - additionalProperties: - type: string - conditions: - description: Conditions the latest available observations of a resource's current state. - type: array - items: - description: 'Condition defines a readiness condition for a Knative resource. See: https://github.com/kubernetes/community/blob/master/contributors/devel/sig-architecture/api-conventions.md#typical-status-properties' - type: object - required: - - status - - type - properties: - lastTransitionTime: - description: LastTransitionTime is the last time the condition transitioned from one status to another. We use VolatileTime in place of metav1.Time to exclude this from creating equality.Semantic differences (all other things held constant). - type: string - message: - description: A human readable message indicating details about the transition. - type: string - reason: - description: The reason for the condition's last transition. - type: string - severity: - description: Severity with which to treat failures of this type of condition. When this is not specified, it defaults to Error. - type: string - status: - description: Status of the condition, one of True, False, Unknown. - type: string - type: - description: Type of condition. - type: string - observedGeneration: - description: ObservedGeneration is the 'Generation' of the Service that was last processed by the controller. - type: integer - format: int64 - additionalPrinterColumns: - - name: Image - type: string - jsonPath: .spec.image - ---- -# Copyright 2020 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - name: certificates.networking.internal.knative.dev - labels: - app.kubernetes.io/name: knative-serving - app.kubernetes.io/component: networking - app.kubernetes.io/version: "1.8.4" - knative.dev/crd-install: "true" -spec: - group: networking.internal.knative.dev - versions: - - name: v1alpha1 - served: true - storage: true - subresources: - status: {} - schema: - openAPIV3Schema: - description: Certificate is responsible for provisioning a SSL certificate for the given hosts. It is a Knative abstraction for various SSL certificate provisioning solutions (such as cert-manager or self-signed SSL certificate). - type: object - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - description: 'Spec is the desired state of the Certificate. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status' - type: object - required: - - dnsNames - - secretName - properties: - dnsNames: - description: DNSNames is a list of DNS names the Certificate could support. The wildcard format of DNSNames (e.g. *.default.example.com) is supported. - type: array - items: - type: string - secretName: - description: SecretName is the name of the secret resource to store the SSL certificate in. - type: string - status: - description: 'Status is the current state of the Certificate. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status' - type: object - properties: - annotations: - description: Annotations is additional Status fields for the Resource to save some additional State as well as convey more information to the user. This is roughly akin to Annotations on any k8s resource, just the reconciler conveying richer information outwards. - type: object - additionalProperties: - type: string - conditions: - description: Conditions the latest available observations of a resource's current state. - type: array - items: - description: 'Condition defines a readiness condition for a Knative resource. See: https://github.com/kubernetes/community/blob/master/contributors/devel/sig-architecture/api-conventions.md#typical-status-properties' - type: object - required: - - status - - type - properties: - lastTransitionTime: - description: LastTransitionTime is the last time the condition transitioned from one status to another. We use VolatileTime in place of metav1.Time to exclude this from creating equality.Semantic differences (all other things held constant). - type: string - message: - description: A human readable message indicating details about the transition. - type: string - reason: - description: The reason for the condition's last transition. - type: string - severity: - description: Severity with which to treat failures of this type of condition. When this is not specified, it defaults to Error. - type: string - status: - description: Status of the condition, one of True, False, Unknown. - type: string - type: - description: Type of condition. - type: string - http01Challenges: - description: HTTP01Challenges is a list of HTTP01 challenges that need to be fulfilled in order to get the TLS certificate.. - type: array - items: - description: HTTP01Challenge defines the status of a HTTP01 challenge that a certificate needs to fulfill. - type: object - properties: - serviceName: - description: ServiceName is the name of the service to serve HTTP01 challenge requests. - type: string - serviceNamespace: - description: ServiceNamespace is the namespace of the service to serve HTTP01 challenge requests. - type: string - servicePort: - description: ServicePort is the port of the service to serve HTTP01 challenge requests. - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - url: - description: URL is the URL that the HTTP01 challenge is expected to serve on. - type: string - notAfter: - description: The expiration time of the TLS certificate stored in the secret named by this resource in spec.secretName. - type: string - format: date-time - observedGeneration: - description: ObservedGeneration is the 'Generation' of the Service that was last processed by the controller. - type: integer - format: int64 - additionalPrinterColumns: - - name: Ready - type: string - jsonPath: ".status.conditions[?(@.type==\"Ready\")].status" - - name: Reason - type: string - jsonPath: ".status.conditions[?(@.type==\"Ready\")].reason" - names: - kind: Certificate - plural: certificates - singular: certificate - categories: - - knative-internal - - networking - shortNames: - - kcert - scope: Namespaced - ---- -# Copyright 2019 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -# Note: The schema part of the spec is auto-generated by hack/update-schemas.sh. - -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - name: configurations.serving.knative.dev - labels: - app.kubernetes.io/name: knative-serving - app.kubernetes.io/version: "1.8.4" - knative.dev/crd-install: "true" - duck.knative.dev/podspecable: "true" -spec: - group: serving.knative.dev - names: - kind: Configuration - plural: configurations - singular: configuration - categories: - - all - - knative - - serving - shortNames: - - config - - cfg - scope: Namespaced - versions: - - name: v1 - served: true - storage: true - subresources: - status: {} - additionalPrinterColumns: - - name: LatestCreated - type: string - jsonPath: .status.latestCreatedRevisionName - - name: LatestReady - type: string - jsonPath: .status.latestReadyRevisionName - - name: Ready - type: string - jsonPath: ".status.conditions[?(@.type=='Ready')].status" - - name: Reason - type: string - jsonPath: ".status.conditions[?(@.type=='Ready')].reason" - schema: - openAPIV3Schema: - description: 'Configuration represents the "floating HEAD" of a linear history of Revisions. Users create new Revisions by updating the Configuration''s spec. The "latest created" revision''s name is available under status, as is the "latest ready" revision''s name. See also: https://github.com/knative/serving/blob/main/docs/spec/overview.md#configuration' - type: object - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - description: ConfigurationSpec holds the desired state of the Configuration (from the client). - type: object - properties: - template: - description: Template holds the latest specification for the Revision to be stamped out. - type: object - properties: - metadata: - type: object - properties: - annotations: - type: object - additionalProperties: - type: string - finalizers: - type: array - items: - type: string - labels: - type: object - additionalProperties: - type: string - name: - type: string - namespace: - type: string - x-kubernetes-preserve-unknown-fields: true - spec: - description: RevisionSpec holds the desired state of the Revision (from the client). - type: object - required: - - containers - properties: - affinity: - description: This is accessible behind a feature flag - kubernetes.podspec-affinity - type: object - x-kubernetes-preserve-unknown-fields: true - automountServiceAccountToken: - description: AutomountServiceAccountToken indicates whether a service account token should be automatically mounted. - type: boolean - containerConcurrency: - description: ContainerConcurrency specifies the maximum allowed in-flight (concurrent) requests per container of the Revision. Defaults to `0` which means concurrency to the application is not limited, and the system decides the target concurrency for the autoscaler. - type: integer - format: int64 - containers: - description: List of containers belonging to the pod. Containers cannot currently be added or removed. There must be at least one container in a Pod. Cannot be updated. - type: array - items: - description: A single application container that you want to run within a pod. - type: object - properties: - args: - description: 'Arguments to the entrypoint. The container image''s CMD is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container''s environment. If a variable cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)" will produce the string literal "$(VAR_NAME)". Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell' - type: array - items: - type: string - command: - description: 'Entrypoint array. Not executed within a shell. The container image''s ENTRYPOINT is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container''s environment. If a variable cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)" will produce the string literal "$(VAR_NAME)". Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell' - type: array - items: - type: string - env: - description: List of environment variables to set in the container. Cannot be updated. - type: array - items: - description: EnvVar represents an environment variable present in a Container. - type: object - required: - - name - properties: - name: - description: Name of the environment variable. Must be a C_IDENTIFIER. - type: string - value: - description: 'Variable references $(VAR_NAME) are expanded using the previously defined environment variables in the container and any service environment variables. If a variable cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)" will produce the string literal "$(VAR_NAME)". Escaped references will never be expanded, regardless of whether the variable exists or not. Defaults to "".' - type: string - valueFrom: - description: Source for the environment variable's value. Cannot be used if value is not empty. - type: object - properties: - configMapKeyRef: - description: Selects a key of a ConfigMap. - type: object - required: - - key - properties: - key: - description: The key to select. - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?' - type: string - optional: - description: Specify whether the ConfigMap or its key must be defined - type: boolean - x-kubernetes-map-type: atomic - fieldRef: - description: This is accessible behind a feature flag - kubernetes.podspec-fieldref - type: object - x-kubernetes-preserve-unknown-fields: true - x-kubernetes-map-type: atomic - resourceFieldRef: - description: This is accessible behind a feature flag - kubernetes.podspec-fieldref - type: object - x-kubernetes-preserve-unknown-fields: true - x-kubernetes-map-type: atomic - secretKeyRef: - description: Selects a key of a secret in the pod's namespace - type: object - required: - - key - properties: - key: - description: The key of the secret to select from. Must be a valid secret key. - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?' - type: string - optional: - description: Specify whether the Secret or its key must be defined - type: boolean - x-kubernetes-map-type: atomic - envFrom: - description: List of sources to populate environment variables in the container. The keys defined within a source must be a C_IDENTIFIER. All invalid keys will be reported as an event when the container is starting. When a key exists in multiple sources, the value associated with the last source will take precedence. Values defined by an Env with a duplicate key will take precedence. Cannot be updated. - type: array - items: - description: EnvFromSource represents the source of a set of ConfigMaps - type: object - properties: - configMapRef: - description: The ConfigMap to select from - type: object - properties: - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?' - type: string - optional: - description: Specify whether the ConfigMap must be defined - type: boolean - x-kubernetes-map-type: atomic - prefix: - description: An optional identifier to prepend to each key in the ConfigMap. Must be a C_IDENTIFIER. - type: string - secretRef: - description: The Secret to select from - type: object - properties: - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?' - type: string - optional: - description: Specify whether the Secret must be defined - type: boolean - x-kubernetes-map-type: atomic - image: - description: 'Container image name. More info: https://kubernetes.io/docs/concepts/containers/images This field is optional to allow higher level config management to default or override container images in workload controllers like Deployments and StatefulSets.' - type: string - imagePullPolicy: - description: 'Image pull policy. One of Always, Never, IfNotPresent. Defaults to Always if :latest tag is specified, or IfNotPresent otherwise. Cannot be updated. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images' - type: string - livenessProbe: - description: 'Periodic probe of container liveness. Container will be restarted if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' - type: object - properties: - exec: - description: Exec specifies the action to take. - type: object - properties: - command: - description: Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. - type: array - items: - type: string - failureThreshold: - description: Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1. - type: integer - format: int32 - httpGet: - description: HTTPGet specifies the http request to perform. - type: object - properties: - host: - description: Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. - type: string - httpHeaders: - description: Custom headers to set in the request. HTTP allows repeated headers. - type: array - items: - description: HTTPHeader describes a custom header to be used in HTTP probes - type: object - required: - - name - - value - properties: - name: - description: The header field name - type: string - value: - description: The header field value - type: string - path: - description: Path to access on the HTTP server. - type: string - port: - description: Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - scheme: - description: Scheme to use for connecting to the host. Defaults to HTTP. - type: string - initialDelaySeconds: - description: 'Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' - type: integer - format: int32 - periodSeconds: - description: How often (in seconds) to perform the probe. - type: integer - format: int32 - successThreshold: - description: Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1. - type: integer - format: int32 - tcpSocket: - description: TCPSocket specifies an action involving a TCP port. - type: object - properties: - host: - description: 'Optional: Host name to connect to, defaults to the pod IP.' - type: string - port: - description: Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - timeoutSeconds: - description: 'Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' - type: integer - format: int32 - name: - description: Name of the container specified as a DNS_LABEL. Each container in a pod must have a unique name (DNS_LABEL). Cannot be updated. - type: string - ports: - description: List of ports to expose from the container. Not specifying a port here DOES NOT prevent that port from being exposed. Any port which is listening on the default "0.0.0.0" address inside a container will be accessible from the network. Modifying this array with strategic merge patch may corrupt the data. For more information See https://github.com/kubernetes/kubernetes/issues/108255. Cannot be updated. - type: array - items: - description: ContainerPort represents a network port in a single container. - type: object - required: - - containerPort - properties: - containerPort: - description: Number of port to expose on the pod's IP address. This must be a valid port number, 0 < x < 65536. - type: integer - format: int32 - name: - description: If specified, this must be an IANA_SVC_NAME and unique within the pod. Each named port in a pod must have a unique name. Name for the port that can be referred to by services. - type: string - protocol: - description: Protocol for port. Must be UDP, TCP, or SCTP. Defaults to "TCP". - type: string - default: TCP - x-kubernetes-list-map-keys: - - containerPort - - protocol - x-kubernetes-list-type: map - readinessProbe: - description: 'Periodic probe of container service readiness. Container will be removed from service endpoints if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' - type: object - properties: - exec: - description: Exec specifies the action to take. - type: object - properties: - command: - description: Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. - type: array - items: - type: string - failureThreshold: - description: Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1. - type: integer - format: int32 - httpGet: - description: HTTPGet specifies the http request to perform. - type: object - properties: - host: - description: Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. - type: string - httpHeaders: - description: Custom headers to set in the request. HTTP allows repeated headers. - type: array - items: - description: HTTPHeader describes a custom header to be used in HTTP probes - type: object - required: - - name - - value - properties: - name: - description: The header field name - type: string - value: - description: The header field value - type: string - path: - description: Path to access on the HTTP server. - type: string - port: - description: Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - scheme: - description: Scheme to use for connecting to the host. Defaults to HTTP. - type: string - initialDelaySeconds: - description: 'Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' - type: integer - format: int32 - periodSeconds: - description: How often (in seconds) to perform the probe. - type: integer - format: int32 - successThreshold: - description: Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1. - type: integer - format: int32 - tcpSocket: - description: TCPSocket specifies an action involving a TCP port. - type: object - properties: - host: - description: 'Optional: Host name to connect to, defaults to the pod IP.' - type: string - port: - description: Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - timeoutSeconds: - description: 'Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' - type: integer - format: int32 - resources: - description: 'Compute Resources required by this container. Cannot be updated. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' - type: object - properties: - limits: - description: 'Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' - type: object - additionalProperties: - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - requests: - description: 'Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' - type: object - additionalProperties: - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - securityContext: - description: 'SecurityContext defines the security options the container should be run with. If set, the fields of SecurityContext override the equivalent fields of PodSecurityContext. More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/' - type: object - properties: - allowPrivilegeEscalation: - description: 'AllowPrivilegeEscalation controls whether a process can gain more privileges than its parent process. This bool directly controls if the no_new_privs flag will be set on the container process. AllowPrivilegeEscalation is true always when the container is: 1) run as Privileged 2) has CAP_SYS_ADMIN Note that this field cannot be set when spec.os.name is windows.' - type: boolean - capabilities: - description: The capabilities to add/drop when running containers. Defaults to the default set of capabilities granted by the container runtime. Note that this field cannot be set when spec.os.name is windows. - type: object - properties: - add: - description: This is accessible behind a feature flag - kubernetes.containerspec-addcapabilities - type: array - items: - description: Capability represent POSIX capabilities type - type: string - drop: - description: Removed capabilities - type: array - items: - description: Capability represent POSIX capabilities type - type: string - readOnlyRootFilesystem: - description: Whether this container has a read-only root filesystem. Default is false. Note that this field cannot be set when spec.os.name is windows. - type: boolean - runAsGroup: - description: The GID to run the entrypoint of the container process. Uses runtime default if unset. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is windows. - type: integer - format: int64 - runAsNonRoot: - description: Indicates that the container must run as a non-root user. If true, the Kubelet will validate the image at runtime to ensure that it does not run as UID 0 (root) and fail to start the container if it does. If unset or false, no such validation will be performed. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. - type: boolean - runAsUser: - description: The UID to run the entrypoint of the container process. Defaults to user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is windows. - type: integer - format: int64 - terminationMessagePath: - description: 'Optional: Path at which the file to which the container''s termination message will be written is mounted into the container''s filesystem. Message written is intended to be brief final status, such as an assertion failure message. Will be truncated by the node if greater than 4096 bytes. The total message length across all containers will be limited to 12kb. Defaults to /dev/termination-log. Cannot be updated.' - type: string - terminationMessagePolicy: - description: Indicate how the termination message should be populated. File will use the contents of terminationMessagePath to populate the container status message on both success and failure. FallbackToLogsOnError will use the last chunk of container log output if the termination message file is empty and the container exited with an error. The log output is limited to 2048 bytes or 80 lines, whichever is smaller. Defaults to File. Cannot be updated. - type: string - volumeMounts: - description: Pod volumes to mount into the container's filesystem. Cannot be updated. - type: array - items: - description: VolumeMount describes a mounting of a Volume within a container. - type: object - required: - - mountPath - - name - properties: - mountPath: - description: Path within the container at which the volume should be mounted. Must not contain ':'. - type: string - name: - description: This must match the Name of a Volume. - type: string - readOnly: - description: Mounted read-only if true, read-write otherwise (false or unspecified). Defaults to false. - type: boolean - subPath: - description: Path within the volume from which the container's volume should be mounted. Defaults to "" (volume's root). - type: string - workingDir: - description: Container's working directory. If not specified, the container runtime's default will be used, which might be configured in the container image. Cannot be updated. - type: string - dnsConfig: - description: This is accessible behind a feature flag - kubernetes.podspec-dnsconfig - type: object - x-kubernetes-preserve-unknown-fields: true - dnsPolicy: - description: This is accessible behind a feature flag - kubernetes.podspec-dnspolicy - type: string - enableServiceLinks: - description: 'EnableServiceLinks indicates whether information about services should be injected into pod''s environment variables, matching the syntax of Docker links. Optional: Knative defaults this to false.' - type: boolean - hostAliases: - description: This is accessible behind a feature flag - kubernetes.podspec-hostaliases - type: array - items: - description: This is accessible behind a feature flag - kubernetes.podspec-hostaliases - type: object - x-kubernetes-preserve-unknown-fields: true - idleTimeoutSeconds: - description: IdleTimeoutSeconds is the maximum duration in seconds a request will be allowed to stay open while not receiving any bytes from the user's application. If unspecified, a system default will be provided. - type: integer - format: int64 - imagePullSecrets: - description: 'ImagePullSecrets is an optional list of references to secrets in the same namespace to use for pulling any of the images used by this PodSpec. If specified, these secrets will be passed to individual puller implementations for them to use. More info: https://kubernetes.io/docs/concepts/containers/images#specifying-imagepullsecrets-on-a-pod' - type: array - items: - description: LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. - type: object - properties: - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?' - type: string - x-kubernetes-map-type: atomic - initContainers: - description: 'List of initialization containers belonging to the pod. Init containers are executed in order prior to containers being started. If any init container fails, the pod is considered to have failed and is handled according to its restartPolicy. The name for an init container or normal container must be unique among all containers. Init containers may not have Lifecycle actions, Readiness probes, Liveness probes, or Startup probes. The resourceRequirements of an init container are taken into account during scheduling by finding the highest request/limit for each resource type, and then using the max of of that value or the sum of the normal containers. Limits are applied to init containers in a similar fashion. Init containers cannot currently be added or removed. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/init-containers/' - type: array - items: - description: This is accessible behind a feature flag - kubernetes.podspec-init-containers - type: object - x-kubernetes-preserve-unknown-fields: true - nodeSelector: - description: This is accessible behind a feature flag - kubernetes.podspec-nodeselector - type: object - x-kubernetes-preserve-unknown-fields: true - x-kubernetes-map-type: atomic - priorityClassName: - description: This is accessible behind a feature flag - kubernetes.podspec-priorityclassname - type: string - x-kubernetes-preserve-unknown-fields: true - responseStartTimeoutSeconds: - description: ResponseStartTimeoutSeconds is the maximum duration in seconds that the request routing layer will wait for a request delivered to a container to begin sending any network traffic. - type: integer - format: int64 - runtimeClassName: - description: This is accessible behind a feature flag - kubernetes.podspec-runtimeclassname - type: string - x-kubernetes-preserve-unknown-fields: true - schedulerName: - description: This is accessible behind a feature flag - kubernetes.podspec-schedulername - type: string - x-kubernetes-preserve-unknown-fields: true - securityContext: - description: This is accessible behind a feature flag - kubernetes.podspec-securitycontext - type: object - x-kubernetes-preserve-unknown-fields: true - serviceAccountName: - description: 'ServiceAccountName is the name of the ServiceAccount to use to run this pod. More info: https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/' - type: string - timeoutSeconds: - description: TimeoutSeconds is the maximum duration in seconds that the request instance is allowed to respond to a request. If unspecified, a system default will be provided. - type: integer - format: int64 - tolerations: - description: This is accessible behind a feature flag - kubernetes.podspec-tolerations - type: array - items: - description: This is accessible behind a feature flag - kubernetes.podspec-tolerations - type: object - x-kubernetes-preserve-unknown-fields: true - topologySpreadConstraints: - description: This is accessible behind a feature flag - kubernetes.podspec-topologyspreadconstraints - type: array - items: - description: This is accessible behind a feature flag - kubernetes.podspec-topologyspreadconstraints - type: object - x-kubernetes-preserve-unknown-fields: true - volumes: - description: 'List of volumes that can be mounted by containers belonging to the pod. More info: https://kubernetes.io/docs/concepts/storage/volumes' - type: array - items: - description: Volume represents a named volume in a pod that may be accessed by any container in the pod. - type: object - required: - - name - properties: - configMap: - description: configMap represents a configMap that should populate this volume - type: object - properties: - defaultMode: - description: 'defaultMode is optional: mode bits used to set permissions on created files by default. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. Defaults to 0644. Directories within the path are not affected by this setting. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.' - type: integer - format: int32 - items: - description: items if unspecified, each key-value pair in the Data field of the referenced ConfigMap will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the ConfigMap, the volume setup will error unless it is marked optional. Paths must be relative and may not contain the '..' path or start with '..'. - type: array - items: - description: Maps a string key to a path within a volume. - type: object - required: - - key - - path - properties: - key: - description: key is the key to project. - type: string - mode: - description: 'mode is Optional: mode bits used to set permissions on this file. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.' - type: integer - format: int32 - path: - description: path is the relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'. - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?' - type: string - optional: - description: optional specify whether the ConfigMap or its keys must be defined - type: boolean - x-kubernetes-map-type: atomic - emptyDir: - description: This is accessible behind a feature flag - kubernetes.podspec-emptydir - type: object - x-kubernetes-preserve-unknown-fields: true - name: - description: 'name of the volume. Must be a DNS_LABEL and unique within the pod. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - persistentVolumeClaim: - description: This is accessible behind a feature flag - kubernetes.podspec-persistent-volume-claim - type: object - x-kubernetes-preserve-unknown-fields: true - projected: - description: projected items for all in one resources secrets, configmaps, and downward API - type: object - properties: - defaultMode: - description: defaultMode are the mode bits used to set permissions on created files by default. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. Directories within the path are not affected by this setting. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. - type: integer - format: int32 - sources: - description: sources is the list of volume projections - type: array - items: - description: Projection that may be projected along with other supported volume types - type: object - properties: - configMap: - description: configMap information about the configMap data to project - type: object - properties: - items: - description: items if unspecified, each key-value pair in the Data field of the referenced ConfigMap will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the ConfigMap, the volume setup will error unless it is marked optional. Paths must be relative and may not contain the '..' path or start with '..'. - type: array - items: - description: Maps a string key to a path within a volume. - type: object - required: - - key - - path - properties: - key: - description: key is the key to project. - type: string - mode: - description: 'mode is Optional: mode bits used to set permissions on this file. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.' - type: integer - format: int32 - path: - description: path is the relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'. - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?' - type: string - optional: - description: optional specify whether the ConfigMap or its keys must be defined - type: boolean - x-kubernetes-map-type: atomic - secret: - description: secret information about the secret data to project - type: object - properties: - items: - description: items if unspecified, each key-value pair in the Data field of the referenced Secret will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the Secret, the volume setup will error unless it is marked optional. Paths must be relative and may not contain the '..' path or start with '..'. - type: array - items: - description: Maps a string key to a path within a volume. - type: object - required: - - key - - path - properties: - key: - description: key is the key to project. - type: string - mode: - description: 'mode is Optional: mode bits used to set permissions on this file. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.' - type: integer - format: int32 - path: - description: path is the relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'. - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?' - type: string - optional: - description: optional field specify whether the Secret or its key must be defined - type: boolean - x-kubernetes-map-type: atomic - serviceAccountToken: - description: serviceAccountToken is information about the serviceAccountToken data to project - type: object - required: - - path - properties: - audience: - description: audience is the intended audience of the token. A recipient of a token must identify itself with an identifier specified in the audience of the token, and otherwise should reject the token. The audience defaults to the identifier of the apiserver. - type: string - expirationSeconds: - description: expirationSeconds is the requested duration of validity of the service account token. As the token approaches expiration, the kubelet volume plugin will proactively rotate the service account token. The kubelet will start trying to rotate the token if the token is older than 80 percent of its time to live or if the token is older than 24 hours.Defaults to 1 hour and must be at least 10 minutes. - type: integer - format: int64 - path: - description: path is the path relative to the mount point of the file to project the token into. - type: string - secret: - description: 'secret represents a secret that should populate this volume. More info: https://kubernetes.io/docs/concepts/storage/volumes#secret' - type: object - properties: - defaultMode: - description: 'defaultMode is Optional: mode bits used to set permissions on created files by default. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. Defaults to 0644. Directories within the path are not affected by this setting. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.' - type: integer - format: int32 - items: - description: items If unspecified, each key-value pair in the Data field of the referenced Secret will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the Secret, the volume setup will error unless it is marked optional. Paths must be relative and may not contain the '..' path or start with '..'. - type: array - items: - description: Maps a string key to a path within a volume. - type: object - required: - - key - - path - properties: - key: - description: key is the key to project. - type: string - mode: - description: 'mode is Optional: mode bits used to set permissions on this file. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.' - type: integer - format: int32 - path: - description: path is the relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'. - type: string - optional: - description: optional field specify whether the Secret or its keys must be defined - type: boolean - secretName: - description: 'secretName is the name of the secret in the pod''s namespace to use. More info: https://kubernetes.io/docs/concepts/storage/volumes#secret' - type: string - status: - description: ConfigurationStatus communicates the observed state of the Configuration (from the controller). - type: object - properties: - annotations: - description: Annotations is additional Status fields for the Resource to save some additional State as well as convey more information to the user. This is roughly akin to Annotations on any k8s resource, just the reconciler conveying richer information outwards. - type: object - additionalProperties: - type: string - conditions: - description: Conditions the latest available observations of a resource's current state. - type: array - items: - description: 'Condition defines a readiness condition for a Knative resource. See: https://github.com/kubernetes/community/blob/master/contributors/devel/sig-architecture/api-conventions.md#typical-status-properties' - type: object - required: - - status - - type - properties: - lastTransitionTime: - description: LastTransitionTime is the last time the condition transitioned from one status to another. We use VolatileTime in place of metav1.Time to exclude this from creating equality.Semantic differences (all other things held constant). - type: string - message: - description: A human readable message indicating details about the transition. - type: string - reason: - description: The reason for the condition's last transition. - type: string - severity: - description: Severity with which to treat failures of this type of condition. When this is not specified, it defaults to Error. - type: string - status: - description: Status of the condition, one of True, False, Unknown. - type: string - type: - description: Type of condition. - type: string - latestCreatedRevisionName: - description: LatestCreatedRevisionName is the last revision that was created from this Configuration. It might not be ready yet, for that use LatestReadyRevisionName. - type: string - latestReadyRevisionName: - description: LatestReadyRevisionName holds the name of the latest Revision stamped out from this Configuration that has had its "Ready" condition become "True". - type: string - observedGeneration: - description: ObservedGeneration is the 'Generation' of the Service that was last processed by the controller. - type: integer - format: int64 - ---- -# Copyright 2020 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - name: clusterdomainclaims.networking.internal.knative.dev - labels: - app.kubernetes.io/name: knative-serving - app.kubernetes.io/component: networking - app.kubernetes.io/version: "1.8.4" - knative.dev/crd-install: "true" -spec: - group: networking.internal.knative.dev - versions: - - name: v1alpha1 - served: true - storage: true - subresources: - status: {} - schema: - openAPIV3Schema: - description: ClusterDomainClaim is a cluster-wide reservation for a particular domain name. - type: object - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - description: 'Spec is the desired state of the ClusterDomainClaim. More info: https://github.com/kubernetes/community/blob/master/contributors/devel/sig-architecture/api-conventions.md#spec-and-status' - type: object - required: - - namespace - properties: - namespace: - description: Namespace is the namespace which is allowed to create a DomainMapping using this ClusterDomainClaim's name. - type: string - names: - kind: ClusterDomainClaim - plural: clusterdomainclaims - singular: clusterdomainclaim - categories: - - knative-internal - - networking - shortNames: - - cdc - scope: Cluster - ---- -# Copyright 2020 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - name: domainmappings.serving.knative.dev - labels: - app.kubernetes.io/name: knative-serving - app.kubernetes.io/version: "1.8.4" - knative.dev/crd-install: "true" -spec: - group: serving.knative.dev - versions: - - name: v1beta1 - served: true - storage: false - subresources: - status: {} - additionalPrinterColumns: - - name: URL - type: string - jsonPath: .status.url - - name: Ready - type: string - jsonPath: ".status.conditions[?(@.type=='Ready')].status" - - name: Reason - type: string - jsonPath: ".status.conditions[?(@.type=='Ready')].reason" - "schema": - "openAPIV3Schema": - description: DomainMapping is a mapping from a custom hostname to an Addressable. - type: object - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - description: 'Spec is the desired state of the DomainMapping. More info: https://github.com/kubernetes/community/blob/master/contributors/devel/sig-architecture/api-conventions.md#spec-and-status' - type: object - required: - - ref - properties: - ref: - description: "Ref specifies the target of the Domain Mapping. \n The object identified by the Ref must be an Addressable with a URL of the form `{name}.{namespace}.{domain}` where `{domain}` is the cluster domain, and `{name}` and `{namespace}` are the name and namespace of a Kubernetes Service. \n This contract is satisfied by Knative types such as Knative Services and Knative Routes, and by Kubernetes Services." - type: object - required: - - kind - - name - properties: - apiVersion: - description: API version of the referent. - type: string - group: - description: 'Group of the API, without the version of the group. This can be used as an alternative to the APIVersion, and then resolved using ResolveGroup. Note: This API is EXPERIMENTAL and might break anytime. For more details: https://github.com/knative/eventing/issues/5086' - type: string - kind: - description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - namespace: - description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ This is optional field, it gets defaulted to the object holding it if left out.' - type: string - tls: - description: TLS allows the DomainMapping to terminate TLS traffic with an existing secret. - type: object - required: - - secretName - properties: - secretName: - description: SecretName is the name of the existing secret used to terminate TLS traffic. - type: string - status: - description: 'Status is the current state of the DomainMapping. More info: https://github.com/kubernetes/community/blob/master/contributors/devel/sig-architecture/api-conventions.md#spec-and-status' - type: object - properties: - address: - description: Address holds the information needed for a DomainMapping to be the target of an event. - type: object - properties: - url: - type: string - annotations: - description: Annotations is additional Status fields for the Resource to save some additional State as well as convey more information to the user. This is roughly akin to Annotations on any k8s resource, just the reconciler conveying richer information outwards. - type: object - additionalProperties: - type: string - conditions: - description: Conditions the latest available observations of a resource's current state. - type: array - items: - description: 'Condition defines a readiness condition for a Knative resource. See: https://github.com/kubernetes/community/blob/master/contributors/devel/sig-architecture/api-conventions.md#typical-status-properties' - type: object - required: - - status - - type - properties: - lastTransitionTime: - description: LastTransitionTime is the last time the condition transitioned from one status to another. We use VolatileTime in place of metav1.Time to exclude this from creating equality.Semantic differences (all other things held constant). - type: string - message: - description: A human readable message indicating details about the transition. - type: string - reason: - description: The reason for the condition's last transition. - type: string - severity: - description: Severity with which to treat failures of this type of condition. When this is not specified, it defaults to Error. - type: string - status: - description: Status of the condition, one of True, False, Unknown. - type: string - type: - description: Type of condition. - type: string - observedGeneration: - description: ObservedGeneration is the 'Generation' of the Service that was last processed by the controller. - type: integer - format: int64 - url: - description: URL is the URL of this DomainMapping. - type: string - - name: v1alpha1 - served: true - storage: true - subresources: - status: {} - schema: - openAPIV3Schema: - description: DomainMapping is a mapping from a custom hostname to an Addressable. - type: object - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - description: 'Spec is the desired state of the DomainMapping. More info: https://github.com/kubernetes/community/blob/master/contributors/devel/sig-architecture/api-conventions.md#spec-and-status' - type: object - required: - - ref - properties: - ref: - description: "Ref specifies the target of the Domain Mapping. \n The object identified by the Ref must be an Addressable with a URL of the form `{name}.{namespace}.{domain}` where `{domain}` is the cluster domain, and `{name}` and `{namespace}` are the name and namespace of a Kubernetes Service. \n This contract is satisfied by Knative types such as Knative Services and Knative Routes, and by Kubernetes Services." - type: object - required: - - kind - - name - properties: - apiVersion: - description: API version of the referent. - type: string - group: - description: 'Group of the API, without the version of the group. This can be used as an alternative to the APIVersion, and then resolved using ResolveGroup. Note: This API is EXPERIMENTAL and might break anytime. For more details: https://github.com/knative/eventing/issues/5086' - type: string - kind: - description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - namespace: - description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ This is optional field, it gets defaulted to the object holding it if left out.' - type: string - tls: - description: TLS allows the DomainMapping to terminate TLS traffic with an existing secret. - type: object - required: - - secretName - properties: - secretName: - description: SecretName is the name of the existing secret used to terminate TLS traffic. - type: string - status: - description: 'Status is the current state of the DomainMapping. More info: https://github.com/kubernetes/community/blob/master/contributors/devel/sig-architecture/api-conventions.md#spec-and-status' - type: object - properties: - address: - description: Address holds the information needed for a DomainMapping to be the target of an event. - type: object - properties: - url: - type: string - annotations: - description: Annotations is additional Status fields for the Resource to save some additional State as well as convey more information to the user. This is roughly akin to Annotations on any k8s resource, just the reconciler conveying richer information outwards. - type: object - additionalProperties: - type: string - conditions: - description: Conditions the latest available observations of a resource's current state. - type: array - items: - description: 'Condition defines a readiness condition for a Knative resource. See: https://github.com/kubernetes/community/blob/master/contributors/devel/sig-architecture/api-conventions.md#typical-status-properties' - type: object - required: - - status - - type - properties: - lastTransitionTime: - description: LastTransitionTime is the last time the condition transitioned from one status to another. We use VolatileTime in place of metav1.Time to exclude this from creating equality.Semantic differences (all other things held constant). - type: string - message: - description: A human readable message indicating details about the transition. - type: string - reason: - description: The reason for the condition's last transition. - type: string - severity: - description: Severity with which to treat failures of this type of condition. When this is not specified, it defaults to Error. - type: string - status: - description: Status of the condition, one of True, False, Unknown. - type: string - type: - description: Type of condition. - type: string - observedGeneration: - description: ObservedGeneration is the 'Generation' of the Service that was last processed by the controller. - type: integer - format: int64 - url: - description: URL is the URL of this DomainMapping. - type: string - additionalPrinterColumns: - - name: URL - type: string - jsonPath: .status.url - - name: Ready - type: string - jsonPath: ".status.conditions[?(@.type=='Ready')].status" - - name: Reason - type: string - jsonPath: ".status.conditions[?(@.type=='Ready')].reason" - names: - kind: DomainMapping - plural: domainmappings - singular: domainmapping - categories: - - all - - knative - - serving - shortNames: - - dm - scope: Namespaced - ---- -# Copyright 2020 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - name: ingresses.networking.internal.knative.dev - labels: - app.kubernetes.io/name: knative-serving - app.kubernetes.io/component: networking - app.kubernetes.io/version: "1.8.4" - knative.dev/crd-install: "true" -spec: - group: networking.internal.knative.dev - versions: - - name: v1alpha1 - served: true - storage: true - subresources: - status: {} - schema: - openAPIV3Schema: - description: "Ingress is a collection of rules that allow inbound connections to reach the endpoints defined by a backend. An Ingress can be configured to give services externally-reachable URLs, load balance traffic, offer name based virtual hosting, etc. \n This is heavily based on K8s Ingress https://godoc.org/k8s.io/api/networking/v1beta1#Ingress which some highlighted modifications." - type: object - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - description: 'Spec is the desired state of the Ingress. More info: https://github.com/kubernetes/community/blob/master/contributors/devel/sig-architecture/api-conventions.md#spec-and-status' - type: object - properties: - httpOption: - description: 'HTTPOption is the option of HTTP. It has the following two values: `HTTPOptionEnabled`, `HTTPOptionRedirected`' - type: string - rules: - description: A list of host rules used to configure the Ingress. - type: array - items: - description: IngressRule represents the rules mapping the paths under a specified host to the related backend services. Incoming requests are first evaluated for a host match, then routed to the backend associated with the matching IngressRuleValue. - type: object - properties: - hosts: - description: 'Host is the fully qualified domain name of a network host, as defined by RFC 3986. Note the following deviations from the "host" part of the URI as defined in the RFC: 1. IPs are not allowed. Currently a rule value can only apply to the IP in the Spec of the parent . 2. The `:` delimiter is not respected because ports are not allowed. Currently the port of an Ingress is implicitly :80 for http and :443 for https. Both these may change in the future. If the host is unspecified, the Ingress routes all traffic based on the specified IngressRuleValue. If multiple matching Hosts were provided, the first rule will take precedent.' - type: array - items: - type: string - http: - description: HTTP represents a rule to apply against incoming requests. If the rule is satisfied, the request is routed to the specified backend. - type: object - required: - - paths - properties: - paths: - description: "A collection of paths that map requests to backends. \n If they are multiple matching paths, the first match takes precedence." - type: array - items: - description: HTTPIngressPath associates a path regex with a backend. Incoming URLs matching the path are forwarded to the backend. - type: object - required: - - splits - properties: - appendHeaders: - description: "AppendHeaders allow specifying additional HTTP headers to add before forwarding a request to the destination service. \n NOTE: This differs from K8s Ingress which doesn't allow header appending." - type: object - additionalProperties: - type: string - headers: - description: Headers defines header matching rules which is a map from a header name to HeaderMatch which specify a matching condition. When a request matched with all the header matching rules, the request is routed by the corresponding ingress rule. If it is empty, the headers are not used for matching - type: object - additionalProperties: - description: HeaderMatch represents a matching value of Headers in HTTPIngressPath. Currently, only the exact matching is supported. - type: object - required: - - exact - properties: - exact: - type: string - path: - description: Path represents a literal prefix to which this rule should apply. Currently it can contain characters disallowed from the conventional "path" part of a URL as defined by RFC 3986. Paths must begin with a '/'. If unspecified, the path defaults to a catch all sending traffic to the backend. - type: string - rewriteHost: - description: "RewriteHost rewrites the incoming request's host header. \n This field is currently experimental and not supported by all Ingress implementations." - type: string - splits: - description: Splits defines the referenced service endpoints to which the traffic will be forwarded to. - type: array - items: - description: IngressBackendSplit describes all endpoints for a given service and port. - type: object - required: - - serviceName - - serviceNamespace - - servicePort - properties: - appendHeaders: - description: "AppendHeaders allow specifying additional HTTP headers to add before forwarding a request to the destination service. \n NOTE: This differs from K8s Ingress which doesn't allow header appending." - type: object - additionalProperties: - type: string - percent: - description: "Specifies the split percentage, a number between 0 and 100. If only one split is specified, we default to 100. \n NOTE: This differs from K8s Ingress to allow percentage split." - type: integer - serviceName: - description: Specifies the name of the referenced service. - type: string - serviceNamespace: - description: "Specifies the namespace of the referenced service. \n NOTE: This differs from K8s Ingress to allow routing to different namespaces." - type: string - servicePort: - description: Specifies the port of the referenced service. - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - visibility: - description: Visibility signifies whether this rule should `ClusterLocal`. If it's not specified then it defaults to `ExternalIP`. - type: string - tls: - description: 'TLS configuration. Currently Ingress only supports a single TLS port: 443. If multiple members of this list specify different hosts, they will be multiplexed on the same port according to the hostname specified through the SNI TLS extension, if the ingress controller fulfilling the ingress supports SNI.' - type: array - items: - description: IngressTLS describes the transport layer security associated with an Ingress. - type: object - properties: - hosts: - description: Hosts is a list of hosts included in the TLS certificate. The values in this list must match the name/s used in the tlsSecret. Defaults to the wildcard host setting for the loadbalancer controller fulfilling this Ingress, if left unspecified. - type: array - items: - type: string - secretName: - description: SecretName is the name of the secret used to terminate SSL traffic. - type: string - secretNamespace: - description: SecretNamespace is the namespace of the secret used to terminate SSL traffic. If not set the namespace should be assumed to be the same as the Ingress. If set the secret should have the same namespace as the Ingress otherwise the behaviour is undefined and not supported. - type: string - status: - description: 'Status is the current state of the Ingress. More info: https://github.com/kubernetes/community/blob/master/contributors/devel/sig-architecture/api-conventions.md#spec-and-status' - type: object - properties: - annotations: - description: Annotations is additional Status fields for the Resource to save some additional State as well as convey more information to the user. This is roughly akin to Annotations on any k8s resource, just the reconciler conveying richer information outwards. - type: object - additionalProperties: - type: string - conditions: - description: Conditions the latest available observations of a resource's current state. - type: array - items: - description: 'Condition defines a readiness condition for a Knative resource. See: https://github.com/kubernetes/community/blob/master/contributors/devel/sig-architecture/api-conventions.md#typical-status-properties' - type: object - required: - - status - - type - properties: - lastTransitionTime: - description: LastTransitionTime is the last time the condition transitioned from one status to another. We use VolatileTime in place of metav1.Time to exclude this from creating equality.Semantic differences (all other things held constant). - type: string - message: - description: A human readable message indicating details about the transition. - type: string - reason: - description: The reason for the condition's last transition. - type: string - severity: - description: Severity with which to treat failures of this type of condition. When this is not specified, it defaults to Error. - type: string - status: - description: Status of the condition, one of True, False, Unknown. - type: string - type: - description: Type of condition. - type: string - observedGeneration: - description: ObservedGeneration is the 'Generation' of the Service that was last processed by the controller. - type: integer - format: int64 - privateLoadBalancer: - description: PrivateLoadBalancer contains the current status of the load-balancer. - type: object - properties: - ingress: - description: Ingress is a list containing ingress points for the load-balancer. Traffic intended for the service should be sent to these ingress points. - type: array - items: - description: 'LoadBalancerIngressStatus represents the status of a load-balancer ingress point: traffic intended for the service should be sent to an ingress point.' - type: object - properties: - domain: - description: Domain is set for load-balancer ingress points that are DNS based (typically AWS load-balancers) - type: string - domainInternal: - description: "DomainInternal is set if there is a cluster-local DNS name to access the Ingress. \n NOTE: This differs from K8s Ingress, since we also desire to have a cluster-local DNS name to allow routing in case of not having a mesh." - type: string - ip: - description: IP is set for load-balancer ingress points that are IP based (typically GCE or OpenStack load-balancers) - type: string - meshOnly: - description: MeshOnly is set if the Ingress is only load-balanced through a Service mesh. - type: boolean - publicLoadBalancer: - description: PublicLoadBalancer contains the current status of the load-balancer. - type: object - properties: - ingress: - description: Ingress is a list containing ingress points for the load-balancer. Traffic intended for the service should be sent to these ingress points. - type: array - items: - description: 'LoadBalancerIngressStatus represents the status of a load-balancer ingress point: traffic intended for the service should be sent to an ingress point.' - type: object - properties: - domain: - description: Domain is set for load-balancer ingress points that are DNS based (typically AWS load-balancers) - type: string - domainInternal: - description: "DomainInternal is set if there is a cluster-local DNS name to access the Ingress. \n NOTE: This differs from K8s Ingress, since we also desire to have a cluster-local DNS name to allow routing in case of not having a mesh." - type: string - ip: - description: IP is set for load-balancer ingress points that are IP based (typically GCE or OpenStack load-balancers) - type: string - meshOnly: - description: MeshOnly is set if the Ingress is only load-balanced through a Service mesh. - type: boolean - additionalPrinterColumns: - - name: Ready - type: string - jsonPath: ".status.conditions[?(@.type=='Ready')].status" - - name: Reason - type: string - jsonPath: ".status.conditions[?(@.type=='Ready')].reason" - names: - kind: Ingress - plural: ingresses - singular: ingress - categories: - - knative-internal - - networking - shortNames: - - kingress - - king - scope: Namespaced - ---- -# Copyright 2019 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -# Note: The schema part of the spec is auto-generated by hack/update-schemas.sh. - -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - name: metrics.autoscaling.internal.knative.dev - labels: - app.kubernetes.io/name: knative-serving - app.kubernetes.io/version: "1.8.4" - knative.dev/crd-install: "true" -spec: - group: autoscaling.internal.knative.dev - names: - kind: Metric - plural: metrics - singular: metric - categories: - - knative-internal - - autoscaling - scope: Namespaced - versions: - - name: v1alpha1 - served: true - storage: true - subresources: - status: {} - additionalPrinterColumns: - - name: Ready - type: string - jsonPath: ".status.conditions[?(@.type=='Ready')].status" - - name: Reason - type: string - jsonPath: ".status.conditions[?(@.type=='Ready')].reason" - schema: - openAPIV3Schema: - description: Metric represents a resource to configure the metric collector with. - type: object - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - description: Spec holds the desired state of the Metric (from the client). - type: object - required: - - panicWindow - - scrapeTarget - - stableWindow - properties: - panicWindow: - description: PanicWindow is the aggregation window for metrics where quick reactions are needed. - type: integer - format: int64 - scrapeTarget: - description: ScrapeTarget is the K8s service that publishes the metric endpoint. - type: string - stableWindow: - description: StableWindow is the aggregation window for metrics in a stable state. - type: integer - format: int64 - status: - description: Status communicates the observed state of the Metric (from the controller). - type: object - properties: - annotations: - description: Annotations is additional Status fields for the Resource to save some additional State as well as convey more information to the user. This is roughly akin to Annotations on any k8s resource, just the reconciler conveying richer information outwards. - type: object - additionalProperties: - type: string - conditions: - description: Conditions the latest available observations of a resource's current state. - type: array - items: - description: 'Condition defines a readiness condition for a Knative resource. See: https://github.com/kubernetes/community/blob/master/contributors/devel/sig-architecture/api-conventions.md#typical-status-properties' - type: object - required: - - status - - type - properties: - lastTransitionTime: - description: LastTransitionTime is the last time the condition transitioned from one status to another. We use VolatileTime in place of metav1.Time to exclude this from creating equality.Semantic differences (all other things held constant). - type: string - message: - description: A human readable message indicating details about the transition. - type: string - reason: - description: The reason for the condition's last transition. - type: string - severity: - description: Severity with which to treat failures of this type of condition. When this is not specified, it defaults to Error. - type: string - status: - description: Status of the condition, one of True, False, Unknown. - type: string - type: - description: Type of condition. - type: string - observedGeneration: - description: ObservedGeneration is the 'Generation' of the Service that was last processed by the controller. - type: integer - format: int64 - ---- -# Copyright 2018 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -# Note: The schema part of the spec is auto-generated by hack/update-schemas.sh. - -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - name: podautoscalers.autoscaling.internal.knative.dev - labels: - app.kubernetes.io/name: knative-serving - app.kubernetes.io/version: "1.8.4" - knative.dev/crd-install: "true" -spec: - group: autoscaling.internal.knative.dev - names: - kind: PodAutoscaler - plural: podautoscalers - singular: podautoscaler - categories: - - knative-internal - - autoscaling - shortNames: - - kpa - - pa - scope: Namespaced - versions: - - name: v1alpha1 - served: true - storage: true - subresources: - status: {} - additionalPrinterColumns: - - name: DesiredScale - type: integer - jsonPath: ".status.desiredScale" - - name: ActualScale - type: integer - jsonPath: ".status.actualScale" - - name: Ready - type: string - jsonPath: ".status.conditions[?(@.type=='Ready')].status" - - name: Reason - type: string - jsonPath: ".status.conditions[?(@.type=='Ready')].reason" - schema: - openAPIV3Schema: - description: 'PodAutoscaler is a Knative abstraction that encapsulates the interface by which Knative components instantiate autoscalers. This definition is an abstraction that may be backed by multiple definitions. For more information, see the Knative Pluggability presentation: https://docs.google.com/presentation/d/19vW9HFZ6Puxt31biNZF3uLRejDmu82rxJIk1cWmxF7w/edit' - type: object - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - description: Spec holds the desired state of the PodAutoscaler (from the client). - type: object - required: - - protocolType - - scaleTargetRef - properties: - containerConcurrency: - description: ContainerConcurrency specifies the maximum allowed in-flight (concurrent) requests per container of the Revision. Defaults to `0` which means unlimited concurrency. - type: integer - format: int64 - protocolType: - description: The application-layer protocol. Matches `ProtocolType` inferred from the revision spec. - type: string - reachability: - description: Reachability specifies whether or not the `ScaleTargetRef` can be reached (ie. has a route). Defaults to `ReachabilityUnknown` - type: string - scaleTargetRef: - description: ScaleTargetRef defines the /scale-able resource that this PodAutoscaler is responsible for quickly right-sizing. - type: object - properties: - apiVersion: - description: API version of the referent. - type: string - kind: - description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - x-kubernetes-map-type: atomic - status: - description: Status communicates the observed state of the PodAutoscaler (from the controller). - type: object - required: - - metricsServiceName - - serviceName - properties: - actualScale: - description: ActualScale shows the actual number of replicas for the revision. - type: integer - format: int32 - annotations: - description: Annotations is additional Status fields for the Resource to save some additional State as well as convey more information to the user. This is roughly akin to Annotations on any k8s resource, just the reconciler conveying richer information outwards. - type: object - additionalProperties: - type: string - conditions: - description: Conditions the latest available observations of a resource's current state. - type: array - items: - description: 'Condition defines a readiness condition for a Knative resource. See: https://github.com/kubernetes/community/blob/master/contributors/devel/sig-architecture/api-conventions.md#typical-status-properties' - type: object - required: - - status - - type - properties: - lastTransitionTime: - description: LastTransitionTime is the last time the condition transitioned from one status to another. We use VolatileTime in place of metav1.Time to exclude this from creating equality.Semantic differences (all other things held constant). - type: string - message: - description: A human readable message indicating details about the transition. - type: string - reason: - description: The reason for the condition's last transition. - type: string - severity: - description: Severity with which to treat failures of this type of condition. When this is not specified, it defaults to Error. - type: string - status: - description: Status of the condition, one of True, False, Unknown. - type: string - type: - description: Type of condition. - type: string - desiredScale: - description: DesiredScale shows the current desired number of replicas for the revision. - type: integer - format: int32 - metricsServiceName: - description: MetricsServiceName is the K8s Service name that provides revision metrics. The service is managed by the PA object. - type: string - observedGeneration: - description: ObservedGeneration is the 'Generation' of the Service that was last processed by the controller. - type: integer - format: int64 - serviceName: - description: ServiceName is the K8s Service name that serves the revision, scaled by this PA. The service is created and owned by the ServerlessService object owned by this PA. - type: string - ---- -# Copyright 2019 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -# Note: The schema part of the spec is auto-generated by hack/update-schemas.sh. - -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - name: revisions.serving.knative.dev - labels: - app.kubernetes.io/name: knative-serving - app.kubernetes.io/version: "1.8.4" - knative.dev/crd-install: "true" -spec: - group: serving.knative.dev - names: - kind: Revision - plural: revisions - singular: revision - categories: - - all - - knative - - serving - shortNames: - - rev - scope: Namespaced - versions: - - name: v1 - served: true - storage: true - subresources: - status: {} - additionalPrinterColumns: - - name: Config Name - type: string - jsonPath: ".metadata.labels['serving\\.knative\\.dev/configuration']" - - name: K8s Service Name - type: string - jsonPath: ".status.serviceName" - - name: Generation - type: string # int in string form :( - jsonPath: ".metadata.labels['serving\\.knative\\.dev/configurationGeneration']" - - name: Ready - type: string - jsonPath: ".status.conditions[?(@.type=='Ready')].status" - - name: Reason - type: string - jsonPath: ".status.conditions[?(@.type=='Ready')].reason" - - name: Actual Replicas - type: integer - jsonPath: ".status.actualReplicas" - - name: Desired Replicas - type: integer - jsonPath: ".status.desiredReplicas" - schema: - openAPIV3Schema: - description: "Revision is an immutable snapshot of code and configuration. A revision references a container image. Revisions are created by updates to a Configuration. \n See also: https://github.com/knative/serving/blob/main/docs/spec/overview.md#revision" - type: object - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - description: RevisionSpec holds the desired state of the Revision (from the client). - type: object - required: - - containers - properties: - affinity: - description: This is accessible behind a feature flag - kubernetes.podspec-affinity - type: object - x-kubernetes-preserve-unknown-fields: true - automountServiceAccountToken: - description: AutomountServiceAccountToken indicates whether a service account token should be automatically mounted. - type: boolean - containerConcurrency: - description: ContainerConcurrency specifies the maximum allowed in-flight (concurrent) requests per container of the Revision. Defaults to `0` which means concurrency to the application is not limited, and the system decides the target concurrency for the autoscaler. - type: integer - format: int64 - containers: - description: List of containers belonging to the pod. Containers cannot currently be added or removed. There must be at least one container in a Pod. Cannot be updated. - type: array - items: - description: A single application container that you want to run within a pod. - type: object - properties: - args: - description: 'Arguments to the entrypoint. The container image''s CMD is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container''s environment. If a variable cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)" will produce the string literal "$(VAR_NAME)". Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell' - type: array - items: - type: string - command: - description: 'Entrypoint array. Not executed within a shell. The container image''s ENTRYPOINT is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container''s environment. If a variable cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)" will produce the string literal "$(VAR_NAME)". Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell' - type: array - items: - type: string - env: - description: List of environment variables to set in the container. Cannot be updated. - type: array - items: - description: EnvVar represents an environment variable present in a Container. - type: object - required: - - name - properties: - name: - description: Name of the environment variable. Must be a C_IDENTIFIER. - type: string - value: - description: 'Variable references $(VAR_NAME) are expanded using the previously defined environment variables in the container and any service environment variables. If a variable cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)" will produce the string literal "$(VAR_NAME)". Escaped references will never be expanded, regardless of whether the variable exists or not. Defaults to "".' - type: string - valueFrom: - description: Source for the environment variable's value. Cannot be used if value is not empty. - type: object - properties: - configMapKeyRef: - description: Selects a key of a ConfigMap. - type: object - required: - - key - properties: - key: - description: The key to select. - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?' - type: string - optional: - description: Specify whether the ConfigMap or its key must be defined - type: boolean - x-kubernetes-map-type: atomic - fieldRef: - description: This is accessible behind a feature flag - kubernetes.podspec-fieldref - type: object - x-kubernetes-preserve-unknown-fields: true - x-kubernetes-map-type: atomic - resourceFieldRef: - description: This is accessible behind a feature flag - kubernetes.podspec-fieldref - type: object - x-kubernetes-preserve-unknown-fields: true - x-kubernetes-map-type: atomic - secretKeyRef: - description: Selects a key of a secret in the pod's namespace - type: object - required: - - key - properties: - key: - description: The key of the secret to select from. Must be a valid secret key. - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?' - type: string - optional: - description: Specify whether the Secret or its key must be defined - type: boolean - x-kubernetes-map-type: atomic - envFrom: - description: List of sources to populate environment variables in the container. The keys defined within a source must be a C_IDENTIFIER. All invalid keys will be reported as an event when the container is starting. When a key exists in multiple sources, the value associated with the last source will take precedence. Values defined by an Env with a duplicate key will take precedence. Cannot be updated. - type: array - items: - description: EnvFromSource represents the source of a set of ConfigMaps - type: object - properties: - configMapRef: - description: The ConfigMap to select from - type: object - properties: - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?' - type: string - optional: - description: Specify whether the ConfigMap must be defined - type: boolean - x-kubernetes-map-type: atomic - prefix: - description: An optional identifier to prepend to each key in the ConfigMap. Must be a C_IDENTIFIER. - type: string - secretRef: - description: The Secret to select from - type: object - properties: - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?' - type: string - optional: - description: Specify whether the Secret must be defined - type: boolean - x-kubernetes-map-type: atomic - image: - description: 'Container image name. More info: https://kubernetes.io/docs/concepts/containers/images This field is optional to allow higher level config management to default or override container images in workload controllers like Deployments and StatefulSets.' - type: string - imagePullPolicy: - description: 'Image pull policy. One of Always, Never, IfNotPresent. Defaults to Always if :latest tag is specified, or IfNotPresent otherwise. Cannot be updated. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images' - type: string - livenessProbe: - description: 'Periodic probe of container liveness. Container will be restarted if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' - type: object - properties: - exec: - description: Exec specifies the action to take. - type: object - properties: - command: - description: Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. - type: array - items: - type: string - failureThreshold: - description: Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1. - type: integer - format: int32 - httpGet: - description: HTTPGet specifies the http request to perform. - type: object - properties: - host: - description: Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. - type: string - httpHeaders: - description: Custom headers to set in the request. HTTP allows repeated headers. - type: array - items: - description: HTTPHeader describes a custom header to be used in HTTP probes - type: object - required: - - name - - value - properties: - name: - description: The header field name - type: string - value: - description: The header field value - type: string - path: - description: Path to access on the HTTP server. - type: string - port: - description: Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - scheme: - description: Scheme to use for connecting to the host. Defaults to HTTP. - type: string - initialDelaySeconds: - description: 'Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' - type: integer - format: int32 - periodSeconds: - description: How often (in seconds) to perform the probe. - type: integer - format: int32 - successThreshold: - description: Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1. - type: integer - format: int32 - tcpSocket: - description: TCPSocket specifies an action involving a TCP port. - type: object - properties: - host: - description: 'Optional: Host name to connect to, defaults to the pod IP.' - type: string - port: - description: Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - timeoutSeconds: - description: 'Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' - type: integer - format: int32 - name: - description: Name of the container specified as a DNS_LABEL. Each container in a pod must have a unique name (DNS_LABEL). Cannot be updated. - type: string - ports: - description: List of ports to expose from the container. Not specifying a port here DOES NOT prevent that port from being exposed. Any port which is listening on the default "0.0.0.0" address inside a container will be accessible from the network. Modifying this array with strategic merge patch may corrupt the data. For more information See https://github.com/kubernetes/kubernetes/issues/108255. Cannot be updated. - type: array - items: - description: ContainerPort represents a network port in a single container. - type: object - required: - - containerPort - properties: - containerPort: - description: Number of port to expose on the pod's IP address. This must be a valid port number, 0 < x < 65536. - type: integer - format: int32 - name: - description: If specified, this must be an IANA_SVC_NAME and unique within the pod. Each named port in a pod must have a unique name. Name for the port that can be referred to by services. - type: string - protocol: - description: Protocol for port. Must be UDP, TCP, or SCTP. Defaults to "TCP". - type: string - default: TCP - x-kubernetes-list-map-keys: - - containerPort - - protocol - x-kubernetes-list-type: map - readinessProbe: - description: 'Periodic probe of container service readiness. Container will be removed from service endpoints if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' - type: object - properties: - exec: - description: Exec specifies the action to take. - type: object - properties: - command: - description: Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. - type: array - items: - type: string - failureThreshold: - description: Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1. - type: integer - format: int32 - httpGet: - description: HTTPGet specifies the http request to perform. - type: object - properties: - host: - description: Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. - type: string - httpHeaders: - description: Custom headers to set in the request. HTTP allows repeated headers. - type: array - items: - description: HTTPHeader describes a custom header to be used in HTTP probes - type: object - required: - - name - - value - properties: - name: - description: The header field name - type: string - value: - description: The header field value - type: string - path: - description: Path to access on the HTTP server. - type: string - port: - description: Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - scheme: - description: Scheme to use for connecting to the host. Defaults to HTTP. - type: string - initialDelaySeconds: - description: 'Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' - type: integer - format: int32 - periodSeconds: - description: How often (in seconds) to perform the probe. - type: integer - format: int32 - successThreshold: - description: Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1. - type: integer - format: int32 - tcpSocket: - description: TCPSocket specifies an action involving a TCP port. - type: object - properties: - host: - description: 'Optional: Host name to connect to, defaults to the pod IP.' - type: string - port: - description: Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - timeoutSeconds: - description: 'Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' - type: integer - format: int32 - resources: - description: 'Compute Resources required by this container. Cannot be updated. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' - type: object - properties: - limits: - description: 'Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' - type: object - additionalProperties: - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - requests: - description: 'Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' - type: object - additionalProperties: - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - securityContext: - description: 'SecurityContext defines the security options the container should be run with. If set, the fields of SecurityContext override the equivalent fields of PodSecurityContext. More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/' - type: object - properties: - allowPrivilegeEscalation: - description: 'AllowPrivilegeEscalation controls whether a process can gain more privileges than its parent process. This bool directly controls if the no_new_privs flag will be set on the container process. AllowPrivilegeEscalation is true always when the container is: 1) run as Privileged 2) has CAP_SYS_ADMIN Note that this field cannot be set when spec.os.name is windows.' - type: boolean - capabilities: - description: The capabilities to add/drop when running containers. Defaults to the default set of capabilities granted by the container runtime. Note that this field cannot be set when spec.os.name is windows. - type: object - properties: - add: - description: This is accessible behind a feature flag - kubernetes.containerspec-addcapabilities - type: array - items: - description: Capability represent POSIX capabilities type - type: string - drop: - description: Removed capabilities - type: array - items: - description: Capability represent POSIX capabilities type - type: string - readOnlyRootFilesystem: - description: Whether this container has a read-only root filesystem. Default is false. Note that this field cannot be set when spec.os.name is windows. - type: boolean - runAsGroup: - description: The GID to run the entrypoint of the container process. Uses runtime default if unset. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is windows. - type: integer - format: int64 - runAsNonRoot: - description: Indicates that the container must run as a non-root user. If true, the Kubelet will validate the image at runtime to ensure that it does not run as UID 0 (root) and fail to start the container if it does. If unset or false, no such validation will be performed. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. - type: boolean - runAsUser: - description: The UID to run the entrypoint of the container process. Defaults to user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is windows. - type: integer - format: int64 - terminationMessagePath: - description: 'Optional: Path at which the file to which the container''s termination message will be written is mounted into the container''s filesystem. Message written is intended to be brief final status, such as an assertion failure message. Will be truncated by the node if greater than 4096 bytes. The total message length across all containers will be limited to 12kb. Defaults to /dev/termination-log. Cannot be updated.' - type: string - terminationMessagePolicy: - description: Indicate how the termination message should be populated. File will use the contents of terminationMessagePath to populate the container status message on both success and failure. FallbackToLogsOnError will use the last chunk of container log output if the termination message file is empty and the container exited with an error. The log output is limited to 2048 bytes or 80 lines, whichever is smaller. Defaults to File. Cannot be updated. - type: string - volumeMounts: - description: Pod volumes to mount into the container's filesystem. Cannot be updated. - type: array - items: - description: VolumeMount describes a mounting of a Volume within a container. - type: object - required: - - mountPath - - name - properties: - mountPath: - description: Path within the container at which the volume should be mounted. Must not contain ':'. - type: string - name: - description: This must match the Name of a Volume. - type: string - readOnly: - description: Mounted read-only if true, read-write otherwise (false or unspecified). Defaults to false. - type: boolean - subPath: - description: Path within the volume from which the container's volume should be mounted. Defaults to "" (volume's root). - type: string - workingDir: - description: Container's working directory. If not specified, the container runtime's default will be used, which might be configured in the container image. Cannot be updated. - type: string - dnsConfig: - description: This is accessible behind a feature flag - kubernetes.podspec-dnsconfig - type: object - x-kubernetes-preserve-unknown-fields: true - dnsPolicy: - description: This is accessible behind a feature flag - kubernetes.podspec-dnspolicy - type: string - enableServiceLinks: - description: 'EnableServiceLinks indicates whether information about services should be injected into pod''s environment variables, matching the syntax of Docker links. Optional: Knative defaults this to false.' - type: boolean - hostAliases: - description: This is accessible behind a feature flag - kubernetes.podspec-hostaliases - type: array - items: - description: This is accessible behind a feature flag - kubernetes.podspec-hostaliases - type: object - x-kubernetes-preserve-unknown-fields: true - idleTimeoutSeconds: - description: IdleTimeoutSeconds is the maximum duration in seconds a request will be allowed to stay open while not receiving any bytes from the user's application. If unspecified, a system default will be provided. - type: integer - format: int64 - imagePullSecrets: - description: 'ImagePullSecrets is an optional list of references to secrets in the same namespace to use for pulling any of the images used by this PodSpec. If specified, these secrets will be passed to individual puller implementations for them to use. More info: https://kubernetes.io/docs/concepts/containers/images#specifying-imagepullsecrets-on-a-pod' - type: array - items: - description: LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. - type: object - properties: - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?' - type: string - x-kubernetes-map-type: atomic - initContainers: - description: 'List of initialization containers belonging to the pod. Init containers are executed in order prior to containers being started. If any init container fails, the pod is considered to have failed and is handled according to its restartPolicy. The name for an init container or normal container must be unique among all containers. Init containers may not have Lifecycle actions, Readiness probes, Liveness probes, or Startup probes. The resourceRequirements of an init container are taken into account during scheduling by finding the highest request/limit for each resource type, and then using the max of of that value or the sum of the normal containers. Limits are applied to init containers in a similar fashion. Init containers cannot currently be added or removed. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/init-containers/' - type: array - items: - description: This is accessible behind a feature flag - kubernetes.podspec-init-containers - type: object - x-kubernetes-preserve-unknown-fields: true - nodeSelector: - description: This is accessible behind a feature flag - kubernetes.podspec-nodeselector - type: object - x-kubernetes-preserve-unknown-fields: true - x-kubernetes-map-type: atomic - priorityClassName: - description: This is accessible behind a feature flag - kubernetes.podspec-priorityclassname - type: string - x-kubernetes-preserve-unknown-fields: true - responseStartTimeoutSeconds: - description: ResponseStartTimeoutSeconds is the maximum duration in seconds that the request routing layer will wait for a request delivered to a container to begin sending any network traffic. - type: integer - format: int64 - runtimeClassName: - description: This is accessible behind a feature flag - kubernetes.podspec-runtimeclassname - type: string - x-kubernetes-preserve-unknown-fields: true - schedulerName: - description: This is accessible behind a feature flag - kubernetes.podspec-schedulername - type: string - x-kubernetes-preserve-unknown-fields: true - securityContext: - description: This is accessible behind a feature flag - kubernetes.podspec-securitycontext - type: object - x-kubernetes-preserve-unknown-fields: true - serviceAccountName: - description: 'ServiceAccountName is the name of the ServiceAccount to use to run this pod. More info: https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/' - type: string - timeoutSeconds: - description: TimeoutSeconds is the maximum duration in seconds that the request instance is allowed to respond to a request. If unspecified, a system default will be provided. - type: integer - format: int64 - tolerations: - description: This is accessible behind a feature flag - kubernetes.podspec-tolerations - type: array - items: - description: This is accessible behind a feature flag - kubernetes.podspec-tolerations - type: object - x-kubernetes-preserve-unknown-fields: true - topologySpreadConstraints: - description: This is accessible behind a feature flag - kubernetes.podspec-topologyspreadconstraints - type: array - items: - description: This is accessible behind a feature flag - kubernetes.podspec-topologyspreadconstraints - type: object - x-kubernetes-preserve-unknown-fields: true - volumes: - description: 'List of volumes that can be mounted by containers belonging to the pod. More info: https://kubernetes.io/docs/concepts/storage/volumes' - type: array - items: - description: Volume represents a named volume in a pod that may be accessed by any container in the pod. - type: object - required: - - name - properties: - configMap: - description: configMap represents a configMap that should populate this volume - type: object - properties: - defaultMode: - description: 'defaultMode is optional: mode bits used to set permissions on created files by default. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. Defaults to 0644. Directories within the path are not affected by this setting. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.' - type: integer - format: int32 - items: - description: items if unspecified, each key-value pair in the Data field of the referenced ConfigMap will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the ConfigMap, the volume setup will error unless it is marked optional. Paths must be relative and may not contain the '..' path or start with '..'. - type: array - items: - description: Maps a string key to a path within a volume. - type: object - required: - - key - - path - properties: - key: - description: key is the key to project. - type: string - mode: - description: 'mode is Optional: mode bits used to set permissions on this file. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.' - type: integer - format: int32 - path: - description: path is the relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'. - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?' - type: string - optional: - description: optional specify whether the ConfigMap or its keys must be defined - type: boolean - x-kubernetes-map-type: atomic - emptyDir: - description: This is accessible behind a feature flag - kubernetes.podspec-emptydir - type: object - x-kubernetes-preserve-unknown-fields: true - name: - description: 'name of the volume. Must be a DNS_LABEL and unique within the pod. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - persistentVolumeClaim: - description: This is accessible behind a feature flag - kubernetes.podspec-persistent-volume-claim - type: object - x-kubernetes-preserve-unknown-fields: true - projected: - description: projected items for all in one resources secrets, configmaps, and downward API - type: object - properties: - defaultMode: - description: defaultMode are the mode bits used to set permissions on created files by default. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. Directories within the path are not affected by this setting. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. - type: integer - format: int32 - sources: - description: sources is the list of volume projections - type: array - items: - description: Projection that may be projected along with other supported volume types - type: object - properties: - configMap: - description: configMap information about the configMap data to project - type: object - properties: - items: - description: items if unspecified, each key-value pair in the Data field of the referenced ConfigMap will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the ConfigMap, the volume setup will error unless it is marked optional. Paths must be relative and may not contain the '..' path or start with '..'. - type: array - items: - description: Maps a string key to a path within a volume. - type: object - required: - - key - - path - properties: - key: - description: key is the key to project. - type: string - mode: - description: 'mode is Optional: mode bits used to set permissions on this file. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.' - type: integer - format: int32 - path: - description: path is the relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'. - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?' - type: string - optional: - description: optional specify whether the ConfigMap or its keys must be defined - type: boolean - x-kubernetes-map-type: atomic - secret: - description: secret information about the secret data to project - type: object - properties: - items: - description: items if unspecified, each key-value pair in the Data field of the referenced Secret will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the Secret, the volume setup will error unless it is marked optional. Paths must be relative and may not contain the '..' path or start with '..'. - type: array - items: - description: Maps a string key to a path within a volume. - type: object - required: - - key - - path - properties: - key: - description: key is the key to project. - type: string - mode: - description: 'mode is Optional: mode bits used to set permissions on this file. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.' - type: integer - format: int32 - path: - description: path is the relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'. - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?' - type: string - optional: - description: optional field specify whether the Secret or its key must be defined - type: boolean - x-kubernetes-map-type: atomic - serviceAccountToken: - description: serviceAccountToken is information about the serviceAccountToken data to project - type: object - required: - - path - properties: - audience: - description: audience is the intended audience of the token. A recipient of a token must identify itself with an identifier specified in the audience of the token, and otherwise should reject the token. The audience defaults to the identifier of the apiserver. - type: string - expirationSeconds: - description: expirationSeconds is the requested duration of validity of the service account token. As the token approaches expiration, the kubelet volume plugin will proactively rotate the service account token. The kubelet will start trying to rotate the token if the token is older than 80 percent of its time to live or if the token is older than 24 hours.Defaults to 1 hour and must be at least 10 minutes. - type: integer - format: int64 - path: - description: path is the path relative to the mount point of the file to project the token into. - type: string - secret: - description: 'secret represents a secret that should populate this volume. More info: https://kubernetes.io/docs/concepts/storage/volumes#secret' - type: object - properties: - defaultMode: - description: 'defaultMode is Optional: mode bits used to set permissions on created files by default. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. Defaults to 0644. Directories within the path are not affected by this setting. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.' - type: integer - format: int32 - items: - description: items If unspecified, each key-value pair in the Data field of the referenced Secret will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the Secret, the volume setup will error unless it is marked optional. Paths must be relative and may not contain the '..' path or start with '..'. - type: array - items: - description: Maps a string key to a path within a volume. - type: object - required: - - key - - path - properties: - key: - description: key is the key to project. - type: string - mode: - description: 'mode is Optional: mode bits used to set permissions on this file. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.' - type: integer - format: int32 - path: - description: path is the relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'. - type: string - optional: - description: optional field specify whether the Secret or its keys must be defined - type: boolean - secretName: - description: 'secretName is the name of the secret in the pod''s namespace to use. More info: https://kubernetes.io/docs/concepts/storage/volumes#secret' - type: string - status: - description: RevisionStatus communicates the observed state of the Revision (from the controller). - type: object - properties: - actualReplicas: - description: ActualReplicas reflects the amount of ready pods running this revision. - type: integer - format: int32 - annotations: - description: Annotations is additional Status fields for the Resource to save some additional State as well as convey more information to the user. This is roughly akin to Annotations on any k8s resource, just the reconciler conveying richer information outwards. - type: object - additionalProperties: - type: string - conditions: - description: Conditions the latest available observations of a resource's current state. - type: array - items: - description: 'Condition defines a readiness condition for a Knative resource. See: https://github.com/kubernetes/community/blob/master/contributors/devel/sig-architecture/api-conventions.md#typical-status-properties' - type: object - required: - - status - - type - properties: - lastTransitionTime: - description: LastTransitionTime is the last time the condition transitioned from one status to another. We use VolatileTime in place of metav1.Time to exclude this from creating equality.Semantic differences (all other things held constant). - type: string - message: - description: A human readable message indicating details about the transition. - type: string - reason: - description: The reason for the condition's last transition. - type: string - severity: - description: Severity with which to treat failures of this type of condition. When this is not specified, it defaults to Error. - type: string - status: - description: Status of the condition, one of True, False, Unknown. - type: string - type: - description: Type of condition. - type: string - containerStatuses: - description: 'ContainerStatuses is a slice of images present in .Spec.Container[*].Image to their respective digests and their container name. The digests are resolved during the creation of Revision. ContainerStatuses holds the container name and image digests for both serving and non serving containers. ref: http://bit.ly/image-digests' - type: array - items: - description: ContainerStatus holds the information of container name and image digest value - type: object - properties: - imageDigest: - type: string - name: - type: string - desiredReplicas: - description: DesiredReplicas reflects the desired amount of pods running this revision. - type: integer - format: int32 - initContainerStatuses: - description: 'InitContainerStatuses is a slice of images present in .Spec.InitContainer[*].Image to their respective digests and their container name. The digests are resolved during the creation of Revision. ContainerStatuses holds the container name and image digests for both serving and non serving containers. ref: http://bit.ly/image-digests' - type: array - items: - description: ContainerStatus holds the information of container name and image digest value - type: object - properties: - imageDigest: - type: string - name: - type: string - logUrl: - description: LogURL specifies the generated logging url for this particular revision based on the revision url template specified in the controller's config. - type: string - observedGeneration: - description: ObservedGeneration is the 'Generation' of the Service that was last processed by the controller. - type: integer - format: int64 - ---- -# Copyright 2019 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -# Note: The schema part of the spec is auto-generated by hack/update-schemas.sh. - -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - name: routes.serving.knative.dev - labels: - app.kubernetes.io/name: knative-serving - app.kubernetes.io/version: "1.8.4" - knative.dev/crd-install: "true" - duck.knative.dev/addressable: "true" -spec: - group: serving.knative.dev - names: - kind: Route - plural: routes - singular: route - categories: - - all - - knative - - serving - shortNames: - - rt - scope: Namespaced - versions: - - name: v1 - served: true - storage: true - subresources: - status: {} - additionalPrinterColumns: - - name: URL - type: string - jsonPath: .status.url - - name: Ready - type: string - jsonPath: ".status.conditions[?(@.type=='Ready')].status" - - name: Reason - type: string - jsonPath: ".status.conditions[?(@.type=='Ready')].reason" - schema: - openAPIV3Schema: - description: 'Route is responsible for configuring ingress over a collection of Revisions. Some of the Revisions a Route distributes traffic over may be specified by referencing the Configuration responsible for creating them; in these cases the Route is additionally responsible for monitoring the Configuration for "latest ready revision" changes, and smoothly rolling out latest revisions. See also: https://github.com/knative/serving/blob/main/docs/spec/overview.md#route' - type: object - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - description: Spec holds the desired state of the Route (from the client). - type: object - properties: - traffic: - description: Traffic specifies how to distribute traffic over a collection of revisions and configurations. - type: array - items: - description: TrafficTarget holds a single entry of the routing table for a Route. - type: object - properties: - configurationName: - description: ConfigurationName of a configuration to whose latest revision we will send this portion of traffic. When the "status.latestReadyRevisionName" of the referenced configuration changes, we will automatically migrate traffic from the prior "latest ready" revision to the new one. This field is never set in Route's status, only its spec. This is mutually exclusive with RevisionName. - type: string - latestRevision: - description: LatestRevision may be optionally provided to indicate that the latest ready Revision of the Configuration should be used for this traffic target. When provided LatestRevision must be true if RevisionName is empty; it must be false when RevisionName is non-empty. - type: boolean - percent: - description: 'Percent indicates that percentage based routing should be used and the value indicates the percent of traffic that is be routed to this Revision or Configuration. `0` (zero) mean no traffic, `100` means all traffic. When percentage based routing is being used the follow rules apply: - the sum of all percent values must equal 100 - when not specified, the implied value for `percent` is zero for that particular Revision or Configuration' - type: integer - format: int64 - revisionName: - description: RevisionName of a specific revision to which to send this portion of traffic. This is mutually exclusive with ConfigurationName. - type: string - tag: - description: Tag is optionally used to expose a dedicated url for referencing this target exclusively. - type: string - url: - description: URL displays the URL for accessing named traffic targets. URL is displayed in status, and is disallowed on spec. URL must contain a scheme (e.g. http://) and a hostname, but may not contain anything else (e.g. basic auth, url path, etc.) - type: string - status: - description: Status communicates the observed state of the Route (from the controller). - type: object - properties: - address: - description: Address holds the information needed for a Route to be the target of an event. - type: object - properties: - url: - type: string - annotations: - description: Annotations is additional Status fields for the Resource to save some additional State as well as convey more information to the user. This is roughly akin to Annotations on any k8s resource, just the reconciler conveying richer information outwards. - type: object - additionalProperties: - type: string - conditions: - description: Conditions the latest available observations of a resource's current state. - type: array - items: - description: 'Condition defines a readiness condition for a Knative resource. See: https://github.com/kubernetes/community/blob/master/contributors/devel/sig-architecture/api-conventions.md#typical-status-properties' - type: object - required: - - status - - type - properties: - lastTransitionTime: - description: LastTransitionTime is the last time the condition transitioned from one status to another. We use VolatileTime in place of metav1.Time to exclude this from creating equality.Semantic differences (all other things held constant). - type: string - message: - description: A human readable message indicating details about the transition. - type: string - reason: - description: The reason for the condition's last transition. - type: string - severity: - description: Severity with which to treat failures of this type of condition. When this is not specified, it defaults to Error. - type: string - status: - description: Status of the condition, one of True, False, Unknown. - type: string - type: - description: Type of condition. - type: string - observedGeneration: - description: ObservedGeneration is the 'Generation' of the Service that was last processed by the controller. - type: integer - format: int64 - traffic: - description: Traffic holds the configured traffic distribution. These entries will always contain RevisionName references. When ConfigurationName appears in the spec, this will hold the LatestReadyRevisionName that we last observed. - type: array - items: - description: TrafficTarget holds a single entry of the routing table for a Route. - type: object - properties: - configurationName: - description: ConfigurationName of a configuration to whose latest revision we will send this portion of traffic. When the "status.latestReadyRevisionName" of the referenced configuration changes, we will automatically migrate traffic from the prior "latest ready" revision to the new one. This field is never set in Route's status, only its spec. This is mutually exclusive with RevisionName. - type: string - latestRevision: - description: LatestRevision may be optionally provided to indicate that the latest ready Revision of the Configuration should be used for this traffic target. When provided LatestRevision must be true if RevisionName is empty; it must be false when RevisionName is non-empty. - type: boolean - percent: - description: 'Percent indicates that percentage based routing should be used and the value indicates the percent of traffic that is be routed to this Revision or Configuration. `0` (zero) mean no traffic, `100` means all traffic. When percentage based routing is being used the follow rules apply: - the sum of all percent values must equal 100 - when not specified, the implied value for `percent` is zero for that particular Revision or Configuration' - type: integer - format: int64 - revisionName: - description: RevisionName of a specific revision to which to send this portion of traffic. This is mutually exclusive with ConfigurationName. - type: string - tag: - description: Tag is optionally used to expose a dedicated url for referencing this target exclusively. - type: string - url: - description: URL displays the URL for accessing named traffic targets. URL is displayed in status, and is disallowed on spec. URL must contain a scheme (e.g. http://) and a hostname, but may not contain anything else (e.g. basic auth, url path, etc.) - type: string - url: - description: URL holds the url that will distribute traffic over the provided traffic targets. It generally has the form http[s]://{route-name}.{route-namespace}.{cluster-level-suffix} - type: string - ---- -# Copyright 2019 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - name: serverlessservices.networking.internal.knative.dev - labels: - app.kubernetes.io/name: knative-serving - app.kubernetes.io/component: networking - app.kubernetes.io/version: "1.8.4" - knative.dev/crd-install: "true" -spec: - group: networking.internal.knative.dev - versions: - - name: v1alpha1 - served: true - storage: true - subresources: - status: {} - schema: - openAPIV3Schema: - description: 'ServerlessService is a proxy for the K8s service objects containing the endpoints for the revision, whether those are endpoints of the activator or revision pods. See: https://knative.page.link/naxz for details.' - type: object - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - description: 'Spec is the desired state of the ServerlessService. More info: https://github.com/kubernetes/community/blob/master/contributors/devel/sig-architecture/api-conventions.md#spec-and-status' - type: object - required: - - objectRef - - protocolType - properties: - mode: - description: Mode describes the mode of operation of the ServerlessService. - type: string - numActivators: - description: NumActivators contains number of Activators that this revision should be assigned. O means — assign all. - type: integer - format: int32 - objectRef: - description: ObjectRef defines the resource that this ServerlessService is responsible for making "serverless". - type: object - properties: - apiVersion: - description: API version of the referent. - type: string - fieldPath: - description: 'If referring to a piece of an object instead of an entire object, this string should contain a valid JSON/Go field access statement, such as desiredState.manifest.containers[2]. For example, if the object reference is to a container within a pod, this would take on a value like: "spec.containers{name}" (where "name" refers to the name of the container that triggered the event) or if no container name is specified "spec.containers[2]" (container with index 2 in this pod). This syntax is chosen only to have some well-defined way of referencing a part of an object. TODO: this design is not final and this field is subject to change in the future.' - type: string - kind: - description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - namespace: - description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' - type: string - resourceVersion: - description: 'Specific resourceVersion to which this reference is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency' - type: string - uid: - description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids' - type: string - x-kubernetes-map-type: atomic - protocolType: - description: The application-layer protocol. Matches `RevisionProtocolType` set on the owning pa/revision. serving imports networking, so just use string. - type: string - status: - description: 'Status is the current state of the ServerlessService. More info: https://github.com/kubernetes/community/blob/master/contributors/devel/sig-architecture/api-conventions.md#spec-and-status' - type: object - properties: - annotations: - description: Annotations is additional Status fields for the Resource to save some additional State as well as convey more information to the user. This is roughly akin to Annotations on any k8s resource, just the reconciler conveying richer information outwards. - type: object - additionalProperties: - type: string - conditions: - description: Conditions the latest available observations of a resource's current state. - type: array - items: - description: 'Condition defines a readiness condition for a Knative resource. See: https://github.com/kubernetes/community/blob/master/contributors/devel/sig-architecture/api-conventions.md#typical-status-properties' - type: object - required: - - status - - type - properties: - lastTransitionTime: - description: LastTransitionTime is the last time the condition transitioned from one status to another. We use VolatileTime in place of metav1.Time to exclude this from creating equality.Semantic differences (all other things held constant). - type: string - message: - description: A human readable message indicating details about the transition. - type: string - reason: - description: The reason for the condition's last transition. - type: string - severity: - description: Severity with which to treat failures of this type of condition. When this is not specified, it defaults to Error. - type: string - status: - description: Status of the condition, one of True, False, Unknown. - type: string - type: - description: Type of condition. - type: string - observedGeneration: - description: ObservedGeneration is the 'Generation' of the Service that was last processed by the controller. - type: integer - format: int64 - privateServiceName: - description: PrivateServiceName holds the name of a core K8s Service resource that load balances over the user service pods backing this Revision. - type: string - serviceName: - description: ServiceName holds the name of a core K8s Service resource that load balances over the pods backing this Revision (activator or revision). - type: string - additionalPrinterColumns: - - name: Mode - type: string - jsonPath: ".spec.mode" - - name: Activators - type: integer - jsonPath: ".spec.numActivators" - - name: ServiceName - type: string - jsonPath: ".status.serviceName" - - name: PrivateServiceName - type: string - jsonPath: ".status.privateServiceName" - - name: Ready - type: string - jsonPath: ".status.conditions[?(@.type=='Ready')].status" - - name: Reason - type: string - jsonPath: ".status.conditions[?(@.type=='Ready')].reason" - names: - kind: ServerlessService - plural: serverlessservices - singular: serverlessservice - categories: - - knative-internal - - networking - shortNames: - - sks - scope: Namespaced - ---- -# Copyright 2019 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -# Note: The schema part of the spec is auto-generated by hack/update-schemas.sh. - -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - name: services.serving.knative.dev - labels: - app.kubernetes.io/name: knative-serving - app.kubernetes.io/version: "1.8.4" - knative.dev/crd-install: "true" - duck.knative.dev/addressable: "true" - duck.knative.dev/podspecable: "true" -spec: - group: serving.knative.dev - names: - kind: Service - plural: services - singular: service - categories: - - all - - knative - - serving - shortNames: - - kservice - - ksvc - scope: Namespaced - versions: - - name: v1 - served: true - storage: true - subresources: - status: {} - additionalPrinterColumns: - - name: URL - type: string - jsonPath: .status.url - - name: LatestCreated - type: string - jsonPath: .status.latestCreatedRevisionName - - name: LatestReady - type: string - jsonPath: .status.latestReadyRevisionName - - name: Ready - type: string - jsonPath: ".status.conditions[?(@.type=='Ready')].status" - - name: Reason - type: string - jsonPath: ".status.conditions[?(@.type=='Ready')].reason" - schema: - openAPIV3Schema: - description: "Service acts as a top-level container that manages a Route and Configuration which implement a network service. Service exists to provide a singular abstraction which can be access controlled, reasoned about, and which encapsulates software lifecycle decisions such as rollout policy and team resource ownership. Service acts only as an orchestrator of the underlying Routes and Configurations (much as a kubernetes Deployment orchestrates ReplicaSets), and its usage is optional but recommended. \n The Service's controller will track the statuses of its owned Configuration and Route, reflecting their statuses and conditions as its own. \n See also: https://github.com/knative/serving/blob/main/docs/spec/overview.md#service" - type: object - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - description: ServiceSpec represents the configuration for the Service object. A Service's specification is the union of the specifications for a Route and Configuration. The Service restricts what can be expressed in these fields, e.g. the Route must reference the provided Configuration; however, these limitations also enable friendlier defaulting, e.g. Route never needs a Configuration name, and may be defaulted to the appropriate "run latest" spec. - type: object - properties: - template: - description: Template holds the latest specification for the Revision to be stamped out. - type: object - properties: - metadata: - type: object - properties: - annotations: - type: object - additionalProperties: - type: string - finalizers: - type: array - items: - type: string - labels: - type: object - additionalProperties: - type: string - name: - type: string - namespace: - type: string - x-kubernetes-preserve-unknown-fields: true - spec: - description: RevisionSpec holds the desired state of the Revision (from the client). - type: object - required: - - containers - properties: - affinity: - description: This is accessible behind a feature flag - kubernetes.podspec-affinity - type: object - x-kubernetes-preserve-unknown-fields: true - automountServiceAccountToken: - description: AutomountServiceAccountToken indicates whether a service account token should be automatically mounted. - type: boolean - containerConcurrency: - description: ContainerConcurrency specifies the maximum allowed in-flight (concurrent) requests per container of the Revision. Defaults to `0` which means concurrency to the application is not limited, and the system decides the target concurrency for the autoscaler. - type: integer - format: int64 - containers: - description: List of containers belonging to the pod. Containers cannot currently be added or removed. There must be at least one container in a Pod. Cannot be updated. - type: array - items: - description: A single application container that you want to run within a pod. - type: object - properties: - args: - description: 'Arguments to the entrypoint. The container image''s CMD is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container''s environment. If a variable cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)" will produce the string literal "$(VAR_NAME)". Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell' - type: array - items: - type: string - command: - description: 'Entrypoint array. Not executed within a shell. The container image''s ENTRYPOINT is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container''s environment. If a variable cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)" will produce the string literal "$(VAR_NAME)". Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell' - type: array - items: - type: string - env: - description: List of environment variables to set in the container. Cannot be updated. - type: array - items: - description: EnvVar represents an environment variable present in a Container. - type: object - required: - - name - properties: - name: - description: Name of the environment variable. Must be a C_IDENTIFIER. - type: string - value: - description: 'Variable references $(VAR_NAME) are expanded using the previously defined environment variables in the container and any service environment variables. If a variable cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)" will produce the string literal "$(VAR_NAME)". Escaped references will never be expanded, regardless of whether the variable exists or not. Defaults to "".' - type: string - valueFrom: - description: Source for the environment variable's value. Cannot be used if value is not empty. - type: object - properties: - configMapKeyRef: - description: Selects a key of a ConfigMap. - type: object - required: - - key - properties: - key: - description: The key to select. - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?' - type: string - optional: - description: Specify whether the ConfigMap or its key must be defined - type: boolean - x-kubernetes-map-type: atomic - fieldRef: - description: This is accessible behind a feature flag - kubernetes.podspec-fieldref - type: object - x-kubernetes-preserve-unknown-fields: true - x-kubernetes-map-type: atomic - resourceFieldRef: - description: This is accessible behind a feature flag - kubernetes.podspec-fieldref - type: object - x-kubernetes-preserve-unknown-fields: true - x-kubernetes-map-type: atomic - secretKeyRef: - description: Selects a key of a secret in the pod's namespace - type: object - required: - - key - properties: - key: - description: The key of the secret to select from. Must be a valid secret key. - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?' - type: string - optional: - description: Specify whether the Secret or its key must be defined - type: boolean - x-kubernetes-map-type: atomic - envFrom: - description: List of sources to populate environment variables in the container. The keys defined within a source must be a C_IDENTIFIER. All invalid keys will be reported as an event when the container is starting. When a key exists in multiple sources, the value associated with the last source will take precedence. Values defined by an Env with a duplicate key will take precedence. Cannot be updated. - type: array - items: - description: EnvFromSource represents the source of a set of ConfigMaps - type: object - properties: - configMapRef: - description: The ConfigMap to select from - type: object - properties: - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?' - type: string - optional: - description: Specify whether the ConfigMap must be defined - type: boolean - x-kubernetes-map-type: atomic - prefix: - description: An optional identifier to prepend to each key in the ConfigMap. Must be a C_IDENTIFIER. - type: string - secretRef: - description: The Secret to select from - type: object - properties: - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?' - type: string - optional: - description: Specify whether the Secret must be defined - type: boolean - x-kubernetes-map-type: atomic - image: - description: 'Container image name. More info: https://kubernetes.io/docs/concepts/containers/images This field is optional to allow higher level config management to default or override container images in workload controllers like Deployments and StatefulSets.' - type: string - imagePullPolicy: - description: 'Image pull policy. One of Always, Never, IfNotPresent. Defaults to Always if :latest tag is specified, or IfNotPresent otherwise. Cannot be updated. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images' - type: string - livenessProbe: - description: 'Periodic probe of container liveness. Container will be restarted if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' - type: object - properties: - exec: - description: Exec specifies the action to take. - type: object - properties: - command: - description: Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. - type: array - items: - type: string - failureThreshold: - description: Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1. - type: integer - format: int32 - httpGet: - description: HTTPGet specifies the http request to perform. - type: object - properties: - host: - description: Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. - type: string - httpHeaders: - description: Custom headers to set in the request. HTTP allows repeated headers. - type: array - items: - description: HTTPHeader describes a custom header to be used in HTTP probes - type: object - required: - - name - - value - properties: - name: - description: The header field name - type: string - value: - description: The header field value - type: string - path: - description: Path to access on the HTTP server. - type: string - port: - description: Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - scheme: - description: Scheme to use for connecting to the host. Defaults to HTTP. - type: string - initialDelaySeconds: - description: 'Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' - type: integer - format: int32 - periodSeconds: - description: How often (in seconds) to perform the probe. - type: integer - format: int32 - successThreshold: - description: Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1. - type: integer - format: int32 - tcpSocket: - description: TCPSocket specifies an action involving a TCP port. - type: object - properties: - host: - description: 'Optional: Host name to connect to, defaults to the pod IP.' - type: string - port: - description: Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - timeoutSeconds: - description: 'Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' - type: integer - format: int32 - name: - description: Name of the container specified as a DNS_LABEL. Each container in a pod must have a unique name (DNS_LABEL). Cannot be updated. - type: string - ports: - description: List of ports to expose from the container. Not specifying a port here DOES NOT prevent that port from being exposed. Any port which is listening on the default "0.0.0.0" address inside a container will be accessible from the network. Modifying this array with strategic merge patch may corrupt the data. For more information See https://github.com/kubernetes/kubernetes/issues/108255. Cannot be updated. - type: array - items: - description: ContainerPort represents a network port in a single container. - type: object - required: - - containerPort - properties: - containerPort: - description: Number of port to expose on the pod's IP address. This must be a valid port number, 0 < x < 65536. - type: integer - format: int32 - name: - description: If specified, this must be an IANA_SVC_NAME and unique within the pod. Each named port in a pod must have a unique name. Name for the port that can be referred to by services. - type: string - protocol: - description: Protocol for port. Must be UDP, TCP, or SCTP. Defaults to "TCP". - type: string - default: TCP - x-kubernetes-list-map-keys: - - containerPort - - protocol - x-kubernetes-list-type: map - readinessProbe: - description: 'Periodic probe of container service readiness. Container will be removed from service endpoints if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' - type: object - properties: - exec: - description: Exec specifies the action to take. - type: object - properties: - command: - description: Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. - type: array - items: - type: string - failureThreshold: - description: Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1. - type: integer - format: int32 - httpGet: - description: HTTPGet specifies the http request to perform. - type: object - properties: - host: - description: Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. - type: string - httpHeaders: - description: Custom headers to set in the request. HTTP allows repeated headers. - type: array - items: - description: HTTPHeader describes a custom header to be used in HTTP probes - type: object - required: - - name - - value - properties: - name: - description: The header field name - type: string - value: - description: The header field value - type: string - path: - description: Path to access on the HTTP server. - type: string - port: - description: Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - scheme: - description: Scheme to use for connecting to the host. Defaults to HTTP. - type: string - initialDelaySeconds: - description: 'Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' - type: integer - format: int32 - periodSeconds: - description: How often (in seconds) to perform the probe. - type: integer - format: int32 - successThreshold: - description: Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1. - type: integer - format: int32 - tcpSocket: - description: TCPSocket specifies an action involving a TCP port. - type: object - properties: - host: - description: 'Optional: Host name to connect to, defaults to the pod IP.' - type: string - port: - description: Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - timeoutSeconds: - description: 'Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' - type: integer - format: int32 - resources: - description: 'Compute Resources required by this container. Cannot be updated. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' - type: object - properties: - limits: - description: 'Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' - type: object - additionalProperties: - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - requests: - description: 'Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' - type: object - additionalProperties: - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - securityContext: - description: 'SecurityContext defines the security options the container should be run with. If set, the fields of SecurityContext override the equivalent fields of PodSecurityContext. More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/' - type: object - properties: - allowPrivilegeEscalation: - description: 'AllowPrivilegeEscalation controls whether a process can gain more privileges than its parent process. This bool directly controls if the no_new_privs flag will be set on the container process. AllowPrivilegeEscalation is true always when the container is: 1) run as Privileged 2) has CAP_SYS_ADMIN Note that this field cannot be set when spec.os.name is windows.' - type: boolean - capabilities: - description: The capabilities to add/drop when running containers. Defaults to the default set of capabilities granted by the container runtime. Note that this field cannot be set when spec.os.name is windows. - type: object - properties: - add: - description: This is accessible behind a feature flag - kubernetes.containerspec-addcapabilities - type: array - items: - description: Capability represent POSIX capabilities type - type: string - drop: - description: Removed capabilities - type: array - items: - description: Capability represent POSIX capabilities type - type: string - readOnlyRootFilesystem: - description: Whether this container has a read-only root filesystem. Default is false. Note that this field cannot be set when spec.os.name is windows. - type: boolean - runAsGroup: - description: The GID to run the entrypoint of the container process. Uses runtime default if unset. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is windows. - type: integer - format: int64 - runAsNonRoot: - description: Indicates that the container must run as a non-root user. If true, the Kubelet will validate the image at runtime to ensure that it does not run as UID 0 (root) and fail to start the container if it does. If unset or false, no such validation will be performed. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. - type: boolean - runAsUser: - description: The UID to run the entrypoint of the container process. Defaults to user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is windows. - type: integer - format: int64 - terminationMessagePath: - description: 'Optional: Path at which the file to which the container''s termination message will be written is mounted into the container''s filesystem. Message written is intended to be brief final status, such as an assertion failure message. Will be truncated by the node if greater than 4096 bytes. The total message length across all containers will be limited to 12kb. Defaults to /dev/termination-log. Cannot be updated.' - type: string - terminationMessagePolicy: - description: Indicate how the termination message should be populated. File will use the contents of terminationMessagePath to populate the container status message on both success and failure. FallbackToLogsOnError will use the last chunk of container log output if the termination message file is empty and the container exited with an error. The log output is limited to 2048 bytes or 80 lines, whichever is smaller. Defaults to File. Cannot be updated. - type: string - volumeMounts: - description: Pod volumes to mount into the container's filesystem. Cannot be updated. - type: array - items: - description: VolumeMount describes a mounting of a Volume within a container. - type: object - required: - - mountPath - - name - properties: - mountPath: - description: Path within the container at which the volume should be mounted. Must not contain ':'. - type: string - name: - description: This must match the Name of a Volume. - type: string - readOnly: - description: Mounted read-only if true, read-write otherwise (false or unspecified). Defaults to false. - type: boolean - subPath: - description: Path within the volume from which the container's volume should be mounted. Defaults to "" (volume's root). - type: string - workingDir: - description: Container's working directory. If not specified, the container runtime's default will be used, which might be configured in the container image. Cannot be updated. - type: string - dnsConfig: - description: This is accessible behind a feature flag - kubernetes.podspec-dnsconfig - type: object - x-kubernetes-preserve-unknown-fields: true - dnsPolicy: - description: This is accessible behind a feature flag - kubernetes.podspec-dnspolicy - type: string - enableServiceLinks: - description: 'EnableServiceLinks indicates whether information about services should be injected into pod''s environment variables, matching the syntax of Docker links. Optional: Knative defaults this to false.' - type: boolean - hostAliases: - description: This is accessible behind a feature flag - kubernetes.podspec-hostaliases - type: array - items: - description: This is accessible behind a feature flag - kubernetes.podspec-hostaliases - type: object - x-kubernetes-preserve-unknown-fields: true - idleTimeoutSeconds: - description: IdleTimeoutSeconds is the maximum duration in seconds a request will be allowed to stay open while not receiving any bytes from the user's application. If unspecified, a system default will be provided. - type: integer - format: int64 - imagePullSecrets: - description: 'ImagePullSecrets is an optional list of references to secrets in the same namespace to use for pulling any of the images used by this PodSpec. If specified, these secrets will be passed to individual puller implementations for them to use. More info: https://kubernetes.io/docs/concepts/containers/images#specifying-imagepullsecrets-on-a-pod' - type: array - items: - description: LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. - type: object - properties: - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?' - type: string - x-kubernetes-map-type: atomic - initContainers: - description: 'List of initialization containers belonging to the pod. Init containers are executed in order prior to containers being started. If any init container fails, the pod is considered to have failed and is handled according to its restartPolicy. The name for an init container or normal container must be unique among all containers. Init containers may not have Lifecycle actions, Readiness probes, Liveness probes, or Startup probes. The resourceRequirements of an init container are taken into account during scheduling by finding the highest request/limit for each resource type, and then using the max of of that value or the sum of the normal containers. Limits are applied to init containers in a similar fashion. Init containers cannot currently be added or removed. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/init-containers/' - type: array - items: - description: This is accessible behind a feature flag - kubernetes.podspec-init-containers - type: object - x-kubernetes-preserve-unknown-fields: true - nodeSelector: - description: This is accessible behind a feature flag - kubernetes.podspec-nodeselector - type: object - x-kubernetes-preserve-unknown-fields: true - x-kubernetes-map-type: atomic - priorityClassName: - description: This is accessible behind a feature flag - kubernetes.podspec-priorityclassname - type: string - x-kubernetes-preserve-unknown-fields: true - responseStartTimeoutSeconds: - description: ResponseStartTimeoutSeconds is the maximum duration in seconds that the request routing layer will wait for a request delivered to a container to begin sending any network traffic. - type: integer - format: int64 - runtimeClassName: - description: This is accessible behind a feature flag - kubernetes.podspec-runtimeclassname - type: string - x-kubernetes-preserve-unknown-fields: true - schedulerName: - description: This is accessible behind a feature flag - kubernetes.podspec-schedulername - type: string - x-kubernetes-preserve-unknown-fields: true - securityContext: - description: This is accessible behind a feature flag - kubernetes.podspec-securitycontext - type: object - x-kubernetes-preserve-unknown-fields: true - serviceAccountName: - description: 'ServiceAccountName is the name of the ServiceAccount to use to run this pod. More info: https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/' - type: string - timeoutSeconds: - description: TimeoutSeconds is the maximum duration in seconds that the request instance is allowed to respond to a request. If unspecified, a system default will be provided. - type: integer - format: int64 - tolerations: - description: This is accessible behind a feature flag - kubernetes.podspec-tolerations - type: array - items: - description: This is accessible behind a feature flag - kubernetes.podspec-tolerations - type: object - x-kubernetes-preserve-unknown-fields: true - topologySpreadConstraints: - description: This is accessible behind a feature flag - kubernetes.podspec-topologyspreadconstraints - type: array - items: - description: This is accessible behind a feature flag - kubernetes.podspec-topologyspreadconstraints - type: object - x-kubernetes-preserve-unknown-fields: true - volumes: - description: 'List of volumes that can be mounted by containers belonging to the pod. More info: https://kubernetes.io/docs/concepts/storage/volumes' - type: array - items: - description: Volume represents a named volume in a pod that may be accessed by any container in the pod. - type: object - required: - - name - properties: - configMap: - description: configMap represents a configMap that should populate this volume - type: object - properties: - defaultMode: - description: 'defaultMode is optional: mode bits used to set permissions on created files by default. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. Defaults to 0644. Directories within the path are not affected by this setting. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.' - type: integer - format: int32 - items: - description: items if unspecified, each key-value pair in the Data field of the referenced ConfigMap will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the ConfigMap, the volume setup will error unless it is marked optional. Paths must be relative and may not contain the '..' path or start with '..'. - type: array - items: - description: Maps a string key to a path within a volume. - type: object - required: - - key - - path - properties: - key: - description: key is the key to project. - type: string - mode: - description: 'mode is Optional: mode bits used to set permissions on this file. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.' - type: integer - format: int32 - path: - description: path is the relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'. - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?' - type: string - optional: - description: optional specify whether the ConfigMap or its keys must be defined - type: boolean - x-kubernetes-map-type: atomic - emptyDir: - description: This is accessible behind a feature flag - kubernetes.podspec-emptydir - type: object - x-kubernetes-preserve-unknown-fields: true - name: - description: 'name of the volume. Must be a DNS_LABEL and unique within the pod. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - persistentVolumeClaim: - description: This is accessible behind a feature flag - kubernetes.podspec-persistent-volume-claim - type: object - x-kubernetes-preserve-unknown-fields: true - projected: - description: projected items for all in one resources secrets, configmaps, and downward API - type: object - properties: - defaultMode: - description: defaultMode are the mode bits used to set permissions on created files by default. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. Directories within the path are not affected by this setting. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. - type: integer - format: int32 - sources: - description: sources is the list of volume projections - type: array - items: - description: Projection that may be projected along with other supported volume types - type: object - properties: - configMap: - description: configMap information about the configMap data to project - type: object - properties: - items: - description: items if unspecified, each key-value pair in the Data field of the referenced ConfigMap will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the ConfigMap, the volume setup will error unless it is marked optional. Paths must be relative and may not contain the '..' path or start with '..'. - type: array - items: - description: Maps a string key to a path within a volume. - type: object - required: - - key - - path - properties: - key: - description: key is the key to project. - type: string - mode: - description: 'mode is Optional: mode bits used to set permissions on this file. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.' - type: integer - format: int32 - path: - description: path is the relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'. - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?' - type: string - optional: - description: optional specify whether the ConfigMap or its keys must be defined - type: boolean - x-kubernetes-map-type: atomic - secret: - description: secret information about the secret data to project - type: object - properties: - items: - description: items if unspecified, each key-value pair in the Data field of the referenced Secret will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the Secret, the volume setup will error unless it is marked optional. Paths must be relative and may not contain the '..' path or start with '..'. - type: array - items: - description: Maps a string key to a path within a volume. - type: object - required: - - key - - path - properties: - key: - description: key is the key to project. - type: string - mode: - description: 'mode is Optional: mode bits used to set permissions on this file. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.' - type: integer - format: int32 - path: - description: path is the relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'. - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?' - type: string - optional: - description: optional field specify whether the Secret or its key must be defined - type: boolean - x-kubernetes-map-type: atomic - serviceAccountToken: - description: serviceAccountToken is information about the serviceAccountToken data to project - type: object - required: - - path - properties: - audience: - description: audience is the intended audience of the token. A recipient of a token must identify itself with an identifier specified in the audience of the token, and otherwise should reject the token. The audience defaults to the identifier of the apiserver. - type: string - expirationSeconds: - description: expirationSeconds is the requested duration of validity of the service account token. As the token approaches expiration, the kubelet volume plugin will proactively rotate the service account token. The kubelet will start trying to rotate the token if the token is older than 80 percent of its time to live or if the token is older than 24 hours.Defaults to 1 hour and must be at least 10 minutes. - type: integer - format: int64 - path: - description: path is the path relative to the mount point of the file to project the token into. - type: string - secret: - description: 'secret represents a secret that should populate this volume. More info: https://kubernetes.io/docs/concepts/storage/volumes#secret' - type: object - properties: - defaultMode: - description: 'defaultMode is Optional: mode bits used to set permissions on created files by default. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. Defaults to 0644. Directories within the path are not affected by this setting. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.' - type: integer - format: int32 - items: - description: items If unspecified, each key-value pair in the Data field of the referenced Secret will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the Secret, the volume setup will error unless it is marked optional. Paths must be relative and may not contain the '..' path or start with '..'. - type: array - items: - description: Maps a string key to a path within a volume. - type: object - required: - - key - - path - properties: - key: - description: key is the key to project. - type: string - mode: - description: 'mode is Optional: mode bits used to set permissions on this file. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.' - type: integer - format: int32 - path: - description: path is the relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'. - type: string - optional: - description: optional field specify whether the Secret or its keys must be defined - type: boolean - secretName: - description: 'secretName is the name of the secret in the pod''s namespace to use. More info: https://kubernetes.io/docs/concepts/storage/volumes#secret' - type: string - traffic: - description: Traffic specifies how to distribute traffic over a collection of revisions and configurations. - type: array - items: - description: TrafficTarget holds a single entry of the routing table for a Route. - type: object - properties: - configurationName: - description: ConfigurationName of a configuration to whose latest revision we will send this portion of traffic. When the "status.latestReadyRevisionName" of the referenced configuration changes, we will automatically migrate traffic from the prior "latest ready" revision to the new one. This field is never set in Route's status, only its spec. This is mutually exclusive with RevisionName. - type: string - latestRevision: - description: LatestRevision may be optionally provided to indicate that the latest ready Revision of the Configuration should be used for this traffic target. When provided LatestRevision must be true if RevisionName is empty; it must be false when RevisionName is non-empty. - type: boolean - percent: - description: 'Percent indicates that percentage based routing should be used and the value indicates the percent of traffic that is be routed to this Revision or Configuration. `0` (zero) mean no traffic, `100` means all traffic. When percentage based routing is being used the follow rules apply: - the sum of all percent values must equal 100 - when not specified, the implied value for `percent` is zero for that particular Revision or Configuration' - type: integer - format: int64 - revisionName: - description: RevisionName of a specific revision to which to send this portion of traffic. This is mutually exclusive with ConfigurationName. - type: string - tag: - description: Tag is optionally used to expose a dedicated url for referencing this target exclusively. - type: string - url: - description: URL displays the URL for accessing named traffic targets. URL is displayed in status, and is disallowed on spec. URL must contain a scheme (e.g. http://) and a hostname, but may not contain anything else (e.g. basic auth, url path, etc.) - type: string - status: - description: ServiceStatus represents the Status stanza of the Service resource. - type: object - properties: - address: - description: Address holds the information needed for a Route to be the target of an event. - type: object - properties: - url: - type: string - annotations: - description: Annotations is additional Status fields for the Resource to save some additional State as well as convey more information to the user. This is roughly akin to Annotations on any k8s resource, just the reconciler conveying richer information outwards. - type: object - additionalProperties: - type: string - conditions: - description: Conditions the latest available observations of a resource's current state. - type: array - items: - description: 'Condition defines a readiness condition for a Knative resource. See: https://github.com/kubernetes/community/blob/master/contributors/devel/sig-architecture/api-conventions.md#typical-status-properties' - type: object - required: - - status - - type - properties: - lastTransitionTime: - description: LastTransitionTime is the last time the condition transitioned from one status to another. We use VolatileTime in place of metav1.Time to exclude this from creating equality.Semantic differences (all other things held constant). - type: string - message: - description: A human readable message indicating details about the transition. - type: string - reason: - description: The reason for the condition's last transition. - type: string - severity: - description: Severity with which to treat failures of this type of condition. When this is not specified, it defaults to Error. - type: string - status: - description: Status of the condition, one of True, False, Unknown. - type: string - type: - description: Type of condition. - type: string - latestCreatedRevisionName: - description: LatestCreatedRevisionName is the last revision that was created from this Configuration. It might not be ready yet, for that use LatestReadyRevisionName. - type: string - latestReadyRevisionName: - description: LatestReadyRevisionName holds the name of the latest Revision stamped out from this Configuration that has had its "Ready" condition become "True". - type: string - observedGeneration: - description: ObservedGeneration is the 'Generation' of the Service that was last processed by the controller. - type: integer - format: int64 - traffic: - description: Traffic holds the configured traffic distribution. These entries will always contain RevisionName references. When ConfigurationName appears in the spec, this will hold the LatestReadyRevisionName that we last observed. - type: array - items: - description: TrafficTarget holds a single entry of the routing table for a Route. - type: object - properties: - configurationName: - description: ConfigurationName of a configuration to whose latest revision we will send this portion of traffic. When the "status.latestReadyRevisionName" of the referenced configuration changes, we will automatically migrate traffic from the prior "latest ready" revision to the new one. This field is never set in Route's status, only its spec. This is mutually exclusive with RevisionName. - type: string - latestRevision: - description: LatestRevision may be optionally provided to indicate that the latest ready Revision of the Configuration should be used for this traffic target. When provided LatestRevision must be true if RevisionName is empty; it must be false when RevisionName is non-empty. - type: boolean - percent: - description: 'Percent indicates that percentage based routing should be used and the value indicates the percent of traffic that is be routed to this Revision or Configuration. `0` (zero) mean no traffic, `100` means all traffic. When percentage based routing is being used the follow rules apply: - the sum of all percent values must equal 100 - when not specified, the implied value for `percent` is zero for that particular Revision or Configuration' - type: integer - format: int64 - revisionName: - description: RevisionName of a specific revision to which to send this portion of traffic. This is mutually exclusive with ConfigurationName. - type: string - tag: - description: Tag is optionally used to expose a dedicated url for referencing this target exclusively. - type: string - url: - description: URL displays the URL for accessing named traffic targets. URL is displayed in status, and is disallowed on spec. URL must contain a scheme (e.g. http://) and a hostname, but may not contain anything else (e.g. basic auth, url path, etc.) - type: string - url: - description: URL holds the url that will distribute traffic over the provided traffic targets. It generally has the form http[s]://{route-name}.{route-namespace}.{cluster-level-suffix} - type: string - ---- -# Copyright 2022 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: v1 -kind: Secret -metadata: - # Do not drop -ctrl-ca suffix as control-protocol requires it. - # https://github.com/knative-sandbox/control-protocol/blob/main/pkg/certificates/reconciler/controller.go - name: serving-certs-ctrl-ca - namespace: knative-serving - labels: - serving-certs-ctrl: "data-plane" - networking.internal.knative.dev/certificate-uid: "serving-certs" - -# The data is populated when internal-encryption is enabled. ---- -apiVersion: v1 -kind: Secret -metadata: - name: knative-serving-certs - namespace: knative-serving - labels: - serving-certs-ctrl: "data-plane" - networking.internal.knative.dev/certificate-uid: "serving-certs" -# The data is populated when internal-encryption is enabled. - ---- -# Copyright 2018 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: caching.internal.knative.dev/v1alpha1 -kind: Image -metadata: - name: queue-proxy - namespace: knative-serving - labels: - app.kubernetes.io/component: queue-proxy - app.kubernetes.io/name: knative-serving - app.kubernetes.io/version: "1.8.4" -spec: - # This is the Go import path for the binary that is containerized - # and substituted here. - image: gcr.io/knative-releases/knative.dev/serving/cmd/queue@sha256:bd8fb142238606fca6460d9ca56ac4b0591ec260625f78d7449a19fae03cd9c6 - ---- -# Copyright 2018 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: v1 -kind: ConfigMap -metadata: - name: config-autoscaler - namespace: knative-serving - labels: - app.kubernetes.io/component: autoscaler - app.kubernetes.io/name: knative-serving - app.kubernetes.io/version: "1.8.4" - annotations: - knative.dev/example-checksum: "47c2487f" -data: - _example: | - ################################ - # # - # EXAMPLE CONFIGURATION # - # # - ################################ - - # This block is not actually functional configuration, - # but serves to illustrate the available configuration - # options and document them in a way that is accessible - # to users that `kubectl edit` this config map. - # - # These sample configuration options may be copied out of - # this example block and unindented to be in the data block - # to actually change the configuration. - - # The Revision ContainerConcurrency field specifies the maximum number - # of requests the Container can handle at once. Container concurrency - # target percentage is how much of that maximum to use in a stable - # state. E.g. if a Revision specifies ContainerConcurrency of 10, then - # the Autoscaler will try to maintain 7 concurrent connections per pod - # on average. - # Note: this limit will be applied to container concurrency set at every - # level (ConfigMap, Revision Spec or Annotation). - # For legacy and backwards compatibility reasons, this value also accepts - # fractional values in (0, 1] interval (i.e. 0.7 ⇒ 70%). - # Thus minimal percentage value must be greater than 1.0, or it will be - # treated as a fraction. - # NOTE: that this value does not affect actual number of concurrent requests - # the user container may receive, but only the average number of requests - # that the revision pods will receive. - container-concurrency-target-percentage: "70" - - # The container concurrency target default is what the Autoscaler will - # try to maintain when concurrency is used as the scaling metric for the - # Revision and the Revision specifies unlimited concurrency. - # When revision explicitly specifies container concurrency, that value - # will be used as a scaling target for autoscaler. - # When specifying unlimited concurrency, the autoscaler will - # horizontally scale the application based on this target concurrency. - # This is what we call "soft limit" in the documentation, i.e. it only - # affects number of pods and does not affect the number of requests - # individual pod processes. - # The value must be a positive number such that the value multiplied - # by container-concurrency-target-percentage is greater than 0.01. - # NOTE: that this value will be adjusted by application of - # container-concurrency-target-percentage, i.e. by default - # the system will target on average 70 concurrent requests - # per revision pod. - # NOTE: Only one metric can be used for autoscaling a Revision. - container-concurrency-target-default: "100" - - # The requests per second (RPS) target default is what the Autoscaler will - # try to maintain when RPS is used as the scaling metric for a Revision and - # the Revision specifies unlimited RPS. Even when specifying unlimited RPS, - # the autoscaler will horizontally scale the application based on this - # target RPS. - # Must be greater than 1.0. - # NOTE: Only one metric can be used for autoscaling a Revision. - requests-per-second-target-default: "200" - - # The target burst capacity specifies the size of burst in concurrent - # requests that the system operator expects the system will receive. - # Autoscaler will try to protect the system from queueing by introducing - # Activator in the request path if the current spare capacity of the - # service is less than this setting. - # If this setting is 0, then Activator will be in the request path only - # when the revision is scaled to 0. - # If this setting is > 0 and container-concurrency-target-percentage is - # 100% or 1.0, then activator will always be in the request path. - # -1 denotes unlimited target-burst-capacity and activator will always - # be in the request path. - # Other negative values are invalid. - target-burst-capacity: "211" - - # When operating in a stable mode, the autoscaler operates on the - # average concurrency over the stable window. - # Stable window must be in whole seconds. - stable-window: "60s" - - # When observed average concurrency during the panic window reaches - # panic-threshold-percentage the target concurrency, the autoscaler - # enters panic mode. When operating in panic mode, the autoscaler - # scales on the average concurrency over the panic window which is - # panic-window-percentage of the stable-window. - # Must be in the [1, 100] range. - # When computing the panic window it will be rounded to the closest - # whole second, at least 1s. - panic-window-percentage: "10.0" - - # The percentage of the container concurrency target at which to - # enter panic mode when reached within the panic window. - panic-threshold-percentage: "200.0" - - # Max scale up rate limits the rate at which the autoscaler will - # increase pod count. It is the maximum ratio of desired pods versus - # observed pods. - # Cannot be less or equal to 1. - # I.e with value of 2.0 the number of pods can at most go N to 2N - # over single Autoscaler period (2s), but at least N to - # N+1, if Autoscaler needs to scale up. - max-scale-up-rate: "1000.0" - - # Max scale down rate limits the rate at which the autoscaler will - # decrease pod count. It is the maximum ratio of observed pods versus - # desired pods. - # Cannot be less or equal to 1. - # I.e. with value of 2.0 the number of pods can at most go N to N/2 - # over single Autoscaler evaluation period (2s), but at - # least N to N-1, if Autoscaler needs to scale down. - max-scale-down-rate: "2.0" - - # Scale to zero feature flag. - enable-scale-to-zero: "true" - - # Scale to zero grace period is the time an inactive revision is left - # running before it is scaled to zero (must be positive, but recommended - # at least a few seconds if running with mesh networking). - # This is the upper limit and is provided not to enforce timeout after - # the revision stopped receiving requests for stable window, but to - # ensure network reprogramming to put activator in the path has completed. - # If the system determines that a shorter period is satisfactory, - # then the system will only wait that amount of time before scaling to 0. - # NOTE: this period might actually be 0, if activator has been - # in the request path sufficiently long. - # If there is necessity for the last pod to linger longer use - # scale-to-zero-pod-retention-period flag. - scale-to-zero-grace-period: "30s" - - # Scale to zero pod retention period defines the minimum amount - # of time the last pod will remain after Autoscaler has decided to - # scale to zero. - # This flag is for the situations where the pod startup is very expensive - # and the traffic is bursty (requiring smaller windows for fast action), - # but patchy. - # The larger of this flag and `scale-to-zero-grace-period` will effectively - # determine how the last pod will hang around. - scale-to-zero-pod-retention-period: "0s" - - # pod-autoscaler-class specifies the default pod autoscaler class - # that should be used if none is specified. If omitted, - # the Knative Pod Autoscaler (KPA) is used by default. - pod-autoscaler-class: "kpa.autoscaling.knative.dev" - - # The capacity of a single activator task. - # The `unit` is one concurrent request proxied by the activator. - # activator-capacity must be at least 1. - # This value is used for computation of the Activator subset size. - # See the algorithm here: http://bit.ly/38XiCZ3. - # TODO(vagababov): tune after actual benchmarking. - activator-capacity: "100.0" - - # initial-scale is the cluster-wide default value for the initial target - # scale of a revision after creation, unless overridden by the - # "autoscaling.knative.dev/initialScale" annotation. - # This value must be greater than 0 unless allow-zero-initial-scale is true. - initial-scale: "1" - - # allow-zero-initial-scale controls whether either the cluster-wide initial-scale flag, - # or the "autoscaling.knative.dev/initialScale" annotation, can be set to 0. - allow-zero-initial-scale: "false" - - # min-scale is the cluster-wide default value for the min scale of a revision, - # unless overridden by the "autoscaling.knative.dev/minScale" annotation. - min-scale: "0" - - # max-scale is the cluster-wide default value for the max scale of a revision, - # unless overridden by the "autoscaling.knative.dev/maxScale" annotation. - # If set to 0, the revision has no maximum scale. - max-scale: "0" - - # scale-down-delay is the amount of time that must pass at reduced - # concurrency before a scale down decision is applied. This can be useful, - # for example, to maintain replica count and avoid a cold start penalty if - # more requests come in within the scale down delay period. - # The default, 0s, imposes no delay at all. - scale-down-delay: "0s" - - # max-scale-limit sets the maximum permitted value for the max scale of a revision. - # When this is set to a positive value, a revision with a maxScale above that value - # (including a maxScale of "0" = unlimited) is disallowed. - # A value of zero (the default) allows any limit, including unlimited. - max-scale-limit: "0" - ---- -# Copyright 2019 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: v1 -kind: ConfigMap -metadata: - name: config-defaults - namespace: knative-serving - labels: - app.kubernetes.io/name: knative-serving - app.kubernetes.io/component: controller - app.kubernetes.io/version: "1.8.4" - annotations: - knative.dev/example-checksum: "e7973912" -data: - _example: | - ################################ - # # - # EXAMPLE CONFIGURATION # - # # - ################################ - - # This block is not actually functional configuration, - # but serves to illustrate the available configuration - # options and document them in a way that is accessible - # to users that `kubectl edit` this config map. - # - # These sample configuration options may be copied out of - # this example block and unindented to be in the data block - # to actually change the configuration. - - # revision-timeout-seconds contains the default number of - # seconds to use for the revision's per-request timeout, if - # none is specified. - revision-timeout-seconds: "300" # 5 minutes - - # max-revision-timeout-seconds contains the maximum number of - # seconds that can be used for revision-timeout-seconds. - # This value must be greater than or equal to revision-timeout-seconds. - # If omitted, the system default is used (600 seconds). - # - # If this value is increased, the activator's terminationGraceTimeSeconds - # should also be increased to prevent in-flight requests being disrupted. - max-revision-timeout-seconds: "600" # 10 minutes - - # revision-response-start-timeout-seconds contains the default number of - # seconds a request will be allowed to stay open while waiting to - # receive any bytes from the user's application, if none is specified. - # - # This defaults to 'revision-timeout-seconds' - revision-response-start-timeout-seconds: "300" - - # revision-idle-timeout-seconds contains the default number of - # seconds a request will be allowed to stay open while not receiving any - # bytes from the user's application, if none is specified. - revision-idle-timeout-seconds: "0" # infinite - - # revision-cpu-request contains the cpu allocation to assign - # to revisions by default. If omitted, no value is specified - # and the system default is used. - # Below is an example of setting revision-cpu-request. - # By default, it is not set by Knative. - revision-cpu-request: "400m" # 0.4 of a CPU (aka 400 milli-CPU) - - # revision-memory-request contains the memory allocation to assign - # to revisions by default. If omitted, no value is specified - # and the system default is used. - # Below is an example of setting revision-memory-request. - # By default, it is not set by Knative. - revision-memory-request: "100M" # 100 megabytes of memory - - # revision-ephemeral-storage-request contains the ephemeral storage - # allocation to assign to revisions by default. If omitted, no value is - # specified and the system default is used. - revision-ephemeral-storage-request: "500M" # 500 megabytes of storage - - # revision-cpu-limit contains the cpu allocation to limit - # revisions to by default. If omitted, no value is specified - # and the system default is used. - # Below is an example of setting revision-cpu-limit. - # By default, it is not set by Knative. - revision-cpu-limit: "1000m" # 1 CPU (aka 1000 milli-CPU) - - # revision-memory-limit contains the memory allocation to limit - # revisions to by default. If omitted, no value is specified - # and the system default is used. - # Below is an example of setting revision-memory-limit. - # By default, it is not set by Knative. - revision-memory-limit: "200M" # 200 megabytes of memory - - # revision-ephemeral-storage-limit contains the ephemeral storage - # allocation to limit revisions to by default. If omitted, no value is - # specified and the system default is used. - revision-ephemeral-storage-limit: "750M" # 750 megabytes of storage - - # container-name-template contains a template for the default - # container name, if none is specified. This field supports - # Go templating and is supplied with the ObjectMeta of the - # enclosing Service or Configuration, so values such as - # {{.Name}} are also valid. - container-name-template: "user-container" - - # init-container-name-template contains a template for the default - # init container name, if none is specified. This field supports - # Go templating and is supplied with the ObjectMeta of the - # enclosing Service or Configuration, so values such as - # {{.Name}} are also valid. - init-container-name-template: "init-container" - - # container-concurrency specifies the maximum number - # of requests the Container can handle at once, and requests - # above this threshold are queued. Setting a value of zero - # disables this throttling and lets through as many requests as - # the pod receives. - container-concurrency: "0" - - # The container concurrency max limit is an operator setting ensuring that - # the individual revisions cannot have arbitrary large concurrency - # values, or autoscaling targets. `container-concurrency` default setting - # must be at or below this value. - # - # Must be greater than 1. - # - # Note: even with this set, a user can choose a containerConcurrency - # of 0 (i.e. unbounded) unless allow-container-concurrency-zero is - # set to "false". - container-concurrency-max-limit: "1000" - - # allow-container-concurrency-zero controls whether users can - # specify 0 (i.e. unbounded) for containerConcurrency. - allow-container-concurrency-zero: "true" - - # enable-service-links specifies the default value used for the - # enableServiceLinks field of the PodSpec, when it is omitted by the user. - # See: https://kubernetes.io/docs/concepts/services-networking/connect-applications-service/#accessing-the-service - # - # This is a tri-state flag with possible values of (true|false|default). - # - # In environments with large number of services it is suggested - # to set this value to `false`. - # See https://github.com/knative/serving/issues/8498. - enable-service-links: "false" - ---- -# Copyright 2019 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: v1 -kind: ConfigMap -metadata: - name: config-deployment - namespace: knative-serving - labels: - app.kubernetes.io/name: knative-serving - app.kubernetes.io/component: controller - app.kubernetes.io/version: "1.8.4" - annotations: - knative.dev/example-checksum: "dd7ee769" -data: - # This is the Go import path for the binary that is containerized - # and substituted here. - queue-sidecar-image: gcr.io/knative-releases/knative.dev/serving/cmd/queue@sha256:bd8fb142238606fca6460d9ca56ac4b0591ec260625f78d7449a19fae03cd9c6 - _example: |- - ################################ - # # - # EXAMPLE CONFIGURATION # - # # - ################################ - - # This block is not actually functional configuration, - # but serves to illustrate the available configuration - # options and document them in a way that is accessible - # to users that `kubectl edit` this config map. - # - # These sample configuration options may be copied out of - # this example block and unindented to be in the data block - # to actually change the configuration. - - # List of repositories for which tag to digest resolving should be skipped - registries-skipping-tag-resolving: "kind.local,ko.local,dev.local" - - # Maximum time allowed for an image's digests to be resolved. - digest-resolution-timeout: "10s" - - # Duration we wait for the deployment to be ready before considering it failed. - progress-deadline: "600s" - - # Sets the queue proxy's CPU request. - # If omitted, a default value (currently "25m"), is used. - queue-sidecar-cpu-request: "25m" - - # Sets the queue proxy's CPU limit. - # If omitted, no value is specified and the system default is used. - queue-sidecar-cpu-limit: "1000m" - - # Sets the queue proxy's memory request. - # If omitted, no value is specified and the system default is used. - queue-sidecar-memory-request: "400Mi" - - # Sets the queue proxy's memory limit. - # If omitted, no value is specified and the system default is used. - queue-sidecar-memory-limit: "800Mi" - - # Sets the queue proxy's ephemeral storage request. - # If omitted, no value is specified and the system default is used. - queue-sidecar-ephemeral-storage-request: "512Mi" - - # Sets the queue proxy's ephemeral storage limit. - # If omitted, no value is specified and the system default is used. - queue-sidecar-ephemeral-storage-limit: "1024Mi" - - # The freezer service endpoint that queue-proxy calls when its traffic drops to zero or - # scales up from zero. - # - # Freezer service is available at: https://github.com/knative-sandbox/container-freezer - # or users may write their own service. - # - # The value will need to include both the host and the port that will be accessed. - # For the host, $HOST_IP can be passed, and the appropriate host IP value will be swapped - # in at runtime, which will enable the freezer daemonset to be reachable via the node IP. - # - # As an example: - # concurrency-state-endpoint: "http://$HOST_IP:9696" - # - # If not set, queue proxy takes no action (this is the default behavior). - # - # When enabled, a serviceAccountToken will be mounted to queue-proxy using - # a projected volume. This requires the Service Account Token Volume Projection feature - # to be enabled. For details, see this link: - # https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/#service-account-token-volume-projection - # - # NOTE THAT THIS IS AN EXPERIMENTAL / ALPHA FEATURE - concurrency-state-endpoint: "" - ---- -# Copyright 2018 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: v1 -kind: ConfigMap -metadata: - name: config-domain - namespace: knative-serving - labels: - app.kubernetes.io/name: knative-serving - app.kubernetes.io/component: controller - app.kubernetes.io/version: "1.8.4" - annotations: - knative.dev/example-checksum: "26c09de5" -data: - _example: | - ################################ - # # - # EXAMPLE CONFIGURATION # - # # - ################################ - - # This block is not actually functional configuration, - # but serves to illustrate the available configuration - # options and document them in a way that is accessible - # to users that `kubectl edit` this config map. - # - # These sample configuration options may be copied out of - # this example block and unindented to be in the data block - # to actually change the configuration. - - # Default value for domain. - # Routes having the cluster domain suffix (by default 'svc.cluster.local') - # will not be exposed through Ingress. You can define your own label - # selector to assign that domain suffix to your Route here, or you can set - # the label - # "networking.knative.dev/visibility=cluster-local" - # to achieve the same effect. This shows how to make routes having - # the label app=secret only exposed to the local cluster. - svc.cluster.local: | - selector: - app: secret - - # These are example settings of domain. - # example.com will be used for all routes, but it is the least-specific rule so it - # will only be used if no other domain matches. - example.com: | - - # example.org will be used for routes having app=nonprofit. - example.org: | - selector: - app: nonprofit - ---- -# Copyright 2020 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: v1 -kind: ConfigMap -metadata: - name: config-features - namespace: knative-serving - labels: - app.kubernetes.io/name: knative-serving - app.kubernetes.io/component: controller - app.kubernetes.io/version: "1.8.4" - annotations: - knative.dev/example-checksum: "691a192e" -data: - _example: |- - ################################ - # # - # EXAMPLE CONFIGURATION # - # # - ################################ - - # This block is not actually functional configuration, - # but serves to illustrate the available configuration - # options and document them in a way that is accessible - # to users that `kubectl edit` this config map. - # - # These sample configuration options may be copied out of - # this example block and unindented to be in the data block - # to actually change the configuration. - - # Indicates whether multi container support is enabled - # - # WARNING: Cannot safely be disabled once enabled. - # See: https://knative.dev/docs/serving/feature-flags/#multi-containers - multi-container: "enabled" - - # Indicates whether Kubernetes affinity support is enabled - # - # WARNING: Cannot safely be disabled once enabled. - # See: https://knative.dev/docs/serving/feature-flags/#kubernetes-node-affinity - kubernetes.podspec-affinity: "disabled" - - # Indicates whether Kubernetes topologySpreadConstraints support is enabled - # - # WARNING: Cannot safely be disabled once enabled. - # See: https://knative.dev/docs/serving/feature-flags/#kubernetes-topology-spread-constraints - kubernetes.podspec-topologyspreadconstraints: "disabled" - - # Indicates whether Kubernetes hostAliases support is enabled - # - # WARNING: Cannot safely be disabled once enabled. - # See: https://knative.dev/docs/serving/feature-flags/#kubernetes-host-aliases - kubernetes.podspec-hostaliases: "disabled" - - # Indicates whether Kubernetes nodeSelector support is enabled - # - # WARNING: Cannot safely be disabled once enabled. - # See: https://knative.dev/docs/serving/feature-flags/#kubernetes-node-selector - kubernetes.podspec-nodeselector: "disabled" - - # Indicates whether Kubernetes tolerations support is enabled - # - # WARNING: Cannot safely be disabled once enabled - # See: https://knative.dev/docs/serving/feature-flags/#kubernetes-toleration - kubernetes.podspec-tolerations: "disabled" - - # Indicates whether Kubernetes FieldRef support is enabled - # - # WARNING: Cannot safely be disabled once enabled. - # See: https://knative.dev/docs/serving/feature-flags/#kubernetes-fieldref - kubernetes.podspec-fieldref: "disabled" - - # Indicates whether Kubernetes RuntimeClassName support is enabled - # - # WARNING: Cannot safely be disabled once enabled. - # See: https://knative.dev/docs/serving/feature-flags/#kubernetes-runtime-class - kubernetes.podspec-runtimeclassname: "disabled" - - # Indicates whether Kubernetes DNSPolicy support is enabled - # - # WARNING: Cannot safely be disabled once enabled. - # See: https://knative.dev/docs/serving/feature-flags/#kubernetes-dnspolicy - kubernetes.podspec-dnspolicy: "disabled" - - # Indicates whether Kubernetes DNSConfig support is enabled - # - # WARNING: Cannot safely be disabled once enabled. - # See: https://knative.dev/docs/serving/feature-flags/#kubernetes-dnsconfig - kubernetes.podspec-dnsconfig: "disabled" - - # This feature allows end-users to set a subset of fields on the Pod's SecurityContext - # - # When set to "enabled" or "allowed" it allows the following - # PodSecurityContext properties: - # - FSGroup - # - RunAsGroup - # - RunAsNonRoot - # - SupplementalGroups - # - RunAsUser - # - SeccompProfile - # - # This feature flag should be used with caution as the PodSecurityContext - # properties may have a side-effect on non-user sidecar containers that come - # from Knative or your service mesh - # - # WARNING: Cannot safely be disabled once enabled. - # See: https://knative.dev/docs/serving/feature-flags/#kubernetes-security-context - kubernetes.podspec-securitycontext: "disabled" - - # Indicates whether Kubernetes PriorityClassName support is enabled - # - # WARNING: Cannot safely be disabled once enabled. - # See: https://knative.dev/docs/serving/feature-flags/#kubernetes-priority-class-name - kubernetes.podspec-priorityclassname: "disabled" - - # Indicates whether Kubernetes SchedulerName support is enabled - # - # WARNING: Cannot safely be disabled once enabled. - # See: https://knative.dev/docs/serving/feature-flags/#kubernetes-scheduler-name - kubernetes.podspec-schedulername: "disabled" - - # This feature flag allows end-users to add a subset of capabilities on the Pod's SecurityContext. - # - # When set to "enabled" or "allowed" it allows capabilities to be added to the container. - # For a list of possible capabilities, see https://man7.org/linux/man-pages/man7/capabilities.7.html - kubernetes.containerspec-addcapabilities: "disabled" - - # This feature validates PodSpecs from the validating webhook - # against the K8s API Server. - # - # When "enabled", the server will always run the extra validation. - # When "allowed", the server will not run the dry-run validation by default. - # However, clients may enable the behavior on an individual Service by - # attaching the following metadata annotation: "features.knative.dev/podspec-dryrun":"enabled". - # See: https://knative.dev/docs/serving/feature-flags/#kubernetes-dry-run - kubernetes.podspec-dryrun: "allowed" - - # Controls whether tag header based routing feature are enabled or not. - # 1. Enabled: enabling tag header based routing - # 2. Disabled: disabling tag header based routing - # See: https://knative.dev/docs/serving/feature-flags/#tag-header-based-routing - tag-header-based-routing: "disabled" - - # Controls whether http2 auto-detection should be enabled or not. - # 1. Enabled: http2 connection will be attempted via upgrade. - # 2. Disabled: http2 connection will only be attempted when port name is set to "h2c". - autodetect-http2: "disabled" - - # Controls whether volume support for EmptyDir is enabled or not. - # 1. Enabled: enabling EmptyDir volume support - # 2. Disabled: disabling EmptyDir volume support - kubernetes.podspec-volumes-emptydir: "enabled" - - # Controls whether init containers support is enabled or not. - # 1. Enabled: enabling init containers support - # 2. Disabled: disabling init containers support - kubernetes.podspec-init-containers: "disabled" - - # Controls whether persistent volume claim support is enabled or not. - # 1. Enabled: enabling persistent volume claim support - # 2. Disabled: disabling persistent volume claim support - kubernetes.podspec-persistent-volume-claim: "disabled" - - # Controls whether write access for persistent volumes is enabled or not. - # 1. Enabled: enabling write access for persistent volumes - # 2. Disabled: disabling write access for persistent volumes - kubernetes.podspec-persistent-volume-write: "disabled" - - # Controls if the queue proxy podInfo feature is enabled, allowed or disabled - # - # This feature should be enabled/allowed when using queue proxy Options (Extensions) - # Enabling will mount a podInfo volume to the queue proxy container. - # The volume will contains an 'annotations' file (from the pod's annotation field). - # The annotations in this file include the Service annotations set by the client creating the service. - # If mounted, the annotations can be accessed by queue proxy extensions at /etc/podinfo/annnotations - # - # 1. "enabled": always mount a podInfo volume - # 2. "disabled": never mount a podInfo volume - # 3. "allowed": by default, do not mount a podInfo volume - # However, a client may mount the podInfo volume on an individual Service by attaching - # the following metadata annotation to the Service: "features.knative.dev/queueproxy-podinfo":"enabled". - # - # NOTE THAT THIS IS AN EXPERIMENTAL / ALPHA FEATURE - queueproxy.mount-podinfo: "disabled" - ---- -# Copyright 2018 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: v1 -kind: ConfigMap -metadata: - name: config-gc - namespace: knative-serving - labels: - app.kubernetes.io/name: knative-serving - app.kubernetes.io/component: controller - app.kubernetes.io/version: "1.8.4" - annotations: - knative.dev/example-checksum: "aa3813a8" -data: - _example: | - ################################ - # # - # EXAMPLE CONFIGURATION # - # # - ################################ - - # This block is not actually functional configuration, - # but serves to illustrate the available configuration - # options and document them in a way that is accessible - # to users that `kubectl edit` this config map. - # - # These sample configuration options may be copied out of - # this example block and unindented to be in the data block - # to actually change the configuration. - - # --------------------------------------- - # Garbage Collector Settings - # --------------------------------------- - # - # Active - # * Revisions which are referenced by a Route are considered active. - # * Individual revisions may be marked with the annotation - # "serving.knative.dev/no-gc":"true" to be permanently considered active. - # * Active revisions are not considered for GC. - # Retention - # * Revisions are retained if they are any of the following: - # 1. Active - # 2. Were created within "retain-since-create-time" - # 3. Were last referenced by a route within - # "retain-since-last-active-time" - # 4. There are fewer than "min-non-active-revisions" - # If none of these conditions are met, or if the count of revisions exceed - # "max-non-active-revisions", they will be deleted by GC. - # The special value "disabled" may be used to turn off these limits. - # - # Example config to immediately collect any inactive revision: - # min-non-active-revisions: "0" - # max-non-active-revisions: "0" - # retain-since-create-time: "disabled" - # retain-since-last-active-time: "disabled" - # - # Example config to always keep around the last ten non-active revisions: - # retain-since-create-time: "disabled" - # retain-since-last-active-time: "disabled" - # max-non-active-revisions: "10" - # - # Example config to disable all garbage collection: - # retain-since-create-time: "disabled" - # retain-since-last-active-time: "disabled" - # max-non-active-revisions: "disabled" - # - # Example config to keep recently deployed or active revisions, - # always maintain the last two in case of rollback, and prevent - # burst activity from exploding the count of old revisions: - # retain-since-create-time: "48h" - # retain-since-last-active-time: "15h" - # min-non-active-revisions: "2" - # max-non-active-revisions: "1000" - - # Duration since creation before considering a revision for GC or "disabled". - retain-since-create-time: "48h" - - # Duration since active before considering a revision for GC or "disabled". - retain-since-last-active-time: "15h" - - # Minimum number of non-active revisions to retain. - min-non-active-revisions: "20" - - # Maximum number of non-active revisions to retain - # or "disabled" to disable any maximum limit. - max-non-active-revisions: "1000" - ---- -# Copyright 2020 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: v1 -kind: ConfigMap -metadata: - name: config-leader-election - namespace: knative-serving - labels: - app.kubernetes.io/name: knative-serving - app.kubernetes.io/component: controller - app.kubernetes.io/version: "1.8.4" - annotations: - knative.dev/example-checksum: "f4b71f57" -data: - _example: | - ################################ - # # - # EXAMPLE CONFIGURATION # - # # - ################################ - - # This block is not actually functional configuration, - # but serves to illustrate the available configuration - # options and document them in a way that is accessible - # to users that `kubectl edit` this config map. - # - # These sample configuration options may be copied out of - # this example block and unindented to be in the data block - # to actually change the configuration. - - # lease-duration is how long non-leaders will wait to try to acquire the - # lock; 15 seconds is the value used by core kubernetes controllers. - lease-duration: "60s" - - # renew-deadline is how long a leader will try to renew the lease before - # giving up; 10 seconds is the value used by core kubernetes controllers. - renew-deadline: "40s" - - # retry-period is how long the leader election client waits between tries of - # actions; 2 seconds is the value used by core kubernetes controllers. - retry-period: "10s" - - # buckets is the number of buckets used to partition key space of each - # Reconciler. If this number is M and the replica number of the controller - # is N, the N replicas will compete for the M buckets. The owner of a - # bucket will take care of the reconciling for the keys partitioned into - # that bucket. - buckets: "1" - ---- -# Copyright 2018 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: v1 -kind: ConfigMap -metadata: - name: config-logging - namespace: knative-serving - labels: - app.kubernetes.io/version: "1.8.4" - app.kubernetes.io/component: logging - app.kubernetes.io/name: knative-serving - annotations: - knative.dev/example-checksum: "b0f3c6f2" -data: - _example: | - ################################ - # # - # EXAMPLE CONFIGURATION # - # # - ################################ - - # This block is not actually functional configuration, - # but serves to illustrate the available configuration - # options and document them in a way that is accessible - # to users that `kubectl edit` this config map. - # - # These sample configuration options may be copied out of - # this example block and unindented to be in the data block - # to actually change the configuration. - - # Common configuration for all Knative codebase - zap-logger-config: | - { - "level": "info", - "development": false, - "outputPaths": ["stdout"], - "errorOutputPaths": ["stderr"], - "encoding": "json", - "encoderConfig": { - "timeKey": "timestamp", - "levelKey": "severity", - "nameKey": "logger", - "callerKey": "caller", - "messageKey": "message", - "stacktraceKey": "stacktrace", - "lineEnding": "", - "levelEncoder": "", - "timeEncoder": "iso8601", - "durationEncoder": "", - "callerEncoder": "" - } - } - - # Log level overrides - # For all components except the queue proxy, - # changes are picked up immediately. - # For queue proxy, changes require recreation of the pods. - loglevel.controller: "info" - loglevel.autoscaler: "info" - loglevel.queueproxy: "info" - loglevel.webhook: "info" - loglevel.activator: "info" - loglevel.hpaautoscaler: "info" - loglevel.net-certmanager-controller: "info" - loglevel.net-istio-controller: "info" - loglevel.net-contour-controller: "info" - ---- -# Copyright 2018 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: v1 -kind: ConfigMap -metadata: - name: config-network - namespace: knative-serving - labels: - app.kubernetes.io/name: knative-serving - app.kubernetes.io/component: networking - app.kubernetes.io/version: "1.8.4" - annotations: - knative.dev/example-checksum: "73d96d1b" -data: - _example: | - ################################ - # # - # EXAMPLE CONFIGURATION # - # # - ################################ - - # This block is not actually functional configuration, - # but serves to illustrate the available configuration - # options and document them in a way that is accessible - # to users that `kubectl edit` this config map. - # - # These sample configuration options may be copied out of - # this example block and unindented to be in the data block - # to actually change the configuration. - - # ingress-class specifies the default ingress class - # to use when not dictated by Route annotation. - # - # If not specified, will use the Istio ingress. - # - # Note that changing the Ingress class of an existing Route - # will result in undefined behavior. Therefore it is best to only - # update this value during the setup of Knative, to avoid getting - # undefined behavior. - ingress-class: "istio.ingress.networking.knative.dev" - - # certificate-class specifies the default Certificate class - # to use when not dictated by Route annotation. - # - # If not specified, will use the Cert-Manager Certificate. - # - # Note that changing the Certificate class of an existing Route - # will result in undefined behavior. Therefore it is best to only - # update this value during the setup of Knative, to avoid getting - # undefined behavior. - certificate-class: "cert-manager.certificate.networking.knative.dev" - - # namespace-wildcard-cert-selector specifies a LabelSelector which - # determines which namespaces should have a wildcard certificate - # provisioned. - # - # Use an empty value to disable the feature (this is the default): - # namespace-wildcard-cert-selector: "" - # - # Use an empty object to enable for all namespaces - # namespace-wildcard-cert-selector: {} - # - # Useful labels include the "kubernetes.io/metadata.name" label to - # avoid provisioning a certifcate for the "kube-system" namespaces. - # Use the following selector to match pre-1.0 behavior of using - # "networking.knative.dev/disableWildcardCert" to exclude namespaces: - # - # matchExpressions: - # - key: "networking.knative.dev/disableWildcardCert" - # operator: "NotIn" - # values: ["true"] - namespace-wildcard-cert-selector: "" - - # domain-template specifies the golang text template string to use - # when constructing the Knative service's DNS name. The default - # value is "{{.Name}}.{{.Namespace}}.{{.Domain}}". - # - # Valid variables defined in the template include Name, Namespace, Domain, - # Labels, and Annotations. Name will be the result of the tagTemplate - # below, if a tag is specified for the route. - # - # Changing this value might be necessary when the extra levels in - # the domain name generated is problematic for wildcard certificates - # that only support a single level of domain name added to the - # certificate's domain. In those cases you might consider using a value - # of "{{.Name}}-{{.Namespace}}.{{.Domain}}", or removing the Namespace - # entirely from the template. When choosing a new value be thoughtful - # of the potential for conflicts - for example, when users choose to use - # characters such as `-` in their service, or namespace, names. - # {{.Annotations}} or {{.Labels}} can be used for any customization in the - # go template if needed. - # We strongly recommend keeping namespace part of the template to avoid - # domain name clashes: - # eg. '{{.Name}}-{{.Namespace}}.{{ index .Annotations "sub"}}.{{.Domain}}' - # and you have an annotation {"sub":"foo"}, then the generated template - # would be {Name}-{Namespace}.foo.{Domain} - domain-template: "{{.Name}}.{{.Namespace}}.{{.Domain}}" - - # tagTemplate specifies the golang text template string to use - # when constructing the DNS name for "tags" within the traffic blocks - # of Routes and Configuration. This is used in conjunction with the - # domainTemplate above to determine the full URL for the tag. - tag-template: "{{.Tag}}-{{.Name}}" - - # Controls whether TLS certificates are automatically provisioned and - # installed in the Knative ingress to terminate external TLS connection. - # 1. Enabled: enabling auto-TLS feature. - # 2. Disabled: disabling auto-TLS feature. - auto-tls: "Disabled" - - # Controls the behavior of the HTTP endpoint for the Knative ingress. - # It requires autoTLS to be enabled. - # 1. Enabled: The Knative ingress will be able to serve HTTP connection. - # 2. Redirected: The Knative ingress will send a 301 redirect for all - # http connections, asking the clients to use HTTPS. - # - # "Disabled" option is deprecated. - http-protocol: "Enabled" - - # rollout-duration contains the minimal duration in seconds over which the - # Configuration traffic targets are rolled out to the newest revision. - rollout-duration: "0" - - # autocreate-cluster-domain-claims controls whether ClusterDomainClaims should - # be automatically created (and deleted) as needed when DomainMappings are - # reconciled. - # - # If this is "false" (the default), the cluster administrator is - # responsible for creating ClusterDomainClaims and delegating them to - # namespaces via their spec.Namespace field. This setting should be used in - # multitenant environments which need to control which namespace can use a - # particular domain name in a domain mapping. - # - # If this is "true", users are able to associate arbitrary names with their - # services via the DomainMapping feature. - autocreate-cluster-domain-claims: "false" - - # If true, networking plugins can add additional information to deployed - # applications to make their pods directly accessible via their IPs even if mesh is - # enabled and thus direct-addressability is usually not possible. - # Consumers like Knative Serving can use this setting to adjust their behavior - # accordingly, i.e. to drop fallback solutions for non-pod-addressable systems. - # - # NOTE: This flag is in an alpha state and is mostly here to enable internal testing - # for now. Use with caution. - enable-mesh-pod-addressability: "false" - - # mesh-compatibility-mode indicates whether consumers of network plugins - # should directly contact Pod IPs (most efficient), or should use the - # Cluster IP (less efficient, needed when mesh is enabled unless - # `enable-mesh-pod-addressability`, above, is set). - # Permitted values are: - # - "auto" (default): automatically determine which mesh mode to use by trying Pod IP and falling back to Cluster IP as needed. - # - "enabled": always use Cluster IP and do not attempt to use Pod IPs. - # - "disabled": always use Pod IPs and do not fall back to Cluster IP on failure. - mesh-compatibility-mode: "auto" - - # Defines the scheme used for external URLs if autoTLS is not enabled. - # This can be used for making Knative report all URLs as "HTTPS" for example, if you're - # fronting Knative with an external loadbalancer that deals with TLS termination and - # Knative doesn't know about that otherwise. - default-external-scheme: "http" - - # internal-encryption indicates whether internal traffic is encrypted or not. - # If this is "true", the following traffic are encrypted: - # - ingress to activator - # - ingress to queue-proxy - # - activator to queue-proxy - # - # NOTE: This flag is in an alpha state and is mostly here to enable internal testing - # for now. Use with caution. - internal-encryption: "false" - ---- -# Copyright 2018 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: v1 -kind: ConfigMap -metadata: - name: config-observability - namespace: knative-serving - labels: - app.kubernetes.io/name: knative-serving - app.kubernetes.io/component: observability - app.kubernetes.io/version: "1.8.4" - annotations: - knative.dev/example-checksum: "fed4756e" -data: - _example: | - ################################ - # # - # EXAMPLE CONFIGURATION # - # # - ################################ - - # This block is not actually functional configuration, - # but serves to illustrate the available configuration - # options and document them in a way that is accessible - # to users that `kubectl edit` this config map. - # - # These sample configuration options may be copied out of - # this example block and unindented to be in the data block - # to actually change the configuration. - - # logging.enable-var-log-collection defaults to false. - # The fluentd daemon set will be set up to collect /var/log if - # this flag is true. - logging.enable-var-log-collection: "false" - - # logging.revision-url-template provides a template to use for producing the - # logging URL that is injected into the status of each Revision. - logging.revision-url-template: "http://logging.example.com/?revisionUID=${REVISION_UID}" - - # If non-empty, this enables queue proxy writing user request logs to stdout, excluding probe - # requests. - # NB: after 0.18 release logging.enable-request-log must be explicitly set to true - # in order for request logging to be enabled. - # - # The value determines the shape of the request logs and it must be a valid go text/template. - # It is important to keep this as a single line. Multiple lines are parsed as separate entities - # by most collection agents and will split the request logs into multiple records. - # - # The following fields and functions are available to the template: - # - # Request: An http.Request (see https://golang.org/pkg/net/http/#Request) - # representing an HTTP request received by the server. - # - # Response: - # struct { - # Code int // HTTP status code (see https://www.iana.org/assignments/http-status-codes/http-status-codes.xhtml) - # Size int // An int representing the size of the response. - # Latency float64 // A float64 representing the latency of the response in seconds. - # } - # - # Revision: - # struct { - # Name string // Knative revision name - # Namespace string // Knative revision namespace - # Service string // Knative service name - # Configuration string // Knative configuration name - # PodName string // Name of the pod hosting the revision - # PodIP string // IP of the pod hosting the revision - # } - # - logging.request-log-template: '{"httpRequest": {"requestMethod": "{{.Request.Method}}", "requestUrl": "{{js .Request.RequestURI}}", "requestSize": "{{.Request.ContentLength}}", "status": {{.Response.Code}}, "responseSize": "{{.Response.Size}}", "userAgent": "{{js .Request.UserAgent}}", "remoteIp": "{{js .Request.RemoteAddr}}", "serverIp": "{{.Revision.PodIP}}", "referer": "{{js .Request.Referer}}", "latency": "{{.Response.Latency}}s", "protocol": "{{.Request.Proto}}"}, "traceId": "{{index .Request.Header "X-B3-Traceid"}}"}' - - # If true, the request logging will be enabled. - # NB: up to and including Knative version 0.18 if logging.request-log-template is non-empty, this value - # will be ignored. - logging.enable-request-log: "false" - - # If true, this enables queue proxy writing request logs for probe requests to stdout. - # It uses the same template for user requests, i.e. logging.request-log-template. - logging.enable-probe-request-log: "false" - - # metrics.backend-destination field specifies the system metrics destination. - # It supports either prometheus (the default) or opencensus. - metrics.backend-destination: prometheus - - # metrics.request-metrics-backend-destination specifies the request metrics - # destination. It enables queue proxy to send request metrics. - # Currently supported values: prometheus (the default), opencensus. - metrics.request-metrics-backend-destination: prometheus - - # profiling.enable indicates whether it is allowed to retrieve runtime profiling data from - # the pods via an HTTP server in the format expected by the pprof visualization tool. When - # enabled, the Knative Serving pods expose the profiling data on an alternate HTTP port 8008. - # The HTTP context root for profiling is then /debug/pprof/. - profiling.enable: "false" - ---- -# Copyright 2019 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: v1 -kind: ConfigMap -metadata: - name: config-tracing - namespace: knative-serving - labels: - app.kubernetes.io/name: knative-serving - app.kubernetes.io/component: tracing - app.kubernetes.io/version: "1.8.4" - annotations: - knative.dev/example-checksum: "26614636" -data: - _example: | - ################################ - # # - # EXAMPLE CONFIGURATION # - # # - ################################ - - # This block is not actually functional configuration, - # but serves to illustrate the available configuration - # options and document them in a way that is accessible - # to users that `kubectl edit` this config map. - # - # These sample configuration options may be copied out of - # this example block and unindented to be in the data block - # to actually change the configuration. - # - # This may be "zipkin" or "none" (default) - backend: "none" - - # URL to zipkin collector where traces are sent. - # This must be specified when backend is "zipkin" - zipkin-endpoint: "http://zipkin.istio-system.svc.cluster.local:9411/api/v2/spans" - - # Enable zipkin debug mode. This allows all spans to be sent to the server - # bypassing sampling. - debug: "false" - - # Percentage (0-1) of requests to trace - sample-rate: "0.1" - ---- -# Copyright 2020 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: autoscaling/v2 -kind: HorizontalPodAutoscaler -metadata: - name: activator - namespace: knative-serving - labels: - app.kubernetes.io/component: activator - app.kubernetes.io/name: knative-serving - app.kubernetes.io/version: "1.8.4" -spec: - minReplicas: 1 - maxReplicas: 20 - scaleTargetRef: - apiVersion: apps/v1 - kind: Deployment - name: activator - metrics: - - type: Resource - resource: - name: cpu - target: - type: Utilization - # Percentage of the requested CPU - averageUtilization: 100 ---- -# Activator PDB. Currently we permit unavailability of 20% of tasks at the same time. -# Given the subsetting and that the activators are partially stateful systems, we want -# a slow rollout of the new versions and slow migration during node upgrades. -apiVersion: policy/v1 -kind: PodDisruptionBudget -metadata: - name: activator-pdb - namespace: knative-serving - labels: - app.kubernetes.io/component: activator - app.kubernetes.io/name: knative-serving - app.kubernetes.io/version: "1.8.4" -spec: - minAvailable: 80% - selector: - matchLabels: - app: activator - ---- -# Copyright 2018 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: apps/v1 -kind: Deployment -metadata: - name: activator - namespace: knative-serving - labels: - app.kubernetes.io/component: activator - app.kubernetes.io/version: "1.8.4" - app.kubernetes.io/name: knative-serving -spec: - selector: - matchLabels: - app: activator - role: activator - template: - metadata: - annotations: - cluster-autoscaler.kubernetes.io/safe-to-evict: "false" - labels: - app: activator - role: activator - app.kubernetes.io/component: activator - app.kubernetes.io/name: knative-serving - app.kubernetes.io/version: "1.8.4" - spec: - serviceAccountName: controller - containers: - - name: activator - # This is the Go import path for the binary that is containerized - # and substituted here. - image: gcr.io/knative-releases/knative.dev/serving/cmd/activator@sha256:72ff71ca4a6e51a967ff4c513d68e68669dfbbbe302314b7fa0ab77414f1277c - # The numbers are based on performance test results from - # https://github.com/knative/serving/issues/1625#issuecomment-511930023 - resources: - requests: - cpu: 300m - memory: 60Mi - limits: - cpu: 1000m - memory: 600Mi - env: - # Run Activator with GC collection when newly generated memory is 500%. - - name: GOGC - value: "500" - - name: POD_NAME - valueFrom: - fieldRef: - fieldPath: metadata.name - - name: POD_IP - valueFrom: - fieldRef: - fieldPath: status.podIP - - name: SYSTEM_NAMESPACE - valueFrom: - fieldRef: - fieldPath: metadata.namespace - - name: CONFIG_LOGGING_NAME - value: config-logging - - name: CONFIG_OBSERVABILITY_NAME - value: config-observability - # TODO(https://github.com/knative/pkg/pull/953): Remove stackdriver specific config - - name: METRICS_DOMAIN - value: knative.dev/internal/serving - securityContext: - allowPrivilegeEscalation: false - readOnlyRootFilesystem: true - runAsNonRoot: true - capabilities: - drop: - - ALL - seccompProfile: - type: RuntimeDefault - ports: - - name: metrics - containerPort: 9090 - - name: profiling - containerPort: 8008 - - name: http1 - containerPort: 8012 - - name: h2c - containerPort: 8013 - readinessProbe: - httpGet: - port: 8012 - httpHeaders: - - name: k-kubelet-probe - value: "activator" - periodSeconds: 5 - failureThreshold: 5 - livenessProbe: - httpGet: - port: 8012 - httpHeaders: - - name: k-kubelet-probe - value: "activator" - periodSeconds: 10 - failureThreshold: 12 - initialDelaySeconds: 15 - # The activator (often) sits on the dataplane, and may proxy long (e.g. - # streaming, websockets) requests. We give a long grace period for the - # activator to "lame duck" and drain outstanding requests before we - # forcibly terminate the pod (and outstanding connections). This value - # should be at least as large as the upper bound on the Revision's - # timeoutSeconds property to avoid servicing events disrupting - # connections. - terminationGracePeriodSeconds: 600 ---- -apiVersion: v1 -kind: Service -metadata: - name: activator-service - namespace: knative-serving - labels: - app: activator - app.kubernetes.io/component: activator - app.kubernetes.io/version: "1.8.4" - app.kubernetes.io/name: knative-serving -spec: - selector: - app: activator - ports: - # Define metrics and profiling for them to be accessible within service meshes. - - name: http-metrics - port: 9090 - targetPort: 9090 - - name: http-profiling - port: 8008 - targetPort: 8008 - - name: http - port: 80 - targetPort: 8012 - - name: http2 - port: 81 - targetPort: 8013 - - name: https - port: 443 - targetPort: 8112 - type: ClusterIP - ---- -# Copyright 2018 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: apps/v1 -kind: Deployment -metadata: - name: autoscaler - namespace: knative-serving - labels: - app.kubernetes.io/component: autoscaler - app.kubernetes.io/name: knative-serving - app.kubernetes.io/version: "1.8.4" -spec: - replicas: 1 - selector: - matchLabels: - app: autoscaler - strategy: - type: RollingUpdate - rollingUpdate: - maxUnavailable: 0 - template: - metadata: - annotations: - cluster-autoscaler.kubernetes.io/safe-to-evict: "false" - labels: - app: autoscaler - app.kubernetes.io/component: autoscaler - app.kubernetes.io/name: knative-serving - app.kubernetes.io/version: "1.8.4" - spec: - # To avoid node becoming SPOF, spread our replicas to different nodes. - affinity: - podAntiAffinity: - preferredDuringSchedulingIgnoredDuringExecution: - - podAffinityTerm: - labelSelector: - matchLabels: - app: autoscaler - topologyKey: kubernetes.io/hostname - weight: 100 - serviceAccountName: controller - containers: - - name: autoscaler - # This is the Go import path for the binary that is containerized - # and substituted here. - image: gcr.io/knative-releases/knative.dev/serving/cmd/autoscaler@sha256:3a01ca892242e748c1cf19b0456a3bb2dbeaaba9532647cae2fbea336ff87239 - resources: - requests: - cpu: 100m - memory: 100Mi - limits: - cpu: 1000m - memory: 1000Mi - env: - - name: POD_NAME - valueFrom: - fieldRef: - fieldPath: metadata.name - - name: POD_IP - valueFrom: - fieldRef: - fieldPath: status.podIP - - name: SYSTEM_NAMESPACE - valueFrom: - fieldRef: - fieldPath: metadata.namespace - - name: CONFIG_LOGGING_NAME - value: config-logging - - name: CONFIG_OBSERVABILITY_NAME - value: config-observability - # TODO(https://github.com/knative/pkg/pull/953): Remove stackdriver specific config - - name: METRICS_DOMAIN - value: knative.dev/serving - securityContext: - allowPrivilegeEscalation: false - readOnlyRootFilesystem: true - runAsNonRoot: true - capabilities: - drop: - - ALL - seccompProfile: - type: RuntimeDefault - ports: - - name: metrics - containerPort: 9090 - - name: profiling - containerPort: 8008 - - name: websocket - containerPort: 8080 - readinessProbe: - httpGet: - port: 8080 - httpHeaders: - - name: k-kubelet-probe - value: "autoscaler" - livenessProbe: - httpGet: - port: 8080 - httpHeaders: - - name: k-kubelet-probe - value: "autoscaler" - failureThreshold: 6 ---- -apiVersion: v1 -kind: Service -metadata: - labels: - app: autoscaler - app.kubernetes.io/component: autoscaler - app.kubernetes.io/name: knative-serving - app.kubernetes.io/version: "1.8.4" - name: autoscaler - namespace: knative-serving -spec: - ports: - # Define metrics and profiling for them to be accessible within service meshes. - - name: http-metrics - port: 9090 - targetPort: 9090 - - name: http-profiling - port: 8008 - targetPort: 8008 - - name: http - port: 8080 - targetPort: 8080 - selector: - app: autoscaler - ---- -# Copyright 2018 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: apps/v1 -kind: Deployment -metadata: - name: controller - namespace: knative-serving - labels: - app.kubernetes.io/component: controller - app.kubernetes.io/name: knative-serving - app.kubernetes.io/version: "1.8.4" -spec: - selector: - matchLabels: - app: controller - template: - metadata: - annotations: - cluster-autoscaler.kubernetes.io/safe-to-evict: "true" - labels: - app: controller - app.kubernetes.io/component: controller - app.kubernetes.io/name: knative-serving - app.kubernetes.io/version: "1.8.4" - spec: - # To avoid node becoming SPOF, spread our replicas to different nodes. - affinity: - podAntiAffinity: - preferredDuringSchedulingIgnoredDuringExecution: - - podAffinityTerm: - labelSelector: - matchLabels: - app: controller - topologyKey: kubernetes.io/hostname - weight: 100 - serviceAccountName: controller - containers: - - name: controller - # This is the Go import path for the binary that is containerized - # and substituted here. - image: gcr.io/knative-releases/knative.dev/serving/cmd/controller@sha256:8d222471521e4b83c3a9211e4ea2e4b455ae1a0ff6175feb28422c11ac10587a - resources: - requests: - cpu: 100m - memory: 100Mi - limits: - cpu: 1000m - memory: 1000Mi - env: - - name: POD_NAME - valueFrom: - fieldRef: - fieldPath: metadata.name - - name: SYSTEM_NAMESPACE - valueFrom: - fieldRef: - fieldPath: metadata.namespace - - name: CONFIG_LOGGING_NAME - value: config-logging - - name: CONFIG_OBSERVABILITY_NAME - value: config-observability - # TODO(https://github.com/knative/pkg/pull/953): Remove stackdriver specific config - - name: METRICS_DOMAIN - value: knative.dev/internal/serving - securityContext: - allowPrivilegeEscalation: false - readOnlyRootFilesystem: true - runAsNonRoot: true - capabilities: - drop: - - ALL - seccompProfile: - type: RuntimeDefault - ports: - - name: metrics - containerPort: 9090 - - name: profiling - containerPort: 8008 ---- -apiVersion: v1 -kind: Service -metadata: - labels: - app: controller - app.kubernetes.io/component: controller - app.kubernetes.io/name: knative-serving - app.kubernetes.io/version: "1.8.4" - name: controller - namespace: knative-serving -spec: - ports: - # Define metrics and profiling for them to be accessible within service meshes. - - name: http-metrics - port: 9090 - targetPort: 9090 - - name: http-profiling - port: 8008 - targetPort: 8008 - selector: - app: controller - ---- -# Copyright 2020 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: apps/v1 -kind: Deployment -metadata: - name: domain-mapping - namespace: knative-serving - labels: - app.kubernetes.io/component: domain-mapping - app.kubernetes.io/name: knative-serving - app.kubernetes.io/version: "1.8.4" -spec: - selector: - matchLabels: - app: domain-mapping - template: - metadata: - annotations: - cluster-autoscaler.kubernetes.io/safe-to-evict: "true" - labels: - app: domain-mapping - app.kubernetes.io/component: domain-mapping - app.kubernetes.io/name: knative-serving - app.kubernetes.io/version: "1.8.4" - spec: - # To avoid node becoming SPOF, spread our replicas to different nodes. - affinity: - podAntiAffinity: - preferredDuringSchedulingIgnoredDuringExecution: - - podAffinityTerm: - labelSelector: - matchLabels: - app: domain-mapping - topologyKey: kubernetes.io/hostname - weight: 100 - serviceAccountName: controller - containers: - - name: domain-mapping - # This is the Go import path for the binary that is containerized - # and substituted here. - image: gcr.io/knative-releases/knative.dev/serving/cmd/domain-mapping@sha256:9f41b47ae41a4196a8a22ba871b0ee5f458734485ecdbc528161b29224fcec68 - resources: - requests: - cpu: 30m - memory: 40Mi - limits: - cpu: 300m - memory: 400Mi - env: - - name: SYSTEM_NAMESPACE - valueFrom: - fieldRef: - fieldPath: metadata.namespace - - name: CONFIG_LOGGING_NAME - value: config-logging - - name: CONFIG_OBSERVABILITY_NAME - value: config-observability - # TODO(https://github.com/knative/pkg/pull/953): Remove stackdriver specific config - - name: METRICS_DOMAIN - value: knative.dev/serving - securityContext: - allowPrivilegeEscalation: false - readOnlyRootFilesystem: true - runAsNonRoot: true - capabilities: - drop: - - ALL - seccompProfile: - type: RuntimeDefault - ports: - - name: metrics - containerPort: 9090 - - name: profiling - containerPort: 8008 - ---- -# Copyright 2020 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: apps/v1 -kind: Deployment -metadata: - name: domainmapping-webhook - namespace: knative-serving - labels: - app.kubernetes.io/component: domain-mapping - app.kubernetes.io/name: knative-serving - app.kubernetes.io/version: "1.8.4" -spec: - selector: - matchLabels: - app: domainmapping-webhook - role: domainmapping-webhook - template: - metadata: - annotations: - cluster-autoscaler.kubernetes.io/safe-to-evict: "false" - labels: - app: domainmapping-webhook - role: domainmapping-webhook - app.kubernetes.io/component: domain-mapping - app.kubernetes.io/name: knative-serving - app.kubernetes.io/version: "1.8.4" - spec: - # To avoid node becoming SPOF, spread our replicas to different nodes. - affinity: - podAntiAffinity: - preferredDuringSchedulingIgnoredDuringExecution: - - podAffinityTerm: - labelSelector: - matchLabels: - app: domainmapping-webhook - topologyKey: kubernetes.io/hostname - weight: 100 - serviceAccountName: controller - containers: - - name: domainmapping-webhook - # This is the Go import path for the binary that is containerized - # and substituted here. - image: gcr.io/knative-releases/knative.dev/serving/cmd/domain-mapping-webhook@sha256:1f59333d19391eb837e2a8076071a10c9d8ef19bf2be84c4c71d00d569ae496a - resources: - requests: - cpu: 100m - memory: 100Mi - limits: - cpu: 500m - memory: 500Mi - env: - - name: POD_NAME - valueFrom: - fieldRef: - fieldPath: metadata.name - - name: SYSTEM_NAMESPACE - valueFrom: - fieldRef: - fieldPath: metadata.namespace - - name: CONFIG_LOGGING_NAME - value: config-logging - - name: CONFIG_OBSERVABILITY_NAME - value: config-observability - - name: WEBHOOK_PORT - value: "8443" - # TODO(https://github.com/knative/pkg/pull/953): Remove stackdriver specific config - - name: METRICS_DOMAIN - value: knative.dev/serving - securityContext: - allowPrivilegeEscalation: false - readOnlyRootFilesystem: true - runAsNonRoot: true - capabilities: - drop: - - ALL - seccompProfile: - type: RuntimeDefault - ports: - - name: metrics - containerPort: 9090 - - name: profiling - containerPort: 8008 - - name: https-webhook - containerPort: 8443 - readinessProbe: - periodSeconds: 1 - httpGet: - scheme: HTTPS - port: 8443 - httpHeaders: - - name: k-kubelet-probe - value: "webhook" - livenessProbe: - periodSeconds: 1 - httpGet: - scheme: HTTPS - port: 8443 - httpHeaders: - - name: k-kubelet-probe - value: "webhook" - failureThreshold: 6 - initialDelaySeconds: 20 - # Our webhook should gracefully terminate by lame ducking first, set this to a sufficiently - # high value that we respect whatever value it has configured for the lame duck grace period. - terminationGracePeriodSeconds: 300 ---- -apiVersion: v1 -kind: Service -metadata: - labels: - role: domainmapping-webhook - app.kubernetes.io/component: domain-mapping - app.kubernetes.io/name: knative-serving - app.kubernetes.io/version: "1.8.4" - name: domainmapping-webhook - namespace: knative-serving -spec: - ports: - # Define metrics and profiling for them to be accessible within service meshes. - - name: http-metrics - port: 9090 - targetPort: 9090 - - name: http-profiling - port: 8008 - targetPort: 8008 - - name: https-webhook - port: 443 - targetPort: 8443 - selector: - role: domainmapping-webhook - ---- -# Copyright 2020 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: autoscaling/v2 -kind: HorizontalPodAutoscaler -metadata: - name: webhook - namespace: knative-serving - labels: - app.kubernetes.io/component: webhook - app.kubernetes.io/name: knative-serving - app.kubernetes.io/version: "1.8.4" -spec: - minReplicas: 1 - maxReplicas: 5 - scaleTargetRef: - apiVersion: apps/v1 - kind: Deployment - name: webhook - metrics: - - type: Resource - resource: - name: cpu - target: - type: Utilization - # Percentage of the requested CPU - averageUtilization: 100 ---- -# Webhook PDB. -apiVersion: policy/v1 -kind: PodDisruptionBudget -metadata: - name: webhook-pdb - namespace: knative-serving - labels: - app.kubernetes.io/component: webhook - app.kubernetes.io/name: knative-serving - app.kubernetes.io/version: "1.8.4" -spec: - minAvailable: 80% - selector: - matchLabels: - app: webhook - ---- -# Copyright 2018 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: apps/v1 -kind: Deployment -metadata: - name: webhook - namespace: knative-serving - labels: - app.kubernetes.io/component: webhook - app.kubernetes.io/version: "1.8.4" - app.kubernetes.io/name: knative-serving -spec: - selector: - matchLabels: - app: webhook - role: webhook - template: - metadata: - annotations: - cluster-autoscaler.kubernetes.io/safe-to-evict: "false" - labels: - app: webhook - role: webhook - app.kubernetes.io/version: "1.8.4" - app.kubernetes.io/name: knative-serving - spec: - # To avoid node becoming SPOF, spread our replicas to different nodes. - affinity: - podAntiAffinity: - preferredDuringSchedulingIgnoredDuringExecution: - - podAffinityTerm: - labelSelector: - matchLabels: - app: webhook - topologyKey: kubernetes.io/hostname - weight: 100 - serviceAccountName: controller - containers: - - name: webhook - # This is the Go import path for the binary that is containerized - # and substituted here. - image: gcr.io/knative-releases/knative.dev/serving/cmd/webhook@sha256:8ec89747c5d77ce78b36595c5bd907158717ddb4565a8e8a5abe9525dd73de3e - resources: - requests: - cpu: 100m - memory: 100Mi - limits: - cpu: 500m - memory: 500Mi - env: - - name: POD_NAME - valueFrom: - fieldRef: - fieldPath: metadata.name - - name: SYSTEM_NAMESPACE - valueFrom: - fieldRef: - fieldPath: metadata.namespace - - name: CONFIG_LOGGING_NAME - value: config-logging - - name: CONFIG_OBSERVABILITY_NAME - value: config-observability - - name: WEBHOOK_NAME - value: webhook - - name: WEBHOOK_PORT - value: "8443" - # TODO(https://github.com/knative/pkg/pull/953): Remove stackdriver specific config - - name: METRICS_DOMAIN - value: knative.dev/internal/serving - securityContext: - allowPrivilegeEscalation: false - readOnlyRootFilesystem: true - runAsNonRoot: true - capabilities: - drop: - - ALL - seccompProfile: - type: RuntimeDefault - ports: - - name: metrics - containerPort: 9090 - - name: profiling - containerPort: 8008 - - name: https-webhook - containerPort: 8443 - readinessProbe: - periodSeconds: 1 - httpGet: - scheme: HTTPS - port: 8443 - httpHeaders: - - name: k-kubelet-probe - value: "webhook" - livenessProbe: - periodSeconds: 1 - httpGet: - scheme: HTTPS - port: 8443 - httpHeaders: - - name: k-kubelet-probe - value: "webhook" - failureThreshold: 6 - initialDelaySeconds: 20 - # Our webhook should gracefully terminate by lame ducking first, set this to a sufficiently - # high value that we respect whatever value it has configured for the lame duck grace period. - terminationGracePeriodSeconds: 300 ---- -apiVersion: v1 -kind: Service -metadata: - labels: - role: webhook - app.kubernetes.io/component: webhook - app.kubernetes.io/version: "1.8.4" - app.kubernetes.io/name: knative-serving - name: webhook - namespace: knative-serving -spec: - ports: - # Define metrics and profiling for them to be accessible within service meshes. - - name: http-metrics - port: 9090 - targetPort: 9090 - - name: http-profiling - port: 8008 - targetPort: 8008 - - name: https-webhook - port: 443 - targetPort: 8443 - selector: - role: webhook - ---- -# Copyright 2020 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: admissionregistration.k8s.io/v1 -kind: ValidatingWebhookConfiguration -metadata: - name: config.webhook.serving.knative.dev - labels: - app.kubernetes.io/component: webhook - app.kubernetes.io/name: knative-serving - app.kubernetes.io/version: "1.8.4" -webhooks: - - admissionReviewVersions: ["v1", "v1beta1"] - clientConfig: - service: - name: webhook - namespace: knative-serving - failurePolicy: Fail - sideEffects: None - name: config.webhook.serving.knative.dev - objectSelector: - matchExpressions: - - key: app.kubernetes.io/name - operator: In - values: ["knative-serving"] - - key: app.kubernetes.io/component - operator: In - values: ["autoscaler", "controller", "logging", "networking", "observability", "tracing"] - timeoutSeconds: 10 - ---- -# Copyright 2020 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: admissionregistration.k8s.io/v1 -kind: MutatingWebhookConfiguration -metadata: - name: webhook.serving.knative.dev - labels: - app.kubernetes.io/component: webhook - app.kubernetes.io/name: knative-serving - app.kubernetes.io/version: "1.8.4" -webhooks: - - admissionReviewVersions: ["v1", "v1beta1"] - clientConfig: - service: - name: webhook - namespace: knative-serving - failurePolicy: Fail - sideEffects: None - name: webhook.serving.knative.dev - timeoutSeconds: 10 - rules: - - apiGroups: - - autoscaling.internal.knative.dev - - networking.internal.knative.dev - - serving.knative.dev - apiVersions: - - "*" - operations: - - CREATE - - UPDATE - scope: "*" - resources: - - metrics - - podautoscalers - - certificates - - ingresses - - serverlessservices - - configurations - - revisions - - routes - - services - ---- -# Copyright 2020 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: admissionregistration.k8s.io/v1 -kind: MutatingWebhookConfiguration -metadata: - name: webhook.domainmapping.serving.knative.dev - labels: - app.kubernetes.io/component: domain-mapping - app.kubernetes.io/name: knative-serving - app.kubernetes.io/version: "1.8.4" -webhooks: - - admissionReviewVersions: ["v1", "v1beta1"] - clientConfig: - service: - name: domainmapping-webhook - namespace: knative-serving - failurePolicy: Fail - sideEffects: None - name: webhook.domainmapping.serving.knative.dev - timeoutSeconds: 10 - rules: - - apiGroups: - - serving.knative.dev - apiVersions: - - "*" - operations: - - CREATE - - UPDATE - scope: "*" - resources: - - domainmappings - - domainmappings/status - ---- -# Copyright 2020 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: v1 -kind: Secret -metadata: - name: domainmapping-webhook-certs - namespace: knative-serving - labels: - app.kubernetes.io/component: domain-mapping - app.kubernetes.io/name: knative-serving - app.kubernetes.io/version: "1.8.4" -# The data is populated at install time. - ---- -# Copyright 2020 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: admissionregistration.k8s.io/v1 -kind: ValidatingWebhookConfiguration -metadata: - name: validation.webhook.domainmapping.serving.knative.dev - labels: - app.kubernetes.io/component: domain-mapping - app.kubernetes.io/name: knative-serving - app.kubernetes.io/version: "1.8.4" -webhooks: - - admissionReviewVersions: ["v1", "v1beta1"] - clientConfig: - service: - name: domainmapping-webhook - namespace: knative-serving - failurePolicy: Fail - sideEffects: None - name: validation.webhook.domainmapping.serving.knative.dev - timeoutSeconds: 10 - rules: - - apiGroups: - - serving.knative.dev - apiVersions: - - "*" - operations: - - CREATE - - UPDATE - - DELETE - scope: "*" - resources: - - domainmappings - - domainmappings/status - ---- -# Copyright 2020 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: admissionregistration.k8s.io/v1 -kind: ValidatingWebhookConfiguration -metadata: - name: validation.webhook.serving.knative.dev - labels: - app.kubernetes.io/component: webhook - app.kubernetes.io/name: knative-serving - app.kubernetes.io/version: "1.8.4" -webhooks: - - admissionReviewVersions: ["v1", "v1beta1"] - clientConfig: - service: - name: webhook - namespace: knative-serving - failurePolicy: Fail - sideEffects: None - name: validation.webhook.serving.knative.dev - timeoutSeconds: 10 - rules: - - apiGroups: - - autoscaling.internal.knative.dev - - networking.internal.knative.dev - - serving.knative.dev - apiVersions: - - "*" - operations: - - CREATE - - UPDATE - - DELETE - scope: "*" - resources: - - metrics - - podautoscalers - - certificates - - ingresses - - serverlessservices - - configurations - - revisions - - routes - - services - ---- -# Copyright 2020 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: v1 -kind: Secret -metadata: - name: webhook-certs - namespace: knative-serving - labels: - app.kubernetes.io/component: webhook - app.kubernetes.io/name: knative-serving - app.kubernetes.io/version: "1.8.4" -# The data is populated at install time. - ---- diff --git a/cmd/operator/kodata/knative-serving/1.8.4/3-serving-hpa.yaml b/cmd/operator/kodata/knative-serving/1.8.4/3-serving-hpa.yaml deleted file mode 100644 index ebeb145cf1..0000000000 --- a/cmd/operator/kodata/knative-serving/1.8.4/3-serving-hpa.yaml +++ /dev/null @@ -1,112 +0,0 @@ -# Copyright 2019 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: apps/v1 -kind: Deployment -metadata: - name: autoscaler-hpa - namespace: knative-serving - labels: - autoscaling.knative.dev/autoscaler-provider: hpa - app.kubernetes.io/component: autoscaler-hpa - app.kubernetes.io/name: knative-serving - app.kubernetes.io/version: "1.8.4" -spec: - selector: - matchLabels: - app: autoscaler-hpa - template: - metadata: - annotations: - cluster-autoscaler.kubernetes.io/safe-to-evict: "true" - labels: - app: autoscaler-hpa - app.kubernetes.io/component: autoscaler-hpa - app.kubernetes.io/name: knative-serving - app.kubernetes.io/version: "1.8.4" - spec: - # To avoid node becoming SPOF, spread our replicas to different nodes. - affinity: - podAntiAffinity: - preferredDuringSchedulingIgnoredDuringExecution: - - podAffinityTerm: - labelSelector: - matchLabels: - app: autoscaler-hpa - topologyKey: kubernetes.io/hostname - weight: 100 - serviceAccountName: controller - containers: - - name: autoscaler-hpa - # This is the Go import path for the binary that is containerized - # and substituted here. - image: gcr.io/knative-releases/knative.dev/serving/cmd/autoscaler-hpa@sha256:fc52cd9149bc0b3be9adb47bba70bed5c33ebf76605f8d3b2b683b5737c67ad5 - resources: - requests: - cpu: 30m - memory: 40Mi - limits: - cpu: 300m - memory: 400Mi - env: - - name: SYSTEM_NAMESPACE - valueFrom: - fieldRef: - fieldPath: metadata.namespace - - name: CONFIG_LOGGING_NAME - value: config-logging - - name: CONFIG_OBSERVABILITY_NAME - value: config-observability - # TODO(https://github.com/knative/pkg/pull/953): Remove stackdriver specific config - - name: METRICS_DOMAIN - value: knative.dev/serving - securityContext: - allowPrivilegeEscalation: false - readOnlyRootFilesystem: true - runAsNonRoot: true - capabilities: - drop: - - ALL - seccompProfile: - type: RuntimeDefault - ports: - - name: metrics - containerPort: 9090 - - name: profiling - containerPort: 8008 ---- -apiVersion: v1 -kind: Service -metadata: - labels: - app: autoscaler-hpa - autoscaling.knative.dev/autoscaler-provider: hpa - app.kubernetes.io/component: autoscaler-hpa - app.kubernetes.io/name: knative-serving - app.kubernetes.io/version: "1.8.4" - name: autoscaler-hpa - namespace: knative-serving -spec: - ports: - # Define metrics and profiling for them to be accessible within service meshes. - - name: http-metrics - port: 9090 - targetPort: 9090 - - name: http-profiling - port: 8008 - targetPort: 8008 - selector: - app: autoscaler-hpa - ---- diff --git a/cmd/operator/kodata/knative-serving/1.8.4/4-serving-post-install-jobs.yaml b/cmd/operator/kodata/knative-serving/1.8.4/4-serving-post-install-jobs.yaml deleted file mode 100644 index 5d8c6c557c..0000000000 --- a/cmd/operator/kodata/knative-serving/1.8.4/4-serving-post-install-jobs.yaml +++ /dev/null @@ -1,70 +0,0 @@ - ---- -# /tmp/knative.Tmza1Mu9/tmp.CjNxfu4rke/serving-storage-version-migration.yaml -# Copyright 2020 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: batch/v1 -kind: Job -metadata: - generateName: storage-version-migration-serving- - namespace: knative-serving - labels: - app: storage-version-migration-serving - app.kubernetes.io/name: knative-serving - app.kubernetes.io/component: storage-version-migration-job - app.kubernetes.io/version: "1.8.4" -spec: - ttlSecondsAfterFinished: 600 - backoffLimit: 10 - template: - metadata: - annotations: - sidecar.istio.io/inject: "false" - labels: - app: storage-version-migration-serving - app.kubernetes.io/name: knative-serving - app.kubernetes.io/component: storage-version-migration-job - app.kubernetes.io/version: "1.8.4" - spec: - serviceAccountName: controller - restartPolicy: OnFailure - containers: - - name: migrate - # This is the Go import path for the binary that is containerized - # and substituted here. - image: gcr.io/knative-releases/knative.dev/pkg/apiextensions/storageversion/cmd/migrate@sha256:bfd7e142ae4e5e5fa71ea7759bb61b18a6c5517aeb18955509b04cfac49a1f28 - args: - - "services.serving.knative.dev" - - "configurations.serving.knative.dev" - - "revisions.serving.knative.dev" - - "routes.serving.knative.dev" - resources: - requests: - cpu: 100m - memory: 100Mi - limits: - cpu: 1000m - memory: 1000Mi - securityContext: - allowPrivilegeEscalation: false - readOnlyRootFilesystem: true - runAsNonRoot: true - capabilities: - drop: - - ALL - seccompProfile: - type: RuntimeDefault - ---- diff --git a/cmd/operator/kodata/knative-serving/1.8.5/1-serving-crds.yaml b/cmd/operator/kodata/knative-serving/1.8.5/1-serving-crds.yaml deleted file mode 100644 index 56d78dd0ca..0000000000 --- a/cmd/operator/kodata/knative-serving/1.8.5/1-serving-crds.yaml +++ /dev/null @@ -1,4032 +0,0 @@ -# Copyright 2020 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - name: certificates.networking.internal.knative.dev - labels: - app.kubernetes.io/name: knative-serving - app.kubernetes.io/component: networking - app.kubernetes.io/version: "1.8.5" - knative.dev/crd-install: "true" -spec: - group: networking.internal.knative.dev - versions: - - name: v1alpha1 - served: true - storage: true - subresources: - status: {} - schema: - openAPIV3Schema: - description: Certificate is responsible for provisioning a SSL certificate for the given hosts. It is a Knative abstraction for various SSL certificate provisioning solutions (such as cert-manager or self-signed SSL certificate). - type: object - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - description: 'Spec is the desired state of the Certificate. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status' - type: object - required: - - dnsNames - - secretName - properties: - dnsNames: - description: DNSNames is a list of DNS names the Certificate could support. The wildcard format of DNSNames (e.g. *.default.example.com) is supported. - type: array - items: - type: string - secretName: - description: SecretName is the name of the secret resource to store the SSL certificate in. - type: string - status: - description: 'Status is the current state of the Certificate. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status' - type: object - properties: - annotations: - description: Annotations is additional Status fields for the Resource to save some additional State as well as convey more information to the user. This is roughly akin to Annotations on any k8s resource, just the reconciler conveying richer information outwards. - type: object - additionalProperties: - type: string - conditions: - description: Conditions the latest available observations of a resource's current state. - type: array - items: - description: 'Condition defines a readiness condition for a Knative resource. See: https://github.com/kubernetes/community/blob/master/contributors/devel/sig-architecture/api-conventions.md#typical-status-properties' - type: object - required: - - status - - type - properties: - lastTransitionTime: - description: LastTransitionTime is the last time the condition transitioned from one status to another. We use VolatileTime in place of metav1.Time to exclude this from creating equality.Semantic differences (all other things held constant). - type: string - message: - description: A human readable message indicating details about the transition. - type: string - reason: - description: The reason for the condition's last transition. - type: string - severity: - description: Severity with which to treat failures of this type of condition. When this is not specified, it defaults to Error. - type: string - status: - description: Status of the condition, one of True, False, Unknown. - type: string - type: - description: Type of condition. - type: string - http01Challenges: - description: HTTP01Challenges is a list of HTTP01 challenges that need to be fulfilled in order to get the TLS certificate.. - type: array - items: - description: HTTP01Challenge defines the status of a HTTP01 challenge that a certificate needs to fulfill. - type: object - properties: - serviceName: - description: ServiceName is the name of the service to serve HTTP01 challenge requests. - type: string - serviceNamespace: - description: ServiceNamespace is the namespace of the service to serve HTTP01 challenge requests. - type: string - servicePort: - description: ServicePort is the port of the service to serve HTTP01 challenge requests. - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - url: - description: URL is the URL that the HTTP01 challenge is expected to serve on. - type: string - notAfter: - description: The expiration time of the TLS certificate stored in the secret named by this resource in spec.secretName. - type: string - format: date-time - observedGeneration: - description: ObservedGeneration is the 'Generation' of the Service that was last processed by the controller. - type: integer - format: int64 - additionalPrinterColumns: - - name: Ready - type: string - jsonPath: ".status.conditions[?(@.type==\"Ready\")].status" - - name: Reason - type: string - jsonPath: ".status.conditions[?(@.type==\"Ready\")].reason" - names: - kind: Certificate - plural: certificates - singular: certificate - categories: - - knative-internal - - networking - shortNames: - - kcert - scope: Namespaced - ---- -# Copyright 2019 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -# Note: The schema part of the spec is auto-generated by hack/update-schemas.sh. - -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - name: configurations.serving.knative.dev - labels: - app.kubernetes.io/name: knative-serving - app.kubernetes.io/version: "1.8.5" - knative.dev/crd-install: "true" - duck.knative.dev/podspecable: "true" -spec: - group: serving.knative.dev - names: - kind: Configuration - plural: configurations - singular: configuration - categories: - - all - - knative - - serving - shortNames: - - config - - cfg - scope: Namespaced - versions: - - name: v1 - served: true - storage: true - subresources: - status: {} - additionalPrinterColumns: - - name: LatestCreated - type: string - jsonPath: .status.latestCreatedRevisionName - - name: LatestReady - type: string - jsonPath: .status.latestReadyRevisionName - - name: Ready - type: string - jsonPath: ".status.conditions[?(@.type=='Ready')].status" - - name: Reason - type: string - jsonPath: ".status.conditions[?(@.type=='Ready')].reason" - schema: - openAPIV3Schema: - description: 'Configuration represents the "floating HEAD" of a linear history of Revisions. Users create new Revisions by updating the Configuration''s spec. The "latest created" revision''s name is available under status, as is the "latest ready" revision''s name. See also: https://github.com/knative/serving/blob/main/docs/spec/overview.md#configuration' - type: object - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - description: ConfigurationSpec holds the desired state of the Configuration (from the client). - type: object - properties: - template: - description: Template holds the latest specification for the Revision to be stamped out. - type: object - properties: - metadata: - type: object - properties: - annotations: - type: object - additionalProperties: - type: string - finalizers: - type: array - items: - type: string - labels: - type: object - additionalProperties: - type: string - name: - type: string - namespace: - type: string - x-kubernetes-preserve-unknown-fields: true - spec: - description: RevisionSpec holds the desired state of the Revision (from the client). - type: object - required: - - containers - properties: - affinity: - description: This is accessible behind a feature flag - kubernetes.podspec-affinity - type: object - x-kubernetes-preserve-unknown-fields: true - automountServiceAccountToken: - description: AutomountServiceAccountToken indicates whether a service account token should be automatically mounted. - type: boolean - containerConcurrency: - description: ContainerConcurrency specifies the maximum allowed in-flight (concurrent) requests per container of the Revision. Defaults to `0` which means concurrency to the application is not limited, and the system decides the target concurrency for the autoscaler. - type: integer - format: int64 - containers: - description: List of containers belonging to the pod. Containers cannot currently be added or removed. There must be at least one container in a Pod. Cannot be updated. - type: array - items: - description: A single application container that you want to run within a pod. - type: object - properties: - args: - description: 'Arguments to the entrypoint. The container image''s CMD is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container''s environment. If a variable cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)" will produce the string literal "$(VAR_NAME)". Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell' - type: array - items: - type: string - command: - description: 'Entrypoint array. Not executed within a shell. The container image''s ENTRYPOINT is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container''s environment. If a variable cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)" will produce the string literal "$(VAR_NAME)". Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell' - type: array - items: - type: string - env: - description: List of environment variables to set in the container. Cannot be updated. - type: array - items: - description: EnvVar represents an environment variable present in a Container. - type: object - required: - - name - properties: - name: - description: Name of the environment variable. Must be a C_IDENTIFIER. - type: string - value: - description: 'Variable references $(VAR_NAME) are expanded using the previously defined environment variables in the container and any service environment variables. If a variable cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)" will produce the string literal "$(VAR_NAME)". Escaped references will never be expanded, regardless of whether the variable exists or not. Defaults to "".' - type: string - valueFrom: - description: Source for the environment variable's value. Cannot be used if value is not empty. - type: object - properties: - configMapKeyRef: - description: Selects a key of a ConfigMap. - type: object - required: - - key - properties: - key: - description: The key to select. - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?' - type: string - optional: - description: Specify whether the ConfigMap or its key must be defined - type: boolean - x-kubernetes-map-type: atomic - fieldRef: - description: This is accessible behind a feature flag - kubernetes.podspec-fieldref - type: object - x-kubernetes-preserve-unknown-fields: true - x-kubernetes-map-type: atomic - resourceFieldRef: - description: This is accessible behind a feature flag - kubernetes.podspec-fieldref - type: object - x-kubernetes-preserve-unknown-fields: true - x-kubernetes-map-type: atomic - secretKeyRef: - description: Selects a key of a secret in the pod's namespace - type: object - required: - - key - properties: - key: - description: The key of the secret to select from. Must be a valid secret key. - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?' - type: string - optional: - description: Specify whether the Secret or its key must be defined - type: boolean - x-kubernetes-map-type: atomic - envFrom: - description: List of sources to populate environment variables in the container. The keys defined within a source must be a C_IDENTIFIER. All invalid keys will be reported as an event when the container is starting. When a key exists in multiple sources, the value associated with the last source will take precedence. Values defined by an Env with a duplicate key will take precedence. Cannot be updated. - type: array - items: - description: EnvFromSource represents the source of a set of ConfigMaps - type: object - properties: - configMapRef: - description: The ConfigMap to select from - type: object - properties: - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?' - type: string - optional: - description: Specify whether the ConfigMap must be defined - type: boolean - x-kubernetes-map-type: atomic - prefix: - description: An optional identifier to prepend to each key in the ConfigMap. Must be a C_IDENTIFIER. - type: string - secretRef: - description: The Secret to select from - type: object - properties: - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?' - type: string - optional: - description: Specify whether the Secret must be defined - type: boolean - x-kubernetes-map-type: atomic - image: - description: 'Container image name. More info: https://kubernetes.io/docs/concepts/containers/images This field is optional to allow higher level config management to default or override container images in workload controllers like Deployments and StatefulSets.' - type: string - imagePullPolicy: - description: 'Image pull policy. One of Always, Never, IfNotPresent. Defaults to Always if :latest tag is specified, or IfNotPresent otherwise. Cannot be updated. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images' - type: string - livenessProbe: - description: 'Periodic probe of container liveness. Container will be restarted if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' - type: object - properties: - exec: - description: Exec specifies the action to take. - type: object - properties: - command: - description: Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. - type: array - items: - type: string - failureThreshold: - description: Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1. - type: integer - format: int32 - httpGet: - description: HTTPGet specifies the http request to perform. - type: object - properties: - host: - description: Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. - type: string - httpHeaders: - description: Custom headers to set in the request. HTTP allows repeated headers. - type: array - items: - description: HTTPHeader describes a custom header to be used in HTTP probes - type: object - required: - - name - - value - properties: - name: - description: The header field name - type: string - value: - description: The header field value - type: string - path: - description: Path to access on the HTTP server. - type: string - port: - description: Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - scheme: - description: Scheme to use for connecting to the host. Defaults to HTTP. - type: string - initialDelaySeconds: - description: 'Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' - type: integer - format: int32 - periodSeconds: - description: How often (in seconds) to perform the probe. - type: integer - format: int32 - successThreshold: - description: Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1. - type: integer - format: int32 - tcpSocket: - description: TCPSocket specifies an action involving a TCP port. - type: object - properties: - host: - description: 'Optional: Host name to connect to, defaults to the pod IP.' - type: string - port: - description: Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - timeoutSeconds: - description: 'Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' - type: integer - format: int32 - name: - description: Name of the container specified as a DNS_LABEL. Each container in a pod must have a unique name (DNS_LABEL). Cannot be updated. - type: string - ports: - description: List of ports to expose from the container. Not specifying a port here DOES NOT prevent that port from being exposed. Any port which is listening on the default "0.0.0.0" address inside a container will be accessible from the network. Modifying this array with strategic merge patch may corrupt the data. For more information See https://github.com/kubernetes/kubernetes/issues/108255. Cannot be updated. - type: array - items: - description: ContainerPort represents a network port in a single container. - type: object - required: - - containerPort - properties: - containerPort: - description: Number of port to expose on the pod's IP address. This must be a valid port number, 0 < x < 65536. - type: integer - format: int32 - name: - description: If specified, this must be an IANA_SVC_NAME and unique within the pod. Each named port in a pod must have a unique name. Name for the port that can be referred to by services. - type: string - protocol: - description: Protocol for port. Must be UDP, TCP, or SCTP. Defaults to "TCP". - type: string - default: TCP - x-kubernetes-list-map-keys: - - containerPort - - protocol - x-kubernetes-list-type: map - readinessProbe: - description: 'Periodic probe of container service readiness. Container will be removed from service endpoints if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' - type: object - properties: - exec: - description: Exec specifies the action to take. - type: object - properties: - command: - description: Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. - type: array - items: - type: string - failureThreshold: - description: Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1. - type: integer - format: int32 - httpGet: - description: HTTPGet specifies the http request to perform. - type: object - properties: - host: - description: Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. - type: string - httpHeaders: - description: Custom headers to set in the request. HTTP allows repeated headers. - type: array - items: - description: HTTPHeader describes a custom header to be used in HTTP probes - type: object - required: - - name - - value - properties: - name: - description: The header field name - type: string - value: - description: The header field value - type: string - path: - description: Path to access on the HTTP server. - type: string - port: - description: Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - scheme: - description: Scheme to use for connecting to the host. Defaults to HTTP. - type: string - initialDelaySeconds: - description: 'Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' - type: integer - format: int32 - periodSeconds: - description: How often (in seconds) to perform the probe. - type: integer - format: int32 - successThreshold: - description: Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1. - type: integer - format: int32 - tcpSocket: - description: TCPSocket specifies an action involving a TCP port. - type: object - properties: - host: - description: 'Optional: Host name to connect to, defaults to the pod IP.' - type: string - port: - description: Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - timeoutSeconds: - description: 'Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' - type: integer - format: int32 - resources: - description: 'Compute Resources required by this container. Cannot be updated. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' - type: object - properties: - limits: - description: 'Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' - type: object - additionalProperties: - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - requests: - description: 'Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' - type: object - additionalProperties: - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - securityContext: - description: 'SecurityContext defines the security options the container should be run with. If set, the fields of SecurityContext override the equivalent fields of PodSecurityContext. More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/' - type: object - properties: - allowPrivilegeEscalation: - description: 'AllowPrivilegeEscalation controls whether a process can gain more privileges than its parent process. This bool directly controls if the no_new_privs flag will be set on the container process. AllowPrivilegeEscalation is true always when the container is: 1) run as Privileged 2) has CAP_SYS_ADMIN Note that this field cannot be set when spec.os.name is windows.' - type: boolean - capabilities: - description: The capabilities to add/drop when running containers. Defaults to the default set of capabilities granted by the container runtime. Note that this field cannot be set when spec.os.name is windows. - type: object - properties: - add: - description: This is accessible behind a feature flag - kubernetes.containerspec-addcapabilities - type: array - items: - description: Capability represent POSIX capabilities type - type: string - drop: - description: Removed capabilities - type: array - items: - description: Capability represent POSIX capabilities type - type: string - readOnlyRootFilesystem: - description: Whether this container has a read-only root filesystem. Default is false. Note that this field cannot be set when spec.os.name is windows. - type: boolean - runAsGroup: - description: The GID to run the entrypoint of the container process. Uses runtime default if unset. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is windows. - type: integer - format: int64 - runAsNonRoot: - description: Indicates that the container must run as a non-root user. If true, the Kubelet will validate the image at runtime to ensure that it does not run as UID 0 (root) and fail to start the container if it does. If unset or false, no such validation will be performed. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. - type: boolean - runAsUser: - description: The UID to run the entrypoint of the container process. Defaults to user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is windows. - type: integer - format: int64 - terminationMessagePath: - description: 'Optional: Path at which the file to which the container''s termination message will be written is mounted into the container''s filesystem. Message written is intended to be brief final status, such as an assertion failure message. Will be truncated by the node if greater than 4096 bytes. The total message length across all containers will be limited to 12kb. Defaults to /dev/termination-log. Cannot be updated.' - type: string - terminationMessagePolicy: - description: Indicate how the termination message should be populated. File will use the contents of terminationMessagePath to populate the container status message on both success and failure. FallbackToLogsOnError will use the last chunk of container log output if the termination message file is empty and the container exited with an error. The log output is limited to 2048 bytes or 80 lines, whichever is smaller. Defaults to File. Cannot be updated. - type: string - volumeMounts: - description: Pod volumes to mount into the container's filesystem. Cannot be updated. - type: array - items: - description: VolumeMount describes a mounting of a Volume within a container. - type: object - required: - - mountPath - - name - properties: - mountPath: - description: Path within the container at which the volume should be mounted. Must not contain ':'. - type: string - name: - description: This must match the Name of a Volume. - type: string - readOnly: - description: Mounted read-only if true, read-write otherwise (false or unspecified). Defaults to false. - type: boolean - subPath: - description: Path within the volume from which the container's volume should be mounted. Defaults to "" (volume's root). - type: string - workingDir: - description: Container's working directory. If not specified, the container runtime's default will be used, which might be configured in the container image. Cannot be updated. - type: string - dnsConfig: - description: This is accessible behind a feature flag - kubernetes.podspec-dnsconfig - type: object - x-kubernetes-preserve-unknown-fields: true - dnsPolicy: - description: This is accessible behind a feature flag - kubernetes.podspec-dnspolicy - type: string - enableServiceLinks: - description: 'EnableServiceLinks indicates whether information about services should be injected into pod''s environment variables, matching the syntax of Docker links. Optional: Knative defaults this to false.' - type: boolean - hostAliases: - description: This is accessible behind a feature flag - kubernetes.podspec-hostaliases - type: array - items: - description: This is accessible behind a feature flag - kubernetes.podspec-hostaliases - type: object - x-kubernetes-preserve-unknown-fields: true - idleTimeoutSeconds: - description: IdleTimeoutSeconds is the maximum duration in seconds a request will be allowed to stay open while not receiving any bytes from the user's application. If unspecified, a system default will be provided. - type: integer - format: int64 - imagePullSecrets: - description: 'ImagePullSecrets is an optional list of references to secrets in the same namespace to use for pulling any of the images used by this PodSpec. If specified, these secrets will be passed to individual puller implementations for them to use. More info: https://kubernetes.io/docs/concepts/containers/images#specifying-imagepullsecrets-on-a-pod' - type: array - items: - description: LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. - type: object - properties: - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?' - type: string - x-kubernetes-map-type: atomic - initContainers: - description: 'List of initialization containers belonging to the pod. Init containers are executed in order prior to containers being started. If any init container fails, the pod is considered to have failed and is handled according to its restartPolicy. The name for an init container or normal container must be unique among all containers. Init containers may not have Lifecycle actions, Readiness probes, Liveness probes, or Startup probes. The resourceRequirements of an init container are taken into account during scheduling by finding the highest request/limit for each resource type, and then using the max of of that value or the sum of the normal containers. Limits are applied to init containers in a similar fashion. Init containers cannot currently be added or removed. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/init-containers/' - type: array - items: - description: This is accessible behind a feature flag - kubernetes.podspec-init-containers - type: object - x-kubernetes-preserve-unknown-fields: true - nodeSelector: - description: This is accessible behind a feature flag - kubernetes.podspec-nodeselector - type: object - x-kubernetes-preserve-unknown-fields: true - x-kubernetes-map-type: atomic - priorityClassName: - description: This is accessible behind a feature flag - kubernetes.podspec-priorityclassname - type: string - x-kubernetes-preserve-unknown-fields: true - responseStartTimeoutSeconds: - description: ResponseStartTimeoutSeconds is the maximum duration in seconds that the request routing layer will wait for a request delivered to a container to begin sending any network traffic. - type: integer - format: int64 - runtimeClassName: - description: This is accessible behind a feature flag - kubernetes.podspec-runtimeclassname - type: string - x-kubernetes-preserve-unknown-fields: true - schedulerName: - description: This is accessible behind a feature flag - kubernetes.podspec-schedulername - type: string - x-kubernetes-preserve-unknown-fields: true - securityContext: - description: This is accessible behind a feature flag - kubernetes.podspec-securitycontext - type: object - x-kubernetes-preserve-unknown-fields: true - serviceAccountName: - description: 'ServiceAccountName is the name of the ServiceAccount to use to run this pod. More info: https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/' - type: string - timeoutSeconds: - description: TimeoutSeconds is the maximum duration in seconds that the request instance is allowed to respond to a request. If unspecified, a system default will be provided. - type: integer - format: int64 - tolerations: - description: This is accessible behind a feature flag - kubernetes.podspec-tolerations - type: array - items: - description: This is accessible behind a feature flag - kubernetes.podspec-tolerations - type: object - x-kubernetes-preserve-unknown-fields: true - topologySpreadConstraints: - description: This is accessible behind a feature flag - kubernetes.podspec-topologyspreadconstraints - type: array - items: - description: This is accessible behind a feature flag - kubernetes.podspec-topologyspreadconstraints - type: object - x-kubernetes-preserve-unknown-fields: true - volumes: - description: 'List of volumes that can be mounted by containers belonging to the pod. More info: https://kubernetes.io/docs/concepts/storage/volumes' - type: array - items: - description: Volume represents a named volume in a pod that may be accessed by any container in the pod. - type: object - required: - - name - properties: - configMap: - description: configMap represents a configMap that should populate this volume - type: object - properties: - defaultMode: - description: 'defaultMode is optional: mode bits used to set permissions on created files by default. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. Defaults to 0644. Directories within the path are not affected by this setting. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.' - type: integer - format: int32 - items: - description: items if unspecified, each key-value pair in the Data field of the referenced ConfigMap will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the ConfigMap, the volume setup will error unless it is marked optional. Paths must be relative and may not contain the '..' path or start with '..'. - type: array - items: - description: Maps a string key to a path within a volume. - type: object - required: - - key - - path - properties: - key: - description: key is the key to project. - type: string - mode: - description: 'mode is Optional: mode bits used to set permissions on this file. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.' - type: integer - format: int32 - path: - description: path is the relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'. - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?' - type: string - optional: - description: optional specify whether the ConfigMap or its keys must be defined - type: boolean - x-kubernetes-map-type: atomic - emptyDir: - description: This is accessible behind a feature flag - kubernetes.podspec-emptydir - type: object - x-kubernetes-preserve-unknown-fields: true - name: - description: 'name of the volume. Must be a DNS_LABEL and unique within the pod. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - persistentVolumeClaim: - description: This is accessible behind a feature flag - kubernetes.podspec-persistent-volume-claim - type: object - x-kubernetes-preserve-unknown-fields: true - projected: - description: projected items for all in one resources secrets, configmaps, and downward API - type: object - properties: - defaultMode: - description: defaultMode are the mode bits used to set permissions on created files by default. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. Directories within the path are not affected by this setting. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. - type: integer - format: int32 - sources: - description: sources is the list of volume projections - type: array - items: - description: Projection that may be projected along with other supported volume types - type: object - properties: - configMap: - description: configMap information about the configMap data to project - type: object - properties: - items: - description: items if unspecified, each key-value pair in the Data field of the referenced ConfigMap will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the ConfigMap, the volume setup will error unless it is marked optional. Paths must be relative and may not contain the '..' path or start with '..'. - type: array - items: - description: Maps a string key to a path within a volume. - type: object - required: - - key - - path - properties: - key: - description: key is the key to project. - type: string - mode: - description: 'mode is Optional: mode bits used to set permissions on this file. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.' - type: integer - format: int32 - path: - description: path is the relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'. - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?' - type: string - optional: - description: optional specify whether the ConfigMap or its keys must be defined - type: boolean - x-kubernetes-map-type: atomic - secret: - description: secret information about the secret data to project - type: object - properties: - items: - description: items if unspecified, each key-value pair in the Data field of the referenced Secret will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the Secret, the volume setup will error unless it is marked optional. Paths must be relative and may not contain the '..' path or start with '..'. - type: array - items: - description: Maps a string key to a path within a volume. - type: object - required: - - key - - path - properties: - key: - description: key is the key to project. - type: string - mode: - description: 'mode is Optional: mode bits used to set permissions on this file. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.' - type: integer - format: int32 - path: - description: path is the relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'. - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?' - type: string - optional: - description: optional field specify whether the Secret or its key must be defined - type: boolean - x-kubernetes-map-type: atomic - serviceAccountToken: - description: serviceAccountToken is information about the serviceAccountToken data to project - type: object - required: - - path - properties: - audience: - description: audience is the intended audience of the token. A recipient of a token must identify itself with an identifier specified in the audience of the token, and otherwise should reject the token. The audience defaults to the identifier of the apiserver. - type: string - expirationSeconds: - description: expirationSeconds is the requested duration of validity of the service account token. As the token approaches expiration, the kubelet volume plugin will proactively rotate the service account token. The kubelet will start trying to rotate the token if the token is older than 80 percent of its time to live or if the token is older than 24 hours.Defaults to 1 hour and must be at least 10 minutes. - type: integer - format: int64 - path: - description: path is the path relative to the mount point of the file to project the token into. - type: string - secret: - description: 'secret represents a secret that should populate this volume. More info: https://kubernetes.io/docs/concepts/storage/volumes#secret' - type: object - properties: - defaultMode: - description: 'defaultMode is Optional: mode bits used to set permissions on created files by default. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. Defaults to 0644. Directories within the path are not affected by this setting. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.' - type: integer - format: int32 - items: - description: items If unspecified, each key-value pair in the Data field of the referenced Secret will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the Secret, the volume setup will error unless it is marked optional. Paths must be relative and may not contain the '..' path or start with '..'. - type: array - items: - description: Maps a string key to a path within a volume. - type: object - required: - - key - - path - properties: - key: - description: key is the key to project. - type: string - mode: - description: 'mode is Optional: mode bits used to set permissions on this file. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.' - type: integer - format: int32 - path: - description: path is the relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'. - type: string - optional: - description: optional field specify whether the Secret or its keys must be defined - type: boolean - secretName: - description: 'secretName is the name of the secret in the pod''s namespace to use. More info: https://kubernetes.io/docs/concepts/storage/volumes#secret' - type: string - status: - description: ConfigurationStatus communicates the observed state of the Configuration (from the controller). - type: object - properties: - annotations: - description: Annotations is additional Status fields for the Resource to save some additional State as well as convey more information to the user. This is roughly akin to Annotations on any k8s resource, just the reconciler conveying richer information outwards. - type: object - additionalProperties: - type: string - conditions: - description: Conditions the latest available observations of a resource's current state. - type: array - items: - description: 'Condition defines a readiness condition for a Knative resource. See: https://github.com/kubernetes/community/blob/master/contributors/devel/sig-architecture/api-conventions.md#typical-status-properties' - type: object - required: - - status - - type - properties: - lastTransitionTime: - description: LastTransitionTime is the last time the condition transitioned from one status to another. We use VolatileTime in place of metav1.Time to exclude this from creating equality.Semantic differences (all other things held constant). - type: string - message: - description: A human readable message indicating details about the transition. - type: string - reason: - description: The reason for the condition's last transition. - type: string - severity: - description: Severity with which to treat failures of this type of condition. When this is not specified, it defaults to Error. - type: string - status: - description: Status of the condition, one of True, False, Unknown. - type: string - type: - description: Type of condition. - type: string - latestCreatedRevisionName: - description: LatestCreatedRevisionName is the last revision that was created from this Configuration. It might not be ready yet, for that use LatestReadyRevisionName. - type: string - latestReadyRevisionName: - description: LatestReadyRevisionName holds the name of the latest Revision stamped out from this Configuration that has had its "Ready" condition become "True". - type: string - observedGeneration: - description: ObservedGeneration is the 'Generation' of the Service that was last processed by the controller. - type: integer - format: int64 - ---- -# Copyright 2020 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - name: clusterdomainclaims.networking.internal.knative.dev - labels: - app.kubernetes.io/name: knative-serving - app.kubernetes.io/component: networking - app.kubernetes.io/version: "1.8.5" - knative.dev/crd-install: "true" -spec: - group: networking.internal.knative.dev - versions: - - name: v1alpha1 - served: true - storage: true - subresources: - status: {} - schema: - openAPIV3Schema: - description: ClusterDomainClaim is a cluster-wide reservation for a particular domain name. - type: object - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - description: 'Spec is the desired state of the ClusterDomainClaim. More info: https://github.com/kubernetes/community/blob/master/contributors/devel/sig-architecture/api-conventions.md#spec-and-status' - type: object - required: - - namespace - properties: - namespace: - description: Namespace is the namespace which is allowed to create a DomainMapping using this ClusterDomainClaim's name. - type: string - names: - kind: ClusterDomainClaim - plural: clusterdomainclaims - singular: clusterdomainclaim - categories: - - knative-internal - - networking - shortNames: - - cdc - scope: Cluster - ---- -# Copyright 2020 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - name: domainmappings.serving.knative.dev - labels: - app.kubernetes.io/name: knative-serving - app.kubernetes.io/version: "1.8.5" - knative.dev/crd-install: "true" -spec: - group: serving.knative.dev - versions: - - name: v1beta1 - served: true - storage: false - subresources: - status: {} - additionalPrinterColumns: - - name: URL - type: string - jsonPath: .status.url - - name: Ready - type: string - jsonPath: ".status.conditions[?(@.type=='Ready')].status" - - name: Reason - type: string - jsonPath: ".status.conditions[?(@.type=='Ready')].reason" - "schema": - "openAPIV3Schema": - description: DomainMapping is a mapping from a custom hostname to an Addressable. - type: object - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - description: 'Spec is the desired state of the DomainMapping. More info: https://github.com/kubernetes/community/blob/master/contributors/devel/sig-architecture/api-conventions.md#spec-and-status' - type: object - required: - - ref - properties: - ref: - description: "Ref specifies the target of the Domain Mapping. \n The object identified by the Ref must be an Addressable with a URL of the form `{name}.{namespace}.{domain}` where `{domain}` is the cluster domain, and `{name}` and `{namespace}` are the name and namespace of a Kubernetes Service. \n This contract is satisfied by Knative types such as Knative Services and Knative Routes, and by Kubernetes Services." - type: object - required: - - kind - - name - properties: - apiVersion: - description: API version of the referent. - type: string - group: - description: 'Group of the API, without the version of the group. This can be used as an alternative to the APIVersion, and then resolved using ResolveGroup. Note: This API is EXPERIMENTAL and might break anytime. For more details: https://github.com/knative/eventing/issues/5086' - type: string - kind: - description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - namespace: - description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ This is optional field, it gets defaulted to the object holding it if left out.' - type: string - tls: - description: TLS allows the DomainMapping to terminate TLS traffic with an existing secret. - type: object - required: - - secretName - properties: - secretName: - description: SecretName is the name of the existing secret used to terminate TLS traffic. - type: string - status: - description: 'Status is the current state of the DomainMapping. More info: https://github.com/kubernetes/community/blob/master/contributors/devel/sig-architecture/api-conventions.md#spec-and-status' - type: object - properties: - address: - description: Address holds the information needed for a DomainMapping to be the target of an event. - type: object - properties: - url: - type: string - annotations: - description: Annotations is additional Status fields for the Resource to save some additional State as well as convey more information to the user. This is roughly akin to Annotations on any k8s resource, just the reconciler conveying richer information outwards. - type: object - additionalProperties: - type: string - conditions: - description: Conditions the latest available observations of a resource's current state. - type: array - items: - description: 'Condition defines a readiness condition for a Knative resource. See: https://github.com/kubernetes/community/blob/master/contributors/devel/sig-architecture/api-conventions.md#typical-status-properties' - type: object - required: - - status - - type - properties: - lastTransitionTime: - description: LastTransitionTime is the last time the condition transitioned from one status to another. We use VolatileTime in place of metav1.Time to exclude this from creating equality.Semantic differences (all other things held constant). - type: string - message: - description: A human readable message indicating details about the transition. - type: string - reason: - description: The reason for the condition's last transition. - type: string - severity: - description: Severity with which to treat failures of this type of condition. When this is not specified, it defaults to Error. - type: string - status: - description: Status of the condition, one of True, False, Unknown. - type: string - type: - description: Type of condition. - type: string - observedGeneration: - description: ObservedGeneration is the 'Generation' of the Service that was last processed by the controller. - type: integer - format: int64 - url: - description: URL is the URL of this DomainMapping. - type: string - - name: v1alpha1 - served: true - storage: true - subresources: - status: {} - schema: - openAPIV3Schema: - description: DomainMapping is a mapping from a custom hostname to an Addressable. - type: object - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - description: 'Spec is the desired state of the DomainMapping. More info: https://github.com/kubernetes/community/blob/master/contributors/devel/sig-architecture/api-conventions.md#spec-and-status' - type: object - required: - - ref - properties: - ref: - description: "Ref specifies the target of the Domain Mapping. \n The object identified by the Ref must be an Addressable with a URL of the form `{name}.{namespace}.{domain}` where `{domain}` is the cluster domain, and `{name}` and `{namespace}` are the name and namespace of a Kubernetes Service. \n This contract is satisfied by Knative types such as Knative Services and Knative Routes, and by Kubernetes Services." - type: object - required: - - kind - - name - properties: - apiVersion: - description: API version of the referent. - type: string - group: - description: 'Group of the API, without the version of the group. This can be used as an alternative to the APIVersion, and then resolved using ResolveGroup. Note: This API is EXPERIMENTAL and might break anytime. For more details: https://github.com/knative/eventing/issues/5086' - type: string - kind: - description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - namespace: - description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ This is optional field, it gets defaulted to the object holding it if left out.' - type: string - tls: - description: TLS allows the DomainMapping to terminate TLS traffic with an existing secret. - type: object - required: - - secretName - properties: - secretName: - description: SecretName is the name of the existing secret used to terminate TLS traffic. - type: string - status: - description: 'Status is the current state of the DomainMapping. More info: https://github.com/kubernetes/community/blob/master/contributors/devel/sig-architecture/api-conventions.md#spec-and-status' - type: object - properties: - address: - description: Address holds the information needed for a DomainMapping to be the target of an event. - type: object - properties: - url: - type: string - annotations: - description: Annotations is additional Status fields for the Resource to save some additional State as well as convey more information to the user. This is roughly akin to Annotations on any k8s resource, just the reconciler conveying richer information outwards. - type: object - additionalProperties: - type: string - conditions: - description: Conditions the latest available observations of a resource's current state. - type: array - items: - description: 'Condition defines a readiness condition for a Knative resource. See: https://github.com/kubernetes/community/blob/master/contributors/devel/sig-architecture/api-conventions.md#typical-status-properties' - type: object - required: - - status - - type - properties: - lastTransitionTime: - description: LastTransitionTime is the last time the condition transitioned from one status to another. We use VolatileTime in place of metav1.Time to exclude this from creating equality.Semantic differences (all other things held constant). - type: string - message: - description: A human readable message indicating details about the transition. - type: string - reason: - description: The reason for the condition's last transition. - type: string - severity: - description: Severity with which to treat failures of this type of condition. When this is not specified, it defaults to Error. - type: string - status: - description: Status of the condition, one of True, False, Unknown. - type: string - type: - description: Type of condition. - type: string - observedGeneration: - description: ObservedGeneration is the 'Generation' of the Service that was last processed by the controller. - type: integer - format: int64 - url: - description: URL is the URL of this DomainMapping. - type: string - additionalPrinterColumns: - - name: URL - type: string - jsonPath: .status.url - - name: Ready - type: string - jsonPath: ".status.conditions[?(@.type=='Ready')].status" - - name: Reason - type: string - jsonPath: ".status.conditions[?(@.type=='Ready')].reason" - names: - kind: DomainMapping - plural: domainmappings - singular: domainmapping - categories: - - all - - knative - - serving - shortNames: - - dm - scope: Namespaced - ---- -# Copyright 2020 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - name: ingresses.networking.internal.knative.dev - labels: - app.kubernetes.io/name: knative-serving - app.kubernetes.io/component: networking - app.kubernetes.io/version: "1.8.5" - knative.dev/crd-install: "true" -spec: - group: networking.internal.knative.dev - versions: - - name: v1alpha1 - served: true - storage: true - subresources: - status: {} - schema: - openAPIV3Schema: - description: "Ingress is a collection of rules that allow inbound connections to reach the endpoints defined by a backend. An Ingress can be configured to give services externally-reachable URLs, load balance traffic, offer name based virtual hosting, etc. \n This is heavily based on K8s Ingress https://godoc.org/k8s.io/api/networking/v1beta1#Ingress which some highlighted modifications." - type: object - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - description: 'Spec is the desired state of the Ingress. More info: https://github.com/kubernetes/community/blob/master/contributors/devel/sig-architecture/api-conventions.md#spec-and-status' - type: object - properties: - httpOption: - description: 'HTTPOption is the option of HTTP. It has the following two values: `HTTPOptionEnabled`, `HTTPOptionRedirected`' - type: string - rules: - description: A list of host rules used to configure the Ingress. - type: array - items: - description: IngressRule represents the rules mapping the paths under a specified host to the related backend services. Incoming requests are first evaluated for a host match, then routed to the backend associated with the matching IngressRuleValue. - type: object - properties: - hosts: - description: 'Host is the fully qualified domain name of a network host, as defined by RFC 3986. Note the following deviations from the "host" part of the URI as defined in the RFC: 1. IPs are not allowed. Currently a rule value can only apply to the IP in the Spec of the parent . 2. The `:` delimiter is not respected because ports are not allowed. Currently the port of an Ingress is implicitly :80 for http and :443 for https. Both these may change in the future. If the host is unspecified, the Ingress routes all traffic based on the specified IngressRuleValue. If multiple matching Hosts were provided, the first rule will take precedent.' - type: array - items: - type: string - http: - description: HTTP represents a rule to apply against incoming requests. If the rule is satisfied, the request is routed to the specified backend. - type: object - required: - - paths - properties: - paths: - description: "A collection of paths that map requests to backends. \n If they are multiple matching paths, the first match takes precedence." - type: array - items: - description: HTTPIngressPath associates a path regex with a backend. Incoming URLs matching the path are forwarded to the backend. - type: object - required: - - splits - properties: - appendHeaders: - description: "AppendHeaders allow specifying additional HTTP headers to add before forwarding a request to the destination service. \n NOTE: This differs from K8s Ingress which doesn't allow header appending." - type: object - additionalProperties: - type: string - headers: - description: Headers defines header matching rules which is a map from a header name to HeaderMatch which specify a matching condition. When a request matched with all the header matching rules, the request is routed by the corresponding ingress rule. If it is empty, the headers are not used for matching - type: object - additionalProperties: - description: HeaderMatch represents a matching value of Headers in HTTPIngressPath. Currently, only the exact matching is supported. - type: object - required: - - exact - properties: - exact: - type: string - path: - description: Path represents a literal prefix to which this rule should apply. Currently it can contain characters disallowed from the conventional "path" part of a URL as defined by RFC 3986. Paths must begin with a '/'. If unspecified, the path defaults to a catch all sending traffic to the backend. - type: string - rewriteHost: - description: "RewriteHost rewrites the incoming request's host header. \n This field is currently experimental and not supported by all Ingress implementations." - type: string - splits: - description: Splits defines the referenced service endpoints to which the traffic will be forwarded to. - type: array - items: - description: IngressBackendSplit describes all endpoints for a given service and port. - type: object - required: - - serviceName - - serviceNamespace - - servicePort - properties: - appendHeaders: - description: "AppendHeaders allow specifying additional HTTP headers to add before forwarding a request to the destination service. \n NOTE: This differs from K8s Ingress which doesn't allow header appending." - type: object - additionalProperties: - type: string - percent: - description: "Specifies the split percentage, a number between 0 and 100. If only one split is specified, we default to 100. \n NOTE: This differs from K8s Ingress to allow percentage split." - type: integer - serviceName: - description: Specifies the name of the referenced service. - type: string - serviceNamespace: - description: "Specifies the namespace of the referenced service. \n NOTE: This differs from K8s Ingress to allow routing to different namespaces." - type: string - servicePort: - description: Specifies the port of the referenced service. - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - visibility: - description: Visibility signifies whether this rule should `ClusterLocal`. If it's not specified then it defaults to `ExternalIP`. - type: string - tls: - description: 'TLS configuration. Currently Ingress only supports a single TLS port: 443. If multiple members of this list specify different hosts, they will be multiplexed on the same port according to the hostname specified through the SNI TLS extension, if the ingress controller fulfilling the ingress supports SNI.' - type: array - items: - description: IngressTLS describes the transport layer security associated with an Ingress. - type: object - properties: - hosts: - description: Hosts is a list of hosts included in the TLS certificate. The values in this list must match the name/s used in the tlsSecret. Defaults to the wildcard host setting for the loadbalancer controller fulfilling this Ingress, if left unspecified. - type: array - items: - type: string - secretName: - description: SecretName is the name of the secret used to terminate SSL traffic. - type: string - secretNamespace: - description: SecretNamespace is the namespace of the secret used to terminate SSL traffic. If not set the namespace should be assumed to be the same as the Ingress. If set the secret should have the same namespace as the Ingress otherwise the behaviour is undefined and not supported. - type: string - status: - description: 'Status is the current state of the Ingress. More info: https://github.com/kubernetes/community/blob/master/contributors/devel/sig-architecture/api-conventions.md#spec-and-status' - type: object - properties: - annotations: - description: Annotations is additional Status fields for the Resource to save some additional State as well as convey more information to the user. This is roughly akin to Annotations on any k8s resource, just the reconciler conveying richer information outwards. - type: object - additionalProperties: - type: string - conditions: - description: Conditions the latest available observations of a resource's current state. - type: array - items: - description: 'Condition defines a readiness condition for a Knative resource. See: https://github.com/kubernetes/community/blob/master/contributors/devel/sig-architecture/api-conventions.md#typical-status-properties' - type: object - required: - - status - - type - properties: - lastTransitionTime: - description: LastTransitionTime is the last time the condition transitioned from one status to another. We use VolatileTime in place of metav1.Time to exclude this from creating equality.Semantic differences (all other things held constant). - type: string - message: - description: A human readable message indicating details about the transition. - type: string - reason: - description: The reason for the condition's last transition. - type: string - severity: - description: Severity with which to treat failures of this type of condition. When this is not specified, it defaults to Error. - type: string - status: - description: Status of the condition, one of True, False, Unknown. - type: string - type: - description: Type of condition. - type: string - observedGeneration: - description: ObservedGeneration is the 'Generation' of the Service that was last processed by the controller. - type: integer - format: int64 - privateLoadBalancer: - description: PrivateLoadBalancer contains the current status of the load-balancer. - type: object - properties: - ingress: - description: Ingress is a list containing ingress points for the load-balancer. Traffic intended for the service should be sent to these ingress points. - type: array - items: - description: 'LoadBalancerIngressStatus represents the status of a load-balancer ingress point: traffic intended for the service should be sent to an ingress point.' - type: object - properties: - domain: - description: Domain is set for load-balancer ingress points that are DNS based (typically AWS load-balancers) - type: string - domainInternal: - description: "DomainInternal is set if there is a cluster-local DNS name to access the Ingress. \n NOTE: This differs from K8s Ingress, since we also desire to have a cluster-local DNS name to allow routing in case of not having a mesh." - type: string - ip: - description: IP is set for load-balancer ingress points that are IP based (typically GCE or OpenStack load-balancers) - type: string - meshOnly: - description: MeshOnly is set if the Ingress is only load-balanced through a Service mesh. - type: boolean - publicLoadBalancer: - description: PublicLoadBalancer contains the current status of the load-balancer. - type: object - properties: - ingress: - description: Ingress is a list containing ingress points for the load-balancer. Traffic intended for the service should be sent to these ingress points. - type: array - items: - description: 'LoadBalancerIngressStatus represents the status of a load-balancer ingress point: traffic intended for the service should be sent to an ingress point.' - type: object - properties: - domain: - description: Domain is set for load-balancer ingress points that are DNS based (typically AWS load-balancers) - type: string - domainInternal: - description: "DomainInternal is set if there is a cluster-local DNS name to access the Ingress. \n NOTE: This differs from K8s Ingress, since we also desire to have a cluster-local DNS name to allow routing in case of not having a mesh." - type: string - ip: - description: IP is set for load-balancer ingress points that are IP based (typically GCE or OpenStack load-balancers) - type: string - meshOnly: - description: MeshOnly is set if the Ingress is only load-balanced through a Service mesh. - type: boolean - additionalPrinterColumns: - - name: Ready - type: string - jsonPath: ".status.conditions[?(@.type=='Ready')].status" - - name: Reason - type: string - jsonPath: ".status.conditions[?(@.type=='Ready')].reason" - names: - kind: Ingress - plural: ingresses - singular: ingress - categories: - - knative-internal - - networking - shortNames: - - kingress - - king - scope: Namespaced - ---- -# Copyright 2019 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -# Note: The schema part of the spec is auto-generated by hack/update-schemas.sh. - -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - name: metrics.autoscaling.internal.knative.dev - labels: - app.kubernetes.io/name: knative-serving - app.kubernetes.io/version: "1.8.5" - knative.dev/crd-install: "true" -spec: - group: autoscaling.internal.knative.dev - names: - kind: Metric - plural: metrics - singular: metric - categories: - - knative-internal - - autoscaling - scope: Namespaced - versions: - - name: v1alpha1 - served: true - storage: true - subresources: - status: {} - additionalPrinterColumns: - - name: Ready - type: string - jsonPath: ".status.conditions[?(@.type=='Ready')].status" - - name: Reason - type: string - jsonPath: ".status.conditions[?(@.type=='Ready')].reason" - schema: - openAPIV3Schema: - description: Metric represents a resource to configure the metric collector with. - type: object - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - description: Spec holds the desired state of the Metric (from the client). - type: object - required: - - panicWindow - - scrapeTarget - - stableWindow - properties: - panicWindow: - description: PanicWindow is the aggregation window for metrics where quick reactions are needed. - type: integer - format: int64 - scrapeTarget: - description: ScrapeTarget is the K8s service that publishes the metric endpoint. - type: string - stableWindow: - description: StableWindow is the aggregation window for metrics in a stable state. - type: integer - format: int64 - status: - description: Status communicates the observed state of the Metric (from the controller). - type: object - properties: - annotations: - description: Annotations is additional Status fields for the Resource to save some additional State as well as convey more information to the user. This is roughly akin to Annotations on any k8s resource, just the reconciler conveying richer information outwards. - type: object - additionalProperties: - type: string - conditions: - description: Conditions the latest available observations of a resource's current state. - type: array - items: - description: 'Condition defines a readiness condition for a Knative resource. See: https://github.com/kubernetes/community/blob/master/contributors/devel/sig-architecture/api-conventions.md#typical-status-properties' - type: object - required: - - status - - type - properties: - lastTransitionTime: - description: LastTransitionTime is the last time the condition transitioned from one status to another. We use VolatileTime in place of metav1.Time to exclude this from creating equality.Semantic differences (all other things held constant). - type: string - message: - description: A human readable message indicating details about the transition. - type: string - reason: - description: The reason for the condition's last transition. - type: string - severity: - description: Severity with which to treat failures of this type of condition. When this is not specified, it defaults to Error. - type: string - status: - description: Status of the condition, one of True, False, Unknown. - type: string - type: - description: Type of condition. - type: string - observedGeneration: - description: ObservedGeneration is the 'Generation' of the Service that was last processed by the controller. - type: integer - format: int64 - ---- -# Copyright 2018 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -# Note: The schema part of the spec is auto-generated by hack/update-schemas.sh. - -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - name: podautoscalers.autoscaling.internal.knative.dev - labels: - app.kubernetes.io/name: knative-serving - app.kubernetes.io/version: "1.8.5" - knative.dev/crd-install: "true" -spec: - group: autoscaling.internal.knative.dev - names: - kind: PodAutoscaler - plural: podautoscalers - singular: podautoscaler - categories: - - knative-internal - - autoscaling - shortNames: - - kpa - - pa - scope: Namespaced - versions: - - name: v1alpha1 - served: true - storage: true - subresources: - status: {} - additionalPrinterColumns: - - name: DesiredScale - type: integer - jsonPath: ".status.desiredScale" - - name: ActualScale - type: integer - jsonPath: ".status.actualScale" - - name: Ready - type: string - jsonPath: ".status.conditions[?(@.type=='Ready')].status" - - name: Reason - type: string - jsonPath: ".status.conditions[?(@.type=='Ready')].reason" - schema: - openAPIV3Schema: - description: 'PodAutoscaler is a Knative abstraction that encapsulates the interface by which Knative components instantiate autoscalers. This definition is an abstraction that may be backed by multiple definitions. For more information, see the Knative Pluggability presentation: https://docs.google.com/presentation/d/19vW9HFZ6Puxt31biNZF3uLRejDmu82rxJIk1cWmxF7w/edit' - type: object - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - description: Spec holds the desired state of the PodAutoscaler (from the client). - type: object - required: - - protocolType - - scaleTargetRef - properties: - containerConcurrency: - description: ContainerConcurrency specifies the maximum allowed in-flight (concurrent) requests per container of the Revision. Defaults to `0` which means unlimited concurrency. - type: integer - format: int64 - protocolType: - description: The application-layer protocol. Matches `ProtocolType` inferred from the revision spec. - type: string - reachability: - description: Reachability specifies whether or not the `ScaleTargetRef` can be reached (ie. has a route). Defaults to `ReachabilityUnknown` - type: string - scaleTargetRef: - description: ScaleTargetRef defines the /scale-able resource that this PodAutoscaler is responsible for quickly right-sizing. - type: object - properties: - apiVersion: - description: API version of the referent. - type: string - kind: - description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - x-kubernetes-map-type: atomic - status: - description: Status communicates the observed state of the PodAutoscaler (from the controller). - type: object - required: - - metricsServiceName - - serviceName - properties: - actualScale: - description: ActualScale shows the actual number of replicas for the revision. - type: integer - format: int32 - annotations: - description: Annotations is additional Status fields for the Resource to save some additional State as well as convey more information to the user. This is roughly akin to Annotations on any k8s resource, just the reconciler conveying richer information outwards. - type: object - additionalProperties: - type: string - conditions: - description: Conditions the latest available observations of a resource's current state. - type: array - items: - description: 'Condition defines a readiness condition for a Knative resource. See: https://github.com/kubernetes/community/blob/master/contributors/devel/sig-architecture/api-conventions.md#typical-status-properties' - type: object - required: - - status - - type - properties: - lastTransitionTime: - description: LastTransitionTime is the last time the condition transitioned from one status to another. We use VolatileTime in place of metav1.Time to exclude this from creating equality.Semantic differences (all other things held constant). - type: string - message: - description: A human readable message indicating details about the transition. - type: string - reason: - description: The reason for the condition's last transition. - type: string - severity: - description: Severity with which to treat failures of this type of condition. When this is not specified, it defaults to Error. - type: string - status: - description: Status of the condition, one of True, False, Unknown. - type: string - type: - description: Type of condition. - type: string - desiredScale: - description: DesiredScale shows the current desired number of replicas for the revision. - type: integer - format: int32 - metricsServiceName: - description: MetricsServiceName is the K8s Service name that provides revision metrics. The service is managed by the PA object. - type: string - observedGeneration: - description: ObservedGeneration is the 'Generation' of the Service that was last processed by the controller. - type: integer - format: int64 - serviceName: - description: ServiceName is the K8s Service name that serves the revision, scaled by this PA. The service is created and owned by the ServerlessService object owned by this PA. - type: string - ---- -# Copyright 2019 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -# Note: The schema part of the spec is auto-generated by hack/update-schemas.sh. - -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - name: revisions.serving.knative.dev - labels: - app.kubernetes.io/name: knative-serving - app.kubernetes.io/version: "1.8.5" - knative.dev/crd-install: "true" -spec: - group: serving.knative.dev - names: - kind: Revision - plural: revisions - singular: revision - categories: - - all - - knative - - serving - shortNames: - - rev - scope: Namespaced - versions: - - name: v1 - served: true - storage: true - subresources: - status: {} - additionalPrinterColumns: - - name: Config Name - type: string - jsonPath: ".metadata.labels['serving\\.knative\\.dev/configuration']" - - name: K8s Service Name - type: string - jsonPath: ".status.serviceName" - - name: Generation - type: string # int in string form :( - jsonPath: ".metadata.labels['serving\\.knative\\.dev/configurationGeneration']" - - name: Ready - type: string - jsonPath: ".status.conditions[?(@.type=='Ready')].status" - - name: Reason - type: string - jsonPath: ".status.conditions[?(@.type=='Ready')].reason" - - name: Actual Replicas - type: integer - jsonPath: ".status.actualReplicas" - - name: Desired Replicas - type: integer - jsonPath: ".status.desiredReplicas" - schema: - openAPIV3Schema: - description: "Revision is an immutable snapshot of code and configuration. A revision references a container image. Revisions are created by updates to a Configuration. \n See also: https://github.com/knative/serving/blob/main/docs/spec/overview.md#revision" - type: object - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - description: RevisionSpec holds the desired state of the Revision (from the client). - type: object - required: - - containers - properties: - affinity: - description: This is accessible behind a feature flag - kubernetes.podspec-affinity - type: object - x-kubernetes-preserve-unknown-fields: true - automountServiceAccountToken: - description: AutomountServiceAccountToken indicates whether a service account token should be automatically mounted. - type: boolean - containerConcurrency: - description: ContainerConcurrency specifies the maximum allowed in-flight (concurrent) requests per container of the Revision. Defaults to `0` which means concurrency to the application is not limited, and the system decides the target concurrency for the autoscaler. - type: integer - format: int64 - containers: - description: List of containers belonging to the pod. Containers cannot currently be added or removed. There must be at least one container in a Pod. Cannot be updated. - type: array - items: - description: A single application container that you want to run within a pod. - type: object - properties: - args: - description: 'Arguments to the entrypoint. The container image''s CMD is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container''s environment. If a variable cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)" will produce the string literal "$(VAR_NAME)". Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell' - type: array - items: - type: string - command: - description: 'Entrypoint array. Not executed within a shell. The container image''s ENTRYPOINT is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container''s environment. If a variable cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)" will produce the string literal "$(VAR_NAME)". Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell' - type: array - items: - type: string - env: - description: List of environment variables to set in the container. Cannot be updated. - type: array - items: - description: EnvVar represents an environment variable present in a Container. - type: object - required: - - name - properties: - name: - description: Name of the environment variable. Must be a C_IDENTIFIER. - type: string - value: - description: 'Variable references $(VAR_NAME) are expanded using the previously defined environment variables in the container and any service environment variables. If a variable cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)" will produce the string literal "$(VAR_NAME)". Escaped references will never be expanded, regardless of whether the variable exists or not. Defaults to "".' - type: string - valueFrom: - description: Source for the environment variable's value. Cannot be used if value is not empty. - type: object - properties: - configMapKeyRef: - description: Selects a key of a ConfigMap. - type: object - required: - - key - properties: - key: - description: The key to select. - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?' - type: string - optional: - description: Specify whether the ConfigMap or its key must be defined - type: boolean - x-kubernetes-map-type: atomic - fieldRef: - description: This is accessible behind a feature flag - kubernetes.podspec-fieldref - type: object - x-kubernetes-preserve-unknown-fields: true - x-kubernetes-map-type: atomic - resourceFieldRef: - description: This is accessible behind a feature flag - kubernetes.podspec-fieldref - type: object - x-kubernetes-preserve-unknown-fields: true - x-kubernetes-map-type: atomic - secretKeyRef: - description: Selects a key of a secret in the pod's namespace - type: object - required: - - key - properties: - key: - description: The key of the secret to select from. Must be a valid secret key. - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?' - type: string - optional: - description: Specify whether the Secret or its key must be defined - type: boolean - x-kubernetes-map-type: atomic - envFrom: - description: List of sources to populate environment variables in the container. The keys defined within a source must be a C_IDENTIFIER. All invalid keys will be reported as an event when the container is starting. When a key exists in multiple sources, the value associated with the last source will take precedence. Values defined by an Env with a duplicate key will take precedence. Cannot be updated. - type: array - items: - description: EnvFromSource represents the source of a set of ConfigMaps - type: object - properties: - configMapRef: - description: The ConfigMap to select from - type: object - properties: - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?' - type: string - optional: - description: Specify whether the ConfigMap must be defined - type: boolean - x-kubernetes-map-type: atomic - prefix: - description: An optional identifier to prepend to each key in the ConfigMap. Must be a C_IDENTIFIER. - type: string - secretRef: - description: The Secret to select from - type: object - properties: - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?' - type: string - optional: - description: Specify whether the Secret must be defined - type: boolean - x-kubernetes-map-type: atomic - image: - description: 'Container image name. More info: https://kubernetes.io/docs/concepts/containers/images This field is optional to allow higher level config management to default or override container images in workload controllers like Deployments and StatefulSets.' - type: string - imagePullPolicy: - description: 'Image pull policy. One of Always, Never, IfNotPresent. Defaults to Always if :latest tag is specified, or IfNotPresent otherwise. Cannot be updated. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images' - type: string - livenessProbe: - description: 'Periodic probe of container liveness. Container will be restarted if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' - type: object - properties: - exec: - description: Exec specifies the action to take. - type: object - properties: - command: - description: Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. - type: array - items: - type: string - failureThreshold: - description: Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1. - type: integer - format: int32 - httpGet: - description: HTTPGet specifies the http request to perform. - type: object - properties: - host: - description: Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. - type: string - httpHeaders: - description: Custom headers to set in the request. HTTP allows repeated headers. - type: array - items: - description: HTTPHeader describes a custom header to be used in HTTP probes - type: object - required: - - name - - value - properties: - name: - description: The header field name - type: string - value: - description: The header field value - type: string - path: - description: Path to access on the HTTP server. - type: string - port: - description: Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - scheme: - description: Scheme to use for connecting to the host. Defaults to HTTP. - type: string - initialDelaySeconds: - description: 'Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' - type: integer - format: int32 - periodSeconds: - description: How often (in seconds) to perform the probe. - type: integer - format: int32 - successThreshold: - description: Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1. - type: integer - format: int32 - tcpSocket: - description: TCPSocket specifies an action involving a TCP port. - type: object - properties: - host: - description: 'Optional: Host name to connect to, defaults to the pod IP.' - type: string - port: - description: Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - timeoutSeconds: - description: 'Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' - type: integer - format: int32 - name: - description: Name of the container specified as a DNS_LABEL. Each container in a pod must have a unique name (DNS_LABEL). Cannot be updated. - type: string - ports: - description: List of ports to expose from the container. Not specifying a port here DOES NOT prevent that port from being exposed. Any port which is listening on the default "0.0.0.0" address inside a container will be accessible from the network. Modifying this array with strategic merge patch may corrupt the data. For more information See https://github.com/kubernetes/kubernetes/issues/108255. Cannot be updated. - type: array - items: - description: ContainerPort represents a network port in a single container. - type: object - required: - - containerPort - properties: - containerPort: - description: Number of port to expose on the pod's IP address. This must be a valid port number, 0 < x < 65536. - type: integer - format: int32 - name: - description: If specified, this must be an IANA_SVC_NAME and unique within the pod. Each named port in a pod must have a unique name. Name for the port that can be referred to by services. - type: string - protocol: - description: Protocol for port. Must be UDP, TCP, or SCTP. Defaults to "TCP". - type: string - default: TCP - x-kubernetes-list-map-keys: - - containerPort - - protocol - x-kubernetes-list-type: map - readinessProbe: - description: 'Periodic probe of container service readiness. Container will be removed from service endpoints if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' - type: object - properties: - exec: - description: Exec specifies the action to take. - type: object - properties: - command: - description: Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. - type: array - items: - type: string - failureThreshold: - description: Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1. - type: integer - format: int32 - httpGet: - description: HTTPGet specifies the http request to perform. - type: object - properties: - host: - description: Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. - type: string - httpHeaders: - description: Custom headers to set in the request. HTTP allows repeated headers. - type: array - items: - description: HTTPHeader describes a custom header to be used in HTTP probes - type: object - required: - - name - - value - properties: - name: - description: The header field name - type: string - value: - description: The header field value - type: string - path: - description: Path to access on the HTTP server. - type: string - port: - description: Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - scheme: - description: Scheme to use for connecting to the host. Defaults to HTTP. - type: string - initialDelaySeconds: - description: 'Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' - type: integer - format: int32 - periodSeconds: - description: How often (in seconds) to perform the probe. - type: integer - format: int32 - successThreshold: - description: Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1. - type: integer - format: int32 - tcpSocket: - description: TCPSocket specifies an action involving a TCP port. - type: object - properties: - host: - description: 'Optional: Host name to connect to, defaults to the pod IP.' - type: string - port: - description: Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - timeoutSeconds: - description: 'Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' - type: integer - format: int32 - resources: - description: 'Compute Resources required by this container. Cannot be updated. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' - type: object - properties: - limits: - description: 'Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' - type: object - additionalProperties: - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - requests: - description: 'Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' - type: object - additionalProperties: - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - securityContext: - description: 'SecurityContext defines the security options the container should be run with. If set, the fields of SecurityContext override the equivalent fields of PodSecurityContext. More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/' - type: object - properties: - allowPrivilegeEscalation: - description: 'AllowPrivilegeEscalation controls whether a process can gain more privileges than its parent process. This bool directly controls if the no_new_privs flag will be set on the container process. AllowPrivilegeEscalation is true always when the container is: 1) run as Privileged 2) has CAP_SYS_ADMIN Note that this field cannot be set when spec.os.name is windows.' - type: boolean - capabilities: - description: The capabilities to add/drop when running containers. Defaults to the default set of capabilities granted by the container runtime. Note that this field cannot be set when spec.os.name is windows. - type: object - properties: - add: - description: This is accessible behind a feature flag - kubernetes.containerspec-addcapabilities - type: array - items: - description: Capability represent POSIX capabilities type - type: string - drop: - description: Removed capabilities - type: array - items: - description: Capability represent POSIX capabilities type - type: string - readOnlyRootFilesystem: - description: Whether this container has a read-only root filesystem. Default is false. Note that this field cannot be set when spec.os.name is windows. - type: boolean - runAsGroup: - description: The GID to run the entrypoint of the container process. Uses runtime default if unset. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is windows. - type: integer - format: int64 - runAsNonRoot: - description: Indicates that the container must run as a non-root user. If true, the Kubelet will validate the image at runtime to ensure that it does not run as UID 0 (root) and fail to start the container if it does. If unset or false, no such validation will be performed. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. - type: boolean - runAsUser: - description: The UID to run the entrypoint of the container process. Defaults to user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is windows. - type: integer - format: int64 - terminationMessagePath: - description: 'Optional: Path at which the file to which the container''s termination message will be written is mounted into the container''s filesystem. Message written is intended to be brief final status, such as an assertion failure message. Will be truncated by the node if greater than 4096 bytes. The total message length across all containers will be limited to 12kb. Defaults to /dev/termination-log. Cannot be updated.' - type: string - terminationMessagePolicy: - description: Indicate how the termination message should be populated. File will use the contents of terminationMessagePath to populate the container status message on both success and failure. FallbackToLogsOnError will use the last chunk of container log output if the termination message file is empty and the container exited with an error. The log output is limited to 2048 bytes or 80 lines, whichever is smaller. Defaults to File. Cannot be updated. - type: string - volumeMounts: - description: Pod volumes to mount into the container's filesystem. Cannot be updated. - type: array - items: - description: VolumeMount describes a mounting of a Volume within a container. - type: object - required: - - mountPath - - name - properties: - mountPath: - description: Path within the container at which the volume should be mounted. Must not contain ':'. - type: string - name: - description: This must match the Name of a Volume. - type: string - readOnly: - description: Mounted read-only if true, read-write otherwise (false or unspecified). Defaults to false. - type: boolean - subPath: - description: Path within the volume from which the container's volume should be mounted. Defaults to "" (volume's root). - type: string - workingDir: - description: Container's working directory. If not specified, the container runtime's default will be used, which might be configured in the container image. Cannot be updated. - type: string - dnsConfig: - description: This is accessible behind a feature flag - kubernetes.podspec-dnsconfig - type: object - x-kubernetes-preserve-unknown-fields: true - dnsPolicy: - description: This is accessible behind a feature flag - kubernetes.podspec-dnspolicy - type: string - enableServiceLinks: - description: 'EnableServiceLinks indicates whether information about services should be injected into pod''s environment variables, matching the syntax of Docker links. Optional: Knative defaults this to false.' - type: boolean - hostAliases: - description: This is accessible behind a feature flag - kubernetes.podspec-hostaliases - type: array - items: - description: This is accessible behind a feature flag - kubernetes.podspec-hostaliases - type: object - x-kubernetes-preserve-unknown-fields: true - idleTimeoutSeconds: - description: IdleTimeoutSeconds is the maximum duration in seconds a request will be allowed to stay open while not receiving any bytes from the user's application. If unspecified, a system default will be provided. - type: integer - format: int64 - imagePullSecrets: - description: 'ImagePullSecrets is an optional list of references to secrets in the same namespace to use for pulling any of the images used by this PodSpec. If specified, these secrets will be passed to individual puller implementations for them to use. More info: https://kubernetes.io/docs/concepts/containers/images#specifying-imagepullsecrets-on-a-pod' - type: array - items: - description: LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. - type: object - properties: - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?' - type: string - x-kubernetes-map-type: atomic - initContainers: - description: 'List of initialization containers belonging to the pod. Init containers are executed in order prior to containers being started. If any init container fails, the pod is considered to have failed and is handled according to its restartPolicy. The name for an init container or normal container must be unique among all containers. Init containers may not have Lifecycle actions, Readiness probes, Liveness probes, or Startup probes. The resourceRequirements of an init container are taken into account during scheduling by finding the highest request/limit for each resource type, and then using the max of of that value or the sum of the normal containers. Limits are applied to init containers in a similar fashion. Init containers cannot currently be added or removed. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/init-containers/' - type: array - items: - description: This is accessible behind a feature flag - kubernetes.podspec-init-containers - type: object - x-kubernetes-preserve-unknown-fields: true - nodeSelector: - description: This is accessible behind a feature flag - kubernetes.podspec-nodeselector - type: object - x-kubernetes-preserve-unknown-fields: true - x-kubernetes-map-type: atomic - priorityClassName: - description: This is accessible behind a feature flag - kubernetes.podspec-priorityclassname - type: string - x-kubernetes-preserve-unknown-fields: true - responseStartTimeoutSeconds: - description: ResponseStartTimeoutSeconds is the maximum duration in seconds that the request routing layer will wait for a request delivered to a container to begin sending any network traffic. - type: integer - format: int64 - runtimeClassName: - description: This is accessible behind a feature flag - kubernetes.podspec-runtimeclassname - type: string - x-kubernetes-preserve-unknown-fields: true - schedulerName: - description: This is accessible behind a feature flag - kubernetes.podspec-schedulername - type: string - x-kubernetes-preserve-unknown-fields: true - securityContext: - description: This is accessible behind a feature flag - kubernetes.podspec-securitycontext - type: object - x-kubernetes-preserve-unknown-fields: true - serviceAccountName: - description: 'ServiceAccountName is the name of the ServiceAccount to use to run this pod. More info: https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/' - type: string - timeoutSeconds: - description: TimeoutSeconds is the maximum duration in seconds that the request instance is allowed to respond to a request. If unspecified, a system default will be provided. - type: integer - format: int64 - tolerations: - description: This is accessible behind a feature flag - kubernetes.podspec-tolerations - type: array - items: - description: This is accessible behind a feature flag - kubernetes.podspec-tolerations - type: object - x-kubernetes-preserve-unknown-fields: true - topologySpreadConstraints: - description: This is accessible behind a feature flag - kubernetes.podspec-topologyspreadconstraints - type: array - items: - description: This is accessible behind a feature flag - kubernetes.podspec-topologyspreadconstraints - type: object - x-kubernetes-preserve-unknown-fields: true - volumes: - description: 'List of volumes that can be mounted by containers belonging to the pod. More info: https://kubernetes.io/docs/concepts/storage/volumes' - type: array - items: - description: Volume represents a named volume in a pod that may be accessed by any container in the pod. - type: object - required: - - name - properties: - configMap: - description: configMap represents a configMap that should populate this volume - type: object - properties: - defaultMode: - description: 'defaultMode is optional: mode bits used to set permissions on created files by default. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. Defaults to 0644. Directories within the path are not affected by this setting. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.' - type: integer - format: int32 - items: - description: items if unspecified, each key-value pair in the Data field of the referenced ConfigMap will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the ConfigMap, the volume setup will error unless it is marked optional. Paths must be relative and may not contain the '..' path or start with '..'. - type: array - items: - description: Maps a string key to a path within a volume. - type: object - required: - - key - - path - properties: - key: - description: key is the key to project. - type: string - mode: - description: 'mode is Optional: mode bits used to set permissions on this file. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.' - type: integer - format: int32 - path: - description: path is the relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'. - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?' - type: string - optional: - description: optional specify whether the ConfigMap or its keys must be defined - type: boolean - x-kubernetes-map-type: atomic - emptyDir: - description: This is accessible behind a feature flag - kubernetes.podspec-emptydir - type: object - x-kubernetes-preserve-unknown-fields: true - name: - description: 'name of the volume. Must be a DNS_LABEL and unique within the pod. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - persistentVolumeClaim: - description: This is accessible behind a feature flag - kubernetes.podspec-persistent-volume-claim - type: object - x-kubernetes-preserve-unknown-fields: true - projected: - description: projected items for all in one resources secrets, configmaps, and downward API - type: object - properties: - defaultMode: - description: defaultMode are the mode bits used to set permissions on created files by default. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. Directories within the path are not affected by this setting. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. - type: integer - format: int32 - sources: - description: sources is the list of volume projections - type: array - items: - description: Projection that may be projected along with other supported volume types - type: object - properties: - configMap: - description: configMap information about the configMap data to project - type: object - properties: - items: - description: items if unspecified, each key-value pair in the Data field of the referenced ConfigMap will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the ConfigMap, the volume setup will error unless it is marked optional. Paths must be relative and may not contain the '..' path or start with '..'. - type: array - items: - description: Maps a string key to a path within a volume. - type: object - required: - - key - - path - properties: - key: - description: key is the key to project. - type: string - mode: - description: 'mode is Optional: mode bits used to set permissions on this file. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.' - type: integer - format: int32 - path: - description: path is the relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'. - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?' - type: string - optional: - description: optional specify whether the ConfigMap or its keys must be defined - type: boolean - x-kubernetes-map-type: atomic - secret: - description: secret information about the secret data to project - type: object - properties: - items: - description: items if unspecified, each key-value pair in the Data field of the referenced Secret will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the Secret, the volume setup will error unless it is marked optional. Paths must be relative and may not contain the '..' path or start with '..'. - type: array - items: - description: Maps a string key to a path within a volume. - type: object - required: - - key - - path - properties: - key: - description: key is the key to project. - type: string - mode: - description: 'mode is Optional: mode bits used to set permissions on this file. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.' - type: integer - format: int32 - path: - description: path is the relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'. - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?' - type: string - optional: - description: optional field specify whether the Secret or its key must be defined - type: boolean - x-kubernetes-map-type: atomic - serviceAccountToken: - description: serviceAccountToken is information about the serviceAccountToken data to project - type: object - required: - - path - properties: - audience: - description: audience is the intended audience of the token. A recipient of a token must identify itself with an identifier specified in the audience of the token, and otherwise should reject the token. The audience defaults to the identifier of the apiserver. - type: string - expirationSeconds: - description: expirationSeconds is the requested duration of validity of the service account token. As the token approaches expiration, the kubelet volume plugin will proactively rotate the service account token. The kubelet will start trying to rotate the token if the token is older than 80 percent of its time to live or if the token is older than 24 hours.Defaults to 1 hour and must be at least 10 minutes. - type: integer - format: int64 - path: - description: path is the path relative to the mount point of the file to project the token into. - type: string - secret: - description: 'secret represents a secret that should populate this volume. More info: https://kubernetes.io/docs/concepts/storage/volumes#secret' - type: object - properties: - defaultMode: - description: 'defaultMode is Optional: mode bits used to set permissions on created files by default. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. Defaults to 0644. Directories within the path are not affected by this setting. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.' - type: integer - format: int32 - items: - description: items If unspecified, each key-value pair in the Data field of the referenced Secret will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the Secret, the volume setup will error unless it is marked optional. Paths must be relative and may not contain the '..' path or start with '..'. - type: array - items: - description: Maps a string key to a path within a volume. - type: object - required: - - key - - path - properties: - key: - description: key is the key to project. - type: string - mode: - description: 'mode is Optional: mode bits used to set permissions on this file. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.' - type: integer - format: int32 - path: - description: path is the relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'. - type: string - optional: - description: optional field specify whether the Secret or its keys must be defined - type: boolean - secretName: - description: 'secretName is the name of the secret in the pod''s namespace to use. More info: https://kubernetes.io/docs/concepts/storage/volumes#secret' - type: string - status: - description: RevisionStatus communicates the observed state of the Revision (from the controller). - type: object - properties: - actualReplicas: - description: ActualReplicas reflects the amount of ready pods running this revision. - type: integer - format: int32 - annotations: - description: Annotations is additional Status fields for the Resource to save some additional State as well as convey more information to the user. This is roughly akin to Annotations on any k8s resource, just the reconciler conveying richer information outwards. - type: object - additionalProperties: - type: string - conditions: - description: Conditions the latest available observations of a resource's current state. - type: array - items: - description: 'Condition defines a readiness condition for a Knative resource. See: https://github.com/kubernetes/community/blob/master/contributors/devel/sig-architecture/api-conventions.md#typical-status-properties' - type: object - required: - - status - - type - properties: - lastTransitionTime: - description: LastTransitionTime is the last time the condition transitioned from one status to another. We use VolatileTime in place of metav1.Time to exclude this from creating equality.Semantic differences (all other things held constant). - type: string - message: - description: A human readable message indicating details about the transition. - type: string - reason: - description: The reason for the condition's last transition. - type: string - severity: - description: Severity with which to treat failures of this type of condition. When this is not specified, it defaults to Error. - type: string - status: - description: Status of the condition, one of True, False, Unknown. - type: string - type: - description: Type of condition. - type: string - containerStatuses: - description: 'ContainerStatuses is a slice of images present in .Spec.Container[*].Image to their respective digests and their container name. The digests are resolved during the creation of Revision. ContainerStatuses holds the container name and image digests for both serving and non serving containers. ref: http://bit.ly/image-digests' - type: array - items: - description: ContainerStatus holds the information of container name and image digest value - type: object - properties: - imageDigest: - type: string - name: - type: string - desiredReplicas: - description: DesiredReplicas reflects the desired amount of pods running this revision. - type: integer - format: int32 - initContainerStatuses: - description: 'InitContainerStatuses is a slice of images present in .Spec.InitContainer[*].Image to their respective digests and their container name. The digests are resolved during the creation of Revision. ContainerStatuses holds the container name and image digests for both serving and non serving containers. ref: http://bit.ly/image-digests' - type: array - items: - description: ContainerStatus holds the information of container name and image digest value - type: object - properties: - imageDigest: - type: string - name: - type: string - logUrl: - description: LogURL specifies the generated logging url for this particular revision based on the revision url template specified in the controller's config. - type: string - observedGeneration: - description: ObservedGeneration is the 'Generation' of the Service that was last processed by the controller. - type: integer - format: int64 - ---- -# Copyright 2019 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -# Note: The schema part of the spec is auto-generated by hack/update-schemas.sh. - -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - name: routes.serving.knative.dev - labels: - app.kubernetes.io/name: knative-serving - app.kubernetes.io/version: "1.8.5" - knative.dev/crd-install: "true" - duck.knative.dev/addressable: "true" -spec: - group: serving.knative.dev - names: - kind: Route - plural: routes - singular: route - categories: - - all - - knative - - serving - shortNames: - - rt - scope: Namespaced - versions: - - name: v1 - served: true - storage: true - subresources: - status: {} - additionalPrinterColumns: - - name: URL - type: string - jsonPath: .status.url - - name: Ready - type: string - jsonPath: ".status.conditions[?(@.type=='Ready')].status" - - name: Reason - type: string - jsonPath: ".status.conditions[?(@.type=='Ready')].reason" - schema: - openAPIV3Schema: - description: 'Route is responsible for configuring ingress over a collection of Revisions. Some of the Revisions a Route distributes traffic over may be specified by referencing the Configuration responsible for creating them; in these cases the Route is additionally responsible for monitoring the Configuration for "latest ready revision" changes, and smoothly rolling out latest revisions. See also: https://github.com/knative/serving/blob/main/docs/spec/overview.md#route' - type: object - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - description: Spec holds the desired state of the Route (from the client). - type: object - properties: - traffic: - description: Traffic specifies how to distribute traffic over a collection of revisions and configurations. - type: array - items: - description: TrafficTarget holds a single entry of the routing table for a Route. - type: object - properties: - configurationName: - description: ConfigurationName of a configuration to whose latest revision we will send this portion of traffic. When the "status.latestReadyRevisionName" of the referenced configuration changes, we will automatically migrate traffic from the prior "latest ready" revision to the new one. This field is never set in Route's status, only its spec. This is mutually exclusive with RevisionName. - type: string - latestRevision: - description: LatestRevision may be optionally provided to indicate that the latest ready Revision of the Configuration should be used for this traffic target. When provided LatestRevision must be true if RevisionName is empty; it must be false when RevisionName is non-empty. - type: boolean - percent: - description: 'Percent indicates that percentage based routing should be used and the value indicates the percent of traffic that is be routed to this Revision or Configuration. `0` (zero) mean no traffic, `100` means all traffic. When percentage based routing is being used the follow rules apply: - the sum of all percent values must equal 100 - when not specified, the implied value for `percent` is zero for that particular Revision or Configuration' - type: integer - format: int64 - revisionName: - description: RevisionName of a specific revision to which to send this portion of traffic. This is mutually exclusive with ConfigurationName. - type: string - tag: - description: Tag is optionally used to expose a dedicated url for referencing this target exclusively. - type: string - url: - description: URL displays the URL for accessing named traffic targets. URL is displayed in status, and is disallowed on spec. URL must contain a scheme (e.g. http://) and a hostname, but may not contain anything else (e.g. basic auth, url path, etc.) - type: string - status: - description: Status communicates the observed state of the Route (from the controller). - type: object - properties: - address: - description: Address holds the information needed for a Route to be the target of an event. - type: object - properties: - url: - type: string - annotations: - description: Annotations is additional Status fields for the Resource to save some additional State as well as convey more information to the user. This is roughly akin to Annotations on any k8s resource, just the reconciler conveying richer information outwards. - type: object - additionalProperties: - type: string - conditions: - description: Conditions the latest available observations of a resource's current state. - type: array - items: - description: 'Condition defines a readiness condition for a Knative resource. See: https://github.com/kubernetes/community/blob/master/contributors/devel/sig-architecture/api-conventions.md#typical-status-properties' - type: object - required: - - status - - type - properties: - lastTransitionTime: - description: LastTransitionTime is the last time the condition transitioned from one status to another. We use VolatileTime in place of metav1.Time to exclude this from creating equality.Semantic differences (all other things held constant). - type: string - message: - description: A human readable message indicating details about the transition. - type: string - reason: - description: The reason for the condition's last transition. - type: string - severity: - description: Severity with which to treat failures of this type of condition. When this is not specified, it defaults to Error. - type: string - status: - description: Status of the condition, one of True, False, Unknown. - type: string - type: - description: Type of condition. - type: string - observedGeneration: - description: ObservedGeneration is the 'Generation' of the Service that was last processed by the controller. - type: integer - format: int64 - traffic: - description: Traffic holds the configured traffic distribution. These entries will always contain RevisionName references. When ConfigurationName appears in the spec, this will hold the LatestReadyRevisionName that we last observed. - type: array - items: - description: TrafficTarget holds a single entry of the routing table for a Route. - type: object - properties: - configurationName: - description: ConfigurationName of a configuration to whose latest revision we will send this portion of traffic. When the "status.latestReadyRevisionName" of the referenced configuration changes, we will automatically migrate traffic from the prior "latest ready" revision to the new one. This field is never set in Route's status, only its spec. This is mutually exclusive with RevisionName. - type: string - latestRevision: - description: LatestRevision may be optionally provided to indicate that the latest ready Revision of the Configuration should be used for this traffic target. When provided LatestRevision must be true if RevisionName is empty; it must be false when RevisionName is non-empty. - type: boolean - percent: - description: 'Percent indicates that percentage based routing should be used and the value indicates the percent of traffic that is be routed to this Revision or Configuration. `0` (zero) mean no traffic, `100` means all traffic. When percentage based routing is being used the follow rules apply: - the sum of all percent values must equal 100 - when not specified, the implied value for `percent` is zero for that particular Revision or Configuration' - type: integer - format: int64 - revisionName: - description: RevisionName of a specific revision to which to send this portion of traffic. This is mutually exclusive with ConfigurationName. - type: string - tag: - description: Tag is optionally used to expose a dedicated url for referencing this target exclusively. - type: string - url: - description: URL displays the URL for accessing named traffic targets. URL is displayed in status, and is disallowed on spec. URL must contain a scheme (e.g. http://) and a hostname, but may not contain anything else (e.g. basic auth, url path, etc.) - type: string - url: - description: URL holds the url that will distribute traffic over the provided traffic targets. It generally has the form http[s]://{route-name}.{route-namespace}.{cluster-level-suffix} - type: string - ---- -# Copyright 2019 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - name: serverlessservices.networking.internal.knative.dev - labels: - app.kubernetes.io/name: knative-serving - app.kubernetes.io/component: networking - app.kubernetes.io/version: "1.8.5" - knative.dev/crd-install: "true" -spec: - group: networking.internal.knative.dev - versions: - - name: v1alpha1 - served: true - storage: true - subresources: - status: {} - schema: - openAPIV3Schema: - description: 'ServerlessService is a proxy for the K8s service objects containing the endpoints for the revision, whether those are endpoints of the activator or revision pods. See: https://knative.page.link/naxz for details.' - type: object - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - description: 'Spec is the desired state of the ServerlessService. More info: https://github.com/kubernetes/community/blob/master/contributors/devel/sig-architecture/api-conventions.md#spec-and-status' - type: object - required: - - objectRef - - protocolType - properties: - mode: - description: Mode describes the mode of operation of the ServerlessService. - type: string - numActivators: - description: NumActivators contains number of Activators that this revision should be assigned. O means — assign all. - type: integer - format: int32 - objectRef: - description: ObjectRef defines the resource that this ServerlessService is responsible for making "serverless". - type: object - properties: - apiVersion: - description: API version of the referent. - type: string - fieldPath: - description: 'If referring to a piece of an object instead of an entire object, this string should contain a valid JSON/Go field access statement, such as desiredState.manifest.containers[2]. For example, if the object reference is to a container within a pod, this would take on a value like: "spec.containers{name}" (where "name" refers to the name of the container that triggered the event) or if no container name is specified "spec.containers[2]" (container with index 2 in this pod). This syntax is chosen only to have some well-defined way of referencing a part of an object. TODO: this design is not final and this field is subject to change in the future.' - type: string - kind: - description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - namespace: - description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' - type: string - resourceVersion: - description: 'Specific resourceVersion to which this reference is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency' - type: string - uid: - description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids' - type: string - x-kubernetes-map-type: atomic - protocolType: - description: The application-layer protocol. Matches `RevisionProtocolType` set on the owning pa/revision. serving imports networking, so just use string. - type: string - status: - description: 'Status is the current state of the ServerlessService. More info: https://github.com/kubernetes/community/blob/master/contributors/devel/sig-architecture/api-conventions.md#spec-and-status' - type: object - properties: - annotations: - description: Annotations is additional Status fields for the Resource to save some additional State as well as convey more information to the user. This is roughly akin to Annotations on any k8s resource, just the reconciler conveying richer information outwards. - type: object - additionalProperties: - type: string - conditions: - description: Conditions the latest available observations of a resource's current state. - type: array - items: - description: 'Condition defines a readiness condition for a Knative resource. See: https://github.com/kubernetes/community/blob/master/contributors/devel/sig-architecture/api-conventions.md#typical-status-properties' - type: object - required: - - status - - type - properties: - lastTransitionTime: - description: LastTransitionTime is the last time the condition transitioned from one status to another. We use VolatileTime in place of metav1.Time to exclude this from creating equality.Semantic differences (all other things held constant). - type: string - message: - description: A human readable message indicating details about the transition. - type: string - reason: - description: The reason for the condition's last transition. - type: string - severity: - description: Severity with which to treat failures of this type of condition. When this is not specified, it defaults to Error. - type: string - status: - description: Status of the condition, one of True, False, Unknown. - type: string - type: - description: Type of condition. - type: string - observedGeneration: - description: ObservedGeneration is the 'Generation' of the Service that was last processed by the controller. - type: integer - format: int64 - privateServiceName: - description: PrivateServiceName holds the name of a core K8s Service resource that load balances over the user service pods backing this Revision. - type: string - serviceName: - description: ServiceName holds the name of a core K8s Service resource that load balances over the pods backing this Revision (activator or revision). - type: string - additionalPrinterColumns: - - name: Mode - type: string - jsonPath: ".spec.mode" - - name: Activators - type: integer - jsonPath: ".spec.numActivators" - - name: ServiceName - type: string - jsonPath: ".status.serviceName" - - name: PrivateServiceName - type: string - jsonPath: ".status.privateServiceName" - - name: Ready - type: string - jsonPath: ".status.conditions[?(@.type=='Ready')].status" - - name: Reason - type: string - jsonPath: ".status.conditions[?(@.type=='Ready')].reason" - names: - kind: ServerlessService - plural: serverlessservices - singular: serverlessservice - categories: - - knative-internal - - networking - shortNames: - - sks - scope: Namespaced - ---- -# Copyright 2019 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -# Note: The schema part of the spec is auto-generated by hack/update-schemas.sh. - -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - name: services.serving.knative.dev - labels: - app.kubernetes.io/name: knative-serving - app.kubernetes.io/version: "1.8.5" - knative.dev/crd-install: "true" - duck.knative.dev/addressable: "true" - duck.knative.dev/podspecable: "true" -spec: - group: serving.knative.dev - names: - kind: Service - plural: services - singular: service - categories: - - all - - knative - - serving - shortNames: - - kservice - - ksvc - scope: Namespaced - versions: - - name: v1 - served: true - storage: true - subresources: - status: {} - additionalPrinterColumns: - - name: URL - type: string - jsonPath: .status.url - - name: LatestCreated - type: string - jsonPath: .status.latestCreatedRevisionName - - name: LatestReady - type: string - jsonPath: .status.latestReadyRevisionName - - name: Ready - type: string - jsonPath: ".status.conditions[?(@.type=='Ready')].status" - - name: Reason - type: string - jsonPath: ".status.conditions[?(@.type=='Ready')].reason" - schema: - openAPIV3Schema: - description: "Service acts as a top-level container that manages a Route and Configuration which implement a network service. Service exists to provide a singular abstraction which can be access controlled, reasoned about, and which encapsulates software lifecycle decisions such as rollout policy and team resource ownership. Service acts only as an orchestrator of the underlying Routes and Configurations (much as a kubernetes Deployment orchestrates ReplicaSets), and its usage is optional but recommended. \n The Service's controller will track the statuses of its owned Configuration and Route, reflecting their statuses and conditions as its own. \n See also: https://github.com/knative/serving/blob/main/docs/spec/overview.md#service" - type: object - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - description: ServiceSpec represents the configuration for the Service object. A Service's specification is the union of the specifications for a Route and Configuration. The Service restricts what can be expressed in these fields, e.g. the Route must reference the provided Configuration; however, these limitations also enable friendlier defaulting, e.g. Route never needs a Configuration name, and may be defaulted to the appropriate "run latest" spec. - type: object - properties: - template: - description: Template holds the latest specification for the Revision to be stamped out. - type: object - properties: - metadata: - type: object - properties: - annotations: - type: object - additionalProperties: - type: string - finalizers: - type: array - items: - type: string - labels: - type: object - additionalProperties: - type: string - name: - type: string - namespace: - type: string - x-kubernetes-preserve-unknown-fields: true - spec: - description: RevisionSpec holds the desired state of the Revision (from the client). - type: object - required: - - containers - properties: - affinity: - description: This is accessible behind a feature flag - kubernetes.podspec-affinity - type: object - x-kubernetes-preserve-unknown-fields: true - automountServiceAccountToken: - description: AutomountServiceAccountToken indicates whether a service account token should be automatically mounted. - type: boolean - containerConcurrency: - description: ContainerConcurrency specifies the maximum allowed in-flight (concurrent) requests per container of the Revision. Defaults to `0` which means concurrency to the application is not limited, and the system decides the target concurrency for the autoscaler. - type: integer - format: int64 - containers: - description: List of containers belonging to the pod. Containers cannot currently be added or removed. There must be at least one container in a Pod. Cannot be updated. - type: array - items: - description: A single application container that you want to run within a pod. - type: object - properties: - args: - description: 'Arguments to the entrypoint. The container image''s CMD is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container''s environment. If a variable cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)" will produce the string literal "$(VAR_NAME)". Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell' - type: array - items: - type: string - command: - description: 'Entrypoint array. Not executed within a shell. The container image''s ENTRYPOINT is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container''s environment. If a variable cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)" will produce the string literal "$(VAR_NAME)". Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell' - type: array - items: - type: string - env: - description: List of environment variables to set in the container. Cannot be updated. - type: array - items: - description: EnvVar represents an environment variable present in a Container. - type: object - required: - - name - properties: - name: - description: Name of the environment variable. Must be a C_IDENTIFIER. - type: string - value: - description: 'Variable references $(VAR_NAME) are expanded using the previously defined environment variables in the container and any service environment variables. If a variable cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)" will produce the string literal "$(VAR_NAME)". Escaped references will never be expanded, regardless of whether the variable exists or not. Defaults to "".' - type: string - valueFrom: - description: Source for the environment variable's value. Cannot be used if value is not empty. - type: object - properties: - configMapKeyRef: - description: Selects a key of a ConfigMap. - type: object - required: - - key - properties: - key: - description: The key to select. - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?' - type: string - optional: - description: Specify whether the ConfigMap or its key must be defined - type: boolean - x-kubernetes-map-type: atomic - fieldRef: - description: This is accessible behind a feature flag - kubernetes.podspec-fieldref - type: object - x-kubernetes-preserve-unknown-fields: true - x-kubernetes-map-type: atomic - resourceFieldRef: - description: This is accessible behind a feature flag - kubernetes.podspec-fieldref - type: object - x-kubernetes-preserve-unknown-fields: true - x-kubernetes-map-type: atomic - secretKeyRef: - description: Selects a key of a secret in the pod's namespace - type: object - required: - - key - properties: - key: - description: The key of the secret to select from. Must be a valid secret key. - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?' - type: string - optional: - description: Specify whether the Secret or its key must be defined - type: boolean - x-kubernetes-map-type: atomic - envFrom: - description: List of sources to populate environment variables in the container. The keys defined within a source must be a C_IDENTIFIER. All invalid keys will be reported as an event when the container is starting. When a key exists in multiple sources, the value associated with the last source will take precedence. Values defined by an Env with a duplicate key will take precedence. Cannot be updated. - type: array - items: - description: EnvFromSource represents the source of a set of ConfigMaps - type: object - properties: - configMapRef: - description: The ConfigMap to select from - type: object - properties: - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?' - type: string - optional: - description: Specify whether the ConfigMap must be defined - type: boolean - x-kubernetes-map-type: atomic - prefix: - description: An optional identifier to prepend to each key in the ConfigMap. Must be a C_IDENTIFIER. - type: string - secretRef: - description: The Secret to select from - type: object - properties: - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?' - type: string - optional: - description: Specify whether the Secret must be defined - type: boolean - x-kubernetes-map-type: atomic - image: - description: 'Container image name. More info: https://kubernetes.io/docs/concepts/containers/images This field is optional to allow higher level config management to default or override container images in workload controllers like Deployments and StatefulSets.' - type: string - imagePullPolicy: - description: 'Image pull policy. One of Always, Never, IfNotPresent. Defaults to Always if :latest tag is specified, or IfNotPresent otherwise. Cannot be updated. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images' - type: string - livenessProbe: - description: 'Periodic probe of container liveness. Container will be restarted if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' - type: object - properties: - exec: - description: Exec specifies the action to take. - type: object - properties: - command: - description: Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. - type: array - items: - type: string - failureThreshold: - description: Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1. - type: integer - format: int32 - httpGet: - description: HTTPGet specifies the http request to perform. - type: object - properties: - host: - description: Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. - type: string - httpHeaders: - description: Custom headers to set in the request. HTTP allows repeated headers. - type: array - items: - description: HTTPHeader describes a custom header to be used in HTTP probes - type: object - required: - - name - - value - properties: - name: - description: The header field name - type: string - value: - description: The header field value - type: string - path: - description: Path to access on the HTTP server. - type: string - port: - description: Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - scheme: - description: Scheme to use for connecting to the host. Defaults to HTTP. - type: string - initialDelaySeconds: - description: 'Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' - type: integer - format: int32 - periodSeconds: - description: How often (in seconds) to perform the probe. - type: integer - format: int32 - successThreshold: - description: Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1. - type: integer - format: int32 - tcpSocket: - description: TCPSocket specifies an action involving a TCP port. - type: object - properties: - host: - description: 'Optional: Host name to connect to, defaults to the pod IP.' - type: string - port: - description: Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - timeoutSeconds: - description: 'Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' - type: integer - format: int32 - name: - description: Name of the container specified as a DNS_LABEL. Each container in a pod must have a unique name (DNS_LABEL). Cannot be updated. - type: string - ports: - description: List of ports to expose from the container. Not specifying a port here DOES NOT prevent that port from being exposed. Any port which is listening on the default "0.0.0.0" address inside a container will be accessible from the network. Modifying this array with strategic merge patch may corrupt the data. For more information See https://github.com/kubernetes/kubernetes/issues/108255. Cannot be updated. - type: array - items: - description: ContainerPort represents a network port in a single container. - type: object - required: - - containerPort - properties: - containerPort: - description: Number of port to expose on the pod's IP address. This must be a valid port number, 0 < x < 65536. - type: integer - format: int32 - name: - description: If specified, this must be an IANA_SVC_NAME and unique within the pod. Each named port in a pod must have a unique name. Name for the port that can be referred to by services. - type: string - protocol: - description: Protocol for port. Must be UDP, TCP, or SCTP. Defaults to "TCP". - type: string - default: TCP - x-kubernetes-list-map-keys: - - containerPort - - protocol - x-kubernetes-list-type: map - readinessProbe: - description: 'Periodic probe of container service readiness. Container will be removed from service endpoints if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' - type: object - properties: - exec: - description: Exec specifies the action to take. - type: object - properties: - command: - description: Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. - type: array - items: - type: string - failureThreshold: - description: Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1. - type: integer - format: int32 - httpGet: - description: HTTPGet specifies the http request to perform. - type: object - properties: - host: - description: Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. - type: string - httpHeaders: - description: Custom headers to set in the request. HTTP allows repeated headers. - type: array - items: - description: HTTPHeader describes a custom header to be used in HTTP probes - type: object - required: - - name - - value - properties: - name: - description: The header field name - type: string - value: - description: The header field value - type: string - path: - description: Path to access on the HTTP server. - type: string - port: - description: Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - scheme: - description: Scheme to use for connecting to the host. Defaults to HTTP. - type: string - initialDelaySeconds: - description: 'Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' - type: integer - format: int32 - periodSeconds: - description: How often (in seconds) to perform the probe. - type: integer - format: int32 - successThreshold: - description: Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1. - type: integer - format: int32 - tcpSocket: - description: TCPSocket specifies an action involving a TCP port. - type: object - properties: - host: - description: 'Optional: Host name to connect to, defaults to the pod IP.' - type: string - port: - description: Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - timeoutSeconds: - description: 'Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' - type: integer - format: int32 - resources: - description: 'Compute Resources required by this container. Cannot be updated. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' - type: object - properties: - limits: - description: 'Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' - type: object - additionalProperties: - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - requests: - description: 'Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' - type: object - additionalProperties: - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - securityContext: - description: 'SecurityContext defines the security options the container should be run with. If set, the fields of SecurityContext override the equivalent fields of PodSecurityContext. More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/' - type: object - properties: - allowPrivilegeEscalation: - description: 'AllowPrivilegeEscalation controls whether a process can gain more privileges than its parent process. This bool directly controls if the no_new_privs flag will be set on the container process. AllowPrivilegeEscalation is true always when the container is: 1) run as Privileged 2) has CAP_SYS_ADMIN Note that this field cannot be set when spec.os.name is windows.' - type: boolean - capabilities: - description: The capabilities to add/drop when running containers. Defaults to the default set of capabilities granted by the container runtime. Note that this field cannot be set when spec.os.name is windows. - type: object - properties: - add: - description: This is accessible behind a feature flag - kubernetes.containerspec-addcapabilities - type: array - items: - description: Capability represent POSIX capabilities type - type: string - drop: - description: Removed capabilities - type: array - items: - description: Capability represent POSIX capabilities type - type: string - readOnlyRootFilesystem: - description: Whether this container has a read-only root filesystem. Default is false. Note that this field cannot be set when spec.os.name is windows. - type: boolean - runAsGroup: - description: The GID to run the entrypoint of the container process. Uses runtime default if unset. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is windows. - type: integer - format: int64 - runAsNonRoot: - description: Indicates that the container must run as a non-root user. If true, the Kubelet will validate the image at runtime to ensure that it does not run as UID 0 (root) and fail to start the container if it does. If unset or false, no such validation will be performed. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. - type: boolean - runAsUser: - description: The UID to run the entrypoint of the container process. Defaults to user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is windows. - type: integer - format: int64 - terminationMessagePath: - description: 'Optional: Path at which the file to which the container''s termination message will be written is mounted into the container''s filesystem. Message written is intended to be brief final status, such as an assertion failure message. Will be truncated by the node if greater than 4096 bytes. The total message length across all containers will be limited to 12kb. Defaults to /dev/termination-log. Cannot be updated.' - type: string - terminationMessagePolicy: - description: Indicate how the termination message should be populated. File will use the contents of terminationMessagePath to populate the container status message on both success and failure. FallbackToLogsOnError will use the last chunk of container log output if the termination message file is empty and the container exited with an error. The log output is limited to 2048 bytes or 80 lines, whichever is smaller. Defaults to File. Cannot be updated. - type: string - volumeMounts: - description: Pod volumes to mount into the container's filesystem. Cannot be updated. - type: array - items: - description: VolumeMount describes a mounting of a Volume within a container. - type: object - required: - - mountPath - - name - properties: - mountPath: - description: Path within the container at which the volume should be mounted. Must not contain ':'. - type: string - name: - description: This must match the Name of a Volume. - type: string - readOnly: - description: Mounted read-only if true, read-write otherwise (false or unspecified). Defaults to false. - type: boolean - subPath: - description: Path within the volume from which the container's volume should be mounted. Defaults to "" (volume's root). - type: string - workingDir: - description: Container's working directory. If not specified, the container runtime's default will be used, which might be configured in the container image. Cannot be updated. - type: string - dnsConfig: - description: This is accessible behind a feature flag - kubernetes.podspec-dnsconfig - type: object - x-kubernetes-preserve-unknown-fields: true - dnsPolicy: - description: This is accessible behind a feature flag - kubernetes.podspec-dnspolicy - type: string - enableServiceLinks: - description: 'EnableServiceLinks indicates whether information about services should be injected into pod''s environment variables, matching the syntax of Docker links. Optional: Knative defaults this to false.' - type: boolean - hostAliases: - description: This is accessible behind a feature flag - kubernetes.podspec-hostaliases - type: array - items: - description: This is accessible behind a feature flag - kubernetes.podspec-hostaliases - type: object - x-kubernetes-preserve-unknown-fields: true - idleTimeoutSeconds: - description: IdleTimeoutSeconds is the maximum duration in seconds a request will be allowed to stay open while not receiving any bytes from the user's application. If unspecified, a system default will be provided. - type: integer - format: int64 - imagePullSecrets: - description: 'ImagePullSecrets is an optional list of references to secrets in the same namespace to use for pulling any of the images used by this PodSpec. If specified, these secrets will be passed to individual puller implementations for them to use. More info: https://kubernetes.io/docs/concepts/containers/images#specifying-imagepullsecrets-on-a-pod' - type: array - items: - description: LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. - type: object - properties: - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?' - type: string - x-kubernetes-map-type: atomic - initContainers: - description: 'List of initialization containers belonging to the pod. Init containers are executed in order prior to containers being started. If any init container fails, the pod is considered to have failed and is handled according to its restartPolicy. The name for an init container or normal container must be unique among all containers. Init containers may not have Lifecycle actions, Readiness probes, Liveness probes, or Startup probes. The resourceRequirements of an init container are taken into account during scheduling by finding the highest request/limit for each resource type, and then using the max of of that value or the sum of the normal containers. Limits are applied to init containers in a similar fashion. Init containers cannot currently be added or removed. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/init-containers/' - type: array - items: - description: This is accessible behind a feature flag - kubernetes.podspec-init-containers - type: object - x-kubernetes-preserve-unknown-fields: true - nodeSelector: - description: This is accessible behind a feature flag - kubernetes.podspec-nodeselector - type: object - x-kubernetes-preserve-unknown-fields: true - x-kubernetes-map-type: atomic - priorityClassName: - description: This is accessible behind a feature flag - kubernetes.podspec-priorityclassname - type: string - x-kubernetes-preserve-unknown-fields: true - responseStartTimeoutSeconds: - description: ResponseStartTimeoutSeconds is the maximum duration in seconds that the request routing layer will wait for a request delivered to a container to begin sending any network traffic. - type: integer - format: int64 - runtimeClassName: - description: This is accessible behind a feature flag - kubernetes.podspec-runtimeclassname - type: string - x-kubernetes-preserve-unknown-fields: true - schedulerName: - description: This is accessible behind a feature flag - kubernetes.podspec-schedulername - type: string - x-kubernetes-preserve-unknown-fields: true - securityContext: - description: This is accessible behind a feature flag - kubernetes.podspec-securitycontext - type: object - x-kubernetes-preserve-unknown-fields: true - serviceAccountName: - description: 'ServiceAccountName is the name of the ServiceAccount to use to run this pod. More info: https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/' - type: string - timeoutSeconds: - description: TimeoutSeconds is the maximum duration in seconds that the request instance is allowed to respond to a request. If unspecified, a system default will be provided. - type: integer - format: int64 - tolerations: - description: This is accessible behind a feature flag - kubernetes.podspec-tolerations - type: array - items: - description: This is accessible behind a feature flag - kubernetes.podspec-tolerations - type: object - x-kubernetes-preserve-unknown-fields: true - topologySpreadConstraints: - description: This is accessible behind a feature flag - kubernetes.podspec-topologyspreadconstraints - type: array - items: - description: This is accessible behind a feature flag - kubernetes.podspec-topologyspreadconstraints - type: object - x-kubernetes-preserve-unknown-fields: true - volumes: - description: 'List of volumes that can be mounted by containers belonging to the pod. More info: https://kubernetes.io/docs/concepts/storage/volumes' - type: array - items: - description: Volume represents a named volume in a pod that may be accessed by any container in the pod. - type: object - required: - - name - properties: - configMap: - description: configMap represents a configMap that should populate this volume - type: object - properties: - defaultMode: - description: 'defaultMode is optional: mode bits used to set permissions on created files by default. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. Defaults to 0644. Directories within the path are not affected by this setting. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.' - type: integer - format: int32 - items: - description: items if unspecified, each key-value pair in the Data field of the referenced ConfigMap will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the ConfigMap, the volume setup will error unless it is marked optional. Paths must be relative and may not contain the '..' path or start with '..'. - type: array - items: - description: Maps a string key to a path within a volume. - type: object - required: - - key - - path - properties: - key: - description: key is the key to project. - type: string - mode: - description: 'mode is Optional: mode bits used to set permissions on this file. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.' - type: integer - format: int32 - path: - description: path is the relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'. - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?' - type: string - optional: - description: optional specify whether the ConfigMap or its keys must be defined - type: boolean - x-kubernetes-map-type: atomic - emptyDir: - description: This is accessible behind a feature flag - kubernetes.podspec-emptydir - type: object - x-kubernetes-preserve-unknown-fields: true - name: - description: 'name of the volume. Must be a DNS_LABEL and unique within the pod. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - persistentVolumeClaim: - description: This is accessible behind a feature flag - kubernetes.podspec-persistent-volume-claim - type: object - x-kubernetes-preserve-unknown-fields: true - projected: - description: projected items for all in one resources secrets, configmaps, and downward API - type: object - properties: - defaultMode: - description: defaultMode are the mode bits used to set permissions on created files by default. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. Directories within the path are not affected by this setting. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. - type: integer - format: int32 - sources: - description: sources is the list of volume projections - type: array - items: - description: Projection that may be projected along with other supported volume types - type: object - properties: - configMap: - description: configMap information about the configMap data to project - type: object - properties: - items: - description: items if unspecified, each key-value pair in the Data field of the referenced ConfigMap will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the ConfigMap, the volume setup will error unless it is marked optional. Paths must be relative and may not contain the '..' path or start with '..'. - type: array - items: - description: Maps a string key to a path within a volume. - type: object - required: - - key - - path - properties: - key: - description: key is the key to project. - type: string - mode: - description: 'mode is Optional: mode bits used to set permissions on this file. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.' - type: integer - format: int32 - path: - description: path is the relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'. - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?' - type: string - optional: - description: optional specify whether the ConfigMap or its keys must be defined - type: boolean - x-kubernetes-map-type: atomic - secret: - description: secret information about the secret data to project - type: object - properties: - items: - description: items if unspecified, each key-value pair in the Data field of the referenced Secret will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the Secret, the volume setup will error unless it is marked optional. Paths must be relative and may not contain the '..' path or start with '..'. - type: array - items: - description: Maps a string key to a path within a volume. - type: object - required: - - key - - path - properties: - key: - description: key is the key to project. - type: string - mode: - description: 'mode is Optional: mode bits used to set permissions on this file. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.' - type: integer - format: int32 - path: - description: path is the relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'. - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?' - type: string - optional: - description: optional field specify whether the Secret or its key must be defined - type: boolean - x-kubernetes-map-type: atomic - serviceAccountToken: - description: serviceAccountToken is information about the serviceAccountToken data to project - type: object - required: - - path - properties: - audience: - description: audience is the intended audience of the token. A recipient of a token must identify itself with an identifier specified in the audience of the token, and otherwise should reject the token. The audience defaults to the identifier of the apiserver. - type: string - expirationSeconds: - description: expirationSeconds is the requested duration of validity of the service account token. As the token approaches expiration, the kubelet volume plugin will proactively rotate the service account token. The kubelet will start trying to rotate the token if the token is older than 80 percent of its time to live or if the token is older than 24 hours.Defaults to 1 hour and must be at least 10 minutes. - type: integer - format: int64 - path: - description: path is the path relative to the mount point of the file to project the token into. - type: string - secret: - description: 'secret represents a secret that should populate this volume. More info: https://kubernetes.io/docs/concepts/storage/volumes#secret' - type: object - properties: - defaultMode: - description: 'defaultMode is Optional: mode bits used to set permissions on created files by default. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. Defaults to 0644. Directories within the path are not affected by this setting. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.' - type: integer - format: int32 - items: - description: items If unspecified, each key-value pair in the Data field of the referenced Secret will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the Secret, the volume setup will error unless it is marked optional. Paths must be relative and may not contain the '..' path or start with '..'. - type: array - items: - description: Maps a string key to a path within a volume. - type: object - required: - - key - - path - properties: - key: - description: key is the key to project. - type: string - mode: - description: 'mode is Optional: mode bits used to set permissions on this file. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.' - type: integer - format: int32 - path: - description: path is the relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'. - type: string - optional: - description: optional field specify whether the Secret or its keys must be defined - type: boolean - secretName: - description: 'secretName is the name of the secret in the pod''s namespace to use. More info: https://kubernetes.io/docs/concepts/storage/volumes#secret' - type: string - traffic: - description: Traffic specifies how to distribute traffic over a collection of revisions and configurations. - type: array - items: - description: TrafficTarget holds a single entry of the routing table for a Route. - type: object - properties: - configurationName: - description: ConfigurationName of a configuration to whose latest revision we will send this portion of traffic. When the "status.latestReadyRevisionName" of the referenced configuration changes, we will automatically migrate traffic from the prior "latest ready" revision to the new one. This field is never set in Route's status, only its spec. This is mutually exclusive with RevisionName. - type: string - latestRevision: - description: LatestRevision may be optionally provided to indicate that the latest ready Revision of the Configuration should be used for this traffic target. When provided LatestRevision must be true if RevisionName is empty; it must be false when RevisionName is non-empty. - type: boolean - percent: - description: 'Percent indicates that percentage based routing should be used and the value indicates the percent of traffic that is be routed to this Revision or Configuration. `0` (zero) mean no traffic, `100` means all traffic. When percentage based routing is being used the follow rules apply: - the sum of all percent values must equal 100 - when not specified, the implied value for `percent` is zero for that particular Revision or Configuration' - type: integer - format: int64 - revisionName: - description: RevisionName of a specific revision to which to send this portion of traffic. This is mutually exclusive with ConfigurationName. - type: string - tag: - description: Tag is optionally used to expose a dedicated url for referencing this target exclusively. - type: string - url: - description: URL displays the URL for accessing named traffic targets. URL is displayed in status, and is disallowed on spec. URL must contain a scheme (e.g. http://) and a hostname, but may not contain anything else (e.g. basic auth, url path, etc.) - type: string - status: - description: ServiceStatus represents the Status stanza of the Service resource. - type: object - properties: - address: - description: Address holds the information needed for a Route to be the target of an event. - type: object - properties: - url: - type: string - annotations: - description: Annotations is additional Status fields for the Resource to save some additional State as well as convey more information to the user. This is roughly akin to Annotations on any k8s resource, just the reconciler conveying richer information outwards. - type: object - additionalProperties: - type: string - conditions: - description: Conditions the latest available observations of a resource's current state. - type: array - items: - description: 'Condition defines a readiness condition for a Knative resource. See: https://github.com/kubernetes/community/blob/master/contributors/devel/sig-architecture/api-conventions.md#typical-status-properties' - type: object - required: - - status - - type - properties: - lastTransitionTime: - description: LastTransitionTime is the last time the condition transitioned from one status to another. We use VolatileTime in place of metav1.Time to exclude this from creating equality.Semantic differences (all other things held constant). - type: string - message: - description: A human readable message indicating details about the transition. - type: string - reason: - description: The reason for the condition's last transition. - type: string - severity: - description: Severity with which to treat failures of this type of condition. When this is not specified, it defaults to Error. - type: string - status: - description: Status of the condition, one of True, False, Unknown. - type: string - type: - description: Type of condition. - type: string - latestCreatedRevisionName: - description: LatestCreatedRevisionName is the last revision that was created from this Configuration. It might not be ready yet, for that use LatestReadyRevisionName. - type: string - latestReadyRevisionName: - description: LatestReadyRevisionName holds the name of the latest Revision stamped out from this Configuration that has had its "Ready" condition become "True". - type: string - observedGeneration: - description: ObservedGeneration is the 'Generation' of the Service that was last processed by the controller. - type: integer - format: int64 - traffic: - description: Traffic holds the configured traffic distribution. These entries will always contain RevisionName references. When ConfigurationName appears in the spec, this will hold the LatestReadyRevisionName that we last observed. - type: array - items: - description: TrafficTarget holds a single entry of the routing table for a Route. - type: object - properties: - configurationName: - description: ConfigurationName of a configuration to whose latest revision we will send this portion of traffic. When the "status.latestReadyRevisionName" of the referenced configuration changes, we will automatically migrate traffic from the prior "latest ready" revision to the new one. This field is never set in Route's status, only its spec. This is mutually exclusive with RevisionName. - type: string - latestRevision: - description: LatestRevision may be optionally provided to indicate that the latest ready Revision of the Configuration should be used for this traffic target. When provided LatestRevision must be true if RevisionName is empty; it must be false when RevisionName is non-empty. - type: boolean - percent: - description: 'Percent indicates that percentage based routing should be used and the value indicates the percent of traffic that is be routed to this Revision or Configuration. `0` (zero) mean no traffic, `100` means all traffic. When percentage based routing is being used the follow rules apply: - the sum of all percent values must equal 100 - when not specified, the implied value for `percent` is zero for that particular Revision or Configuration' - type: integer - format: int64 - revisionName: - description: RevisionName of a specific revision to which to send this portion of traffic. This is mutually exclusive with ConfigurationName. - type: string - tag: - description: Tag is optionally used to expose a dedicated url for referencing this target exclusively. - type: string - url: - description: URL displays the URL for accessing named traffic targets. URL is displayed in status, and is disallowed on spec. URL must contain a scheme (e.g. http://) and a hostname, but may not contain anything else (e.g. basic auth, url path, etc.) - type: string - url: - description: URL holds the url that will distribute traffic over the provided traffic targets. It generally has the form http[s]://{route-name}.{route-namespace}.{cluster-level-suffix} - type: string - ---- -# Copyright 2018 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - name: images.caching.internal.knative.dev - labels: - app.kubernetes.io/name: knative-serving - app.kubernetes.io/version: "1.8.5" - knative.dev/crd-install: "true" -spec: - group: caching.internal.knative.dev - names: - kind: Image - plural: images - singular: image - categories: - - knative-internal - - caching - scope: Namespaced - versions: - - name: v1alpha1 - served: true - storage: true - subresources: - status: {} - schema: - openAPIV3Schema: - description: Image is a Knative abstraction that encapsulates the interface by which Knative components express a desire to have a particular image cached. - type: object - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - description: Spec holds the desired state of the Image (from the client). - type: object - required: - - image - properties: - image: - description: Image is the name of the container image url to cache across the cluster. - type: string - imagePullSecrets: - description: ImagePullSecrets contains the names of the Kubernetes Secrets containing login information used by the Pods which will run this container. - type: array - items: - description: LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. - type: object - properties: - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?' - type: string - x-kubernetes-map-type: atomic - serviceAccountName: - description: 'ServiceAccountName is the name of the Kubernetes ServiceAccount as which the Pods will run this container. This is potentially used to authenticate the image pull if the service account has attached pull secrets. For more information: https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/#add-imagepullsecrets-to-a-service-account' - type: string - status: - description: Status communicates the observed state of the Image (from the controller). - type: object - properties: - annotations: - description: Annotations is additional Status fields for the Resource to save some additional State as well as convey more information to the user. This is roughly akin to Annotations on any k8s resource, just the reconciler conveying richer information outwards. - type: object - additionalProperties: - type: string - conditions: - description: Conditions the latest available observations of a resource's current state. - type: array - items: - description: 'Condition defines a readiness condition for a Knative resource. See: https://github.com/kubernetes/community/blob/master/contributors/devel/sig-architecture/api-conventions.md#typical-status-properties' - type: object - required: - - status - - type - properties: - lastTransitionTime: - description: LastTransitionTime is the last time the condition transitioned from one status to another. We use VolatileTime in place of metav1.Time to exclude this from creating equality.Semantic differences (all other things held constant). - type: string - message: - description: A human readable message indicating details about the transition. - type: string - reason: - description: The reason for the condition's last transition. - type: string - severity: - description: Severity with which to treat failures of this type of condition. When this is not specified, it defaults to Error. - type: string - status: - description: Status of the condition, one of True, False, Unknown. - type: string - type: - description: Type of condition. - type: string - observedGeneration: - description: ObservedGeneration is the 'Generation' of the Service that was last processed by the controller. - type: integer - format: int64 - additionalPrinterColumns: - - name: Image - type: string - jsonPath: .spec.image - ---- diff --git a/cmd/operator/kodata/knative-serving/1.8.5/2-serving-core.yaml b/cmd/operator/kodata/knative-serving/1.8.5/2-serving-core.yaml deleted file mode 100644 index 0844442950..0000000000 --- a/cmd/operator/kodata/knative-serving/1.8.5/2-serving-core.yaml +++ /dev/null @@ -1,6920 +0,0 @@ -# Copyright 2018 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: v1 -kind: Namespace -metadata: - name: knative-serving - labels: - app.kubernetes.io/name: knative-serving - app.kubernetes.io/version: "1.8.5" - ---- -# Copyright 2019 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -# Use this aggregated ClusterRole when you need readonly access to "Addressables" -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRole -metadata: - # Named like this to avoid clashing with eventing's existing `addressable-resolver` role - # (which should be identical, but isn't guaranteed to be installed alongside serving). - name: knative-serving-aggregated-addressable-resolver - labels: - app.kubernetes.io/version: "1.8.5" - app.kubernetes.io/name: knative-serving -aggregationRule: - clusterRoleSelectors: - - matchLabels: - duck.knative.dev/addressable: "true" ---- -kind: ClusterRole -apiVersion: rbac.authorization.k8s.io/v1 -metadata: - name: knative-serving-addressable-resolver - labels: - app.kubernetes.io/version: "1.8.5" - app.kubernetes.io/name: knative-serving - # Labeled to facilitate aggregated cluster roles that act on Addressables. - duck.knative.dev/addressable: "true" -# Do not use this role directly. These rules will be added to the "addressable-resolver" role. -rules: - - apiGroups: - - serving.knative.dev - resources: - - routes - - routes/status - - services - - services/status - verbs: - - get - - list - - watch - ---- -# Copyright 2019 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -kind: ClusterRole -apiVersion: rbac.authorization.k8s.io/v1 -metadata: - name: knative-serving-namespaced-admin - labels: - rbac.authorization.k8s.io/aggregate-to-admin: "true" - app.kubernetes.io/version: "1.8.5" - app.kubernetes.io/name: knative-serving -rules: - - apiGroups: ["serving.knative.dev"] - resources: ["*"] - verbs: ["*"] - - apiGroups: ["networking.internal.knative.dev", "autoscaling.internal.knative.dev", "caching.internal.knative.dev"] - resources: ["*"] - verbs: ["get", "list", "watch"] ---- -kind: ClusterRole -apiVersion: rbac.authorization.k8s.io/v1 -metadata: - name: knative-serving-namespaced-edit - labels: - rbac.authorization.k8s.io/aggregate-to-edit: "true" - app.kubernetes.io/version: "1.8.5" - app.kubernetes.io/name: knative-serving -rules: - - apiGroups: ["serving.knative.dev"] - resources: ["*"] - verbs: ["create", "update", "patch", "delete"] - - apiGroups: ["networking.internal.knative.dev", "autoscaling.internal.knative.dev", "caching.internal.knative.dev"] - resources: ["*"] - verbs: ["get", "list", "watch"] ---- -kind: ClusterRole -apiVersion: rbac.authorization.k8s.io/v1 -metadata: - name: knative-serving-namespaced-view - labels: - rbac.authorization.k8s.io/aggregate-to-view: "true" - app.kubernetes.io/version: "1.8.5" - app.kubernetes.io/name: knative-serving -rules: - - apiGroups: ["serving.knative.dev", "networking.internal.knative.dev", "autoscaling.internal.knative.dev", "caching.internal.knative.dev"] - resources: ["*"] - verbs: ["get", "list", "watch"] - ---- -# Copyright 2019 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -kind: ClusterRole -apiVersion: rbac.authorization.k8s.io/v1 -metadata: - name: knative-serving-core - labels: - serving.knative.dev/controller: "true" - app.kubernetes.io/version: "1.8.5" - app.kubernetes.io/name: knative-serving -rules: - - apiGroups: [""] - resources: ["pods", "namespaces", "secrets", "configmaps", "endpoints", "services", "events", "serviceaccounts"] - verbs: ["get", "list", "create", "update", "delete", "patch", "watch"] - - apiGroups: [""] - resources: ["endpoints/restricted"] # Permission for RestrictedEndpointsAdmission - verbs: ["create"] - - apiGroups: [""] - resources: ["namespaces/finalizers"] # finalizers are needed for the owner reference of the webhook - verbs: ["update"] - - apiGroups: ["apps"] - resources: ["deployments", "deployments/finalizers"] # finalizers are needed for the owner reference of the webhook - verbs: ["get", "list", "create", "update", "delete", "patch", "watch"] - - apiGroups: ["admissionregistration.k8s.io"] - resources: ["mutatingwebhookconfigurations", "validatingwebhookconfigurations"] - verbs: ["get", "list", "create", "update", "delete", "patch", "watch"] - - apiGroups: ["apiextensions.k8s.io"] - resources: ["customresourcedefinitions", "customresourcedefinitions/status"] - verbs: ["get", "list", "create", "update", "delete", "patch", "watch"] - - apiGroups: ["autoscaling"] - resources: ["horizontalpodautoscalers"] - verbs: ["get", "list", "create", "update", "delete", "patch", "watch"] - - apiGroups: ["coordination.k8s.io"] - resources: ["leases"] - verbs: ["get", "list", "create", "update", "delete", "patch", "watch"] - - apiGroups: ["serving.knative.dev", "autoscaling.internal.knative.dev", "networking.internal.knative.dev"] - resources: ["*", "*/status", "*/finalizers"] - verbs: ["get", "list", "create", "update", "delete", "deletecollection", "patch", "watch"] - - apiGroups: ["caching.internal.knative.dev"] - resources: ["images"] - verbs: ["get", "list", "create", "update", "delete", "patch", "watch"] - ---- -# Copyright 2019 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -kind: ClusterRole -apiVersion: rbac.authorization.k8s.io/v1 -metadata: - name: knative-serving-podspecable-binding - labels: - app.kubernetes.io/version: "1.8.5" - app.kubernetes.io/name: knative-serving - # Labeled to facilitate aggregated cluster roles that act on PodSpecables. - duck.knative.dev/podspecable: "true" -# Do not use this role directly. These rules will be added to the "podspecable-binder" role. -rules: - - apiGroups: - - serving.knative.dev - resources: - - configurations - - services - verbs: - - list - - watch - - patch - ---- -# Copyright 2018 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: v1 -kind: ServiceAccount -metadata: - name: controller - namespace: knative-serving - labels: - app.kubernetes.io/component: controller - app.kubernetes.io/name: knative-serving - app.kubernetes.io/version: "1.8.5" ---- -kind: ClusterRole -apiVersion: rbac.authorization.k8s.io/v1 -metadata: - name: knative-serving-admin - labels: - app.kubernetes.io/name: knative-serving - app.kubernetes.io/version: "1.8.5" -aggregationRule: - clusterRoleSelectors: - - matchLabels: - serving.knative.dev/controller: "true" ---- -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRoleBinding -metadata: - name: knative-serving-controller-admin - labels: - app.kubernetes.io/component: controller - app.kubernetes.io/name: knative-serving - app.kubernetes.io/version: "1.8.5" -subjects: - - kind: ServiceAccount - name: controller - namespace: knative-serving -roleRef: - kind: ClusterRole - name: knative-serving-admin - apiGroup: rbac.authorization.k8s.io ---- -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRoleBinding -metadata: - name: knative-serving-controller-addressable-resolver - labels: - app.kubernetes.io/component: controller - app.kubernetes.io/name: knative-serving - app.kubernetes.io/version: "1.8.5" -subjects: - - kind: ServiceAccount - name: controller - namespace: knative-serving -roleRef: - kind: ClusterRole - name: knative-serving-aggregated-addressable-resolver - apiGroup: rbac.authorization.k8s.io - ---- -# Copyright 2018 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - name: images.caching.internal.knative.dev - labels: - app.kubernetes.io/name: knative-serving - app.kubernetes.io/version: "1.8.5" - knative.dev/crd-install: "true" -spec: - group: caching.internal.knative.dev - names: - kind: Image - plural: images - singular: image - categories: - - knative-internal - - caching - scope: Namespaced - versions: - - name: v1alpha1 - served: true - storage: true - subresources: - status: {} - schema: - openAPIV3Schema: - description: Image is a Knative abstraction that encapsulates the interface by which Knative components express a desire to have a particular image cached. - type: object - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - description: Spec holds the desired state of the Image (from the client). - type: object - required: - - image - properties: - image: - description: Image is the name of the container image url to cache across the cluster. - type: string - imagePullSecrets: - description: ImagePullSecrets contains the names of the Kubernetes Secrets containing login information used by the Pods which will run this container. - type: array - items: - description: LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. - type: object - properties: - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?' - type: string - x-kubernetes-map-type: atomic - serviceAccountName: - description: 'ServiceAccountName is the name of the Kubernetes ServiceAccount as which the Pods will run this container. This is potentially used to authenticate the image pull if the service account has attached pull secrets. For more information: https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/#add-imagepullsecrets-to-a-service-account' - type: string - status: - description: Status communicates the observed state of the Image (from the controller). - type: object - properties: - annotations: - description: Annotations is additional Status fields for the Resource to save some additional State as well as convey more information to the user. This is roughly akin to Annotations on any k8s resource, just the reconciler conveying richer information outwards. - type: object - additionalProperties: - type: string - conditions: - description: Conditions the latest available observations of a resource's current state. - type: array - items: - description: 'Condition defines a readiness condition for a Knative resource. See: https://github.com/kubernetes/community/blob/master/contributors/devel/sig-architecture/api-conventions.md#typical-status-properties' - type: object - required: - - status - - type - properties: - lastTransitionTime: - description: LastTransitionTime is the last time the condition transitioned from one status to another. We use VolatileTime in place of metav1.Time to exclude this from creating equality.Semantic differences (all other things held constant). - type: string - message: - description: A human readable message indicating details about the transition. - type: string - reason: - description: The reason for the condition's last transition. - type: string - severity: - description: Severity with which to treat failures of this type of condition. When this is not specified, it defaults to Error. - type: string - status: - description: Status of the condition, one of True, False, Unknown. - type: string - type: - description: Type of condition. - type: string - observedGeneration: - description: ObservedGeneration is the 'Generation' of the Service that was last processed by the controller. - type: integer - format: int64 - additionalPrinterColumns: - - name: Image - type: string - jsonPath: .spec.image - ---- -# Copyright 2020 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - name: certificates.networking.internal.knative.dev - labels: - app.kubernetes.io/name: knative-serving - app.kubernetes.io/component: networking - app.kubernetes.io/version: "1.8.5" - knative.dev/crd-install: "true" -spec: - group: networking.internal.knative.dev - versions: - - name: v1alpha1 - served: true - storage: true - subresources: - status: {} - schema: - openAPIV3Schema: - description: Certificate is responsible for provisioning a SSL certificate for the given hosts. It is a Knative abstraction for various SSL certificate provisioning solutions (such as cert-manager or self-signed SSL certificate). - type: object - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - description: 'Spec is the desired state of the Certificate. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status' - type: object - required: - - dnsNames - - secretName - properties: - dnsNames: - description: DNSNames is a list of DNS names the Certificate could support. The wildcard format of DNSNames (e.g. *.default.example.com) is supported. - type: array - items: - type: string - secretName: - description: SecretName is the name of the secret resource to store the SSL certificate in. - type: string - status: - description: 'Status is the current state of the Certificate. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status' - type: object - properties: - annotations: - description: Annotations is additional Status fields for the Resource to save some additional State as well as convey more information to the user. This is roughly akin to Annotations on any k8s resource, just the reconciler conveying richer information outwards. - type: object - additionalProperties: - type: string - conditions: - description: Conditions the latest available observations of a resource's current state. - type: array - items: - description: 'Condition defines a readiness condition for a Knative resource. See: https://github.com/kubernetes/community/blob/master/contributors/devel/sig-architecture/api-conventions.md#typical-status-properties' - type: object - required: - - status - - type - properties: - lastTransitionTime: - description: LastTransitionTime is the last time the condition transitioned from one status to another. We use VolatileTime in place of metav1.Time to exclude this from creating equality.Semantic differences (all other things held constant). - type: string - message: - description: A human readable message indicating details about the transition. - type: string - reason: - description: The reason for the condition's last transition. - type: string - severity: - description: Severity with which to treat failures of this type of condition. When this is not specified, it defaults to Error. - type: string - status: - description: Status of the condition, one of True, False, Unknown. - type: string - type: - description: Type of condition. - type: string - http01Challenges: - description: HTTP01Challenges is a list of HTTP01 challenges that need to be fulfilled in order to get the TLS certificate.. - type: array - items: - description: HTTP01Challenge defines the status of a HTTP01 challenge that a certificate needs to fulfill. - type: object - properties: - serviceName: - description: ServiceName is the name of the service to serve HTTP01 challenge requests. - type: string - serviceNamespace: - description: ServiceNamespace is the namespace of the service to serve HTTP01 challenge requests. - type: string - servicePort: - description: ServicePort is the port of the service to serve HTTP01 challenge requests. - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - url: - description: URL is the URL that the HTTP01 challenge is expected to serve on. - type: string - notAfter: - description: The expiration time of the TLS certificate stored in the secret named by this resource in spec.secretName. - type: string - format: date-time - observedGeneration: - description: ObservedGeneration is the 'Generation' of the Service that was last processed by the controller. - type: integer - format: int64 - additionalPrinterColumns: - - name: Ready - type: string - jsonPath: ".status.conditions[?(@.type==\"Ready\")].status" - - name: Reason - type: string - jsonPath: ".status.conditions[?(@.type==\"Ready\")].reason" - names: - kind: Certificate - plural: certificates - singular: certificate - categories: - - knative-internal - - networking - shortNames: - - kcert - scope: Namespaced - ---- -# Copyright 2019 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -# Note: The schema part of the spec is auto-generated by hack/update-schemas.sh. - -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - name: configurations.serving.knative.dev - labels: - app.kubernetes.io/name: knative-serving - app.kubernetes.io/version: "1.8.5" - knative.dev/crd-install: "true" - duck.knative.dev/podspecable: "true" -spec: - group: serving.knative.dev - names: - kind: Configuration - plural: configurations - singular: configuration - categories: - - all - - knative - - serving - shortNames: - - config - - cfg - scope: Namespaced - versions: - - name: v1 - served: true - storage: true - subresources: - status: {} - additionalPrinterColumns: - - name: LatestCreated - type: string - jsonPath: .status.latestCreatedRevisionName - - name: LatestReady - type: string - jsonPath: .status.latestReadyRevisionName - - name: Ready - type: string - jsonPath: ".status.conditions[?(@.type=='Ready')].status" - - name: Reason - type: string - jsonPath: ".status.conditions[?(@.type=='Ready')].reason" - schema: - openAPIV3Schema: - description: 'Configuration represents the "floating HEAD" of a linear history of Revisions. Users create new Revisions by updating the Configuration''s spec. The "latest created" revision''s name is available under status, as is the "latest ready" revision''s name. See also: https://github.com/knative/serving/blob/main/docs/spec/overview.md#configuration' - type: object - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - description: ConfigurationSpec holds the desired state of the Configuration (from the client). - type: object - properties: - template: - description: Template holds the latest specification for the Revision to be stamped out. - type: object - properties: - metadata: - type: object - properties: - annotations: - type: object - additionalProperties: - type: string - finalizers: - type: array - items: - type: string - labels: - type: object - additionalProperties: - type: string - name: - type: string - namespace: - type: string - x-kubernetes-preserve-unknown-fields: true - spec: - description: RevisionSpec holds the desired state of the Revision (from the client). - type: object - required: - - containers - properties: - affinity: - description: This is accessible behind a feature flag - kubernetes.podspec-affinity - type: object - x-kubernetes-preserve-unknown-fields: true - automountServiceAccountToken: - description: AutomountServiceAccountToken indicates whether a service account token should be automatically mounted. - type: boolean - containerConcurrency: - description: ContainerConcurrency specifies the maximum allowed in-flight (concurrent) requests per container of the Revision. Defaults to `0` which means concurrency to the application is not limited, and the system decides the target concurrency for the autoscaler. - type: integer - format: int64 - containers: - description: List of containers belonging to the pod. Containers cannot currently be added or removed. There must be at least one container in a Pod. Cannot be updated. - type: array - items: - description: A single application container that you want to run within a pod. - type: object - properties: - args: - description: 'Arguments to the entrypoint. The container image''s CMD is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container''s environment. If a variable cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)" will produce the string literal "$(VAR_NAME)". Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell' - type: array - items: - type: string - command: - description: 'Entrypoint array. Not executed within a shell. The container image''s ENTRYPOINT is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container''s environment. If a variable cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)" will produce the string literal "$(VAR_NAME)". Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell' - type: array - items: - type: string - env: - description: List of environment variables to set in the container. Cannot be updated. - type: array - items: - description: EnvVar represents an environment variable present in a Container. - type: object - required: - - name - properties: - name: - description: Name of the environment variable. Must be a C_IDENTIFIER. - type: string - value: - description: 'Variable references $(VAR_NAME) are expanded using the previously defined environment variables in the container and any service environment variables. If a variable cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)" will produce the string literal "$(VAR_NAME)". Escaped references will never be expanded, regardless of whether the variable exists or not. Defaults to "".' - type: string - valueFrom: - description: Source for the environment variable's value. Cannot be used if value is not empty. - type: object - properties: - configMapKeyRef: - description: Selects a key of a ConfigMap. - type: object - required: - - key - properties: - key: - description: The key to select. - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?' - type: string - optional: - description: Specify whether the ConfigMap or its key must be defined - type: boolean - x-kubernetes-map-type: atomic - fieldRef: - description: This is accessible behind a feature flag - kubernetes.podspec-fieldref - type: object - x-kubernetes-preserve-unknown-fields: true - x-kubernetes-map-type: atomic - resourceFieldRef: - description: This is accessible behind a feature flag - kubernetes.podspec-fieldref - type: object - x-kubernetes-preserve-unknown-fields: true - x-kubernetes-map-type: atomic - secretKeyRef: - description: Selects a key of a secret in the pod's namespace - type: object - required: - - key - properties: - key: - description: The key of the secret to select from. Must be a valid secret key. - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?' - type: string - optional: - description: Specify whether the Secret or its key must be defined - type: boolean - x-kubernetes-map-type: atomic - envFrom: - description: List of sources to populate environment variables in the container. The keys defined within a source must be a C_IDENTIFIER. All invalid keys will be reported as an event when the container is starting. When a key exists in multiple sources, the value associated with the last source will take precedence. Values defined by an Env with a duplicate key will take precedence. Cannot be updated. - type: array - items: - description: EnvFromSource represents the source of a set of ConfigMaps - type: object - properties: - configMapRef: - description: The ConfigMap to select from - type: object - properties: - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?' - type: string - optional: - description: Specify whether the ConfigMap must be defined - type: boolean - x-kubernetes-map-type: atomic - prefix: - description: An optional identifier to prepend to each key in the ConfigMap. Must be a C_IDENTIFIER. - type: string - secretRef: - description: The Secret to select from - type: object - properties: - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?' - type: string - optional: - description: Specify whether the Secret must be defined - type: boolean - x-kubernetes-map-type: atomic - image: - description: 'Container image name. More info: https://kubernetes.io/docs/concepts/containers/images This field is optional to allow higher level config management to default or override container images in workload controllers like Deployments and StatefulSets.' - type: string - imagePullPolicy: - description: 'Image pull policy. One of Always, Never, IfNotPresent. Defaults to Always if :latest tag is specified, or IfNotPresent otherwise. Cannot be updated. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images' - type: string - livenessProbe: - description: 'Periodic probe of container liveness. Container will be restarted if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' - type: object - properties: - exec: - description: Exec specifies the action to take. - type: object - properties: - command: - description: Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. - type: array - items: - type: string - failureThreshold: - description: Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1. - type: integer - format: int32 - httpGet: - description: HTTPGet specifies the http request to perform. - type: object - properties: - host: - description: Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. - type: string - httpHeaders: - description: Custom headers to set in the request. HTTP allows repeated headers. - type: array - items: - description: HTTPHeader describes a custom header to be used in HTTP probes - type: object - required: - - name - - value - properties: - name: - description: The header field name - type: string - value: - description: The header field value - type: string - path: - description: Path to access on the HTTP server. - type: string - port: - description: Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - scheme: - description: Scheme to use for connecting to the host. Defaults to HTTP. - type: string - initialDelaySeconds: - description: 'Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' - type: integer - format: int32 - periodSeconds: - description: How often (in seconds) to perform the probe. - type: integer - format: int32 - successThreshold: - description: Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1. - type: integer - format: int32 - tcpSocket: - description: TCPSocket specifies an action involving a TCP port. - type: object - properties: - host: - description: 'Optional: Host name to connect to, defaults to the pod IP.' - type: string - port: - description: Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - timeoutSeconds: - description: 'Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' - type: integer - format: int32 - name: - description: Name of the container specified as a DNS_LABEL. Each container in a pod must have a unique name (DNS_LABEL). Cannot be updated. - type: string - ports: - description: List of ports to expose from the container. Not specifying a port here DOES NOT prevent that port from being exposed. Any port which is listening on the default "0.0.0.0" address inside a container will be accessible from the network. Modifying this array with strategic merge patch may corrupt the data. For more information See https://github.com/kubernetes/kubernetes/issues/108255. Cannot be updated. - type: array - items: - description: ContainerPort represents a network port in a single container. - type: object - required: - - containerPort - properties: - containerPort: - description: Number of port to expose on the pod's IP address. This must be a valid port number, 0 < x < 65536. - type: integer - format: int32 - name: - description: If specified, this must be an IANA_SVC_NAME and unique within the pod. Each named port in a pod must have a unique name. Name for the port that can be referred to by services. - type: string - protocol: - description: Protocol for port. Must be UDP, TCP, or SCTP. Defaults to "TCP". - type: string - default: TCP - x-kubernetes-list-map-keys: - - containerPort - - protocol - x-kubernetes-list-type: map - readinessProbe: - description: 'Periodic probe of container service readiness. Container will be removed from service endpoints if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' - type: object - properties: - exec: - description: Exec specifies the action to take. - type: object - properties: - command: - description: Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. - type: array - items: - type: string - failureThreshold: - description: Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1. - type: integer - format: int32 - httpGet: - description: HTTPGet specifies the http request to perform. - type: object - properties: - host: - description: Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. - type: string - httpHeaders: - description: Custom headers to set in the request. HTTP allows repeated headers. - type: array - items: - description: HTTPHeader describes a custom header to be used in HTTP probes - type: object - required: - - name - - value - properties: - name: - description: The header field name - type: string - value: - description: The header field value - type: string - path: - description: Path to access on the HTTP server. - type: string - port: - description: Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - scheme: - description: Scheme to use for connecting to the host. Defaults to HTTP. - type: string - initialDelaySeconds: - description: 'Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' - type: integer - format: int32 - periodSeconds: - description: How often (in seconds) to perform the probe. - type: integer - format: int32 - successThreshold: - description: Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1. - type: integer - format: int32 - tcpSocket: - description: TCPSocket specifies an action involving a TCP port. - type: object - properties: - host: - description: 'Optional: Host name to connect to, defaults to the pod IP.' - type: string - port: - description: Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - timeoutSeconds: - description: 'Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' - type: integer - format: int32 - resources: - description: 'Compute Resources required by this container. Cannot be updated. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' - type: object - properties: - limits: - description: 'Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' - type: object - additionalProperties: - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - requests: - description: 'Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' - type: object - additionalProperties: - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - securityContext: - description: 'SecurityContext defines the security options the container should be run with. If set, the fields of SecurityContext override the equivalent fields of PodSecurityContext. More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/' - type: object - properties: - allowPrivilegeEscalation: - description: 'AllowPrivilegeEscalation controls whether a process can gain more privileges than its parent process. This bool directly controls if the no_new_privs flag will be set on the container process. AllowPrivilegeEscalation is true always when the container is: 1) run as Privileged 2) has CAP_SYS_ADMIN Note that this field cannot be set when spec.os.name is windows.' - type: boolean - capabilities: - description: The capabilities to add/drop when running containers. Defaults to the default set of capabilities granted by the container runtime. Note that this field cannot be set when spec.os.name is windows. - type: object - properties: - add: - description: This is accessible behind a feature flag - kubernetes.containerspec-addcapabilities - type: array - items: - description: Capability represent POSIX capabilities type - type: string - drop: - description: Removed capabilities - type: array - items: - description: Capability represent POSIX capabilities type - type: string - readOnlyRootFilesystem: - description: Whether this container has a read-only root filesystem. Default is false. Note that this field cannot be set when spec.os.name is windows. - type: boolean - runAsGroup: - description: The GID to run the entrypoint of the container process. Uses runtime default if unset. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is windows. - type: integer - format: int64 - runAsNonRoot: - description: Indicates that the container must run as a non-root user. If true, the Kubelet will validate the image at runtime to ensure that it does not run as UID 0 (root) and fail to start the container if it does. If unset or false, no such validation will be performed. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. - type: boolean - runAsUser: - description: The UID to run the entrypoint of the container process. Defaults to user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is windows. - type: integer - format: int64 - terminationMessagePath: - description: 'Optional: Path at which the file to which the container''s termination message will be written is mounted into the container''s filesystem. Message written is intended to be brief final status, such as an assertion failure message. Will be truncated by the node if greater than 4096 bytes. The total message length across all containers will be limited to 12kb. Defaults to /dev/termination-log. Cannot be updated.' - type: string - terminationMessagePolicy: - description: Indicate how the termination message should be populated. File will use the contents of terminationMessagePath to populate the container status message on both success and failure. FallbackToLogsOnError will use the last chunk of container log output if the termination message file is empty and the container exited with an error. The log output is limited to 2048 bytes or 80 lines, whichever is smaller. Defaults to File. Cannot be updated. - type: string - volumeMounts: - description: Pod volumes to mount into the container's filesystem. Cannot be updated. - type: array - items: - description: VolumeMount describes a mounting of a Volume within a container. - type: object - required: - - mountPath - - name - properties: - mountPath: - description: Path within the container at which the volume should be mounted. Must not contain ':'. - type: string - name: - description: This must match the Name of a Volume. - type: string - readOnly: - description: Mounted read-only if true, read-write otherwise (false or unspecified). Defaults to false. - type: boolean - subPath: - description: Path within the volume from which the container's volume should be mounted. Defaults to "" (volume's root). - type: string - workingDir: - description: Container's working directory. If not specified, the container runtime's default will be used, which might be configured in the container image. Cannot be updated. - type: string - dnsConfig: - description: This is accessible behind a feature flag - kubernetes.podspec-dnsconfig - type: object - x-kubernetes-preserve-unknown-fields: true - dnsPolicy: - description: This is accessible behind a feature flag - kubernetes.podspec-dnspolicy - type: string - enableServiceLinks: - description: 'EnableServiceLinks indicates whether information about services should be injected into pod''s environment variables, matching the syntax of Docker links. Optional: Knative defaults this to false.' - type: boolean - hostAliases: - description: This is accessible behind a feature flag - kubernetes.podspec-hostaliases - type: array - items: - description: This is accessible behind a feature flag - kubernetes.podspec-hostaliases - type: object - x-kubernetes-preserve-unknown-fields: true - idleTimeoutSeconds: - description: IdleTimeoutSeconds is the maximum duration in seconds a request will be allowed to stay open while not receiving any bytes from the user's application. If unspecified, a system default will be provided. - type: integer - format: int64 - imagePullSecrets: - description: 'ImagePullSecrets is an optional list of references to secrets in the same namespace to use for pulling any of the images used by this PodSpec. If specified, these secrets will be passed to individual puller implementations for them to use. More info: https://kubernetes.io/docs/concepts/containers/images#specifying-imagepullsecrets-on-a-pod' - type: array - items: - description: LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. - type: object - properties: - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?' - type: string - x-kubernetes-map-type: atomic - initContainers: - description: 'List of initialization containers belonging to the pod. Init containers are executed in order prior to containers being started. If any init container fails, the pod is considered to have failed and is handled according to its restartPolicy. The name for an init container or normal container must be unique among all containers. Init containers may not have Lifecycle actions, Readiness probes, Liveness probes, or Startup probes. The resourceRequirements of an init container are taken into account during scheduling by finding the highest request/limit for each resource type, and then using the max of of that value or the sum of the normal containers. Limits are applied to init containers in a similar fashion. Init containers cannot currently be added or removed. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/init-containers/' - type: array - items: - description: This is accessible behind a feature flag - kubernetes.podspec-init-containers - type: object - x-kubernetes-preserve-unknown-fields: true - nodeSelector: - description: This is accessible behind a feature flag - kubernetes.podspec-nodeselector - type: object - x-kubernetes-preserve-unknown-fields: true - x-kubernetes-map-type: atomic - priorityClassName: - description: This is accessible behind a feature flag - kubernetes.podspec-priorityclassname - type: string - x-kubernetes-preserve-unknown-fields: true - responseStartTimeoutSeconds: - description: ResponseStartTimeoutSeconds is the maximum duration in seconds that the request routing layer will wait for a request delivered to a container to begin sending any network traffic. - type: integer - format: int64 - runtimeClassName: - description: This is accessible behind a feature flag - kubernetes.podspec-runtimeclassname - type: string - x-kubernetes-preserve-unknown-fields: true - schedulerName: - description: This is accessible behind a feature flag - kubernetes.podspec-schedulername - type: string - x-kubernetes-preserve-unknown-fields: true - securityContext: - description: This is accessible behind a feature flag - kubernetes.podspec-securitycontext - type: object - x-kubernetes-preserve-unknown-fields: true - serviceAccountName: - description: 'ServiceAccountName is the name of the ServiceAccount to use to run this pod. More info: https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/' - type: string - timeoutSeconds: - description: TimeoutSeconds is the maximum duration in seconds that the request instance is allowed to respond to a request. If unspecified, a system default will be provided. - type: integer - format: int64 - tolerations: - description: This is accessible behind a feature flag - kubernetes.podspec-tolerations - type: array - items: - description: This is accessible behind a feature flag - kubernetes.podspec-tolerations - type: object - x-kubernetes-preserve-unknown-fields: true - topologySpreadConstraints: - description: This is accessible behind a feature flag - kubernetes.podspec-topologyspreadconstraints - type: array - items: - description: This is accessible behind a feature flag - kubernetes.podspec-topologyspreadconstraints - type: object - x-kubernetes-preserve-unknown-fields: true - volumes: - description: 'List of volumes that can be mounted by containers belonging to the pod. More info: https://kubernetes.io/docs/concepts/storage/volumes' - type: array - items: - description: Volume represents a named volume in a pod that may be accessed by any container in the pod. - type: object - required: - - name - properties: - configMap: - description: configMap represents a configMap that should populate this volume - type: object - properties: - defaultMode: - description: 'defaultMode is optional: mode bits used to set permissions on created files by default. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. Defaults to 0644. Directories within the path are not affected by this setting. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.' - type: integer - format: int32 - items: - description: items if unspecified, each key-value pair in the Data field of the referenced ConfigMap will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the ConfigMap, the volume setup will error unless it is marked optional. Paths must be relative and may not contain the '..' path or start with '..'. - type: array - items: - description: Maps a string key to a path within a volume. - type: object - required: - - key - - path - properties: - key: - description: key is the key to project. - type: string - mode: - description: 'mode is Optional: mode bits used to set permissions on this file. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.' - type: integer - format: int32 - path: - description: path is the relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'. - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?' - type: string - optional: - description: optional specify whether the ConfigMap or its keys must be defined - type: boolean - x-kubernetes-map-type: atomic - emptyDir: - description: This is accessible behind a feature flag - kubernetes.podspec-emptydir - type: object - x-kubernetes-preserve-unknown-fields: true - name: - description: 'name of the volume. Must be a DNS_LABEL and unique within the pod. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - persistentVolumeClaim: - description: This is accessible behind a feature flag - kubernetes.podspec-persistent-volume-claim - type: object - x-kubernetes-preserve-unknown-fields: true - projected: - description: projected items for all in one resources secrets, configmaps, and downward API - type: object - properties: - defaultMode: - description: defaultMode are the mode bits used to set permissions on created files by default. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. Directories within the path are not affected by this setting. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. - type: integer - format: int32 - sources: - description: sources is the list of volume projections - type: array - items: - description: Projection that may be projected along with other supported volume types - type: object - properties: - configMap: - description: configMap information about the configMap data to project - type: object - properties: - items: - description: items if unspecified, each key-value pair in the Data field of the referenced ConfigMap will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the ConfigMap, the volume setup will error unless it is marked optional. Paths must be relative and may not contain the '..' path or start with '..'. - type: array - items: - description: Maps a string key to a path within a volume. - type: object - required: - - key - - path - properties: - key: - description: key is the key to project. - type: string - mode: - description: 'mode is Optional: mode bits used to set permissions on this file. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.' - type: integer - format: int32 - path: - description: path is the relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'. - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?' - type: string - optional: - description: optional specify whether the ConfigMap or its keys must be defined - type: boolean - x-kubernetes-map-type: atomic - secret: - description: secret information about the secret data to project - type: object - properties: - items: - description: items if unspecified, each key-value pair in the Data field of the referenced Secret will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the Secret, the volume setup will error unless it is marked optional. Paths must be relative and may not contain the '..' path or start with '..'. - type: array - items: - description: Maps a string key to a path within a volume. - type: object - required: - - key - - path - properties: - key: - description: key is the key to project. - type: string - mode: - description: 'mode is Optional: mode bits used to set permissions on this file. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.' - type: integer - format: int32 - path: - description: path is the relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'. - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?' - type: string - optional: - description: optional field specify whether the Secret or its key must be defined - type: boolean - x-kubernetes-map-type: atomic - serviceAccountToken: - description: serviceAccountToken is information about the serviceAccountToken data to project - type: object - required: - - path - properties: - audience: - description: audience is the intended audience of the token. A recipient of a token must identify itself with an identifier specified in the audience of the token, and otherwise should reject the token. The audience defaults to the identifier of the apiserver. - type: string - expirationSeconds: - description: expirationSeconds is the requested duration of validity of the service account token. As the token approaches expiration, the kubelet volume plugin will proactively rotate the service account token. The kubelet will start trying to rotate the token if the token is older than 80 percent of its time to live or if the token is older than 24 hours.Defaults to 1 hour and must be at least 10 minutes. - type: integer - format: int64 - path: - description: path is the path relative to the mount point of the file to project the token into. - type: string - secret: - description: 'secret represents a secret that should populate this volume. More info: https://kubernetes.io/docs/concepts/storage/volumes#secret' - type: object - properties: - defaultMode: - description: 'defaultMode is Optional: mode bits used to set permissions on created files by default. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. Defaults to 0644. Directories within the path are not affected by this setting. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.' - type: integer - format: int32 - items: - description: items If unspecified, each key-value pair in the Data field of the referenced Secret will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the Secret, the volume setup will error unless it is marked optional. Paths must be relative and may not contain the '..' path or start with '..'. - type: array - items: - description: Maps a string key to a path within a volume. - type: object - required: - - key - - path - properties: - key: - description: key is the key to project. - type: string - mode: - description: 'mode is Optional: mode bits used to set permissions on this file. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.' - type: integer - format: int32 - path: - description: path is the relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'. - type: string - optional: - description: optional field specify whether the Secret or its keys must be defined - type: boolean - secretName: - description: 'secretName is the name of the secret in the pod''s namespace to use. More info: https://kubernetes.io/docs/concepts/storage/volumes#secret' - type: string - status: - description: ConfigurationStatus communicates the observed state of the Configuration (from the controller). - type: object - properties: - annotations: - description: Annotations is additional Status fields for the Resource to save some additional State as well as convey more information to the user. This is roughly akin to Annotations on any k8s resource, just the reconciler conveying richer information outwards. - type: object - additionalProperties: - type: string - conditions: - description: Conditions the latest available observations of a resource's current state. - type: array - items: - description: 'Condition defines a readiness condition for a Knative resource. See: https://github.com/kubernetes/community/blob/master/contributors/devel/sig-architecture/api-conventions.md#typical-status-properties' - type: object - required: - - status - - type - properties: - lastTransitionTime: - description: LastTransitionTime is the last time the condition transitioned from one status to another. We use VolatileTime in place of metav1.Time to exclude this from creating equality.Semantic differences (all other things held constant). - type: string - message: - description: A human readable message indicating details about the transition. - type: string - reason: - description: The reason for the condition's last transition. - type: string - severity: - description: Severity with which to treat failures of this type of condition. When this is not specified, it defaults to Error. - type: string - status: - description: Status of the condition, one of True, False, Unknown. - type: string - type: - description: Type of condition. - type: string - latestCreatedRevisionName: - description: LatestCreatedRevisionName is the last revision that was created from this Configuration. It might not be ready yet, for that use LatestReadyRevisionName. - type: string - latestReadyRevisionName: - description: LatestReadyRevisionName holds the name of the latest Revision stamped out from this Configuration that has had its "Ready" condition become "True". - type: string - observedGeneration: - description: ObservedGeneration is the 'Generation' of the Service that was last processed by the controller. - type: integer - format: int64 - ---- -# Copyright 2020 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - name: clusterdomainclaims.networking.internal.knative.dev - labels: - app.kubernetes.io/name: knative-serving - app.kubernetes.io/component: networking - app.kubernetes.io/version: "1.8.5" - knative.dev/crd-install: "true" -spec: - group: networking.internal.knative.dev - versions: - - name: v1alpha1 - served: true - storage: true - subresources: - status: {} - schema: - openAPIV3Schema: - description: ClusterDomainClaim is a cluster-wide reservation for a particular domain name. - type: object - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - description: 'Spec is the desired state of the ClusterDomainClaim. More info: https://github.com/kubernetes/community/blob/master/contributors/devel/sig-architecture/api-conventions.md#spec-and-status' - type: object - required: - - namespace - properties: - namespace: - description: Namespace is the namespace which is allowed to create a DomainMapping using this ClusterDomainClaim's name. - type: string - names: - kind: ClusterDomainClaim - plural: clusterdomainclaims - singular: clusterdomainclaim - categories: - - knative-internal - - networking - shortNames: - - cdc - scope: Cluster - ---- -# Copyright 2020 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - name: domainmappings.serving.knative.dev - labels: - app.kubernetes.io/name: knative-serving - app.kubernetes.io/version: "1.8.5" - knative.dev/crd-install: "true" -spec: - group: serving.knative.dev - versions: - - name: v1beta1 - served: true - storage: false - subresources: - status: {} - additionalPrinterColumns: - - name: URL - type: string - jsonPath: .status.url - - name: Ready - type: string - jsonPath: ".status.conditions[?(@.type=='Ready')].status" - - name: Reason - type: string - jsonPath: ".status.conditions[?(@.type=='Ready')].reason" - "schema": - "openAPIV3Schema": - description: DomainMapping is a mapping from a custom hostname to an Addressable. - type: object - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - description: 'Spec is the desired state of the DomainMapping. More info: https://github.com/kubernetes/community/blob/master/contributors/devel/sig-architecture/api-conventions.md#spec-and-status' - type: object - required: - - ref - properties: - ref: - description: "Ref specifies the target of the Domain Mapping. \n The object identified by the Ref must be an Addressable with a URL of the form `{name}.{namespace}.{domain}` where `{domain}` is the cluster domain, and `{name}` and `{namespace}` are the name and namespace of a Kubernetes Service. \n This contract is satisfied by Knative types such as Knative Services and Knative Routes, and by Kubernetes Services." - type: object - required: - - kind - - name - properties: - apiVersion: - description: API version of the referent. - type: string - group: - description: 'Group of the API, without the version of the group. This can be used as an alternative to the APIVersion, and then resolved using ResolveGroup. Note: This API is EXPERIMENTAL and might break anytime. For more details: https://github.com/knative/eventing/issues/5086' - type: string - kind: - description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - namespace: - description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ This is optional field, it gets defaulted to the object holding it if left out.' - type: string - tls: - description: TLS allows the DomainMapping to terminate TLS traffic with an existing secret. - type: object - required: - - secretName - properties: - secretName: - description: SecretName is the name of the existing secret used to terminate TLS traffic. - type: string - status: - description: 'Status is the current state of the DomainMapping. More info: https://github.com/kubernetes/community/blob/master/contributors/devel/sig-architecture/api-conventions.md#spec-and-status' - type: object - properties: - address: - description: Address holds the information needed for a DomainMapping to be the target of an event. - type: object - properties: - url: - type: string - annotations: - description: Annotations is additional Status fields for the Resource to save some additional State as well as convey more information to the user. This is roughly akin to Annotations on any k8s resource, just the reconciler conveying richer information outwards. - type: object - additionalProperties: - type: string - conditions: - description: Conditions the latest available observations of a resource's current state. - type: array - items: - description: 'Condition defines a readiness condition for a Knative resource. See: https://github.com/kubernetes/community/blob/master/contributors/devel/sig-architecture/api-conventions.md#typical-status-properties' - type: object - required: - - status - - type - properties: - lastTransitionTime: - description: LastTransitionTime is the last time the condition transitioned from one status to another. We use VolatileTime in place of metav1.Time to exclude this from creating equality.Semantic differences (all other things held constant). - type: string - message: - description: A human readable message indicating details about the transition. - type: string - reason: - description: The reason for the condition's last transition. - type: string - severity: - description: Severity with which to treat failures of this type of condition. When this is not specified, it defaults to Error. - type: string - status: - description: Status of the condition, one of True, False, Unknown. - type: string - type: - description: Type of condition. - type: string - observedGeneration: - description: ObservedGeneration is the 'Generation' of the Service that was last processed by the controller. - type: integer - format: int64 - url: - description: URL is the URL of this DomainMapping. - type: string - - name: v1alpha1 - served: true - storage: true - subresources: - status: {} - schema: - openAPIV3Schema: - description: DomainMapping is a mapping from a custom hostname to an Addressable. - type: object - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - description: 'Spec is the desired state of the DomainMapping. More info: https://github.com/kubernetes/community/blob/master/contributors/devel/sig-architecture/api-conventions.md#spec-and-status' - type: object - required: - - ref - properties: - ref: - description: "Ref specifies the target of the Domain Mapping. \n The object identified by the Ref must be an Addressable with a URL of the form `{name}.{namespace}.{domain}` where `{domain}` is the cluster domain, and `{name}` and `{namespace}` are the name and namespace of a Kubernetes Service. \n This contract is satisfied by Knative types such as Knative Services and Knative Routes, and by Kubernetes Services." - type: object - required: - - kind - - name - properties: - apiVersion: - description: API version of the referent. - type: string - group: - description: 'Group of the API, without the version of the group. This can be used as an alternative to the APIVersion, and then resolved using ResolveGroup. Note: This API is EXPERIMENTAL and might break anytime. For more details: https://github.com/knative/eventing/issues/5086' - type: string - kind: - description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - namespace: - description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ This is optional field, it gets defaulted to the object holding it if left out.' - type: string - tls: - description: TLS allows the DomainMapping to terminate TLS traffic with an existing secret. - type: object - required: - - secretName - properties: - secretName: - description: SecretName is the name of the existing secret used to terminate TLS traffic. - type: string - status: - description: 'Status is the current state of the DomainMapping. More info: https://github.com/kubernetes/community/blob/master/contributors/devel/sig-architecture/api-conventions.md#spec-and-status' - type: object - properties: - address: - description: Address holds the information needed for a DomainMapping to be the target of an event. - type: object - properties: - url: - type: string - annotations: - description: Annotations is additional Status fields for the Resource to save some additional State as well as convey more information to the user. This is roughly akin to Annotations on any k8s resource, just the reconciler conveying richer information outwards. - type: object - additionalProperties: - type: string - conditions: - description: Conditions the latest available observations of a resource's current state. - type: array - items: - description: 'Condition defines a readiness condition for a Knative resource. See: https://github.com/kubernetes/community/blob/master/contributors/devel/sig-architecture/api-conventions.md#typical-status-properties' - type: object - required: - - status - - type - properties: - lastTransitionTime: - description: LastTransitionTime is the last time the condition transitioned from one status to another. We use VolatileTime in place of metav1.Time to exclude this from creating equality.Semantic differences (all other things held constant). - type: string - message: - description: A human readable message indicating details about the transition. - type: string - reason: - description: The reason for the condition's last transition. - type: string - severity: - description: Severity with which to treat failures of this type of condition. When this is not specified, it defaults to Error. - type: string - status: - description: Status of the condition, one of True, False, Unknown. - type: string - type: - description: Type of condition. - type: string - observedGeneration: - description: ObservedGeneration is the 'Generation' of the Service that was last processed by the controller. - type: integer - format: int64 - url: - description: URL is the URL of this DomainMapping. - type: string - additionalPrinterColumns: - - name: URL - type: string - jsonPath: .status.url - - name: Ready - type: string - jsonPath: ".status.conditions[?(@.type=='Ready')].status" - - name: Reason - type: string - jsonPath: ".status.conditions[?(@.type=='Ready')].reason" - names: - kind: DomainMapping - plural: domainmappings - singular: domainmapping - categories: - - all - - knative - - serving - shortNames: - - dm - scope: Namespaced - ---- -# Copyright 2020 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - name: ingresses.networking.internal.knative.dev - labels: - app.kubernetes.io/name: knative-serving - app.kubernetes.io/component: networking - app.kubernetes.io/version: "1.8.5" - knative.dev/crd-install: "true" -spec: - group: networking.internal.knative.dev - versions: - - name: v1alpha1 - served: true - storage: true - subresources: - status: {} - schema: - openAPIV3Schema: - description: "Ingress is a collection of rules that allow inbound connections to reach the endpoints defined by a backend. An Ingress can be configured to give services externally-reachable URLs, load balance traffic, offer name based virtual hosting, etc. \n This is heavily based on K8s Ingress https://godoc.org/k8s.io/api/networking/v1beta1#Ingress which some highlighted modifications." - type: object - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - description: 'Spec is the desired state of the Ingress. More info: https://github.com/kubernetes/community/blob/master/contributors/devel/sig-architecture/api-conventions.md#spec-and-status' - type: object - properties: - httpOption: - description: 'HTTPOption is the option of HTTP. It has the following two values: `HTTPOptionEnabled`, `HTTPOptionRedirected`' - type: string - rules: - description: A list of host rules used to configure the Ingress. - type: array - items: - description: IngressRule represents the rules mapping the paths under a specified host to the related backend services. Incoming requests are first evaluated for a host match, then routed to the backend associated with the matching IngressRuleValue. - type: object - properties: - hosts: - description: 'Host is the fully qualified domain name of a network host, as defined by RFC 3986. Note the following deviations from the "host" part of the URI as defined in the RFC: 1. IPs are not allowed. Currently a rule value can only apply to the IP in the Spec of the parent . 2. The `:` delimiter is not respected because ports are not allowed. Currently the port of an Ingress is implicitly :80 for http and :443 for https. Both these may change in the future. If the host is unspecified, the Ingress routes all traffic based on the specified IngressRuleValue. If multiple matching Hosts were provided, the first rule will take precedent.' - type: array - items: - type: string - http: - description: HTTP represents a rule to apply against incoming requests. If the rule is satisfied, the request is routed to the specified backend. - type: object - required: - - paths - properties: - paths: - description: "A collection of paths that map requests to backends. \n If they are multiple matching paths, the first match takes precedence." - type: array - items: - description: HTTPIngressPath associates a path regex with a backend. Incoming URLs matching the path are forwarded to the backend. - type: object - required: - - splits - properties: - appendHeaders: - description: "AppendHeaders allow specifying additional HTTP headers to add before forwarding a request to the destination service. \n NOTE: This differs from K8s Ingress which doesn't allow header appending." - type: object - additionalProperties: - type: string - headers: - description: Headers defines header matching rules which is a map from a header name to HeaderMatch which specify a matching condition. When a request matched with all the header matching rules, the request is routed by the corresponding ingress rule. If it is empty, the headers are not used for matching - type: object - additionalProperties: - description: HeaderMatch represents a matching value of Headers in HTTPIngressPath. Currently, only the exact matching is supported. - type: object - required: - - exact - properties: - exact: - type: string - path: - description: Path represents a literal prefix to which this rule should apply. Currently it can contain characters disallowed from the conventional "path" part of a URL as defined by RFC 3986. Paths must begin with a '/'. If unspecified, the path defaults to a catch all sending traffic to the backend. - type: string - rewriteHost: - description: "RewriteHost rewrites the incoming request's host header. \n This field is currently experimental and not supported by all Ingress implementations." - type: string - splits: - description: Splits defines the referenced service endpoints to which the traffic will be forwarded to. - type: array - items: - description: IngressBackendSplit describes all endpoints for a given service and port. - type: object - required: - - serviceName - - serviceNamespace - - servicePort - properties: - appendHeaders: - description: "AppendHeaders allow specifying additional HTTP headers to add before forwarding a request to the destination service. \n NOTE: This differs from K8s Ingress which doesn't allow header appending." - type: object - additionalProperties: - type: string - percent: - description: "Specifies the split percentage, a number between 0 and 100. If only one split is specified, we default to 100. \n NOTE: This differs from K8s Ingress to allow percentage split." - type: integer - serviceName: - description: Specifies the name of the referenced service. - type: string - serviceNamespace: - description: "Specifies the namespace of the referenced service. \n NOTE: This differs from K8s Ingress to allow routing to different namespaces." - type: string - servicePort: - description: Specifies the port of the referenced service. - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - visibility: - description: Visibility signifies whether this rule should `ClusterLocal`. If it's not specified then it defaults to `ExternalIP`. - type: string - tls: - description: 'TLS configuration. Currently Ingress only supports a single TLS port: 443. If multiple members of this list specify different hosts, they will be multiplexed on the same port according to the hostname specified through the SNI TLS extension, if the ingress controller fulfilling the ingress supports SNI.' - type: array - items: - description: IngressTLS describes the transport layer security associated with an Ingress. - type: object - properties: - hosts: - description: Hosts is a list of hosts included in the TLS certificate. The values in this list must match the name/s used in the tlsSecret. Defaults to the wildcard host setting for the loadbalancer controller fulfilling this Ingress, if left unspecified. - type: array - items: - type: string - secretName: - description: SecretName is the name of the secret used to terminate SSL traffic. - type: string - secretNamespace: - description: SecretNamespace is the namespace of the secret used to terminate SSL traffic. If not set the namespace should be assumed to be the same as the Ingress. If set the secret should have the same namespace as the Ingress otherwise the behaviour is undefined and not supported. - type: string - status: - description: 'Status is the current state of the Ingress. More info: https://github.com/kubernetes/community/blob/master/contributors/devel/sig-architecture/api-conventions.md#spec-and-status' - type: object - properties: - annotations: - description: Annotations is additional Status fields for the Resource to save some additional State as well as convey more information to the user. This is roughly akin to Annotations on any k8s resource, just the reconciler conveying richer information outwards. - type: object - additionalProperties: - type: string - conditions: - description: Conditions the latest available observations of a resource's current state. - type: array - items: - description: 'Condition defines a readiness condition for a Knative resource. See: https://github.com/kubernetes/community/blob/master/contributors/devel/sig-architecture/api-conventions.md#typical-status-properties' - type: object - required: - - status - - type - properties: - lastTransitionTime: - description: LastTransitionTime is the last time the condition transitioned from one status to another. We use VolatileTime in place of metav1.Time to exclude this from creating equality.Semantic differences (all other things held constant). - type: string - message: - description: A human readable message indicating details about the transition. - type: string - reason: - description: The reason for the condition's last transition. - type: string - severity: - description: Severity with which to treat failures of this type of condition. When this is not specified, it defaults to Error. - type: string - status: - description: Status of the condition, one of True, False, Unknown. - type: string - type: - description: Type of condition. - type: string - observedGeneration: - description: ObservedGeneration is the 'Generation' of the Service that was last processed by the controller. - type: integer - format: int64 - privateLoadBalancer: - description: PrivateLoadBalancer contains the current status of the load-balancer. - type: object - properties: - ingress: - description: Ingress is a list containing ingress points for the load-balancer. Traffic intended for the service should be sent to these ingress points. - type: array - items: - description: 'LoadBalancerIngressStatus represents the status of a load-balancer ingress point: traffic intended for the service should be sent to an ingress point.' - type: object - properties: - domain: - description: Domain is set for load-balancer ingress points that are DNS based (typically AWS load-balancers) - type: string - domainInternal: - description: "DomainInternal is set if there is a cluster-local DNS name to access the Ingress. \n NOTE: This differs from K8s Ingress, since we also desire to have a cluster-local DNS name to allow routing in case of not having a mesh." - type: string - ip: - description: IP is set for load-balancer ingress points that are IP based (typically GCE or OpenStack load-balancers) - type: string - meshOnly: - description: MeshOnly is set if the Ingress is only load-balanced through a Service mesh. - type: boolean - publicLoadBalancer: - description: PublicLoadBalancer contains the current status of the load-balancer. - type: object - properties: - ingress: - description: Ingress is a list containing ingress points for the load-balancer. Traffic intended for the service should be sent to these ingress points. - type: array - items: - description: 'LoadBalancerIngressStatus represents the status of a load-balancer ingress point: traffic intended for the service should be sent to an ingress point.' - type: object - properties: - domain: - description: Domain is set for load-balancer ingress points that are DNS based (typically AWS load-balancers) - type: string - domainInternal: - description: "DomainInternal is set if there is a cluster-local DNS name to access the Ingress. \n NOTE: This differs from K8s Ingress, since we also desire to have a cluster-local DNS name to allow routing in case of not having a mesh." - type: string - ip: - description: IP is set for load-balancer ingress points that are IP based (typically GCE or OpenStack load-balancers) - type: string - meshOnly: - description: MeshOnly is set if the Ingress is only load-balanced through a Service mesh. - type: boolean - additionalPrinterColumns: - - name: Ready - type: string - jsonPath: ".status.conditions[?(@.type=='Ready')].status" - - name: Reason - type: string - jsonPath: ".status.conditions[?(@.type=='Ready')].reason" - names: - kind: Ingress - plural: ingresses - singular: ingress - categories: - - knative-internal - - networking - shortNames: - - kingress - - king - scope: Namespaced - ---- -# Copyright 2019 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -# Note: The schema part of the spec is auto-generated by hack/update-schemas.sh. - -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - name: metrics.autoscaling.internal.knative.dev - labels: - app.kubernetes.io/name: knative-serving - app.kubernetes.io/version: "1.8.5" - knative.dev/crd-install: "true" -spec: - group: autoscaling.internal.knative.dev - names: - kind: Metric - plural: metrics - singular: metric - categories: - - knative-internal - - autoscaling - scope: Namespaced - versions: - - name: v1alpha1 - served: true - storage: true - subresources: - status: {} - additionalPrinterColumns: - - name: Ready - type: string - jsonPath: ".status.conditions[?(@.type=='Ready')].status" - - name: Reason - type: string - jsonPath: ".status.conditions[?(@.type=='Ready')].reason" - schema: - openAPIV3Schema: - description: Metric represents a resource to configure the metric collector with. - type: object - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - description: Spec holds the desired state of the Metric (from the client). - type: object - required: - - panicWindow - - scrapeTarget - - stableWindow - properties: - panicWindow: - description: PanicWindow is the aggregation window for metrics where quick reactions are needed. - type: integer - format: int64 - scrapeTarget: - description: ScrapeTarget is the K8s service that publishes the metric endpoint. - type: string - stableWindow: - description: StableWindow is the aggregation window for metrics in a stable state. - type: integer - format: int64 - status: - description: Status communicates the observed state of the Metric (from the controller). - type: object - properties: - annotations: - description: Annotations is additional Status fields for the Resource to save some additional State as well as convey more information to the user. This is roughly akin to Annotations on any k8s resource, just the reconciler conveying richer information outwards. - type: object - additionalProperties: - type: string - conditions: - description: Conditions the latest available observations of a resource's current state. - type: array - items: - description: 'Condition defines a readiness condition for a Knative resource. See: https://github.com/kubernetes/community/blob/master/contributors/devel/sig-architecture/api-conventions.md#typical-status-properties' - type: object - required: - - status - - type - properties: - lastTransitionTime: - description: LastTransitionTime is the last time the condition transitioned from one status to another. We use VolatileTime in place of metav1.Time to exclude this from creating equality.Semantic differences (all other things held constant). - type: string - message: - description: A human readable message indicating details about the transition. - type: string - reason: - description: The reason for the condition's last transition. - type: string - severity: - description: Severity with which to treat failures of this type of condition. When this is not specified, it defaults to Error. - type: string - status: - description: Status of the condition, one of True, False, Unknown. - type: string - type: - description: Type of condition. - type: string - observedGeneration: - description: ObservedGeneration is the 'Generation' of the Service that was last processed by the controller. - type: integer - format: int64 - ---- -# Copyright 2018 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -# Note: The schema part of the spec is auto-generated by hack/update-schemas.sh. - -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - name: podautoscalers.autoscaling.internal.knative.dev - labels: - app.kubernetes.io/name: knative-serving - app.kubernetes.io/version: "1.8.5" - knative.dev/crd-install: "true" -spec: - group: autoscaling.internal.knative.dev - names: - kind: PodAutoscaler - plural: podautoscalers - singular: podautoscaler - categories: - - knative-internal - - autoscaling - shortNames: - - kpa - - pa - scope: Namespaced - versions: - - name: v1alpha1 - served: true - storage: true - subresources: - status: {} - additionalPrinterColumns: - - name: DesiredScale - type: integer - jsonPath: ".status.desiredScale" - - name: ActualScale - type: integer - jsonPath: ".status.actualScale" - - name: Ready - type: string - jsonPath: ".status.conditions[?(@.type=='Ready')].status" - - name: Reason - type: string - jsonPath: ".status.conditions[?(@.type=='Ready')].reason" - schema: - openAPIV3Schema: - description: 'PodAutoscaler is a Knative abstraction that encapsulates the interface by which Knative components instantiate autoscalers. This definition is an abstraction that may be backed by multiple definitions. For more information, see the Knative Pluggability presentation: https://docs.google.com/presentation/d/19vW9HFZ6Puxt31biNZF3uLRejDmu82rxJIk1cWmxF7w/edit' - type: object - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - description: Spec holds the desired state of the PodAutoscaler (from the client). - type: object - required: - - protocolType - - scaleTargetRef - properties: - containerConcurrency: - description: ContainerConcurrency specifies the maximum allowed in-flight (concurrent) requests per container of the Revision. Defaults to `0` which means unlimited concurrency. - type: integer - format: int64 - protocolType: - description: The application-layer protocol. Matches `ProtocolType` inferred from the revision spec. - type: string - reachability: - description: Reachability specifies whether or not the `ScaleTargetRef` can be reached (ie. has a route). Defaults to `ReachabilityUnknown` - type: string - scaleTargetRef: - description: ScaleTargetRef defines the /scale-able resource that this PodAutoscaler is responsible for quickly right-sizing. - type: object - properties: - apiVersion: - description: API version of the referent. - type: string - kind: - description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - x-kubernetes-map-type: atomic - status: - description: Status communicates the observed state of the PodAutoscaler (from the controller). - type: object - required: - - metricsServiceName - - serviceName - properties: - actualScale: - description: ActualScale shows the actual number of replicas for the revision. - type: integer - format: int32 - annotations: - description: Annotations is additional Status fields for the Resource to save some additional State as well as convey more information to the user. This is roughly akin to Annotations on any k8s resource, just the reconciler conveying richer information outwards. - type: object - additionalProperties: - type: string - conditions: - description: Conditions the latest available observations of a resource's current state. - type: array - items: - description: 'Condition defines a readiness condition for a Knative resource. See: https://github.com/kubernetes/community/blob/master/contributors/devel/sig-architecture/api-conventions.md#typical-status-properties' - type: object - required: - - status - - type - properties: - lastTransitionTime: - description: LastTransitionTime is the last time the condition transitioned from one status to another. We use VolatileTime in place of metav1.Time to exclude this from creating equality.Semantic differences (all other things held constant). - type: string - message: - description: A human readable message indicating details about the transition. - type: string - reason: - description: The reason for the condition's last transition. - type: string - severity: - description: Severity with which to treat failures of this type of condition. When this is not specified, it defaults to Error. - type: string - status: - description: Status of the condition, one of True, False, Unknown. - type: string - type: - description: Type of condition. - type: string - desiredScale: - description: DesiredScale shows the current desired number of replicas for the revision. - type: integer - format: int32 - metricsServiceName: - description: MetricsServiceName is the K8s Service name that provides revision metrics. The service is managed by the PA object. - type: string - observedGeneration: - description: ObservedGeneration is the 'Generation' of the Service that was last processed by the controller. - type: integer - format: int64 - serviceName: - description: ServiceName is the K8s Service name that serves the revision, scaled by this PA. The service is created and owned by the ServerlessService object owned by this PA. - type: string - ---- -# Copyright 2019 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -# Note: The schema part of the spec is auto-generated by hack/update-schemas.sh. - -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - name: revisions.serving.knative.dev - labels: - app.kubernetes.io/name: knative-serving - app.kubernetes.io/version: "1.8.5" - knative.dev/crd-install: "true" -spec: - group: serving.knative.dev - names: - kind: Revision - plural: revisions - singular: revision - categories: - - all - - knative - - serving - shortNames: - - rev - scope: Namespaced - versions: - - name: v1 - served: true - storage: true - subresources: - status: {} - additionalPrinterColumns: - - name: Config Name - type: string - jsonPath: ".metadata.labels['serving\\.knative\\.dev/configuration']" - - name: K8s Service Name - type: string - jsonPath: ".status.serviceName" - - name: Generation - type: string # int in string form :( - jsonPath: ".metadata.labels['serving\\.knative\\.dev/configurationGeneration']" - - name: Ready - type: string - jsonPath: ".status.conditions[?(@.type=='Ready')].status" - - name: Reason - type: string - jsonPath: ".status.conditions[?(@.type=='Ready')].reason" - - name: Actual Replicas - type: integer - jsonPath: ".status.actualReplicas" - - name: Desired Replicas - type: integer - jsonPath: ".status.desiredReplicas" - schema: - openAPIV3Schema: - description: "Revision is an immutable snapshot of code and configuration. A revision references a container image. Revisions are created by updates to a Configuration. \n See also: https://github.com/knative/serving/blob/main/docs/spec/overview.md#revision" - type: object - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - description: RevisionSpec holds the desired state of the Revision (from the client). - type: object - required: - - containers - properties: - affinity: - description: This is accessible behind a feature flag - kubernetes.podspec-affinity - type: object - x-kubernetes-preserve-unknown-fields: true - automountServiceAccountToken: - description: AutomountServiceAccountToken indicates whether a service account token should be automatically mounted. - type: boolean - containerConcurrency: - description: ContainerConcurrency specifies the maximum allowed in-flight (concurrent) requests per container of the Revision. Defaults to `0` which means concurrency to the application is not limited, and the system decides the target concurrency for the autoscaler. - type: integer - format: int64 - containers: - description: List of containers belonging to the pod. Containers cannot currently be added or removed. There must be at least one container in a Pod. Cannot be updated. - type: array - items: - description: A single application container that you want to run within a pod. - type: object - properties: - args: - description: 'Arguments to the entrypoint. The container image''s CMD is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container''s environment. If a variable cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)" will produce the string literal "$(VAR_NAME)". Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell' - type: array - items: - type: string - command: - description: 'Entrypoint array. Not executed within a shell. The container image''s ENTRYPOINT is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container''s environment. If a variable cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)" will produce the string literal "$(VAR_NAME)". Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell' - type: array - items: - type: string - env: - description: List of environment variables to set in the container. Cannot be updated. - type: array - items: - description: EnvVar represents an environment variable present in a Container. - type: object - required: - - name - properties: - name: - description: Name of the environment variable. Must be a C_IDENTIFIER. - type: string - value: - description: 'Variable references $(VAR_NAME) are expanded using the previously defined environment variables in the container and any service environment variables. If a variable cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)" will produce the string literal "$(VAR_NAME)". Escaped references will never be expanded, regardless of whether the variable exists or not. Defaults to "".' - type: string - valueFrom: - description: Source for the environment variable's value. Cannot be used if value is not empty. - type: object - properties: - configMapKeyRef: - description: Selects a key of a ConfigMap. - type: object - required: - - key - properties: - key: - description: The key to select. - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?' - type: string - optional: - description: Specify whether the ConfigMap or its key must be defined - type: boolean - x-kubernetes-map-type: atomic - fieldRef: - description: This is accessible behind a feature flag - kubernetes.podspec-fieldref - type: object - x-kubernetes-preserve-unknown-fields: true - x-kubernetes-map-type: atomic - resourceFieldRef: - description: This is accessible behind a feature flag - kubernetes.podspec-fieldref - type: object - x-kubernetes-preserve-unknown-fields: true - x-kubernetes-map-type: atomic - secretKeyRef: - description: Selects a key of a secret in the pod's namespace - type: object - required: - - key - properties: - key: - description: The key of the secret to select from. Must be a valid secret key. - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?' - type: string - optional: - description: Specify whether the Secret or its key must be defined - type: boolean - x-kubernetes-map-type: atomic - envFrom: - description: List of sources to populate environment variables in the container. The keys defined within a source must be a C_IDENTIFIER. All invalid keys will be reported as an event when the container is starting. When a key exists in multiple sources, the value associated with the last source will take precedence. Values defined by an Env with a duplicate key will take precedence. Cannot be updated. - type: array - items: - description: EnvFromSource represents the source of a set of ConfigMaps - type: object - properties: - configMapRef: - description: The ConfigMap to select from - type: object - properties: - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?' - type: string - optional: - description: Specify whether the ConfigMap must be defined - type: boolean - x-kubernetes-map-type: atomic - prefix: - description: An optional identifier to prepend to each key in the ConfigMap. Must be a C_IDENTIFIER. - type: string - secretRef: - description: The Secret to select from - type: object - properties: - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?' - type: string - optional: - description: Specify whether the Secret must be defined - type: boolean - x-kubernetes-map-type: atomic - image: - description: 'Container image name. More info: https://kubernetes.io/docs/concepts/containers/images This field is optional to allow higher level config management to default or override container images in workload controllers like Deployments and StatefulSets.' - type: string - imagePullPolicy: - description: 'Image pull policy. One of Always, Never, IfNotPresent. Defaults to Always if :latest tag is specified, or IfNotPresent otherwise. Cannot be updated. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images' - type: string - livenessProbe: - description: 'Periodic probe of container liveness. Container will be restarted if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' - type: object - properties: - exec: - description: Exec specifies the action to take. - type: object - properties: - command: - description: Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. - type: array - items: - type: string - failureThreshold: - description: Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1. - type: integer - format: int32 - httpGet: - description: HTTPGet specifies the http request to perform. - type: object - properties: - host: - description: Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. - type: string - httpHeaders: - description: Custom headers to set in the request. HTTP allows repeated headers. - type: array - items: - description: HTTPHeader describes a custom header to be used in HTTP probes - type: object - required: - - name - - value - properties: - name: - description: The header field name - type: string - value: - description: The header field value - type: string - path: - description: Path to access on the HTTP server. - type: string - port: - description: Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - scheme: - description: Scheme to use for connecting to the host. Defaults to HTTP. - type: string - initialDelaySeconds: - description: 'Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' - type: integer - format: int32 - periodSeconds: - description: How often (in seconds) to perform the probe. - type: integer - format: int32 - successThreshold: - description: Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1. - type: integer - format: int32 - tcpSocket: - description: TCPSocket specifies an action involving a TCP port. - type: object - properties: - host: - description: 'Optional: Host name to connect to, defaults to the pod IP.' - type: string - port: - description: Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - timeoutSeconds: - description: 'Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' - type: integer - format: int32 - name: - description: Name of the container specified as a DNS_LABEL. Each container in a pod must have a unique name (DNS_LABEL). Cannot be updated. - type: string - ports: - description: List of ports to expose from the container. Not specifying a port here DOES NOT prevent that port from being exposed. Any port which is listening on the default "0.0.0.0" address inside a container will be accessible from the network. Modifying this array with strategic merge patch may corrupt the data. For more information See https://github.com/kubernetes/kubernetes/issues/108255. Cannot be updated. - type: array - items: - description: ContainerPort represents a network port in a single container. - type: object - required: - - containerPort - properties: - containerPort: - description: Number of port to expose on the pod's IP address. This must be a valid port number, 0 < x < 65536. - type: integer - format: int32 - name: - description: If specified, this must be an IANA_SVC_NAME and unique within the pod. Each named port in a pod must have a unique name. Name for the port that can be referred to by services. - type: string - protocol: - description: Protocol for port. Must be UDP, TCP, or SCTP. Defaults to "TCP". - type: string - default: TCP - x-kubernetes-list-map-keys: - - containerPort - - protocol - x-kubernetes-list-type: map - readinessProbe: - description: 'Periodic probe of container service readiness. Container will be removed from service endpoints if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' - type: object - properties: - exec: - description: Exec specifies the action to take. - type: object - properties: - command: - description: Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. - type: array - items: - type: string - failureThreshold: - description: Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1. - type: integer - format: int32 - httpGet: - description: HTTPGet specifies the http request to perform. - type: object - properties: - host: - description: Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. - type: string - httpHeaders: - description: Custom headers to set in the request. HTTP allows repeated headers. - type: array - items: - description: HTTPHeader describes a custom header to be used in HTTP probes - type: object - required: - - name - - value - properties: - name: - description: The header field name - type: string - value: - description: The header field value - type: string - path: - description: Path to access on the HTTP server. - type: string - port: - description: Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - scheme: - description: Scheme to use for connecting to the host. Defaults to HTTP. - type: string - initialDelaySeconds: - description: 'Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' - type: integer - format: int32 - periodSeconds: - description: How often (in seconds) to perform the probe. - type: integer - format: int32 - successThreshold: - description: Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1. - type: integer - format: int32 - tcpSocket: - description: TCPSocket specifies an action involving a TCP port. - type: object - properties: - host: - description: 'Optional: Host name to connect to, defaults to the pod IP.' - type: string - port: - description: Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - timeoutSeconds: - description: 'Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' - type: integer - format: int32 - resources: - description: 'Compute Resources required by this container. Cannot be updated. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' - type: object - properties: - limits: - description: 'Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' - type: object - additionalProperties: - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - requests: - description: 'Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' - type: object - additionalProperties: - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - securityContext: - description: 'SecurityContext defines the security options the container should be run with. If set, the fields of SecurityContext override the equivalent fields of PodSecurityContext. More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/' - type: object - properties: - allowPrivilegeEscalation: - description: 'AllowPrivilegeEscalation controls whether a process can gain more privileges than its parent process. This bool directly controls if the no_new_privs flag will be set on the container process. AllowPrivilegeEscalation is true always when the container is: 1) run as Privileged 2) has CAP_SYS_ADMIN Note that this field cannot be set when spec.os.name is windows.' - type: boolean - capabilities: - description: The capabilities to add/drop when running containers. Defaults to the default set of capabilities granted by the container runtime. Note that this field cannot be set when spec.os.name is windows. - type: object - properties: - add: - description: This is accessible behind a feature flag - kubernetes.containerspec-addcapabilities - type: array - items: - description: Capability represent POSIX capabilities type - type: string - drop: - description: Removed capabilities - type: array - items: - description: Capability represent POSIX capabilities type - type: string - readOnlyRootFilesystem: - description: Whether this container has a read-only root filesystem. Default is false. Note that this field cannot be set when spec.os.name is windows. - type: boolean - runAsGroup: - description: The GID to run the entrypoint of the container process. Uses runtime default if unset. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is windows. - type: integer - format: int64 - runAsNonRoot: - description: Indicates that the container must run as a non-root user. If true, the Kubelet will validate the image at runtime to ensure that it does not run as UID 0 (root) and fail to start the container if it does. If unset or false, no such validation will be performed. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. - type: boolean - runAsUser: - description: The UID to run the entrypoint of the container process. Defaults to user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is windows. - type: integer - format: int64 - terminationMessagePath: - description: 'Optional: Path at which the file to which the container''s termination message will be written is mounted into the container''s filesystem. Message written is intended to be brief final status, such as an assertion failure message. Will be truncated by the node if greater than 4096 bytes. The total message length across all containers will be limited to 12kb. Defaults to /dev/termination-log. Cannot be updated.' - type: string - terminationMessagePolicy: - description: Indicate how the termination message should be populated. File will use the contents of terminationMessagePath to populate the container status message on both success and failure. FallbackToLogsOnError will use the last chunk of container log output if the termination message file is empty and the container exited with an error. The log output is limited to 2048 bytes or 80 lines, whichever is smaller. Defaults to File. Cannot be updated. - type: string - volumeMounts: - description: Pod volumes to mount into the container's filesystem. Cannot be updated. - type: array - items: - description: VolumeMount describes a mounting of a Volume within a container. - type: object - required: - - mountPath - - name - properties: - mountPath: - description: Path within the container at which the volume should be mounted. Must not contain ':'. - type: string - name: - description: This must match the Name of a Volume. - type: string - readOnly: - description: Mounted read-only if true, read-write otherwise (false or unspecified). Defaults to false. - type: boolean - subPath: - description: Path within the volume from which the container's volume should be mounted. Defaults to "" (volume's root). - type: string - workingDir: - description: Container's working directory. If not specified, the container runtime's default will be used, which might be configured in the container image. Cannot be updated. - type: string - dnsConfig: - description: This is accessible behind a feature flag - kubernetes.podspec-dnsconfig - type: object - x-kubernetes-preserve-unknown-fields: true - dnsPolicy: - description: This is accessible behind a feature flag - kubernetes.podspec-dnspolicy - type: string - enableServiceLinks: - description: 'EnableServiceLinks indicates whether information about services should be injected into pod''s environment variables, matching the syntax of Docker links. Optional: Knative defaults this to false.' - type: boolean - hostAliases: - description: This is accessible behind a feature flag - kubernetes.podspec-hostaliases - type: array - items: - description: This is accessible behind a feature flag - kubernetes.podspec-hostaliases - type: object - x-kubernetes-preserve-unknown-fields: true - idleTimeoutSeconds: - description: IdleTimeoutSeconds is the maximum duration in seconds a request will be allowed to stay open while not receiving any bytes from the user's application. If unspecified, a system default will be provided. - type: integer - format: int64 - imagePullSecrets: - description: 'ImagePullSecrets is an optional list of references to secrets in the same namespace to use for pulling any of the images used by this PodSpec. If specified, these secrets will be passed to individual puller implementations for them to use. More info: https://kubernetes.io/docs/concepts/containers/images#specifying-imagepullsecrets-on-a-pod' - type: array - items: - description: LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. - type: object - properties: - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?' - type: string - x-kubernetes-map-type: atomic - initContainers: - description: 'List of initialization containers belonging to the pod. Init containers are executed in order prior to containers being started. If any init container fails, the pod is considered to have failed and is handled according to its restartPolicy. The name for an init container or normal container must be unique among all containers. Init containers may not have Lifecycle actions, Readiness probes, Liveness probes, or Startup probes. The resourceRequirements of an init container are taken into account during scheduling by finding the highest request/limit for each resource type, and then using the max of of that value or the sum of the normal containers. Limits are applied to init containers in a similar fashion. Init containers cannot currently be added or removed. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/init-containers/' - type: array - items: - description: This is accessible behind a feature flag - kubernetes.podspec-init-containers - type: object - x-kubernetes-preserve-unknown-fields: true - nodeSelector: - description: This is accessible behind a feature flag - kubernetes.podspec-nodeselector - type: object - x-kubernetes-preserve-unknown-fields: true - x-kubernetes-map-type: atomic - priorityClassName: - description: This is accessible behind a feature flag - kubernetes.podspec-priorityclassname - type: string - x-kubernetes-preserve-unknown-fields: true - responseStartTimeoutSeconds: - description: ResponseStartTimeoutSeconds is the maximum duration in seconds that the request routing layer will wait for a request delivered to a container to begin sending any network traffic. - type: integer - format: int64 - runtimeClassName: - description: This is accessible behind a feature flag - kubernetes.podspec-runtimeclassname - type: string - x-kubernetes-preserve-unknown-fields: true - schedulerName: - description: This is accessible behind a feature flag - kubernetes.podspec-schedulername - type: string - x-kubernetes-preserve-unknown-fields: true - securityContext: - description: This is accessible behind a feature flag - kubernetes.podspec-securitycontext - type: object - x-kubernetes-preserve-unknown-fields: true - serviceAccountName: - description: 'ServiceAccountName is the name of the ServiceAccount to use to run this pod. More info: https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/' - type: string - timeoutSeconds: - description: TimeoutSeconds is the maximum duration in seconds that the request instance is allowed to respond to a request. If unspecified, a system default will be provided. - type: integer - format: int64 - tolerations: - description: This is accessible behind a feature flag - kubernetes.podspec-tolerations - type: array - items: - description: This is accessible behind a feature flag - kubernetes.podspec-tolerations - type: object - x-kubernetes-preserve-unknown-fields: true - topologySpreadConstraints: - description: This is accessible behind a feature flag - kubernetes.podspec-topologyspreadconstraints - type: array - items: - description: This is accessible behind a feature flag - kubernetes.podspec-topologyspreadconstraints - type: object - x-kubernetes-preserve-unknown-fields: true - volumes: - description: 'List of volumes that can be mounted by containers belonging to the pod. More info: https://kubernetes.io/docs/concepts/storage/volumes' - type: array - items: - description: Volume represents a named volume in a pod that may be accessed by any container in the pod. - type: object - required: - - name - properties: - configMap: - description: configMap represents a configMap that should populate this volume - type: object - properties: - defaultMode: - description: 'defaultMode is optional: mode bits used to set permissions on created files by default. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. Defaults to 0644. Directories within the path are not affected by this setting. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.' - type: integer - format: int32 - items: - description: items if unspecified, each key-value pair in the Data field of the referenced ConfigMap will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the ConfigMap, the volume setup will error unless it is marked optional. Paths must be relative and may not contain the '..' path or start with '..'. - type: array - items: - description: Maps a string key to a path within a volume. - type: object - required: - - key - - path - properties: - key: - description: key is the key to project. - type: string - mode: - description: 'mode is Optional: mode bits used to set permissions on this file. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.' - type: integer - format: int32 - path: - description: path is the relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'. - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?' - type: string - optional: - description: optional specify whether the ConfigMap or its keys must be defined - type: boolean - x-kubernetes-map-type: atomic - emptyDir: - description: This is accessible behind a feature flag - kubernetes.podspec-emptydir - type: object - x-kubernetes-preserve-unknown-fields: true - name: - description: 'name of the volume. Must be a DNS_LABEL and unique within the pod. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - persistentVolumeClaim: - description: This is accessible behind a feature flag - kubernetes.podspec-persistent-volume-claim - type: object - x-kubernetes-preserve-unknown-fields: true - projected: - description: projected items for all in one resources secrets, configmaps, and downward API - type: object - properties: - defaultMode: - description: defaultMode are the mode bits used to set permissions on created files by default. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. Directories within the path are not affected by this setting. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. - type: integer - format: int32 - sources: - description: sources is the list of volume projections - type: array - items: - description: Projection that may be projected along with other supported volume types - type: object - properties: - configMap: - description: configMap information about the configMap data to project - type: object - properties: - items: - description: items if unspecified, each key-value pair in the Data field of the referenced ConfigMap will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the ConfigMap, the volume setup will error unless it is marked optional. Paths must be relative and may not contain the '..' path or start with '..'. - type: array - items: - description: Maps a string key to a path within a volume. - type: object - required: - - key - - path - properties: - key: - description: key is the key to project. - type: string - mode: - description: 'mode is Optional: mode bits used to set permissions on this file. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.' - type: integer - format: int32 - path: - description: path is the relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'. - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?' - type: string - optional: - description: optional specify whether the ConfigMap or its keys must be defined - type: boolean - x-kubernetes-map-type: atomic - secret: - description: secret information about the secret data to project - type: object - properties: - items: - description: items if unspecified, each key-value pair in the Data field of the referenced Secret will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the Secret, the volume setup will error unless it is marked optional. Paths must be relative and may not contain the '..' path or start with '..'. - type: array - items: - description: Maps a string key to a path within a volume. - type: object - required: - - key - - path - properties: - key: - description: key is the key to project. - type: string - mode: - description: 'mode is Optional: mode bits used to set permissions on this file. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.' - type: integer - format: int32 - path: - description: path is the relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'. - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?' - type: string - optional: - description: optional field specify whether the Secret or its key must be defined - type: boolean - x-kubernetes-map-type: atomic - serviceAccountToken: - description: serviceAccountToken is information about the serviceAccountToken data to project - type: object - required: - - path - properties: - audience: - description: audience is the intended audience of the token. A recipient of a token must identify itself with an identifier specified in the audience of the token, and otherwise should reject the token. The audience defaults to the identifier of the apiserver. - type: string - expirationSeconds: - description: expirationSeconds is the requested duration of validity of the service account token. As the token approaches expiration, the kubelet volume plugin will proactively rotate the service account token. The kubelet will start trying to rotate the token if the token is older than 80 percent of its time to live or if the token is older than 24 hours.Defaults to 1 hour and must be at least 10 minutes. - type: integer - format: int64 - path: - description: path is the path relative to the mount point of the file to project the token into. - type: string - secret: - description: 'secret represents a secret that should populate this volume. More info: https://kubernetes.io/docs/concepts/storage/volumes#secret' - type: object - properties: - defaultMode: - description: 'defaultMode is Optional: mode bits used to set permissions on created files by default. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. Defaults to 0644. Directories within the path are not affected by this setting. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.' - type: integer - format: int32 - items: - description: items If unspecified, each key-value pair in the Data field of the referenced Secret will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the Secret, the volume setup will error unless it is marked optional. Paths must be relative and may not contain the '..' path or start with '..'. - type: array - items: - description: Maps a string key to a path within a volume. - type: object - required: - - key - - path - properties: - key: - description: key is the key to project. - type: string - mode: - description: 'mode is Optional: mode bits used to set permissions on this file. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.' - type: integer - format: int32 - path: - description: path is the relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'. - type: string - optional: - description: optional field specify whether the Secret or its keys must be defined - type: boolean - secretName: - description: 'secretName is the name of the secret in the pod''s namespace to use. More info: https://kubernetes.io/docs/concepts/storage/volumes#secret' - type: string - status: - description: RevisionStatus communicates the observed state of the Revision (from the controller). - type: object - properties: - actualReplicas: - description: ActualReplicas reflects the amount of ready pods running this revision. - type: integer - format: int32 - annotations: - description: Annotations is additional Status fields for the Resource to save some additional State as well as convey more information to the user. This is roughly akin to Annotations on any k8s resource, just the reconciler conveying richer information outwards. - type: object - additionalProperties: - type: string - conditions: - description: Conditions the latest available observations of a resource's current state. - type: array - items: - description: 'Condition defines a readiness condition for a Knative resource. See: https://github.com/kubernetes/community/blob/master/contributors/devel/sig-architecture/api-conventions.md#typical-status-properties' - type: object - required: - - status - - type - properties: - lastTransitionTime: - description: LastTransitionTime is the last time the condition transitioned from one status to another. We use VolatileTime in place of metav1.Time to exclude this from creating equality.Semantic differences (all other things held constant). - type: string - message: - description: A human readable message indicating details about the transition. - type: string - reason: - description: The reason for the condition's last transition. - type: string - severity: - description: Severity with which to treat failures of this type of condition. When this is not specified, it defaults to Error. - type: string - status: - description: Status of the condition, one of True, False, Unknown. - type: string - type: - description: Type of condition. - type: string - containerStatuses: - description: 'ContainerStatuses is a slice of images present in .Spec.Container[*].Image to their respective digests and their container name. The digests are resolved during the creation of Revision. ContainerStatuses holds the container name and image digests for both serving and non serving containers. ref: http://bit.ly/image-digests' - type: array - items: - description: ContainerStatus holds the information of container name and image digest value - type: object - properties: - imageDigest: - type: string - name: - type: string - desiredReplicas: - description: DesiredReplicas reflects the desired amount of pods running this revision. - type: integer - format: int32 - initContainerStatuses: - description: 'InitContainerStatuses is a slice of images present in .Spec.InitContainer[*].Image to their respective digests and their container name. The digests are resolved during the creation of Revision. ContainerStatuses holds the container name and image digests for both serving and non serving containers. ref: http://bit.ly/image-digests' - type: array - items: - description: ContainerStatus holds the information of container name and image digest value - type: object - properties: - imageDigest: - type: string - name: - type: string - logUrl: - description: LogURL specifies the generated logging url for this particular revision based on the revision url template specified in the controller's config. - type: string - observedGeneration: - description: ObservedGeneration is the 'Generation' of the Service that was last processed by the controller. - type: integer - format: int64 - ---- -# Copyright 2019 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -# Note: The schema part of the spec is auto-generated by hack/update-schemas.sh. - -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - name: routes.serving.knative.dev - labels: - app.kubernetes.io/name: knative-serving - app.kubernetes.io/version: "1.8.5" - knative.dev/crd-install: "true" - duck.knative.dev/addressable: "true" -spec: - group: serving.knative.dev - names: - kind: Route - plural: routes - singular: route - categories: - - all - - knative - - serving - shortNames: - - rt - scope: Namespaced - versions: - - name: v1 - served: true - storage: true - subresources: - status: {} - additionalPrinterColumns: - - name: URL - type: string - jsonPath: .status.url - - name: Ready - type: string - jsonPath: ".status.conditions[?(@.type=='Ready')].status" - - name: Reason - type: string - jsonPath: ".status.conditions[?(@.type=='Ready')].reason" - schema: - openAPIV3Schema: - description: 'Route is responsible for configuring ingress over a collection of Revisions. Some of the Revisions a Route distributes traffic over may be specified by referencing the Configuration responsible for creating them; in these cases the Route is additionally responsible for monitoring the Configuration for "latest ready revision" changes, and smoothly rolling out latest revisions. See also: https://github.com/knative/serving/blob/main/docs/spec/overview.md#route' - type: object - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - description: Spec holds the desired state of the Route (from the client). - type: object - properties: - traffic: - description: Traffic specifies how to distribute traffic over a collection of revisions and configurations. - type: array - items: - description: TrafficTarget holds a single entry of the routing table for a Route. - type: object - properties: - configurationName: - description: ConfigurationName of a configuration to whose latest revision we will send this portion of traffic. When the "status.latestReadyRevisionName" of the referenced configuration changes, we will automatically migrate traffic from the prior "latest ready" revision to the new one. This field is never set in Route's status, only its spec. This is mutually exclusive with RevisionName. - type: string - latestRevision: - description: LatestRevision may be optionally provided to indicate that the latest ready Revision of the Configuration should be used for this traffic target. When provided LatestRevision must be true if RevisionName is empty; it must be false when RevisionName is non-empty. - type: boolean - percent: - description: 'Percent indicates that percentage based routing should be used and the value indicates the percent of traffic that is be routed to this Revision or Configuration. `0` (zero) mean no traffic, `100` means all traffic. When percentage based routing is being used the follow rules apply: - the sum of all percent values must equal 100 - when not specified, the implied value for `percent` is zero for that particular Revision or Configuration' - type: integer - format: int64 - revisionName: - description: RevisionName of a specific revision to which to send this portion of traffic. This is mutually exclusive with ConfigurationName. - type: string - tag: - description: Tag is optionally used to expose a dedicated url for referencing this target exclusively. - type: string - url: - description: URL displays the URL for accessing named traffic targets. URL is displayed in status, and is disallowed on spec. URL must contain a scheme (e.g. http://) and a hostname, but may not contain anything else (e.g. basic auth, url path, etc.) - type: string - status: - description: Status communicates the observed state of the Route (from the controller). - type: object - properties: - address: - description: Address holds the information needed for a Route to be the target of an event. - type: object - properties: - url: - type: string - annotations: - description: Annotations is additional Status fields for the Resource to save some additional State as well as convey more information to the user. This is roughly akin to Annotations on any k8s resource, just the reconciler conveying richer information outwards. - type: object - additionalProperties: - type: string - conditions: - description: Conditions the latest available observations of a resource's current state. - type: array - items: - description: 'Condition defines a readiness condition for a Knative resource. See: https://github.com/kubernetes/community/blob/master/contributors/devel/sig-architecture/api-conventions.md#typical-status-properties' - type: object - required: - - status - - type - properties: - lastTransitionTime: - description: LastTransitionTime is the last time the condition transitioned from one status to another. We use VolatileTime in place of metav1.Time to exclude this from creating equality.Semantic differences (all other things held constant). - type: string - message: - description: A human readable message indicating details about the transition. - type: string - reason: - description: The reason for the condition's last transition. - type: string - severity: - description: Severity with which to treat failures of this type of condition. When this is not specified, it defaults to Error. - type: string - status: - description: Status of the condition, one of True, False, Unknown. - type: string - type: - description: Type of condition. - type: string - observedGeneration: - description: ObservedGeneration is the 'Generation' of the Service that was last processed by the controller. - type: integer - format: int64 - traffic: - description: Traffic holds the configured traffic distribution. These entries will always contain RevisionName references. When ConfigurationName appears in the spec, this will hold the LatestReadyRevisionName that we last observed. - type: array - items: - description: TrafficTarget holds a single entry of the routing table for a Route. - type: object - properties: - configurationName: - description: ConfigurationName of a configuration to whose latest revision we will send this portion of traffic. When the "status.latestReadyRevisionName" of the referenced configuration changes, we will automatically migrate traffic from the prior "latest ready" revision to the new one. This field is never set in Route's status, only its spec. This is mutually exclusive with RevisionName. - type: string - latestRevision: - description: LatestRevision may be optionally provided to indicate that the latest ready Revision of the Configuration should be used for this traffic target. When provided LatestRevision must be true if RevisionName is empty; it must be false when RevisionName is non-empty. - type: boolean - percent: - description: 'Percent indicates that percentage based routing should be used and the value indicates the percent of traffic that is be routed to this Revision or Configuration. `0` (zero) mean no traffic, `100` means all traffic. When percentage based routing is being used the follow rules apply: - the sum of all percent values must equal 100 - when not specified, the implied value for `percent` is zero for that particular Revision or Configuration' - type: integer - format: int64 - revisionName: - description: RevisionName of a specific revision to which to send this portion of traffic. This is mutually exclusive with ConfigurationName. - type: string - tag: - description: Tag is optionally used to expose a dedicated url for referencing this target exclusively. - type: string - url: - description: URL displays the URL for accessing named traffic targets. URL is displayed in status, and is disallowed on spec. URL must contain a scheme (e.g. http://) and a hostname, but may not contain anything else (e.g. basic auth, url path, etc.) - type: string - url: - description: URL holds the url that will distribute traffic over the provided traffic targets. It generally has the form http[s]://{route-name}.{route-namespace}.{cluster-level-suffix} - type: string - ---- -# Copyright 2019 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - name: serverlessservices.networking.internal.knative.dev - labels: - app.kubernetes.io/name: knative-serving - app.kubernetes.io/component: networking - app.kubernetes.io/version: "1.8.5" - knative.dev/crd-install: "true" -spec: - group: networking.internal.knative.dev - versions: - - name: v1alpha1 - served: true - storage: true - subresources: - status: {} - schema: - openAPIV3Schema: - description: 'ServerlessService is a proxy for the K8s service objects containing the endpoints for the revision, whether those are endpoints of the activator or revision pods. See: https://knative.page.link/naxz for details.' - type: object - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - description: 'Spec is the desired state of the ServerlessService. More info: https://github.com/kubernetes/community/blob/master/contributors/devel/sig-architecture/api-conventions.md#spec-and-status' - type: object - required: - - objectRef - - protocolType - properties: - mode: - description: Mode describes the mode of operation of the ServerlessService. - type: string - numActivators: - description: NumActivators contains number of Activators that this revision should be assigned. O means — assign all. - type: integer - format: int32 - objectRef: - description: ObjectRef defines the resource that this ServerlessService is responsible for making "serverless". - type: object - properties: - apiVersion: - description: API version of the referent. - type: string - fieldPath: - description: 'If referring to a piece of an object instead of an entire object, this string should contain a valid JSON/Go field access statement, such as desiredState.manifest.containers[2]. For example, if the object reference is to a container within a pod, this would take on a value like: "spec.containers{name}" (where "name" refers to the name of the container that triggered the event) or if no container name is specified "spec.containers[2]" (container with index 2 in this pod). This syntax is chosen only to have some well-defined way of referencing a part of an object. TODO: this design is not final and this field is subject to change in the future.' - type: string - kind: - description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - namespace: - description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' - type: string - resourceVersion: - description: 'Specific resourceVersion to which this reference is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency' - type: string - uid: - description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids' - type: string - x-kubernetes-map-type: atomic - protocolType: - description: The application-layer protocol. Matches `RevisionProtocolType` set on the owning pa/revision. serving imports networking, so just use string. - type: string - status: - description: 'Status is the current state of the ServerlessService. More info: https://github.com/kubernetes/community/blob/master/contributors/devel/sig-architecture/api-conventions.md#spec-and-status' - type: object - properties: - annotations: - description: Annotations is additional Status fields for the Resource to save some additional State as well as convey more information to the user. This is roughly akin to Annotations on any k8s resource, just the reconciler conveying richer information outwards. - type: object - additionalProperties: - type: string - conditions: - description: Conditions the latest available observations of a resource's current state. - type: array - items: - description: 'Condition defines a readiness condition for a Knative resource. See: https://github.com/kubernetes/community/blob/master/contributors/devel/sig-architecture/api-conventions.md#typical-status-properties' - type: object - required: - - status - - type - properties: - lastTransitionTime: - description: LastTransitionTime is the last time the condition transitioned from one status to another. We use VolatileTime in place of metav1.Time to exclude this from creating equality.Semantic differences (all other things held constant). - type: string - message: - description: A human readable message indicating details about the transition. - type: string - reason: - description: The reason for the condition's last transition. - type: string - severity: - description: Severity with which to treat failures of this type of condition. When this is not specified, it defaults to Error. - type: string - status: - description: Status of the condition, one of True, False, Unknown. - type: string - type: - description: Type of condition. - type: string - observedGeneration: - description: ObservedGeneration is the 'Generation' of the Service that was last processed by the controller. - type: integer - format: int64 - privateServiceName: - description: PrivateServiceName holds the name of a core K8s Service resource that load balances over the user service pods backing this Revision. - type: string - serviceName: - description: ServiceName holds the name of a core K8s Service resource that load balances over the pods backing this Revision (activator or revision). - type: string - additionalPrinterColumns: - - name: Mode - type: string - jsonPath: ".spec.mode" - - name: Activators - type: integer - jsonPath: ".spec.numActivators" - - name: ServiceName - type: string - jsonPath: ".status.serviceName" - - name: PrivateServiceName - type: string - jsonPath: ".status.privateServiceName" - - name: Ready - type: string - jsonPath: ".status.conditions[?(@.type=='Ready')].status" - - name: Reason - type: string - jsonPath: ".status.conditions[?(@.type=='Ready')].reason" - names: - kind: ServerlessService - plural: serverlessservices - singular: serverlessservice - categories: - - knative-internal - - networking - shortNames: - - sks - scope: Namespaced - ---- -# Copyright 2019 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -# Note: The schema part of the spec is auto-generated by hack/update-schemas.sh. - -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - name: services.serving.knative.dev - labels: - app.kubernetes.io/name: knative-serving - app.kubernetes.io/version: "1.8.5" - knative.dev/crd-install: "true" - duck.knative.dev/addressable: "true" - duck.knative.dev/podspecable: "true" -spec: - group: serving.knative.dev - names: - kind: Service - plural: services - singular: service - categories: - - all - - knative - - serving - shortNames: - - kservice - - ksvc - scope: Namespaced - versions: - - name: v1 - served: true - storage: true - subresources: - status: {} - additionalPrinterColumns: - - name: URL - type: string - jsonPath: .status.url - - name: LatestCreated - type: string - jsonPath: .status.latestCreatedRevisionName - - name: LatestReady - type: string - jsonPath: .status.latestReadyRevisionName - - name: Ready - type: string - jsonPath: ".status.conditions[?(@.type=='Ready')].status" - - name: Reason - type: string - jsonPath: ".status.conditions[?(@.type=='Ready')].reason" - schema: - openAPIV3Schema: - description: "Service acts as a top-level container that manages a Route and Configuration which implement a network service. Service exists to provide a singular abstraction which can be access controlled, reasoned about, and which encapsulates software lifecycle decisions such as rollout policy and team resource ownership. Service acts only as an orchestrator of the underlying Routes and Configurations (much as a kubernetes Deployment orchestrates ReplicaSets), and its usage is optional but recommended. \n The Service's controller will track the statuses of its owned Configuration and Route, reflecting their statuses and conditions as its own. \n See also: https://github.com/knative/serving/blob/main/docs/spec/overview.md#service" - type: object - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - description: ServiceSpec represents the configuration for the Service object. A Service's specification is the union of the specifications for a Route and Configuration. The Service restricts what can be expressed in these fields, e.g. the Route must reference the provided Configuration; however, these limitations also enable friendlier defaulting, e.g. Route never needs a Configuration name, and may be defaulted to the appropriate "run latest" spec. - type: object - properties: - template: - description: Template holds the latest specification for the Revision to be stamped out. - type: object - properties: - metadata: - type: object - properties: - annotations: - type: object - additionalProperties: - type: string - finalizers: - type: array - items: - type: string - labels: - type: object - additionalProperties: - type: string - name: - type: string - namespace: - type: string - x-kubernetes-preserve-unknown-fields: true - spec: - description: RevisionSpec holds the desired state of the Revision (from the client). - type: object - required: - - containers - properties: - affinity: - description: This is accessible behind a feature flag - kubernetes.podspec-affinity - type: object - x-kubernetes-preserve-unknown-fields: true - automountServiceAccountToken: - description: AutomountServiceAccountToken indicates whether a service account token should be automatically mounted. - type: boolean - containerConcurrency: - description: ContainerConcurrency specifies the maximum allowed in-flight (concurrent) requests per container of the Revision. Defaults to `0` which means concurrency to the application is not limited, and the system decides the target concurrency for the autoscaler. - type: integer - format: int64 - containers: - description: List of containers belonging to the pod. Containers cannot currently be added or removed. There must be at least one container in a Pod. Cannot be updated. - type: array - items: - description: A single application container that you want to run within a pod. - type: object - properties: - args: - description: 'Arguments to the entrypoint. The container image''s CMD is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container''s environment. If a variable cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)" will produce the string literal "$(VAR_NAME)". Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell' - type: array - items: - type: string - command: - description: 'Entrypoint array. Not executed within a shell. The container image''s ENTRYPOINT is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container''s environment. If a variable cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)" will produce the string literal "$(VAR_NAME)". Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell' - type: array - items: - type: string - env: - description: List of environment variables to set in the container. Cannot be updated. - type: array - items: - description: EnvVar represents an environment variable present in a Container. - type: object - required: - - name - properties: - name: - description: Name of the environment variable. Must be a C_IDENTIFIER. - type: string - value: - description: 'Variable references $(VAR_NAME) are expanded using the previously defined environment variables in the container and any service environment variables. If a variable cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)" will produce the string literal "$(VAR_NAME)". Escaped references will never be expanded, regardless of whether the variable exists or not. Defaults to "".' - type: string - valueFrom: - description: Source for the environment variable's value. Cannot be used if value is not empty. - type: object - properties: - configMapKeyRef: - description: Selects a key of a ConfigMap. - type: object - required: - - key - properties: - key: - description: The key to select. - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?' - type: string - optional: - description: Specify whether the ConfigMap or its key must be defined - type: boolean - x-kubernetes-map-type: atomic - fieldRef: - description: This is accessible behind a feature flag - kubernetes.podspec-fieldref - type: object - x-kubernetes-preserve-unknown-fields: true - x-kubernetes-map-type: atomic - resourceFieldRef: - description: This is accessible behind a feature flag - kubernetes.podspec-fieldref - type: object - x-kubernetes-preserve-unknown-fields: true - x-kubernetes-map-type: atomic - secretKeyRef: - description: Selects a key of a secret in the pod's namespace - type: object - required: - - key - properties: - key: - description: The key of the secret to select from. Must be a valid secret key. - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?' - type: string - optional: - description: Specify whether the Secret or its key must be defined - type: boolean - x-kubernetes-map-type: atomic - envFrom: - description: List of sources to populate environment variables in the container. The keys defined within a source must be a C_IDENTIFIER. All invalid keys will be reported as an event when the container is starting. When a key exists in multiple sources, the value associated with the last source will take precedence. Values defined by an Env with a duplicate key will take precedence. Cannot be updated. - type: array - items: - description: EnvFromSource represents the source of a set of ConfigMaps - type: object - properties: - configMapRef: - description: The ConfigMap to select from - type: object - properties: - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?' - type: string - optional: - description: Specify whether the ConfigMap must be defined - type: boolean - x-kubernetes-map-type: atomic - prefix: - description: An optional identifier to prepend to each key in the ConfigMap. Must be a C_IDENTIFIER. - type: string - secretRef: - description: The Secret to select from - type: object - properties: - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?' - type: string - optional: - description: Specify whether the Secret must be defined - type: boolean - x-kubernetes-map-type: atomic - image: - description: 'Container image name. More info: https://kubernetes.io/docs/concepts/containers/images This field is optional to allow higher level config management to default or override container images in workload controllers like Deployments and StatefulSets.' - type: string - imagePullPolicy: - description: 'Image pull policy. One of Always, Never, IfNotPresent. Defaults to Always if :latest tag is specified, or IfNotPresent otherwise. Cannot be updated. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images' - type: string - livenessProbe: - description: 'Periodic probe of container liveness. Container will be restarted if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' - type: object - properties: - exec: - description: Exec specifies the action to take. - type: object - properties: - command: - description: Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. - type: array - items: - type: string - failureThreshold: - description: Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1. - type: integer - format: int32 - httpGet: - description: HTTPGet specifies the http request to perform. - type: object - properties: - host: - description: Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. - type: string - httpHeaders: - description: Custom headers to set in the request. HTTP allows repeated headers. - type: array - items: - description: HTTPHeader describes a custom header to be used in HTTP probes - type: object - required: - - name - - value - properties: - name: - description: The header field name - type: string - value: - description: The header field value - type: string - path: - description: Path to access on the HTTP server. - type: string - port: - description: Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - scheme: - description: Scheme to use for connecting to the host. Defaults to HTTP. - type: string - initialDelaySeconds: - description: 'Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' - type: integer - format: int32 - periodSeconds: - description: How often (in seconds) to perform the probe. - type: integer - format: int32 - successThreshold: - description: Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1. - type: integer - format: int32 - tcpSocket: - description: TCPSocket specifies an action involving a TCP port. - type: object - properties: - host: - description: 'Optional: Host name to connect to, defaults to the pod IP.' - type: string - port: - description: Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - timeoutSeconds: - description: 'Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' - type: integer - format: int32 - name: - description: Name of the container specified as a DNS_LABEL. Each container in a pod must have a unique name (DNS_LABEL). Cannot be updated. - type: string - ports: - description: List of ports to expose from the container. Not specifying a port here DOES NOT prevent that port from being exposed. Any port which is listening on the default "0.0.0.0" address inside a container will be accessible from the network. Modifying this array with strategic merge patch may corrupt the data. For more information See https://github.com/kubernetes/kubernetes/issues/108255. Cannot be updated. - type: array - items: - description: ContainerPort represents a network port in a single container. - type: object - required: - - containerPort - properties: - containerPort: - description: Number of port to expose on the pod's IP address. This must be a valid port number, 0 < x < 65536. - type: integer - format: int32 - name: - description: If specified, this must be an IANA_SVC_NAME and unique within the pod. Each named port in a pod must have a unique name. Name for the port that can be referred to by services. - type: string - protocol: - description: Protocol for port. Must be UDP, TCP, or SCTP. Defaults to "TCP". - type: string - default: TCP - x-kubernetes-list-map-keys: - - containerPort - - protocol - x-kubernetes-list-type: map - readinessProbe: - description: 'Periodic probe of container service readiness. Container will be removed from service endpoints if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' - type: object - properties: - exec: - description: Exec specifies the action to take. - type: object - properties: - command: - description: Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. - type: array - items: - type: string - failureThreshold: - description: Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1. - type: integer - format: int32 - httpGet: - description: HTTPGet specifies the http request to perform. - type: object - properties: - host: - description: Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. - type: string - httpHeaders: - description: Custom headers to set in the request. HTTP allows repeated headers. - type: array - items: - description: HTTPHeader describes a custom header to be used in HTTP probes - type: object - required: - - name - - value - properties: - name: - description: The header field name - type: string - value: - description: The header field value - type: string - path: - description: Path to access on the HTTP server. - type: string - port: - description: Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - scheme: - description: Scheme to use for connecting to the host. Defaults to HTTP. - type: string - initialDelaySeconds: - description: 'Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' - type: integer - format: int32 - periodSeconds: - description: How often (in seconds) to perform the probe. - type: integer - format: int32 - successThreshold: - description: Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1. - type: integer - format: int32 - tcpSocket: - description: TCPSocket specifies an action involving a TCP port. - type: object - properties: - host: - description: 'Optional: Host name to connect to, defaults to the pod IP.' - type: string - port: - description: Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - timeoutSeconds: - description: 'Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' - type: integer - format: int32 - resources: - description: 'Compute Resources required by this container. Cannot be updated. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' - type: object - properties: - limits: - description: 'Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' - type: object - additionalProperties: - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - requests: - description: 'Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' - type: object - additionalProperties: - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - securityContext: - description: 'SecurityContext defines the security options the container should be run with. If set, the fields of SecurityContext override the equivalent fields of PodSecurityContext. More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/' - type: object - properties: - allowPrivilegeEscalation: - description: 'AllowPrivilegeEscalation controls whether a process can gain more privileges than its parent process. This bool directly controls if the no_new_privs flag will be set on the container process. AllowPrivilegeEscalation is true always when the container is: 1) run as Privileged 2) has CAP_SYS_ADMIN Note that this field cannot be set when spec.os.name is windows.' - type: boolean - capabilities: - description: The capabilities to add/drop when running containers. Defaults to the default set of capabilities granted by the container runtime. Note that this field cannot be set when spec.os.name is windows. - type: object - properties: - add: - description: This is accessible behind a feature flag - kubernetes.containerspec-addcapabilities - type: array - items: - description: Capability represent POSIX capabilities type - type: string - drop: - description: Removed capabilities - type: array - items: - description: Capability represent POSIX capabilities type - type: string - readOnlyRootFilesystem: - description: Whether this container has a read-only root filesystem. Default is false. Note that this field cannot be set when spec.os.name is windows. - type: boolean - runAsGroup: - description: The GID to run the entrypoint of the container process. Uses runtime default if unset. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is windows. - type: integer - format: int64 - runAsNonRoot: - description: Indicates that the container must run as a non-root user. If true, the Kubelet will validate the image at runtime to ensure that it does not run as UID 0 (root) and fail to start the container if it does. If unset or false, no such validation will be performed. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. - type: boolean - runAsUser: - description: The UID to run the entrypoint of the container process. Defaults to user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is windows. - type: integer - format: int64 - terminationMessagePath: - description: 'Optional: Path at which the file to which the container''s termination message will be written is mounted into the container''s filesystem. Message written is intended to be brief final status, such as an assertion failure message. Will be truncated by the node if greater than 4096 bytes. The total message length across all containers will be limited to 12kb. Defaults to /dev/termination-log. Cannot be updated.' - type: string - terminationMessagePolicy: - description: Indicate how the termination message should be populated. File will use the contents of terminationMessagePath to populate the container status message on both success and failure. FallbackToLogsOnError will use the last chunk of container log output if the termination message file is empty and the container exited with an error. The log output is limited to 2048 bytes or 80 lines, whichever is smaller. Defaults to File. Cannot be updated. - type: string - volumeMounts: - description: Pod volumes to mount into the container's filesystem. Cannot be updated. - type: array - items: - description: VolumeMount describes a mounting of a Volume within a container. - type: object - required: - - mountPath - - name - properties: - mountPath: - description: Path within the container at which the volume should be mounted. Must not contain ':'. - type: string - name: - description: This must match the Name of a Volume. - type: string - readOnly: - description: Mounted read-only if true, read-write otherwise (false or unspecified). Defaults to false. - type: boolean - subPath: - description: Path within the volume from which the container's volume should be mounted. Defaults to "" (volume's root). - type: string - workingDir: - description: Container's working directory. If not specified, the container runtime's default will be used, which might be configured in the container image. Cannot be updated. - type: string - dnsConfig: - description: This is accessible behind a feature flag - kubernetes.podspec-dnsconfig - type: object - x-kubernetes-preserve-unknown-fields: true - dnsPolicy: - description: This is accessible behind a feature flag - kubernetes.podspec-dnspolicy - type: string - enableServiceLinks: - description: 'EnableServiceLinks indicates whether information about services should be injected into pod''s environment variables, matching the syntax of Docker links. Optional: Knative defaults this to false.' - type: boolean - hostAliases: - description: This is accessible behind a feature flag - kubernetes.podspec-hostaliases - type: array - items: - description: This is accessible behind a feature flag - kubernetes.podspec-hostaliases - type: object - x-kubernetes-preserve-unknown-fields: true - idleTimeoutSeconds: - description: IdleTimeoutSeconds is the maximum duration in seconds a request will be allowed to stay open while not receiving any bytes from the user's application. If unspecified, a system default will be provided. - type: integer - format: int64 - imagePullSecrets: - description: 'ImagePullSecrets is an optional list of references to secrets in the same namespace to use for pulling any of the images used by this PodSpec. If specified, these secrets will be passed to individual puller implementations for them to use. More info: https://kubernetes.io/docs/concepts/containers/images#specifying-imagepullsecrets-on-a-pod' - type: array - items: - description: LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. - type: object - properties: - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?' - type: string - x-kubernetes-map-type: atomic - initContainers: - description: 'List of initialization containers belonging to the pod. Init containers are executed in order prior to containers being started. If any init container fails, the pod is considered to have failed and is handled according to its restartPolicy. The name for an init container or normal container must be unique among all containers. Init containers may not have Lifecycle actions, Readiness probes, Liveness probes, or Startup probes. The resourceRequirements of an init container are taken into account during scheduling by finding the highest request/limit for each resource type, and then using the max of of that value or the sum of the normal containers. Limits are applied to init containers in a similar fashion. Init containers cannot currently be added or removed. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/init-containers/' - type: array - items: - description: This is accessible behind a feature flag - kubernetes.podspec-init-containers - type: object - x-kubernetes-preserve-unknown-fields: true - nodeSelector: - description: This is accessible behind a feature flag - kubernetes.podspec-nodeselector - type: object - x-kubernetes-preserve-unknown-fields: true - x-kubernetes-map-type: atomic - priorityClassName: - description: This is accessible behind a feature flag - kubernetes.podspec-priorityclassname - type: string - x-kubernetes-preserve-unknown-fields: true - responseStartTimeoutSeconds: - description: ResponseStartTimeoutSeconds is the maximum duration in seconds that the request routing layer will wait for a request delivered to a container to begin sending any network traffic. - type: integer - format: int64 - runtimeClassName: - description: This is accessible behind a feature flag - kubernetes.podspec-runtimeclassname - type: string - x-kubernetes-preserve-unknown-fields: true - schedulerName: - description: This is accessible behind a feature flag - kubernetes.podspec-schedulername - type: string - x-kubernetes-preserve-unknown-fields: true - securityContext: - description: This is accessible behind a feature flag - kubernetes.podspec-securitycontext - type: object - x-kubernetes-preserve-unknown-fields: true - serviceAccountName: - description: 'ServiceAccountName is the name of the ServiceAccount to use to run this pod. More info: https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/' - type: string - timeoutSeconds: - description: TimeoutSeconds is the maximum duration in seconds that the request instance is allowed to respond to a request. If unspecified, a system default will be provided. - type: integer - format: int64 - tolerations: - description: This is accessible behind a feature flag - kubernetes.podspec-tolerations - type: array - items: - description: This is accessible behind a feature flag - kubernetes.podspec-tolerations - type: object - x-kubernetes-preserve-unknown-fields: true - topologySpreadConstraints: - description: This is accessible behind a feature flag - kubernetes.podspec-topologyspreadconstraints - type: array - items: - description: This is accessible behind a feature flag - kubernetes.podspec-topologyspreadconstraints - type: object - x-kubernetes-preserve-unknown-fields: true - volumes: - description: 'List of volumes that can be mounted by containers belonging to the pod. More info: https://kubernetes.io/docs/concepts/storage/volumes' - type: array - items: - description: Volume represents a named volume in a pod that may be accessed by any container in the pod. - type: object - required: - - name - properties: - configMap: - description: configMap represents a configMap that should populate this volume - type: object - properties: - defaultMode: - description: 'defaultMode is optional: mode bits used to set permissions on created files by default. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. Defaults to 0644. Directories within the path are not affected by this setting. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.' - type: integer - format: int32 - items: - description: items if unspecified, each key-value pair in the Data field of the referenced ConfigMap will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the ConfigMap, the volume setup will error unless it is marked optional. Paths must be relative and may not contain the '..' path or start with '..'. - type: array - items: - description: Maps a string key to a path within a volume. - type: object - required: - - key - - path - properties: - key: - description: key is the key to project. - type: string - mode: - description: 'mode is Optional: mode bits used to set permissions on this file. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.' - type: integer - format: int32 - path: - description: path is the relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'. - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?' - type: string - optional: - description: optional specify whether the ConfigMap or its keys must be defined - type: boolean - x-kubernetes-map-type: atomic - emptyDir: - description: This is accessible behind a feature flag - kubernetes.podspec-emptydir - type: object - x-kubernetes-preserve-unknown-fields: true - name: - description: 'name of the volume. Must be a DNS_LABEL and unique within the pod. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - persistentVolumeClaim: - description: This is accessible behind a feature flag - kubernetes.podspec-persistent-volume-claim - type: object - x-kubernetes-preserve-unknown-fields: true - projected: - description: projected items for all in one resources secrets, configmaps, and downward API - type: object - properties: - defaultMode: - description: defaultMode are the mode bits used to set permissions on created files by default. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. Directories within the path are not affected by this setting. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. - type: integer - format: int32 - sources: - description: sources is the list of volume projections - type: array - items: - description: Projection that may be projected along with other supported volume types - type: object - properties: - configMap: - description: configMap information about the configMap data to project - type: object - properties: - items: - description: items if unspecified, each key-value pair in the Data field of the referenced ConfigMap will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the ConfigMap, the volume setup will error unless it is marked optional. Paths must be relative and may not contain the '..' path or start with '..'. - type: array - items: - description: Maps a string key to a path within a volume. - type: object - required: - - key - - path - properties: - key: - description: key is the key to project. - type: string - mode: - description: 'mode is Optional: mode bits used to set permissions on this file. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.' - type: integer - format: int32 - path: - description: path is the relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'. - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?' - type: string - optional: - description: optional specify whether the ConfigMap or its keys must be defined - type: boolean - x-kubernetes-map-type: atomic - secret: - description: secret information about the secret data to project - type: object - properties: - items: - description: items if unspecified, each key-value pair in the Data field of the referenced Secret will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the Secret, the volume setup will error unless it is marked optional. Paths must be relative and may not contain the '..' path or start with '..'. - type: array - items: - description: Maps a string key to a path within a volume. - type: object - required: - - key - - path - properties: - key: - description: key is the key to project. - type: string - mode: - description: 'mode is Optional: mode bits used to set permissions on this file. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.' - type: integer - format: int32 - path: - description: path is the relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'. - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?' - type: string - optional: - description: optional field specify whether the Secret or its key must be defined - type: boolean - x-kubernetes-map-type: atomic - serviceAccountToken: - description: serviceAccountToken is information about the serviceAccountToken data to project - type: object - required: - - path - properties: - audience: - description: audience is the intended audience of the token. A recipient of a token must identify itself with an identifier specified in the audience of the token, and otherwise should reject the token. The audience defaults to the identifier of the apiserver. - type: string - expirationSeconds: - description: expirationSeconds is the requested duration of validity of the service account token. As the token approaches expiration, the kubelet volume plugin will proactively rotate the service account token. The kubelet will start trying to rotate the token if the token is older than 80 percent of its time to live or if the token is older than 24 hours.Defaults to 1 hour and must be at least 10 minutes. - type: integer - format: int64 - path: - description: path is the path relative to the mount point of the file to project the token into. - type: string - secret: - description: 'secret represents a secret that should populate this volume. More info: https://kubernetes.io/docs/concepts/storage/volumes#secret' - type: object - properties: - defaultMode: - description: 'defaultMode is Optional: mode bits used to set permissions on created files by default. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. Defaults to 0644. Directories within the path are not affected by this setting. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.' - type: integer - format: int32 - items: - description: items If unspecified, each key-value pair in the Data field of the referenced Secret will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the Secret, the volume setup will error unless it is marked optional. Paths must be relative and may not contain the '..' path or start with '..'. - type: array - items: - description: Maps a string key to a path within a volume. - type: object - required: - - key - - path - properties: - key: - description: key is the key to project. - type: string - mode: - description: 'mode is Optional: mode bits used to set permissions on this file. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.' - type: integer - format: int32 - path: - description: path is the relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'. - type: string - optional: - description: optional field specify whether the Secret or its keys must be defined - type: boolean - secretName: - description: 'secretName is the name of the secret in the pod''s namespace to use. More info: https://kubernetes.io/docs/concepts/storage/volumes#secret' - type: string - traffic: - description: Traffic specifies how to distribute traffic over a collection of revisions and configurations. - type: array - items: - description: TrafficTarget holds a single entry of the routing table for a Route. - type: object - properties: - configurationName: - description: ConfigurationName of a configuration to whose latest revision we will send this portion of traffic. When the "status.latestReadyRevisionName" of the referenced configuration changes, we will automatically migrate traffic from the prior "latest ready" revision to the new one. This field is never set in Route's status, only its spec. This is mutually exclusive with RevisionName. - type: string - latestRevision: - description: LatestRevision may be optionally provided to indicate that the latest ready Revision of the Configuration should be used for this traffic target. When provided LatestRevision must be true if RevisionName is empty; it must be false when RevisionName is non-empty. - type: boolean - percent: - description: 'Percent indicates that percentage based routing should be used and the value indicates the percent of traffic that is be routed to this Revision or Configuration. `0` (zero) mean no traffic, `100` means all traffic. When percentage based routing is being used the follow rules apply: - the sum of all percent values must equal 100 - when not specified, the implied value for `percent` is zero for that particular Revision or Configuration' - type: integer - format: int64 - revisionName: - description: RevisionName of a specific revision to which to send this portion of traffic. This is mutually exclusive with ConfigurationName. - type: string - tag: - description: Tag is optionally used to expose a dedicated url for referencing this target exclusively. - type: string - url: - description: URL displays the URL for accessing named traffic targets. URL is displayed in status, and is disallowed on spec. URL must contain a scheme (e.g. http://) and a hostname, but may not contain anything else (e.g. basic auth, url path, etc.) - type: string - status: - description: ServiceStatus represents the Status stanza of the Service resource. - type: object - properties: - address: - description: Address holds the information needed for a Route to be the target of an event. - type: object - properties: - url: - type: string - annotations: - description: Annotations is additional Status fields for the Resource to save some additional State as well as convey more information to the user. This is roughly akin to Annotations on any k8s resource, just the reconciler conveying richer information outwards. - type: object - additionalProperties: - type: string - conditions: - description: Conditions the latest available observations of a resource's current state. - type: array - items: - description: 'Condition defines a readiness condition for a Knative resource. See: https://github.com/kubernetes/community/blob/master/contributors/devel/sig-architecture/api-conventions.md#typical-status-properties' - type: object - required: - - status - - type - properties: - lastTransitionTime: - description: LastTransitionTime is the last time the condition transitioned from one status to another. We use VolatileTime in place of metav1.Time to exclude this from creating equality.Semantic differences (all other things held constant). - type: string - message: - description: A human readable message indicating details about the transition. - type: string - reason: - description: The reason for the condition's last transition. - type: string - severity: - description: Severity with which to treat failures of this type of condition. When this is not specified, it defaults to Error. - type: string - status: - description: Status of the condition, one of True, False, Unknown. - type: string - type: - description: Type of condition. - type: string - latestCreatedRevisionName: - description: LatestCreatedRevisionName is the last revision that was created from this Configuration. It might not be ready yet, for that use LatestReadyRevisionName. - type: string - latestReadyRevisionName: - description: LatestReadyRevisionName holds the name of the latest Revision stamped out from this Configuration that has had its "Ready" condition become "True". - type: string - observedGeneration: - description: ObservedGeneration is the 'Generation' of the Service that was last processed by the controller. - type: integer - format: int64 - traffic: - description: Traffic holds the configured traffic distribution. These entries will always contain RevisionName references. When ConfigurationName appears in the spec, this will hold the LatestReadyRevisionName that we last observed. - type: array - items: - description: TrafficTarget holds a single entry of the routing table for a Route. - type: object - properties: - configurationName: - description: ConfigurationName of a configuration to whose latest revision we will send this portion of traffic. When the "status.latestReadyRevisionName" of the referenced configuration changes, we will automatically migrate traffic from the prior "latest ready" revision to the new one. This field is never set in Route's status, only its spec. This is mutually exclusive with RevisionName. - type: string - latestRevision: - description: LatestRevision may be optionally provided to indicate that the latest ready Revision of the Configuration should be used for this traffic target. When provided LatestRevision must be true if RevisionName is empty; it must be false when RevisionName is non-empty. - type: boolean - percent: - description: 'Percent indicates that percentage based routing should be used and the value indicates the percent of traffic that is be routed to this Revision or Configuration. `0` (zero) mean no traffic, `100` means all traffic. When percentage based routing is being used the follow rules apply: - the sum of all percent values must equal 100 - when not specified, the implied value for `percent` is zero for that particular Revision or Configuration' - type: integer - format: int64 - revisionName: - description: RevisionName of a specific revision to which to send this portion of traffic. This is mutually exclusive with ConfigurationName. - type: string - tag: - description: Tag is optionally used to expose a dedicated url for referencing this target exclusively. - type: string - url: - description: URL displays the URL for accessing named traffic targets. URL is displayed in status, and is disallowed on spec. URL must contain a scheme (e.g. http://) and a hostname, but may not contain anything else (e.g. basic auth, url path, etc.) - type: string - url: - description: URL holds the url that will distribute traffic over the provided traffic targets. It generally has the form http[s]://{route-name}.{route-namespace}.{cluster-level-suffix} - type: string - ---- -# Copyright 2022 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: v1 -kind: Secret -metadata: - # Do not drop -ctrl-ca suffix as control-protocol requires it. - # https://github.com/knative-sandbox/control-protocol/blob/main/pkg/certificates/reconciler/controller.go - name: serving-certs-ctrl-ca - namespace: knative-serving - labels: - serving-certs-ctrl: "data-plane" - networking.internal.knative.dev/certificate-uid: "serving-certs" - -# The data is populated when internal-encryption is enabled. ---- -apiVersion: v1 -kind: Secret -metadata: - name: knative-serving-certs - namespace: knative-serving - labels: - serving-certs-ctrl: "data-plane" - networking.internal.knative.dev/certificate-uid: "serving-certs" -# The data is populated when internal-encryption is enabled. - ---- -# Copyright 2018 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: caching.internal.knative.dev/v1alpha1 -kind: Image -metadata: - name: queue-proxy - namespace: knative-serving - labels: - app.kubernetes.io/component: queue-proxy - app.kubernetes.io/name: knative-serving - app.kubernetes.io/version: "1.8.5" -spec: - # This is the Go import path for the binary that is containerized - # and substituted here. - image: gcr.io/knative-releases/knative.dev/serving/cmd/queue@sha256:545c7414f9bc93763c5e41567a5fd6f3359d4d186700b8b28b1411e1c899a2c2 - ---- -# Copyright 2018 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: v1 -kind: ConfigMap -metadata: - name: config-autoscaler - namespace: knative-serving - labels: - app.kubernetes.io/component: autoscaler - app.kubernetes.io/name: knative-serving - app.kubernetes.io/version: "1.8.5" - annotations: - knative.dev/example-checksum: "47c2487f" -data: - _example: | - ################################ - # # - # EXAMPLE CONFIGURATION # - # # - ################################ - - # This block is not actually functional configuration, - # but serves to illustrate the available configuration - # options and document them in a way that is accessible - # to users that `kubectl edit` this config map. - # - # These sample configuration options may be copied out of - # this example block and unindented to be in the data block - # to actually change the configuration. - - # The Revision ContainerConcurrency field specifies the maximum number - # of requests the Container can handle at once. Container concurrency - # target percentage is how much of that maximum to use in a stable - # state. E.g. if a Revision specifies ContainerConcurrency of 10, then - # the Autoscaler will try to maintain 7 concurrent connections per pod - # on average. - # Note: this limit will be applied to container concurrency set at every - # level (ConfigMap, Revision Spec or Annotation). - # For legacy and backwards compatibility reasons, this value also accepts - # fractional values in (0, 1] interval (i.e. 0.7 ⇒ 70%). - # Thus minimal percentage value must be greater than 1.0, or it will be - # treated as a fraction. - # NOTE: that this value does not affect actual number of concurrent requests - # the user container may receive, but only the average number of requests - # that the revision pods will receive. - container-concurrency-target-percentage: "70" - - # The container concurrency target default is what the Autoscaler will - # try to maintain when concurrency is used as the scaling metric for the - # Revision and the Revision specifies unlimited concurrency. - # When revision explicitly specifies container concurrency, that value - # will be used as a scaling target for autoscaler. - # When specifying unlimited concurrency, the autoscaler will - # horizontally scale the application based on this target concurrency. - # This is what we call "soft limit" in the documentation, i.e. it only - # affects number of pods and does not affect the number of requests - # individual pod processes. - # The value must be a positive number such that the value multiplied - # by container-concurrency-target-percentage is greater than 0.01. - # NOTE: that this value will be adjusted by application of - # container-concurrency-target-percentage, i.e. by default - # the system will target on average 70 concurrent requests - # per revision pod. - # NOTE: Only one metric can be used for autoscaling a Revision. - container-concurrency-target-default: "100" - - # The requests per second (RPS) target default is what the Autoscaler will - # try to maintain when RPS is used as the scaling metric for a Revision and - # the Revision specifies unlimited RPS. Even when specifying unlimited RPS, - # the autoscaler will horizontally scale the application based on this - # target RPS. - # Must be greater than 1.0. - # NOTE: Only one metric can be used for autoscaling a Revision. - requests-per-second-target-default: "200" - - # The target burst capacity specifies the size of burst in concurrent - # requests that the system operator expects the system will receive. - # Autoscaler will try to protect the system from queueing by introducing - # Activator in the request path if the current spare capacity of the - # service is less than this setting. - # If this setting is 0, then Activator will be in the request path only - # when the revision is scaled to 0. - # If this setting is > 0 and container-concurrency-target-percentage is - # 100% or 1.0, then activator will always be in the request path. - # -1 denotes unlimited target-burst-capacity and activator will always - # be in the request path. - # Other negative values are invalid. - target-burst-capacity: "211" - - # When operating in a stable mode, the autoscaler operates on the - # average concurrency over the stable window. - # Stable window must be in whole seconds. - stable-window: "60s" - - # When observed average concurrency during the panic window reaches - # panic-threshold-percentage the target concurrency, the autoscaler - # enters panic mode. When operating in panic mode, the autoscaler - # scales on the average concurrency over the panic window which is - # panic-window-percentage of the stable-window. - # Must be in the [1, 100] range. - # When computing the panic window it will be rounded to the closest - # whole second, at least 1s. - panic-window-percentage: "10.0" - - # The percentage of the container concurrency target at which to - # enter panic mode when reached within the panic window. - panic-threshold-percentage: "200.0" - - # Max scale up rate limits the rate at which the autoscaler will - # increase pod count. It is the maximum ratio of desired pods versus - # observed pods. - # Cannot be less or equal to 1. - # I.e with value of 2.0 the number of pods can at most go N to 2N - # over single Autoscaler period (2s), but at least N to - # N+1, if Autoscaler needs to scale up. - max-scale-up-rate: "1000.0" - - # Max scale down rate limits the rate at which the autoscaler will - # decrease pod count. It is the maximum ratio of observed pods versus - # desired pods. - # Cannot be less or equal to 1. - # I.e. with value of 2.0 the number of pods can at most go N to N/2 - # over single Autoscaler evaluation period (2s), but at - # least N to N-1, if Autoscaler needs to scale down. - max-scale-down-rate: "2.0" - - # Scale to zero feature flag. - enable-scale-to-zero: "true" - - # Scale to zero grace period is the time an inactive revision is left - # running before it is scaled to zero (must be positive, but recommended - # at least a few seconds if running with mesh networking). - # This is the upper limit and is provided not to enforce timeout after - # the revision stopped receiving requests for stable window, but to - # ensure network reprogramming to put activator in the path has completed. - # If the system determines that a shorter period is satisfactory, - # then the system will only wait that amount of time before scaling to 0. - # NOTE: this period might actually be 0, if activator has been - # in the request path sufficiently long. - # If there is necessity for the last pod to linger longer use - # scale-to-zero-pod-retention-period flag. - scale-to-zero-grace-period: "30s" - - # Scale to zero pod retention period defines the minimum amount - # of time the last pod will remain after Autoscaler has decided to - # scale to zero. - # This flag is for the situations where the pod startup is very expensive - # and the traffic is bursty (requiring smaller windows for fast action), - # but patchy. - # The larger of this flag and `scale-to-zero-grace-period` will effectively - # determine how the last pod will hang around. - scale-to-zero-pod-retention-period: "0s" - - # pod-autoscaler-class specifies the default pod autoscaler class - # that should be used if none is specified. If omitted, - # the Knative Pod Autoscaler (KPA) is used by default. - pod-autoscaler-class: "kpa.autoscaling.knative.dev" - - # The capacity of a single activator task. - # The `unit` is one concurrent request proxied by the activator. - # activator-capacity must be at least 1. - # This value is used for computation of the Activator subset size. - # See the algorithm here: http://bit.ly/38XiCZ3. - # TODO(vagababov): tune after actual benchmarking. - activator-capacity: "100.0" - - # initial-scale is the cluster-wide default value for the initial target - # scale of a revision after creation, unless overridden by the - # "autoscaling.knative.dev/initialScale" annotation. - # This value must be greater than 0 unless allow-zero-initial-scale is true. - initial-scale: "1" - - # allow-zero-initial-scale controls whether either the cluster-wide initial-scale flag, - # or the "autoscaling.knative.dev/initialScale" annotation, can be set to 0. - allow-zero-initial-scale: "false" - - # min-scale is the cluster-wide default value for the min scale of a revision, - # unless overridden by the "autoscaling.knative.dev/minScale" annotation. - min-scale: "0" - - # max-scale is the cluster-wide default value for the max scale of a revision, - # unless overridden by the "autoscaling.knative.dev/maxScale" annotation. - # If set to 0, the revision has no maximum scale. - max-scale: "0" - - # scale-down-delay is the amount of time that must pass at reduced - # concurrency before a scale down decision is applied. This can be useful, - # for example, to maintain replica count and avoid a cold start penalty if - # more requests come in within the scale down delay period. - # The default, 0s, imposes no delay at all. - scale-down-delay: "0s" - - # max-scale-limit sets the maximum permitted value for the max scale of a revision. - # When this is set to a positive value, a revision with a maxScale above that value - # (including a maxScale of "0" = unlimited) is disallowed. - # A value of zero (the default) allows any limit, including unlimited. - max-scale-limit: "0" - ---- -# Copyright 2019 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: v1 -kind: ConfigMap -metadata: - name: config-defaults - namespace: knative-serving - labels: - app.kubernetes.io/name: knative-serving - app.kubernetes.io/component: controller - app.kubernetes.io/version: "1.8.5" - annotations: - knative.dev/example-checksum: "e7973912" -data: - _example: | - ################################ - # # - # EXAMPLE CONFIGURATION # - # # - ################################ - - # This block is not actually functional configuration, - # but serves to illustrate the available configuration - # options and document them in a way that is accessible - # to users that `kubectl edit` this config map. - # - # These sample configuration options may be copied out of - # this example block and unindented to be in the data block - # to actually change the configuration. - - # revision-timeout-seconds contains the default number of - # seconds to use for the revision's per-request timeout, if - # none is specified. - revision-timeout-seconds: "300" # 5 minutes - - # max-revision-timeout-seconds contains the maximum number of - # seconds that can be used for revision-timeout-seconds. - # This value must be greater than or equal to revision-timeout-seconds. - # If omitted, the system default is used (600 seconds). - # - # If this value is increased, the activator's terminationGraceTimeSeconds - # should also be increased to prevent in-flight requests being disrupted. - max-revision-timeout-seconds: "600" # 10 minutes - - # revision-response-start-timeout-seconds contains the default number of - # seconds a request will be allowed to stay open while waiting to - # receive any bytes from the user's application, if none is specified. - # - # This defaults to 'revision-timeout-seconds' - revision-response-start-timeout-seconds: "300" - - # revision-idle-timeout-seconds contains the default number of - # seconds a request will be allowed to stay open while not receiving any - # bytes from the user's application, if none is specified. - revision-idle-timeout-seconds: "0" # infinite - - # revision-cpu-request contains the cpu allocation to assign - # to revisions by default. If omitted, no value is specified - # and the system default is used. - # Below is an example of setting revision-cpu-request. - # By default, it is not set by Knative. - revision-cpu-request: "400m" # 0.4 of a CPU (aka 400 milli-CPU) - - # revision-memory-request contains the memory allocation to assign - # to revisions by default. If omitted, no value is specified - # and the system default is used. - # Below is an example of setting revision-memory-request. - # By default, it is not set by Knative. - revision-memory-request: "100M" # 100 megabytes of memory - - # revision-ephemeral-storage-request contains the ephemeral storage - # allocation to assign to revisions by default. If omitted, no value is - # specified and the system default is used. - revision-ephemeral-storage-request: "500M" # 500 megabytes of storage - - # revision-cpu-limit contains the cpu allocation to limit - # revisions to by default. If omitted, no value is specified - # and the system default is used. - # Below is an example of setting revision-cpu-limit. - # By default, it is not set by Knative. - revision-cpu-limit: "1000m" # 1 CPU (aka 1000 milli-CPU) - - # revision-memory-limit contains the memory allocation to limit - # revisions to by default. If omitted, no value is specified - # and the system default is used. - # Below is an example of setting revision-memory-limit. - # By default, it is not set by Knative. - revision-memory-limit: "200M" # 200 megabytes of memory - - # revision-ephemeral-storage-limit contains the ephemeral storage - # allocation to limit revisions to by default. If omitted, no value is - # specified and the system default is used. - revision-ephemeral-storage-limit: "750M" # 750 megabytes of storage - - # container-name-template contains a template for the default - # container name, if none is specified. This field supports - # Go templating and is supplied with the ObjectMeta of the - # enclosing Service or Configuration, so values such as - # {{.Name}} are also valid. - container-name-template: "user-container" - - # init-container-name-template contains a template for the default - # init container name, if none is specified. This field supports - # Go templating and is supplied with the ObjectMeta of the - # enclosing Service or Configuration, so values such as - # {{.Name}} are also valid. - init-container-name-template: "init-container" - - # container-concurrency specifies the maximum number - # of requests the Container can handle at once, and requests - # above this threshold are queued. Setting a value of zero - # disables this throttling and lets through as many requests as - # the pod receives. - container-concurrency: "0" - - # The container concurrency max limit is an operator setting ensuring that - # the individual revisions cannot have arbitrary large concurrency - # values, or autoscaling targets. `container-concurrency` default setting - # must be at or below this value. - # - # Must be greater than 1. - # - # Note: even with this set, a user can choose a containerConcurrency - # of 0 (i.e. unbounded) unless allow-container-concurrency-zero is - # set to "false". - container-concurrency-max-limit: "1000" - - # allow-container-concurrency-zero controls whether users can - # specify 0 (i.e. unbounded) for containerConcurrency. - allow-container-concurrency-zero: "true" - - # enable-service-links specifies the default value used for the - # enableServiceLinks field of the PodSpec, when it is omitted by the user. - # See: https://kubernetes.io/docs/concepts/services-networking/connect-applications-service/#accessing-the-service - # - # This is a tri-state flag with possible values of (true|false|default). - # - # In environments with large number of services it is suggested - # to set this value to `false`. - # See https://github.com/knative/serving/issues/8498. - enable-service-links: "false" - ---- -# Copyright 2019 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: v1 -kind: ConfigMap -metadata: - name: config-deployment - namespace: knative-serving - labels: - app.kubernetes.io/name: knative-serving - app.kubernetes.io/component: controller - app.kubernetes.io/version: "1.8.5" - annotations: - knative.dev/example-checksum: "dd7ee769" -data: - # This is the Go import path for the binary that is containerized - # and substituted here. - queue-sidecar-image: gcr.io/knative-releases/knative.dev/serving/cmd/queue@sha256:545c7414f9bc93763c5e41567a5fd6f3359d4d186700b8b28b1411e1c899a2c2 - _example: |- - ################################ - # # - # EXAMPLE CONFIGURATION # - # # - ################################ - - # This block is not actually functional configuration, - # but serves to illustrate the available configuration - # options and document them in a way that is accessible - # to users that `kubectl edit` this config map. - # - # These sample configuration options may be copied out of - # this example block and unindented to be in the data block - # to actually change the configuration. - - # List of repositories for which tag to digest resolving should be skipped - registries-skipping-tag-resolving: "kind.local,ko.local,dev.local" - - # Maximum time allowed for an image's digests to be resolved. - digest-resolution-timeout: "10s" - - # Duration we wait for the deployment to be ready before considering it failed. - progress-deadline: "600s" - - # Sets the queue proxy's CPU request. - # If omitted, a default value (currently "25m"), is used. - queue-sidecar-cpu-request: "25m" - - # Sets the queue proxy's CPU limit. - # If omitted, no value is specified and the system default is used. - queue-sidecar-cpu-limit: "1000m" - - # Sets the queue proxy's memory request. - # If omitted, no value is specified and the system default is used. - queue-sidecar-memory-request: "400Mi" - - # Sets the queue proxy's memory limit. - # If omitted, no value is specified and the system default is used. - queue-sidecar-memory-limit: "800Mi" - - # Sets the queue proxy's ephemeral storage request. - # If omitted, no value is specified and the system default is used. - queue-sidecar-ephemeral-storage-request: "512Mi" - - # Sets the queue proxy's ephemeral storage limit. - # If omitted, no value is specified and the system default is used. - queue-sidecar-ephemeral-storage-limit: "1024Mi" - - # The freezer service endpoint that queue-proxy calls when its traffic drops to zero or - # scales up from zero. - # - # Freezer service is available at: https://github.com/knative-sandbox/container-freezer - # or users may write their own service. - # - # The value will need to include both the host and the port that will be accessed. - # For the host, $HOST_IP can be passed, and the appropriate host IP value will be swapped - # in at runtime, which will enable the freezer daemonset to be reachable via the node IP. - # - # As an example: - # concurrency-state-endpoint: "http://$HOST_IP:9696" - # - # If not set, queue proxy takes no action (this is the default behavior). - # - # When enabled, a serviceAccountToken will be mounted to queue-proxy using - # a projected volume. This requires the Service Account Token Volume Projection feature - # to be enabled. For details, see this link: - # https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/#service-account-token-volume-projection - # - # NOTE THAT THIS IS AN EXPERIMENTAL / ALPHA FEATURE - concurrency-state-endpoint: "" - ---- -# Copyright 2018 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: v1 -kind: ConfigMap -metadata: - name: config-domain - namespace: knative-serving - labels: - app.kubernetes.io/name: knative-serving - app.kubernetes.io/component: controller - app.kubernetes.io/version: "1.8.5" - annotations: - knative.dev/example-checksum: "26c09de5" -data: - _example: | - ################################ - # # - # EXAMPLE CONFIGURATION # - # # - ################################ - - # This block is not actually functional configuration, - # but serves to illustrate the available configuration - # options and document them in a way that is accessible - # to users that `kubectl edit` this config map. - # - # These sample configuration options may be copied out of - # this example block and unindented to be in the data block - # to actually change the configuration. - - # Default value for domain. - # Routes having the cluster domain suffix (by default 'svc.cluster.local') - # will not be exposed through Ingress. You can define your own label - # selector to assign that domain suffix to your Route here, or you can set - # the label - # "networking.knative.dev/visibility=cluster-local" - # to achieve the same effect. This shows how to make routes having - # the label app=secret only exposed to the local cluster. - svc.cluster.local: | - selector: - app: secret - - # These are example settings of domain. - # example.com will be used for all routes, but it is the least-specific rule so it - # will only be used if no other domain matches. - example.com: | - - # example.org will be used for routes having app=nonprofit. - example.org: | - selector: - app: nonprofit - ---- -# Copyright 2020 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: v1 -kind: ConfigMap -metadata: - name: config-features - namespace: knative-serving - labels: - app.kubernetes.io/name: knative-serving - app.kubernetes.io/component: controller - app.kubernetes.io/version: "1.8.5" - annotations: - knative.dev/example-checksum: "691a192e" -data: - _example: |- - ################################ - # # - # EXAMPLE CONFIGURATION # - # # - ################################ - - # This block is not actually functional configuration, - # but serves to illustrate the available configuration - # options and document them in a way that is accessible - # to users that `kubectl edit` this config map. - # - # These sample configuration options may be copied out of - # this example block and unindented to be in the data block - # to actually change the configuration. - - # Indicates whether multi container support is enabled - # - # WARNING: Cannot safely be disabled once enabled. - # See: https://knative.dev/docs/serving/feature-flags/#multi-containers - multi-container: "enabled" - - # Indicates whether Kubernetes affinity support is enabled - # - # WARNING: Cannot safely be disabled once enabled. - # See: https://knative.dev/docs/serving/feature-flags/#kubernetes-node-affinity - kubernetes.podspec-affinity: "disabled" - - # Indicates whether Kubernetes topologySpreadConstraints support is enabled - # - # WARNING: Cannot safely be disabled once enabled. - # See: https://knative.dev/docs/serving/feature-flags/#kubernetes-topology-spread-constraints - kubernetes.podspec-topologyspreadconstraints: "disabled" - - # Indicates whether Kubernetes hostAliases support is enabled - # - # WARNING: Cannot safely be disabled once enabled. - # See: https://knative.dev/docs/serving/feature-flags/#kubernetes-host-aliases - kubernetes.podspec-hostaliases: "disabled" - - # Indicates whether Kubernetes nodeSelector support is enabled - # - # WARNING: Cannot safely be disabled once enabled. - # See: https://knative.dev/docs/serving/feature-flags/#kubernetes-node-selector - kubernetes.podspec-nodeselector: "disabled" - - # Indicates whether Kubernetes tolerations support is enabled - # - # WARNING: Cannot safely be disabled once enabled - # See: https://knative.dev/docs/serving/feature-flags/#kubernetes-toleration - kubernetes.podspec-tolerations: "disabled" - - # Indicates whether Kubernetes FieldRef support is enabled - # - # WARNING: Cannot safely be disabled once enabled. - # See: https://knative.dev/docs/serving/feature-flags/#kubernetes-fieldref - kubernetes.podspec-fieldref: "disabled" - - # Indicates whether Kubernetes RuntimeClassName support is enabled - # - # WARNING: Cannot safely be disabled once enabled. - # See: https://knative.dev/docs/serving/feature-flags/#kubernetes-runtime-class - kubernetes.podspec-runtimeclassname: "disabled" - - # Indicates whether Kubernetes DNSPolicy support is enabled - # - # WARNING: Cannot safely be disabled once enabled. - # See: https://knative.dev/docs/serving/feature-flags/#kubernetes-dnspolicy - kubernetes.podspec-dnspolicy: "disabled" - - # Indicates whether Kubernetes DNSConfig support is enabled - # - # WARNING: Cannot safely be disabled once enabled. - # See: https://knative.dev/docs/serving/feature-flags/#kubernetes-dnsconfig - kubernetes.podspec-dnsconfig: "disabled" - - # This feature allows end-users to set a subset of fields on the Pod's SecurityContext - # - # When set to "enabled" or "allowed" it allows the following - # PodSecurityContext properties: - # - FSGroup - # - RunAsGroup - # - RunAsNonRoot - # - SupplementalGroups - # - RunAsUser - # - SeccompProfile - # - # This feature flag should be used with caution as the PodSecurityContext - # properties may have a side-effect on non-user sidecar containers that come - # from Knative or your service mesh - # - # WARNING: Cannot safely be disabled once enabled. - # See: https://knative.dev/docs/serving/feature-flags/#kubernetes-security-context - kubernetes.podspec-securitycontext: "disabled" - - # Indicates whether Kubernetes PriorityClassName support is enabled - # - # WARNING: Cannot safely be disabled once enabled. - # See: https://knative.dev/docs/serving/feature-flags/#kubernetes-priority-class-name - kubernetes.podspec-priorityclassname: "disabled" - - # Indicates whether Kubernetes SchedulerName support is enabled - # - # WARNING: Cannot safely be disabled once enabled. - # See: https://knative.dev/docs/serving/feature-flags/#kubernetes-scheduler-name - kubernetes.podspec-schedulername: "disabled" - - # This feature flag allows end-users to add a subset of capabilities on the Pod's SecurityContext. - # - # When set to "enabled" or "allowed" it allows capabilities to be added to the container. - # For a list of possible capabilities, see https://man7.org/linux/man-pages/man7/capabilities.7.html - kubernetes.containerspec-addcapabilities: "disabled" - - # This feature validates PodSpecs from the validating webhook - # against the K8s API Server. - # - # When "enabled", the server will always run the extra validation. - # When "allowed", the server will not run the dry-run validation by default. - # However, clients may enable the behavior on an individual Service by - # attaching the following metadata annotation: "features.knative.dev/podspec-dryrun":"enabled". - # See: https://knative.dev/docs/serving/feature-flags/#kubernetes-dry-run - kubernetes.podspec-dryrun: "allowed" - - # Controls whether tag header based routing feature are enabled or not. - # 1. Enabled: enabling tag header based routing - # 2. Disabled: disabling tag header based routing - # See: https://knative.dev/docs/serving/feature-flags/#tag-header-based-routing - tag-header-based-routing: "disabled" - - # Controls whether http2 auto-detection should be enabled or not. - # 1. Enabled: http2 connection will be attempted via upgrade. - # 2. Disabled: http2 connection will only be attempted when port name is set to "h2c". - autodetect-http2: "disabled" - - # Controls whether volume support for EmptyDir is enabled or not. - # 1. Enabled: enabling EmptyDir volume support - # 2. Disabled: disabling EmptyDir volume support - kubernetes.podspec-volumes-emptydir: "enabled" - - # Controls whether init containers support is enabled or not. - # 1. Enabled: enabling init containers support - # 2. Disabled: disabling init containers support - kubernetes.podspec-init-containers: "disabled" - - # Controls whether persistent volume claim support is enabled or not. - # 1. Enabled: enabling persistent volume claim support - # 2. Disabled: disabling persistent volume claim support - kubernetes.podspec-persistent-volume-claim: "disabled" - - # Controls whether write access for persistent volumes is enabled or not. - # 1. Enabled: enabling write access for persistent volumes - # 2. Disabled: disabling write access for persistent volumes - kubernetes.podspec-persistent-volume-write: "disabled" - - # Controls if the queue proxy podInfo feature is enabled, allowed or disabled - # - # This feature should be enabled/allowed when using queue proxy Options (Extensions) - # Enabling will mount a podInfo volume to the queue proxy container. - # The volume will contains an 'annotations' file (from the pod's annotation field). - # The annotations in this file include the Service annotations set by the client creating the service. - # If mounted, the annotations can be accessed by queue proxy extensions at /etc/podinfo/annnotations - # - # 1. "enabled": always mount a podInfo volume - # 2. "disabled": never mount a podInfo volume - # 3. "allowed": by default, do not mount a podInfo volume - # However, a client may mount the podInfo volume on an individual Service by attaching - # the following metadata annotation to the Service: "features.knative.dev/queueproxy-podinfo":"enabled". - # - # NOTE THAT THIS IS AN EXPERIMENTAL / ALPHA FEATURE - queueproxy.mount-podinfo: "disabled" - ---- -# Copyright 2018 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: v1 -kind: ConfigMap -metadata: - name: config-gc - namespace: knative-serving - labels: - app.kubernetes.io/name: knative-serving - app.kubernetes.io/component: controller - app.kubernetes.io/version: "1.8.5" - annotations: - knative.dev/example-checksum: "aa3813a8" -data: - _example: | - ################################ - # # - # EXAMPLE CONFIGURATION # - # # - ################################ - - # This block is not actually functional configuration, - # but serves to illustrate the available configuration - # options and document them in a way that is accessible - # to users that `kubectl edit` this config map. - # - # These sample configuration options may be copied out of - # this example block and unindented to be in the data block - # to actually change the configuration. - - # --------------------------------------- - # Garbage Collector Settings - # --------------------------------------- - # - # Active - # * Revisions which are referenced by a Route are considered active. - # * Individual revisions may be marked with the annotation - # "serving.knative.dev/no-gc":"true" to be permanently considered active. - # * Active revisions are not considered for GC. - # Retention - # * Revisions are retained if they are any of the following: - # 1. Active - # 2. Were created within "retain-since-create-time" - # 3. Were last referenced by a route within - # "retain-since-last-active-time" - # 4. There are fewer than "min-non-active-revisions" - # If none of these conditions are met, or if the count of revisions exceed - # "max-non-active-revisions", they will be deleted by GC. - # The special value "disabled" may be used to turn off these limits. - # - # Example config to immediately collect any inactive revision: - # min-non-active-revisions: "0" - # max-non-active-revisions: "0" - # retain-since-create-time: "disabled" - # retain-since-last-active-time: "disabled" - # - # Example config to always keep around the last ten non-active revisions: - # retain-since-create-time: "disabled" - # retain-since-last-active-time: "disabled" - # max-non-active-revisions: "10" - # - # Example config to disable all garbage collection: - # retain-since-create-time: "disabled" - # retain-since-last-active-time: "disabled" - # max-non-active-revisions: "disabled" - # - # Example config to keep recently deployed or active revisions, - # always maintain the last two in case of rollback, and prevent - # burst activity from exploding the count of old revisions: - # retain-since-create-time: "48h" - # retain-since-last-active-time: "15h" - # min-non-active-revisions: "2" - # max-non-active-revisions: "1000" - - # Duration since creation before considering a revision for GC or "disabled". - retain-since-create-time: "48h" - - # Duration since active before considering a revision for GC or "disabled". - retain-since-last-active-time: "15h" - - # Minimum number of non-active revisions to retain. - min-non-active-revisions: "20" - - # Maximum number of non-active revisions to retain - # or "disabled" to disable any maximum limit. - max-non-active-revisions: "1000" - ---- -# Copyright 2020 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: v1 -kind: ConfigMap -metadata: - name: config-leader-election - namespace: knative-serving - labels: - app.kubernetes.io/name: knative-serving - app.kubernetes.io/component: controller - app.kubernetes.io/version: "1.8.5" - annotations: - knative.dev/example-checksum: "f4b71f57" -data: - _example: | - ################################ - # # - # EXAMPLE CONFIGURATION # - # # - ################################ - - # This block is not actually functional configuration, - # but serves to illustrate the available configuration - # options and document them in a way that is accessible - # to users that `kubectl edit` this config map. - # - # These sample configuration options may be copied out of - # this example block and unindented to be in the data block - # to actually change the configuration. - - # lease-duration is how long non-leaders will wait to try to acquire the - # lock; 15 seconds is the value used by core kubernetes controllers. - lease-duration: "60s" - - # renew-deadline is how long a leader will try to renew the lease before - # giving up; 10 seconds is the value used by core kubernetes controllers. - renew-deadline: "40s" - - # retry-period is how long the leader election client waits between tries of - # actions; 2 seconds is the value used by core kubernetes controllers. - retry-period: "10s" - - # buckets is the number of buckets used to partition key space of each - # Reconciler. If this number is M and the replica number of the controller - # is N, the N replicas will compete for the M buckets. The owner of a - # bucket will take care of the reconciling for the keys partitioned into - # that bucket. - buckets: "1" - ---- -# Copyright 2018 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: v1 -kind: ConfigMap -metadata: - name: config-logging - namespace: knative-serving - labels: - app.kubernetes.io/version: "1.8.5" - app.kubernetes.io/component: logging - app.kubernetes.io/name: knative-serving - annotations: - knative.dev/example-checksum: "b0f3c6f2" -data: - _example: | - ################################ - # # - # EXAMPLE CONFIGURATION # - # # - ################################ - - # This block is not actually functional configuration, - # but serves to illustrate the available configuration - # options and document them in a way that is accessible - # to users that `kubectl edit` this config map. - # - # These sample configuration options may be copied out of - # this example block and unindented to be in the data block - # to actually change the configuration. - - # Common configuration for all Knative codebase - zap-logger-config: | - { - "level": "info", - "development": false, - "outputPaths": ["stdout"], - "errorOutputPaths": ["stderr"], - "encoding": "json", - "encoderConfig": { - "timeKey": "timestamp", - "levelKey": "severity", - "nameKey": "logger", - "callerKey": "caller", - "messageKey": "message", - "stacktraceKey": "stacktrace", - "lineEnding": "", - "levelEncoder": "", - "timeEncoder": "iso8601", - "durationEncoder": "", - "callerEncoder": "" - } - } - - # Log level overrides - # For all components except the queue proxy, - # changes are picked up immediately. - # For queue proxy, changes require recreation of the pods. - loglevel.controller: "info" - loglevel.autoscaler: "info" - loglevel.queueproxy: "info" - loglevel.webhook: "info" - loglevel.activator: "info" - loglevel.hpaautoscaler: "info" - loglevel.net-certmanager-controller: "info" - loglevel.net-istio-controller: "info" - loglevel.net-contour-controller: "info" - ---- -# Copyright 2018 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: v1 -kind: ConfigMap -metadata: - name: config-network - namespace: knative-serving - labels: - app.kubernetes.io/name: knative-serving - app.kubernetes.io/component: networking - app.kubernetes.io/version: "1.8.5" - annotations: - knative.dev/example-checksum: "73d96d1b" -data: - _example: | - ################################ - # # - # EXAMPLE CONFIGURATION # - # # - ################################ - - # This block is not actually functional configuration, - # but serves to illustrate the available configuration - # options and document them in a way that is accessible - # to users that `kubectl edit` this config map. - # - # These sample configuration options may be copied out of - # this example block and unindented to be in the data block - # to actually change the configuration. - - # ingress-class specifies the default ingress class - # to use when not dictated by Route annotation. - # - # If not specified, will use the Istio ingress. - # - # Note that changing the Ingress class of an existing Route - # will result in undefined behavior. Therefore it is best to only - # update this value during the setup of Knative, to avoid getting - # undefined behavior. - ingress-class: "istio.ingress.networking.knative.dev" - - # certificate-class specifies the default Certificate class - # to use when not dictated by Route annotation. - # - # If not specified, will use the Cert-Manager Certificate. - # - # Note that changing the Certificate class of an existing Route - # will result in undefined behavior. Therefore it is best to only - # update this value during the setup of Knative, to avoid getting - # undefined behavior. - certificate-class: "cert-manager.certificate.networking.knative.dev" - - # namespace-wildcard-cert-selector specifies a LabelSelector which - # determines which namespaces should have a wildcard certificate - # provisioned. - # - # Use an empty value to disable the feature (this is the default): - # namespace-wildcard-cert-selector: "" - # - # Use an empty object to enable for all namespaces - # namespace-wildcard-cert-selector: {} - # - # Useful labels include the "kubernetes.io/metadata.name" label to - # avoid provisioning a certifcate for the "kube-system" namespaces. - # Use the following selector to match pre-1.0 behavior of using - # "networking.knative.dev/disableWildcardCert" to exclude namespaces: - # - # matchExpressions: - # - key: "networking.knative.dev/disableWildcardCert" - # operator: "NotIn" - # values: ["true"] - namespace-wildcard-cert-selector: "" - - # domain-template specifies the golang text template string to use - # when constructing the Knative service's DNS name. The default - # value is "{{.Name}}.{{.Namespace}}.{{.Domain}}". - # - # Valid variables defined in the template include Name, Namespace, Domain, - # Labels, and Annotations. Name will be the result of the tagTemplate - # below, if a tag is specified for the route. - # - # Changing this value might be necessary when the extra levels in - # the domain name generated is problematic for wildcard certificates - # that only support a single level of domain name added to the - # certificate's domain. In those cases you might consider using a value - # of "{{.Name}}-{{.Namespace}}.{{.Domain}}", or removing the Namespace - # entirely from the template. When choosing a new value be thoughtful - # of the potential for conflicts - for example, when users choose to use - # characters such as `-` in their service, or namespace, names. - # {{.Annotations}} or {{.Labels}} can be used for any customization in the - # go template if needed. - # We strongly recommend keeping namespace part of the template to avoid - # domain name clashes: - # eg. '{{.Name}}-{{.Namespace}}.{{ index .Annotations "sub"}}.{{.Domain}}' - # and you have an annotation {"sub":"foo"}, then the generated template - # would be {Name}-{Namespace}.foo.{Domain} - domain-template: "{{.Name}}.{{.Namespace}}.{{.Domain}}" - - # tagTemplate specifies the golang text template string to use - # when constructing the DNS name for "tags" within the traffic blocks - # of Routes and Configuration. This is used in conjunction with the - # domainTemplate above to determine the full URL for the tag. - tag-template: "{{.Tag}}-{{.Name}}" - - # Controls whether TLS certificates are automatically provisioned and - # installed in the Knative ingress to terminate external TLS connection. - # 1. Enabled: enabling auto-TLS feature. - # 2. Disabled: disabling auto-TLS feature. - auto-tls: "Disabled" - - # Controls the behavior of the HTTP endpoint for the Knative ingress. - # It requires autoTLS to be enabled. - # 1. Enabled: The Knative ingress will be able to serve HTTP connection. - # 2. Redirected: The Knative ingress will send a 301 redirect for all - # http connections, asking the clients to use HTTPS. - # - # "Disabled" option is deprecated. - http-protocol: "Enabled" - - # rollout-duration contains the minimal duration in seconds over which the - # Configuration traffic targets are rolled out to the newest revision. - rollout-duration: "0" - - # autocreate-cluster-domain-claims controls whether ClusterDomainClaims should - # be automatically created (and deleted) as needed when DomainMappings are - # reconciled. - # - # If this is "false" (the default), the cluster administrator is - # responsible for creating ClusterDomainClaims and delegating them to - # namespaces via their spec.Namespace field. This setting should be used in - # multitenant environments which need to control which namespace can use a - # particular domain name in a domain mapping. - # - # If this is "true", users are able to associate arbitrary names with their - # services via the DomainMapping feature. - autocreate-cluster-domain-claims: "false" - - # If true, networking plugins can add additional information to deployed - # applications to make their pods directly accessible via their IPs even if mesh is - # enabled and thus direct-addressability is usually not possible. - # Consumers like Knative Serving can use this setting to adjust their behavior - # accordingly, i.e. to drop fallback solutions for non-pod-addressable systems. - # - # NOTE: This flag is in an alpha state and is mostly here to enable internal testing - # for now. Use with caution. - enable-mesh-pod-addressability: "false" - - # mesh-compatibility-mode indicates whether consumers of network plugins - # should directly contact Pod IPs (most efficient), or should use the - # Cluster IP (less efficient, needed when mesh is enabled unless - # `enable-mesh-pod-addressability`, above, is set). - # Permitted values are: - # - "auto" (default): automatically determine which mesh mode to use by trying Pod IP and falling back to Cluster IP as needed. - # - "enabled": always use Cluster IP and do not attempt to use Pod IPs. - # - "disabled": always use Pod IPs and do not fall back to Cluster IP on failure. - mesh-compatibility-mode: "auto" - - # Defines the scheme used for external URLs if autoTLS is not enabled. - # This can be used for making Knative report all URLs as "HTTPS" for example, if you're - # fronting Knative with an external loadbalancer that deals with TLS termination and - # Knative doesn't know about that otherwise. - default-external-scheme: "http" - - # internal-encryption indicates whether internal traffic is encrypted or not. - # If this is "true", the following traffic are encrypted: - # - ingress to activator - # - ingress to queue-proxy - # - activator to queue-proxy - # - # NOTE: This flag is in an alpha state and is mostly here to enable internal testing - # for now. Use with caution. - internal-encryption: "false" - ---- -# Copyright 2018 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: v1 -kind: ConfigMap -metadata: - name: config-observability - namespace: knative-serving - labels: - app.kubernetes.io/name: knative-serving - app.kubernetes.io/component: observability - app.kubernetes.io/version: "1.8.5" - annotations: - knative.dev/example-checksum: "fed4756e" -data: - _example: | - ################################ - # # - # EXAMPLE CONFIGURATION # - # # - ################################ - - # This block is not actually functional configuration, - # but serves to illustrate the available configuration - # options and document them in a way that is accessible - # to users that `kubectl edit` this config map. - # - # These sample configuration options may be copied out of - # this example block and unindented to be in the data block - # to actually change the configuration. - - # logging.enable-var-log-collection defaults to false. - # The fluentd daemon set will be set up to collect /var/log if - # this flag is true. - logging.enable-var-log-collection: "false" - - # logging.revision-url-template provides a template to use for producing the - # logging URL that is injected into the status of each Revision. - logging.revision-url-template: "http://logging.example.com/?revisionUID=${REVISION_UID}" - - # If non-empty, this enables queue proxy writing user request logs to stdout, excluding probe - # requests. - # NB: after 0.18 release logging.enable-request-log must be explicitly set to true - # in order for request logging to be enabled. - # - # The value determines the shape of the request logs and it must be a valid go text/template. - # It is important to keep this as a single line. Multiple lines are parsed as separate entities - # by most collection agents and will split the request logs into multiple records. - # - # The following fields and functions are available to the template: - # - # Request: An http.Request (see https://golang.org/pkg/net/http/#Request) - # representing an HTTP request received by the server. - # - # Response: - # struct { - # Code int // HTTP status code (see https://www.iana.org/assignments/http-status-codes/http-status-codes.xhtml) - # Size int // An int representing the size of the response. - # Latency float64 // A float64 representing the latency of the response in seconds. - # } - # - # Revision: - # struct { - # Name string // Knative revision name - # Namespace string // Knative revision namespace - # Service string // Knative service name - # Configuration string // Knative configuration name - # PodName string // Name of the pod hosting the revision - # PodIP string // IP of the pod hosting the revision - # } - # - logging.request-log-template: '{"httpRequest": {"requestMethod": "{{.Request.Method}}", "requestUrl": "{{js .Request.RequestURI}}", "requestSize": "{{.Request.ContentLength}}", "status": {{.Response.Code}}, "responseSize": "{{.Response.Size}}", "userAgent": "{{js .Request.UserAgent}}", "remoteIp": "{{js .Request.RemoteAddr}}", "serverIp": "{{.Revision.PodIP}}", "referer": "{{js .Request.Referer}}", "latency": "{{.Response.Latency}}s", "protocol": "{{.Request.Proto}}"}, "traceId": "{{index .Request.Header "X-B3-Traceid"}}"}' - - # If true, the request logging will be enabled. - # NB: up to and including Knative version 0.18 if logging.request-log-template is non-empty, this value - # will be ignored. - logging.enable-request-log: "false" - - # If true, this enables queue proxy writing request logs for probe requests to stdout. - # It uses the same template for user requests, i.e. logging.request-log-template. - logging.enable-probe-request-log: "false" - - # metrics.backend-destination field specifies the system metrics destination. - # It supports either prometheus (the default) or opencensus. - metrics.backend-destination: prometheus - - # metrics.request-metrics-backend-destination specifies the request metrics - # destination. It enables queue proxy to send request metrics. - # Currently supported values: prometheus (the default), opencensus. - metrics.request-metrics-backend-destination: prometheus - - # profiling.enable indicates whether it is allowed to retrieve runtime profiling data from - # the pods via an HTTP server in the format expected by the pprof visualization tool. When - # enabled, the Knative Serving pods expose the profiling data on an alternate HTTP port 8008. - # The HTTP context root for profiling is then /debug/pprof/. - profiling.enable: "false" - ---- -# Copyright 2019 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: v1 -kind: ConfigMap -metadata: - name: config-tracing - namespace: knative-serving - labels: - app.kubernetes.io/name: knative-serving - app.kubernetes.io/component: tracing - app.kubernetes.io/version: "1.8.5" - annotations: - knative.dev/example-checksum: "26614636" -data: - _example: | - ################################ - # # - # EXAMPLE CONFIGURATION # - # # - ################################ - - # This block is not actually functional configuration, - # but serves to illustrate the available configuration - # options and document them in a way that is accessible - # to users that `kubectl edit` this config map. - # - # These sample configuration options may be copied out of - # this example block and unindented to be in the data block - # to actually change the configuration. - # - # This may be "zipkin" or "none" (default) - backend: "none" - - # URL to zipkin collector where traces are sent. - # This must be specified when backend is "zipkin" - zipkin-endpoint: "http://zipkin.istio-system.svc.cluster.local:9411/api/v2/spans" - - # Enable zipkin debug mode. This allows all spans to be sent to the server - # bypassing sampling. - debug: "false" - - # Percentage (0-1) of requests to trace - sample-rate: "0.1" - ---- -# Copyright 2020 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: autoscaling/v2 -kind: HorizontalPodAutoscaler -metadata: - name: activator - namespace: knative-serving - labels: - app.kubernetes.io/component: activator - app.kubernetes.io/name: knative-serving - app.kubernetes.io/version: "1.8.5" -spec: - minReplicas: 1 - maxReplicas: 20 - scaleTargetRef: - apiVersion: apps/v1 - kind: Deployment - name: activator - metrics: - - type: Resource - resource: - name: cpu - target: - type: Utilization - # Percentage of the requested CPU - averageUtilization: 100 ---- -# Activator PDB. Currently we permit unavailability of 20% of tasks at the same time. -# Given the subsetting and that the activators are partially stateful systems, we want -# a slow rollout of the new versions and slow migration during node upgrades. -apiVersion: policy/v1 -kind: PodDisruptionBudget -metadata: - name: activator-pdb - namespace: knative-serving - labels: - app.kubernetes.io/component: activator - app.kubernetes.io/name: knative-serving - app.kubernetes.io/version: "1.8.5" -spec: - minAvailable: 80% - selector: - matchLabels: - app: activator - ---- -# Copyright 2018 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: apps/v1 -kind: Deployment -metadata: - name: activator - namespace: knative-serving - labels: - app.kubernetes.io/component: activator - app.kubernetes.io/version: "1.8.5" - app.kubernetes.io/name: knative-serving -spec: - selector: - matchLabels: - app: activator - role: activator - template: - metadata: - annotations: - cluster-autoscaler.kubernetes.io/safe-to-evict: "false" - labels: - app: activator - role: activator - app.kubernetes.io/component: activator - app.kubernetes.io/name: knative-serving - app.kubernetes.io/version: "1.8.5" - spec: - serviceAccountName: controller - containers: - - name: activator - # This is the Go import path for the binary that is containerized - # and substituted here. - image: gcr.io/knative-releases/knative.dev/serving/cmd/activator@sha256:dfe093337af4487ef5ad58a20f31b523da70aa91e21750725db34f11a7d643fd - # The numbers are based on performance test results from - # https://github.com/knative/serving/issues/1625#issuecomment-511930023 - resources: - requests: - cpu: 300m - memory: 60Mi - limits: - cpu: 1000m - memory: 600Mi - env: - # Run Activator with GC collection when newly generated memory is 500%. - - name: GOGC - value: "500" - - name: POD_NAME - valueFrom: - fieldRef: - fieldPath: metadata.name - - name: POD_IP - valueFrom: - fieldRef: - fieldPath: status.podIP - - name: SYSTEM_NAMESPACE - valueFrom: - fieldRef: - fieldPath: metadata.namespace - - name: CONFIG_LOGGING_NAME - value: config-logging - - name: CONFIG_OBSERVABILITY_NAME - value: config-observability - # TODO(https://github.com/knative/pkg/pull/953): Remove stackdriver specific config - - name: METRICS_DOMAIN - value: knative.dev/internal/serving - securityContext: - allowPrivilegeEscalation: false - readOnlyRootFilesystem: true - runAsNonRoot: true - capabilities: - drop: - - ALL - seccompProfile: - type: RuntimeDefault - ports: - - name: metrics - containerPort: 9090 - - name: profiling - containerPort: 8008 - - name: http1 - containerPort: 8012 - - name: h2c - containerPort: 8013 - readinessProbe: - httpGet: - port: 8012 - httpHeaders: - - name: k-kubelet-probe - value: "activator" - periodSeconds: 5 - failureThreshold: 5 - livenessProbe: - httpGet: - port: 8012 - httpHeaders: - - name: k-kubelet-probe - value: "activator" - periodSeconds: 10 - failureThreshold: 12 - initialDelaySeconds: 15 - # The activator (often) sits on the dataplane, and may proxy long (e.g. - # streaming, websockets) requests. We give a long grace period for the - # activator to "lame duck" and drain outstanding requests before we - # forcibly terminate the pod (and outstanding connections). This value - # should be at least as large as the upper bound on the Revision's - # timeoutSeconds property to avoid servicing events disrupting - # connections. - terminationGracePeriodSeconds: 600 ---- -apiVersion: v1 -kind: Service -metadata: - name: activator-service - namespace: knative-serving - labels: - app: activator - app.kubernetes.io/component: activator - app.kubernetes.io/version: "1.8.5" - app.kubernetes.io/name: knative-serving -spec: - selector: - app: activator - ports: - # Define metrics and profiling for them to be accessible within service meshes. - - name: http-metrics - port: 9090 - targetPort: 9090 - - name: http-profiling - port: 8008 - targetPort: 8008 - - name: http - port: 80 - targetPort: 8012 - - name: http2 - port: 81 - targetPort: 8013 - - name: https - port: 443 - targetPort: 8112 - type: ClusterIP - ---- -# Copyright 2018 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: apps/v1 -kind: Deployment -metadata: - name: autoscaler - namespace: knative-serving - labels: - app.kubernetes.io/component: autoscaler - app.kubernetes.io/name: knative-serving - app.kubernetes.io/version: "1.8.5" -spec: - replicas: 1 - selector: - matchLabels: - app: autoscaler - strategy: - type: RollingUpdate - rollingUpdate: - maxUnavailable: 0 - template: - metadata: - annotations: - cluster-autoscaler.kubernetes.io/safe-to-evict: "false" - labels: - app: autoscaler - app.kubernetes.io/component: autoscaler - app.kubernetes.io/name: knative-serving - app.kubernetes.io/version: "1.8.5" - spec: - # To avoid node becoming SPOF, spread our replicas to different nodes. - affinity: - podAntiAffinity: - preferredDuringSchedulingIgnoredDuringExecution: - - podAffinityTerm: - labelSelector: - matchLabels: - app: autoscaler - topologyKey: kubernetes.io/hostname - weight: 100 - serviceAccountName: controller - containers: - - name: autoscaler - # This is the Go import path for the binary that is containerized - # and substituted here. - image: gcr.io/knative-releases/knative.dev/serving/cmd/autoscaler@sha256:53f24d86665c1db4767eefd4745cfbff6d7cae87de4f0fddf03d2e522ca20c6a - resources: - requests: - cpu: 100m - memory: 100Mi - limits: - cpu: 1000m - memory: 1000Mi - env: - - name: POD_NAME - valueFrom: - fieldRef: - fieldPath: metadata.name - - name: POD_IP - valueFrom: - fieldRef: - fieldPath: status.podIP - - name: SYSTEM_NAMESPACE - valueFrom: - fieldRef: - fieldPath: metadata.namespace - - name: CONFIG_LOGGING_NAME - value: config-logging - - name: CONFIG_OBSERVABILITY_NAME - value: config-observability - # TODO(https://github.com/knative/pkg/pull/953): Remove stackdriver specific config - - name: METRICS_DOMAIN - value: knative.dev/serving - securityContext: - allowPrivilegeEscalation: false - readOnlyRootFilesystem: true - runAsNonRoot: true - capabilities: - drop: - - ALL - seccompProfile: - type: RuntimeDefault - ports: - - name: metrics - containerPort: 9090 - - name: profiling - containerPort: 8008 - - name: websocket - containerPort: 8080 - readinessProbe: - httpGet: - port: 8080 - httpHeaders: - - name: k-kubelet-probe - value: "autoscaler" - livenessProbe: - httpGet: - port: 8080 - httpHeaders: - - name: k-kubelet-probe - value: "autoscaler" - failureThreshold: 6 ---- -apiVersion: v1 -kind: Service -metadata: - labels: - app: autoscaler - app.kubernetes.io/component: autoscaler - app.kubernetes.io/name: knative-serving - app.kubernetes.io/version: "1.8.5" - name: autoscaler - namespace: knative-serving -spec: - ports: - # Define metrics and profiling for them to be accessible within service meshes. - - name: http-metrics - port: 9090 - targetPort: 9090 - - name: http-profiling - port: 8008 - targetPort: 8008 - - name: http - port: 8080 - targetPort: 8080 - selector: - app: autoscaler - ---- -# Copyright 2018 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: apps/v1 -kind: Deployment -metadata: - name: controller - namespace: knative-serving - labels: - app.kubernetes.io/component: controller - app.kubernetes.io/name: knative-serving - app.kubernetes.io/version: "1.8.5" -spec: - selector: - matchLabels: - app: controller - template: - metadata: - annotations: - cluster-autoscaler.kubernetes.io/safe-to-evict: "true" - labels: - app: controller - app.kubernetes.io/component: controller - app.kubernetes.io/name: knative-serving - app.kubernetes.io/version: "1.8.5" - spec: - # To avoid node becoming SPOF, spread our replicas to different nodes. - affinity: - podAntiAffinity: - preferredDuringSchedulingIgnoredDuringExecution: - - podAffinityTerm: - labelSelector: - matchLabels: - app: controller - topologyKey: kubernetes.io/hostname - weight: 100 - serviceAccountName: controller - containers: - - name: controller - # This is the Go import path for the binary that is containerized - # and substituted here. - image: gcr.io/knative-releases/knative.dev/serving/cmd/controller@sha256:9d84d63307851a2581b787ae6a3293180e78665ced64111dc924d7a258f40f59 - resources: - requests: - cpu: 100m - memory: 100Mi - limits: - cpu: 1000m - memory: 1000Mi - env: - - name: POD_NAME - valueFrom: - fieldRef: - fieldPath: metadata.name - - name: SYSTEM_NAMESPACE - valueFrom: - fieldRef: - fieldPath: metadata.namespace - - name: CONFIG_LOGGING_NAME - value: config-logging - - name: CONFIG_OBSERVABILITY_NAME - value: config-observability - # TODO(https://github.com/knative/pkg/pull/953): Remove stackdriver specific config - - name: METRICS_DOMAIN - value: knative.dev/internal/serving - securityContext: - allowPrivilegeEscalation: false - readOnlyRootFilesystem: true - runAsNonRoot: true - capabilities: - drop: - - ALL - seccompProfile: - type: RuntimeDefault - ports: - - name: metrics - containerPort: 9090 - - name: profiling - containerPort: 8008 ---- -apiVersion: v1 -kind: Service -metadata: - labels: - app: controller - app.kubernetes.io/component: controller - app.kubernetes.io/name: knative-serving - app.kubernetes.io/version: "1.8.5" - name: controller - namespace: knative-serving -spec: - ports: - # Define metrics and profiling for them to be accessible within service meshes. - - name: http-metrics - port: 9090 - targetPort: 9090 - - name: http-profiling - port: 8008 - targetPort: 8008 - selector: - app: controller - ---- -# Copyright 2020 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: apps/v1 -kind: Deployment -metadata: - name: domain-mapping - namespace: knative-serving - labels: - app.kubernetes.io/component: domain-mapping - app.kubernetes.io/name: knative-serving - app.kubernetes.io/version: "1.8.5" -spec: - selector: - matchLabels: - app: domain-mapping - template: - metadata: - annotations: - cluster-autoscaler.kubernetes.io/safe-to-evict: "true" - labels: - app: domain-mapping - app.kubernetes.io/component: domain-mapping - app.kubernetes.io/name: knative-serving - app.kubernetes.io/version: "1.8.5" - spec: - # To avoid node becoming SPOF, spread our replicas to different nodes. - affinity: - podAntiAffinity: - preferredDuringSchedulingIgnoredDuringExecution: - - podAffinityTerm: - labelSelector: - matchLabels: - app: domain-mapping - topologyKey: kubernetes.io/hostname - weight: 100 - serviceAccountName: controller - containers: - - name: domain-mapping - # This is the Go import path for the binary that is containerized - # and substituted here. - image: gcr.io/knative-releases/knative.dev/serving/cmd/domain-mapping@sha256:9e77a8e1d9b755ff160cc7784a7f95fae12f1378c2eb00dcbb3c0343a92e73bb - resources: - requests: - cpu: 30m - memory: 40Mi - limits: - cpu: 300m - memory: 400Mi - env: - - name: SYSTEM_NAMESPACE - valueFrom: - fieldRef: - fieldPath: metadata.namespace - - name: CONFIG_LOGGING_NAME - value: config-logging - - name: CONFIG_OBSERVABILITY_NAME - value: config-observability - # TODO(https://github.com/knative/pkg/pull/953): Remove stackdriver specific config - - name: METRICS_DOMAIN - value: knative.dev/serving - securityContext: - allowPrivilegeEscalation: false - readOnlyRootFilesystem: true - runAsNonRoot: true - capabilities: - drop: - - ALL - seccompProfile: - type: RuntimeDefault - ports: - - name: metrics - containerPort: 9090 - - name: profiling - containerPort: 8008 - ---- -# Copyright 2020 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: apps/v1 -kind: Deployment -metadata: - name: domainmapping-webhook - namespace: knative-serving - labels: - app.kubernetes.io/component: domain-mapping - app.kubernetes.io/name: knative-serving - app.kubernetes.io/version: "1.8.5" -spec: - selector: - matchLabels: - app: domainmapping-webhook - role: domainmapping-webhook - template: - metadata: - annotations: - cluster-autoscaler.kubernetes.io/safe-to-evict: "false" - labels: - app: domainmapping-webhook - role: domainmapping-webhook - app.kubernetes.io/component: domain-mapping - app.kubernetes.io/name: knative-serving - app.kubernetes.io/version: "1.8.5" - spec: - # To avoid node becoming SPOF, spread our replicas to different nodes. - affinity: - podAntiAffinity: - preferredDuringSchedulingIgnoredDuringExecution: - - podAffinityTerm: - labelSelector: - matchLabels: - app: domainmapping-webhook - topologyKey: kubernetes.io/hostname - weight: 100 - serviceAccountName: controller - containers: - - name: domainmapping-webhook - # This is the Go import path for the binary that is containerized - # and substituted here. - image: gcr.io/knative-releases/knative.dev/serving/cmd/domain-mapping-webhook@sha256:ece64767c8fd47a8e929631714fe8b89b515c508c19a6dd698f80d6cf69a1e4f - resources: - requests: - cpu: 100m - memory: 100Mi - limits: - cpu: 500m - memory: 500Mi - env: - - name: POD_NAME - valueFrom: - fieldRef: - fieldPath: metadata.name - - name: SYSTEM_NAMESPACE - valueFrom: - fieldRef: - fieldPath: metadata.namespace - - name: CONFIG_LOGGING_NAME - value: config-logging - - name: CONFIG_OBSERVABILITY_NAME - value: config-observability - - name: WEBHOOK_PORT - value: "8443" - # TODO(https://github.com/knative/pkg/pull/953): Remove stackdriver specific config - - name: METRICS_DOMAIN - value: knative.dev/serving - securityContext: - allowPrivilegeEscalation: false - readOnlyRootFilesystem: true - runAsNonRoot: true - capabilities: - drop: - - ALL - seccompProfile: - type: RuntimeDefault - ports: - - name: metrics - containerPort: 9090 - - name: profiling - containerPort: 8008 - - name: https-webhook - containerPort: 8443 - readinessProbe: - periodSeconds: 1 - httpGet: - scheme: HTTPS - port: 8443 - httpHeaders: - - name: k-kubelet-probe - value: "webhook" - livenessProbe: - periodSeconds: 1 - httpGet: - scheme: HTTPS - port: 8443 - httpHeaders: - - name: k-kubelet-probe - value: "webhook" - failureThreshold: 6 - initialDelaySeconds: 20 - # Our webhook should gracefully terminate by lame ducking first, set this to a sufficiently - # high value that we respect whatever value it has configured for the lame duck grace period. - terminationGracePeriodSeconds: 300 ---- -apiVersion: v1 -kind: Service -metadata: - labels: - role: domainmapping-webhook - app.kubernetes.io/component: domain-mapping - app.kubernetes.io/name: knative-serving - app.kubernetes.io/version: "1.8.5" - name: domainmapping-webhook - namespace: knative-serving -spec: - ports: - # Define metrics and profiling for them to be accessible within service meshes. - - name: http-metrics - port: 9090 - targetPort: 9090 - - name: http-profiling - port: 8008 - targetPort: 8008 - - name: https-webhook - port: 443 - targetPort: 8443 - selector: - role: domainmapping-webhook - ---- -# Copyright 2020 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: autoscaling/v2 -kind: HorizontalPodAutoscaler -metadata: - name: webhook - namespace: knative-serving - labels: - app.kubernetes.io/component: webhook - app.kubernetes.io/name: knative-serving - app.kubernetes.io/version: "1.8.5" -spec: - minReplicas: 1 - maxReplicas: 5 - scaleTargetRef: - apiVersion: apps/v1 - kind: Deployment - name: webhook - metrics: - - type: Resource - resource: - name: cpu - target: - type: Utilization - # Percentage of the requested CPU - averageUtilization: 100 ---- -# Webhook PDB. -apiVersion: policy/v1 -kind: PodDisruptionBudget -metadata: - name: webhook-pdb - namespace: knative-serving - labels: - app.kubernetes.io/component: webhook - app.kubernetes.io/name: knative-serving - app.kubernetes.io/version: "1.8.5" -spec: - minAvailable: 80% - selector: - matchLabels: - app: webhook - ---- -# Copyright 2018 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: apps/v1 -kind: Deployment -metadata: - name: webhook - namespace: knative-serving - labels: - app.kubernetes.io/component: webhook - app.kubernetes.io/version: "1.8.5" - app.kubernetes.io/name: knative-serving -spec: - selector: - matchLabels: - app: webhook - role: webhook - template: - metadata: - annotations: - cluster-autoscaler.kubernetes.io/safe-to-evict: "false" - labels: - app: webhook - role: webhook - app.kubernetes.io/version: "1.8.5" - app.kubernetes.io/name: knative-serving - spec: - # To avoid node becoming SPOF, spread our replicas to different nodes. - affinity: - podAntiAffinity: - preferredDuringSchedulingIgnoredDuringExecution: - - podAffinityTerm: - labelSelector: - matchLabels: - app: webhook - topologyKey: kubernetes.io/hostname - weight: 100 - serviceAccountName: controller - containers: - - name: webhook - # This is the Go import path for the binary that is containerized - # and substituted here. - image: gcr.io/knative-releases/knative.dev/serving/cmd/webhook@sha256:2d720d2a433d1dd2bcbcdae6ac2433fa01a79adff0752e9212389fcd7cada070 - resources: - requests: - cpu: 100m - memory: 100Mi - limits: - cpu: 500m - memory: 500Mi - env: - - name: POD_NAME - valueFrom: - fieldRef: - fieldPath: metadata.name - - name: SYSTEM_NAMESPACE - valueFrom: - fieldRef: - fieldPath: metadata.namespace - - name: CONFIG_LOGGING_NAME - value: config-logging - - name: CONFIG_OBSERVABILITY_NAME - value: config-observability - - name: WEBHOOK_NAME - value: webhook - - name: WEBHOOK_PORT - value: "8443" - # TODO(https://github.com/knative/pkg/pull/953): Remove stackdriver specific config - - name: METRICS_DOMAIN - value: knative.dev/internal/serving - securityContext: - allowPrivilegeEscalation: false - readOnlyRootFilesystem: true - runAsNonRoot: true - capabilities: - drop: - - ALL - seccompProfile: - type: RuntimeDefault - ports: - - name: metrics - containerPort: 9090 - - name: profiling - containerPort: 8008 - - name: https-webhook - containerPort: 8443 - readinessProbe: - periodSeconds: 1 - httpGet: - scheme: HTTPS - port: 8443 - httpHeaders: - - name: k-kubelet-probe - value: "webhook" - livenessProbe: - periodSeconds: 1 - httpGet: - scheme: HTTPS - port: 8443 - httpHeaders: - - name: k-kubelet-probe - value: "webhook" - failureThreshold: 6 - initialDelaySeconds: 20 - # Our webhook should gracefully terminate by lame ducking first, set this to a sufficiently - # high value that we respect whatever value it has configured for the lame duck grace period. - terminationGracePeriodSeconds: 300 ---- -apiVersion: v1 -kind: Service -metadata: - labels: - role: webhook - app.kubernetes.io/component: webhook - app.kubernetes.io/version: "1.8.5" - app.kubernetes.io/name: knative-serving - name: webhook - namespace: knative-serving -spec: - ports: - # Define metrics and profiling for them to be accessible within service meshes. - - name: http-metrics - port: 9090 - targetPort: 9090 - - name: http-profiling - port: 8008 - targetPort: 8008 - - name: https-webhook - port: 443 - targetPort: 8443 - selector: - role: webhook - ---- -# Copyright 2020 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: admissionregistration.k8s.io/v1 -kind: ValidatingWebhookConfiguration -metadata: - name: config.webhook.serving.knative.dev - labels: - app.kubernetes.io/component: webhook - app.kubernetes.io/name: knative-serving - app.kubernetes.io/version: "1.8.5" -webhooks: - - admissionReviewVersions: ["v1", "v1beta1"] - clientConfig: - service: - name: webhook - namespace: knative-serving - failurePolicy: Fail - sideEffects: None - name: config.webhook.serving.knative.dev - objectSelector: - matchExpressions: - - key: app.kubernetes.io/name - operator: In - values: ["knative-serving"] - - key: app.kubernetes.io/component - operator: In - values: ["autoscaler", "controller", "logging", "networking", "observability", "tracing"] - timeoutSeconds: 10 - ---- -# Copyright 2020 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: admissionregistration.k8s.io/v1 -kind: MutatingWebhookConfiguration -metadata: - name: webhook.serving.knative.dev - labels: - app.kubernetes.io/component: webhook - app.kubernetes.io/name: knative-serving - app.kubernetes.io/version: "1.8.5" -webhooks: - - admissionReviewVersions: ["v1", "v1beta1"] - clientConfig: - service: - name: webhook - namespace: knative-serving - failurePolicy: Fail - sideEffects: None - name: webhook.serving.knative.dev - timeoutSeconds: 10 - rules: - - apiGroups: - - autoscaling.internal.knative.dev - - networking.internal.knative.dev - - serving.knative.dev - apiVersions: - - "*" - operations: - - CREATE - - UPDATE - scope: "*" - resources: - - metrics - - podautoscalers - - certificates - - ingresses - - serverlessservices - - configurations - - revisions - - routes - - services - ---- -# Copyright 2020 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: admissionregistration.k8s.io/v1 -kind: MutatingWebhookConfiguration -metadata: - name: webhook.domainmapping.serving.knative.dev - labels: - app.kubernetes.io/component: domain-mapping - app.kubernetes.io/name: knative-serving - app.kubernetes.io/version: "1.8.5" -webhooks: - - admissionReviewVersions: ["v1", "v1beta1"] - clientConfig: - service: - name: domainmapping-webhook - namespace: knative-serving - failurePolicy: Fail - sideEffects: None - name: webhook.domainmapping.serving.knative.dev - timeoutSeconds: 10 - rules: - - apiGroups: - - serving.knative.dev - apiVersions: - - "*" - operations: - - CREATE - - UPDATE - scope: "*" - resources: - - domainmappings - - domainmappings/status - ---- -# Copyright 2020 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: v1 -kind: Secret -metadata: - name: domainmapping-webhook-certs - namespace: knative-serving - labels: - app.kubernetes.io/component: domain-mapping - app.kubernetes.io/name: knative-serving - app.kubernetes.io/version: "1.8.5" -# The data is populated at install time. - ---- -# Copyright 2020 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: admissionregistration.k8s.io/v1 -kind: ValidatingWebhookConfiguration -metadata: - name: validation.webhook.domainmapping.serving.knative.dev - labels: - app.kubernetes.io/component: domain-mapping - app.kubernetes.io/name: knative-serving - app.kubernetes.io/version: "1.8.5" -webhooks: - - admissionReviewVersions: ["v1", "v1beta1"] - clientConfig: - service: - name: domainmapping-webhook - namespace: knative-serving - failurePolicy: Fail - sideEffects: None - name: validation.webhook.domainmapping.serving.knative.dev - timeoutSeconds: 10 - rules: - - apiGroups: - - serving.knative.dev - apiVersions: - - "*" - operations: - - CREATE - - UPDATE - - DELETE - scope: "*" - resources: - - domainmappings - - domainmappings/status - ---- -# Copyright 2020 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: admissionregistration.k8s.io/v1 -kind: ValidatingWebhookConfiguration -metadata: - name: validation.webhook.serving.knative.dev - labels: - app.kubernetes.io/component: webhook - app.kubernetes.io/name: knative-serving - app.kubernetes.io/version: "1.8.5" -webhooks: - - admissionReviewVersions: ["v1", "v1beta1"] - clientConfig: - service: - name: webhook - namespace: knative-serving - failurePolicy: Fail - sideEffects: None - name: validation.webhook.serving.knative.dev - timeoutSeconds: 10 - rules: - - apiGroups: - - autoscaling.internal.knative.dev - - networking.internal.knative.dev - - serving.knative.dev - apiVersions: - - "*" - operations: - - CREATE - - UPDATE - - DELETE - scope: "*" - resources: - - metrics - - podautoscalers - - certificates - - ingresses - - serverlessservices - - configurations - - revisions - - routes - - services - ---- -# Copyright 2020 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: v1 -kind: Secret -metadata: - name: webhook-certs - namespace: knative-serving - labels: - app.kubernetes.io/component: webhook - app.kubernetes.io/name: knative-serving - app.kubernetes.io/version: "1.8.5" -# The data is populated at install time. - ---- diff --git a/cmd/operator/kodata/knative-serving/1.8.5/3-serving-hpa.yaml b/cmd/operator/kodata/knative-serving/1.8.5/3-serving-hpa.yaml deleted file mode 100644 index e8ec100633..0000000000 --- a/cmd/operator/kodata/knative-serving/1.8.5/3-serving-hpa.yaml +++ /dev/null @@ -1,112 +0,0 @@ -# Copyright 2019 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: apps/v1 -kind: Deployment -metadata: - name: autoscaler-hpa - namespace: knative-serving - labels: - autoscaling.knative.dev/autoscaler-provider: hpa - app.kubernetes.io/component: autoscaler-hpa - app.kubernetes.io/name: knative-serving - app.kubernetes.io/version: "1.8.5" -spec: - selector: - matchLabels: - app: autoscaler-hpa - template: - metadata: - annotations: - cluster-autoscaler.kubernetes.io/safe-to-evict: "true" - labels: - app: autoscaler-hpa - app.kubernetes.io/component: autoscaler-hpa - app.kubernetes.io/name: knative-serving - app.kubernetes.io/version: "1.8.5" - spec: - # To avoid node becoming SPOF, spread our replicas to different nodes. - affinity: - podAntiAffinity: - preferredDuringSchedulingIgnoredDuringExecution: - - podAffinityTerm: - labelSelector: - matchLabels: - app: autoscaler-hpa - topologyKey: kubernetes.io/hostname - weight: 100 - serviceAccountName: controller - containers: - - name: autoscaler-hpa - # This is the Go import path for the binary that is containerized - # and substituted here. - image: gcr.io/knative-releases/knative.dev/serving/cmd/autoscaler-hpa@sha256:dce56329aded7edd36fcf75efe610fb1ca2bf661deabe9eee83ea93fcd0760ab - resources: - requests: - cpu: 30m - memory: 40Mi - limits: - cpu: 300m - memory: 400Mi - env: - - name: SYSTEM_NAMESPACE - valueFrom: - fieldRef: - fieldPath: metadata.namespace - - name: CONFIG_LOGGING_NAME - value: config-logging - - name: CONFIG_OBSERVABILITY_NAME - value: config-observability - # TODO(https://github.com/knative/pkg/pull/953): Remove stackdriver specific config - - name: METRICS_DOMAIN - value: knative.dev/serving - securityContext: - allowPrivilegeEscalation: false - readOnlyRootFilesystem: true - runAsNonRoot: true - capabilities: - drop: - - ALL - seccompProfile: - type: RuntimeDefault - ports: - - name: metrics - containerPort: 9090 - - name: profiling - containerPort: 8008 ---- -apiVersion: v1 -kind: Service -metadata: - labels: - app: autoscaler-hpa - autoscaling.knative.dev/autoscaler-provider: hpa - app.kubernetes.io/component: autoscaler-hpa - app.kubernetes.io/name: knative-serving - app.kubernetes.io/version: "1.8.5" - name: autoscaler-hpa - namespace: knative-serving -spec: - ports: - # Define metrics and profiling for them to be accessible within service meshes. - - name: http-metrics - port: 9090 - targetPort: 9090 - - name: http-profiling - port: 8008 - targetPort: 8008 - selector: - app: autoscaler-hpa - ---- diff --git a/cmd/operator/kodata/knative-serving/1.8.5/4-serving-post-install-jobs.yaml b/cmd/operator/kodata/knative-serving/1.8.5/4-serving-post-install-jobs.yaml deleted file mode 100644 index c855443101..0000000000 --- a/cmd/operator/kodata/knative-serving/1.8.5/4-serving-post-install-jobs.yaml +++ /dev/null @@ -1,70 +0,0 @@ - ---- -# /tmp/knative.5qBkUvVw/tmp.9FR03dApvb/serving-storage-version-migration.yaml -# Copyright 2020 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: batch/v1 -kind: Job -metadata: - generateName: storage-version-migration-serving- - namespace: knative-serving - labels: - app: storage-version-migration-serving - app.kubernetes.io/name: knative-serving - app.kubernetes.io/component: storage-version-migration-job - app.kubernetes.io/version: "1.8.5" -spec: - ttlSecondsAfterFinished: 600 - backoffLimit: 10 - template: - metadata: - annotations: - sidecar.istio.io/inject: "false" - labels: - app: storage-version-migration-serving - app.kubernetes.io/name: knative-serving - app.kubernetes.io/component: storage-version-migration-job - app.kubernetes.io/version: "1.8.5" - spec: - serviceAccountName: controller - restartPolicy: OnFailure - containers: - - name: migrate - # This is the Go import path for the binary that is containerized - # and substituted here. - image: gcr.io/knative-releases/knative.dev/pkg/apiextensions/storageversion/cmd/migrate@sha256:2c36b9d1526d23e6210527d3024380df7dca4bf3887ee570f5b8b1914572ef34 - args: - - "services.serving.knative.dev" - - "configurations.serving.knative.dev" - - "revisions.serving.knative.dev" - - "routes.serving.knative.dev" - resources: - requests: - cpu: 100m - memory: 100Mi - limits: - cpu: 1000m - memory: 1000Mi - securityContext: - allowPrivilegeEscalation: false - readOnlyRootFilesystem: true - runAsNonRoot: true - capabilities: - drop: - - ALL - seccompProfile: - type: RuntimeDefault - ---- diff --git a/cmd/operator/kodata/knative-serving/1.8.6/1-serving-crds.yaml b/cmd/operator/kodata/knative-serving/1.8.6/1-serving-crds.yaml deleted file mode 100644 index b06fe2e64d..0000000000 --- a/cmd/operator/kodata/knative-serving/1.8.6/1-serving-crds.yaml +++ /dev/null @@ -1,4032 +0,0 @@ -# Copyright 2020 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - name: certificates.networking.internal.knative.dev - labels: - app.kubernetes.io/name: knative-serving - app.kubernetes.io/component: networking - app.kubernetes.io/version: "1.8.6" - knative.dev/crd-install: "true" -spec: - group: networking.internal.knative.dev - versions: - - name: v1alpha1 - served: true - storage: true - subresources: - status: {} - schema: - openAPIV3Schema: - description: Certificate is responsible for provisioning a SSL certificate for the given hosts. It is a Knative abstraction for various SSL certificate provisioning solutions (such as cert-manager or self-signed SSL certificate). - type: object - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - description: 'Spec is the desired state of the Certificate. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status' - type: object - required: - - dnsNames - - secretName - properties: - dnsNames: - description: DNSNames is a list of DNS names the Certificate could support. The wildcard format of DNSNames (e.g. *.default.example.com) is supported. - type: array - items: - type: string - secretName: - description: SecretName is the name of the secret resource to store the SSL certificate in. - type: string - status: - description: 'Status is the current state of the Certificate. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status' - type: object - properties: - annotations: - description: Annotations is additional Status fields for the Resource to save some additional State as well as convey more information to the user. This is roughly akin to Annotations on any k8s resource, just the reconciler conveying richer information outwards. - type: object - additionalProperties: - type: string - conditions: - description: Conditions the latest available observations of a resource's current state. - type: array - items: - description: 'Condition defines a readiness condition for a Knative resource. See: https://github.com/kubernetes/community/blob/master/contributors/devel/sig-architecture/api-conventions.md#typical-status-properties' - type: object - required: - - status - - type - properties: - lastTransitionTime: - description: LastTransitionTime is the last time the condition transitioned from one status to another. We use VolatileTime in place of metav1.Time to exclude this from creating equality.Semantic differences (all other things held constant). - type: string - message: - description: A human readable message indicating details about the transition. - type: string - reason: - description: The reason for the condition's last transition. - type: string - severity: - description: Severity with which to treat failures of this type of condition. When this is not specified, it defaults to Error. - type: string - status: - description: Status of the condition, one of True, False, Unknown. - type: string - type: - description: Type of condition. - type: string - http01Challenges: - description: HTTP01Challenges is a list of HTTP01 challenges that need to be fulfilled in order to get the TLS certificate.. - type: array - items: - description: HTTP01Challenge defines the status of a HTTP01 challenge that a certificate needs to fulfill. - type: object - properties: - serviceName: - description: ServiceName is the name of the service to serve HTTP01 challenge requests. - type: string - serviceNamespace: - description: ServiceNamespace is the namespace of the service to serve HTTP01 challenge requests. - type: string - servicePort: - description: ServicePort is the port of the service to serve HTTP01 challenge requests. - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - url: - description: URL is the URL that the HTTP01 challenge is expected to serve on. - type: string - notAfter: - description: The expiration time of the TLS certificate stored in the secret named by this resource in spec.secretName. - type: string - format: date-time - observedGeneration: - description: ObservedGeneration is the 'Generation' of the Service that was last processed by the controller. - type: integer - format: int64 - additionalPrinterColumns: - - name: Ready - type: string - jsonPath: ".status.conditions[?(@.type==\"Ready\")].status" - - name: Reason - type: string - jsonPath: ".status.conditions[?(@.type==\"Ready\")].reason" - names: - kind: Certificate - plural: certificates - singular: certificate - categories: - - knative-internal - - networking - shortNames: - - kcert - scope: Namespaced - ---- -# Copyright 2019 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -# Note: The schema part of the spec is auto-generated by hack/update-schemas.sh. - -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - name: configurations.serving.knative.dev - labels: - app.kubernetes.io/name: knative-serving - app.kubernetes.io/version: "1.8.6" - knative.dev/crd-install: "true" - duck.knative.dev/podspecable: "true" -spec: - group: serving.knative.dev - names: - kind: Configuration - plural: configurations - singular: configuration - categories: - - all - - knative - - serving - shortNames: - - config - - cfg - scope: Namespaced - versions: - - name: v1 - served: true - storage: true - subresources: - status: {} - additionalPrinterColumns: - - name: LatestCreated - type: string - jsonPath: .status.latestCreatedRevisionName - - name: LatestReady - type: string - jsonPath: .status.latestReadyRevisionName - - name: Ready - type: string - jsonPath: ".status.conditions[?(@.type=='Ready')].status" - - name: Reason - type: string - jsonPath: ".status.conditions[?(@.type=='Ready')].reason" - schema: - openAPIV3Schema: - description: 'Configuration represents the "floating HEAD" of a linear history of Revisions. Users create new Revisions by updating the Configuration''s spec. The "latest created" revision''s name is available under status, as is the "latest ready" revision''s name. See also: https://github.com/knative/serving/blob/main/docs/spec/overview.md#configuration' - type: object - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - description: ConfigurationSpec holds the desired state of the Configuration (from the client). - type: object - properties: - template: - description: Template holds the latest specification for the Revision to be stamped out. - type: object - properties: - metadata: - type: object - properties: - annotations: - type: object - additionalProperties: - type: string - finalizers: - type: array - items: - type: string - labels: - type: object - additionalProperties: - type: string - name: - type: string - namespace: - type: string - x-kubernetes-preserve-unknown-fields: true - spec: - description: RevisionSpec holds the desired state of the Revision (from the client). - type: object - required: - - containers - properties: - affinity: - description: This is accessible behind a feature flag - kubernetes.podspec-affinity - type: object - x-kubernetes-preserve-unknown-fields: true - automountServiceAccountToken: - description: AutomountServiceAccountToken indicates whether a service account token should be automatically mounted. - type: boolean - containerConcurrency: - description: ContainerConcurrency specifies the maximum allowed in-flight (concurrent) requests per container of the Revision. Defaults to `0` which means concurrency to the application is not limited, and the system decides the target concurrency for the autoscaler. - type: integer - format: int64 - containers: - description: List of containers belonging to the pod. Containers cannot currently be added or removed. There must be at least one container in a Pod. Cannot be updated. - type: array - items: - description: A single application container that you want to run within a pod. - type: object - properties: - args: - description: 'Arguments to the entrypoint. The container image''s CMD is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container''s environment. If a variable cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)" will produce the string literal "$(VAR_NAME)". Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell' - type: array - items: - type: string - command: - description: 'Entrypoint array. Not executed within a shell. The container image''s ENTRYPOINT is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container''s environment. If a variable cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)" will produce the string literal "$(VAR_NAME)". Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell' - type: array - items: - type: string - env: - description: List of environment variables to set in the container. Cannot be updated. - type: array - items: - description: EnvVar represents an environment variable present in a Container. - type: object - required: - - name - properties: - name: - description: Name of the environment variable. Must be a C_IDENTIFIER. - type: string - value: - description: 'Variable references $(VAR_NAME) are expanded using the previously defined environment variables in the container and any service environment variables. If a variable cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)" will produce the string literal "$(VAR_NAME)". Escaped references will never be expanded, regardless of whether the variable exists or not. Defaults to "".' - type: string - valueFrom: - description: Source for the environment variable's value. Cannot be used if value is not empty. - type: object - properties: - configMapKeyRef: - description: Selects a key of a ConfigMap. - type: object - required: - - key - properties: - key: - description: The key to select. - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?' - type: string - optional: - description: Specify whether the ConfigMap or its key must be defined - type: boolean - x-kubernetes-map-type: atomic - fieldRef: - description: This is accessible behind a feature flag - kubernetes.podspec-fieldref - type: object - x-kubernetes-preserve-unknown-fields: true - x-kubernetes-map-type: atomic - resourceFieldRef: - description: This is accessible behind a feature flag - kubernetes.podspec-fieldref - type: object - x-kubernetes-preserve-unknown-fields: true - x-kubernetes-map-type: atomic - secretKeyRef: - description: Selects a key of a secret in the pod's namespace - type: object - required: - - key - properties: - key: - description: The key of the secret to select from. Must be a valid secret key. - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?' - type: string - optional: - description: Specify whether the Secret or its key must be defined - type: boolean - x-kubernetes-map-type: atomic - envFrom: - description: List of sources to populate environment variables in the container. The keys defined within a source must be a C_IDENTIFIER. All invalid keys will be reported as an event when the container is starting. When a key exists in multiple sources, the value associated with the last source will take precedence. Values defined by an Env with a duplicate key will take precedence. Cannot be updated. - type: array - items: - description: EnvFromSource represents the source of a set of ConfigMaps - type: object - properties: - configMapRef: - description: The ConfigMap to select from - type: object - properties: - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?' - type: string - optional: - description: Specify whether the ConfigMap must be defined - type: boolean - x-kubernetes-map-type: atomic - prefix: - description: An optional identifier to prepend to each key in the ConfigMap. Must be a C_IDENTIFIER. - type: string - secretRef: - description: The Secret to select from - type: object - properties: - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?' - type: string - optional: - description: Specify whether the Secret must be defined - type: boolean - x-kubernetes-map-type: atomic - image: - description: 'Container image name. More info: https://kubernetes.io/docs/concepts/containers/images This field is optional to allow higher level config management to default or override container images in workload controllers like Deployments and StatefulSets.' - type: string - imagePullPolicy: - description: 'Image pull policy. One of Always, Never, IfNotPresent. Defaults to Always if :latest tag is specified, or IfNotPresent otherwise. Cannot be updated. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images' - type: string - livenessProbe: - description: 'Periodic probe of container liveness. Container will be restarted if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' - type: object - properties: - exec: - description: Exec specifies the action to take. - type: object - properties: - command: - description: Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. - type: array - items: - type: string - failureThreshold: - description: Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1. - type: integer - format: int32 - httpGet: - description: HTTPGet specifies the http request to perform. - type: object - properties: - host: - description: Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. - type: string - httpHeaders: - description: Custom headers to set in the request. HTTP allows repeated headers. - type: array - items: - description: HTTPHeader describes a custom header to be used in HTTP probes - type: object - required: - - name - - value - properties: - name: - description: The header field name - type: string - value: - description: The header field value - type: string - path: - description: Path to access on the HTTP server. - type: string - port: - description: Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - scheme: - description: Scheme to use for connecting to the host. Defaults to HTTP. - type: string - initialDelaySeconds: - description: 'Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' - type: integer - format: int32 - periodSeconds: - description: How often (in seconds) to perform the probe. - type: integer - format: int32 - successThreshold: - description: Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1. - type: integer - format: int32 - tcpSocket: - description: TCPSocket specifies an action involving a TCP port. - type: object - properties: - host: - description: 'Optional: Host name to connect to, defaults to the pod IP.' - type: string - port: - description: Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - timeoutSeconds: - description: 'Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' - type: integer - format: int32 - name: - description: Name of the container specified as a DNS_LABEL. Each container in a pod must have a unique name (DNS_LABEL). Cannot be updated. - type: string - ports: - description: List of ports to expose from the container. Not specifying a port here DOES NOT prevent that port from being exposed. Any port which is listening on the default "0.0.0.0" address inside a container will be accessible from the network. Modifying this array with strategic merge patch may corrupt the data. For more information See https://github.com/kubernetes/kubernetes/issues/108255. Cannot be updated. - type: array - items: - description: ContainerPort represents a network port in a single container. - type: object - required: - - containerPort - properties: - containerPort: - description: Number of port to expose on the pod's IP address. This must be a valid port number, 0 < x < 65536. - type: integer - format: int32 - name: - description: If specified, this must be an IANA_SVC_NAME and unique within the pod. Each named port in a pod must have a unique name. Name for the port that can be referred to by services. - type: string - protocol: - description: Protocol for port. Must be UDP, TCP, or SCTP. Defaults to "TCP". - type: string - default: TCP - x-kubernetes-list-map-keys: - - containerPort - - protocol - x-kubernetes-list-type: map - readinessProbe: - description: 'Periodic probe of container service readiness. Container will be removed from service endpoints if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' - type: object - properties: - exec: - description: Exec specifies the action to take. - type: object - properties: - command: - description: Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. - type: array - items: - type: string - failureThreshold: - description: Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1. - type: integer - format: int32 - httpGet: - description: HTTPGet specifies the http request to perform. - type: object - properties: - host: - description: Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. - type: string - httpHeaders: - description: Custom headers to set in the request. HTTP allows repeated headers. - type: array - items: - description: HTTPHeader describes a custom header to be used in HTTP probes - type: object - required: - - name - - value - properties: - name: - description: The header field name - type: string - value: - description: The header field value - type: string - path: - description: Path to access on the HTTP server. - type: string - port: - description: Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - scheme: - description: Scheme to use for connecting to the host. Defaults to HTTP. - type: string - initialDelaySeconds: - description: 'Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' - type: integer - format: int32 - periodSeconds: - description: How often (in seconds) to perform the probe. - type: integer - format: int32 - successThreshold: - description: Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1. - type: integer - format: int32 - tcpSocket: - description: TCPSocket specifies an action involving a TCP port. - type: object - properties: - host: - description: 'Optional: Host name to connect to, defaults to the pod IP.' - type: string - port: - description: Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - timeoutSeconds: - description: 'Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' - type: integer - format: int32 - resources: - description: 'Compute Resources required by this container. Cannot be updated. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' - type: object - properties: - limits: - description: 'Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' - type: object - additionalProperties: - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - requests: - description: 'Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' - type: object - additionalProperties: - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - securityContext: - description: 'SecurityContext defines the security options the container should be run with. If set, the fields of SecurityContext override the equivalent fields of PodSecurityContext. More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/' - type: object - properties: - allowPrivilegeEscalation: - description: 'AllowPrivilegeEscalation controls whether a process can gain more privileges than its parent process. This bool directly controls if the no_new_privs flag will be set on the container process. AllowPrivilegeEscalation is true always when the container is: 1) run as Privileged 2) has CAP_SYS_ADMIN Note that this field cannot be set when spec.os.name is windows.' - type: boolean - capabilities: - description: The capabilities to add/drop when running containers. Defaults to the default set of capabilities granted by the container runtime. Note that this field cannot be set when spec.os.name is windows. - type: object - properties: - add: - description: This is accessible behind a feature flag - kubernetes.containerspec-addcapabilities - type: array - items: - description: Capability represent POSIX capabilities type - type: string - drop: - description: Removed capabilities - type: array - items: - description: Capability represent POSIX capabilities type - type: string - readOnlyRootFilesystem: - description: Whether this container has a read-only root filesystem. Default is false. Note that this field cannot be set when spec.os.name is windows. - type: boolean - runAsGroup: - description: The GID to run the entrypoint of the container process. Uses runtime default if unset. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is windows. - type: integer - format: int64 - runAsNonRoot: - description: Indicates that the container must run as a non-root user. If true, the Kubelet will validate the image at runtime to ensure that it does not run as UID 0 (root) and fail to start the container if it does. If unset or false, no such validation will be performed. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. - type: boolean - runAsUser: - description: The UID to run the entrypoint of the container process. Defaults to user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is windows. - type: integer - format: int64 - terminationMessagePath: - description: 'Optional: Path at which the file to which the container''s termination message will be written is mounted into the container''s filesystem. Message written is intended to be brief final status, such as an assertion failure message. Will be truncated by the node if greater than 4096 bytes. The total message length across all containers will be limited to 12kb. Defaults to /dev/termination-log. Cannot be updated.' - type: string - terminationMessagePolicy: - description: Indicate how the termination message should be populated. File will use the contents of terminationMessagePath to populate the container status message on both success and failure. FallbackToLogsOnError will use the last chunk of container log output if the termination message file is empty and the container exited with an error. The log output is limited to 2048 bytes or 80 lines, whichever is smaller. Defaults to File. Cannot be updated. - type: string - volumeMounts: - description: Pod volumes to mount into the container's filesystem. Cannot be updated. - type: array - items: - description: VolumeMount describes a mounting of a Volume within a container. - type: object - required: - - mountPath - - name - properties: - mountPath: - description: Path within the container at which the volume should be mounted. Must not contain ':'. - type: string - name: - description: This must match the Name of a Volume. - type: string - readOnly: - description: Mounted read-only if true, read-write otherwise (false or unspecified). Defaults to false. - type: boolean - subPath: - description: Path within the volume from which the container's volume should be mounted. Defaults to "" (volume's root). - type: string - workingDir: - description: Container's working directory. If not specified, the container runtime's default will be used, which might be configured in the container image. Cannot be updated. - type: string - dnsConfig: - description: This is accessible behind a feature flag - kubernetes.podspec-dnsconfig - type: object - x-kubernetes-preserve-unknown-fields: true - dnsPolicy: - description: This is accessible behind a feature flag - kubernetes.podspec-dnspolicy - type: string - enableServiceLinks: - description: 'EnableServiceLinks indicates whether information about services should be injected into pod''s environment variables, matching the syntax of Docker links. Optional: Knative defaults this to false.' - type: boolean - hostAliases: - description: This is accessible behind a feature flag - kubernetes.podspec-hostaliases - type: array - items: - description: This is accessible behind a feature flag - kubernetes.podspec-hostaliases - type: object - x-kubernetes-preserve-unknown-fields: true - idleTimeoutSeconds: - description: IdleTimeoutSeconds is the maximum duration in seconds a request will be allowed to stay open while not receiving any bytes from the user's application. If unspecified, a system default will be provided. - type: integer - format: int64 - imagePullSecrets: - description: 'ImagePullSecrets is an optional list of references to secrets in the same namespace to use for pulling any of the images used by this PodSpec. If specified, these secrets will be passed to individual puller implementations for them to use. More info: https://kubernetes.io/docs/concepts/containers/images#specifying-imagepullsecrets-on-a-pod' - type: array - items: - description: LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. - type: object - properties: - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?' - type: string - x-kubernetes-map-type: atomic - initContainers: - description: 'List of initialization containers belonging to the pod. Init containers are executed in order prior to containers being started. If any init container fails, the pod is considered to have failed and is handled according to its restartPolicy. The name for an init container or normal container must be unique among all containers. Init containers may not have Lifecycle actions, Readiness probes, Liveness probes, or Startup probes. The resourceRequirements of an init container are taken into account during scheduling by finding the highest request/limit for each resource type, and then using the max of of that value or the sum of the normal containers. Limits are applied to init containers in a similar fashion. Init containers cannot currently be added or removed. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/init-containers/' - type: array - items: - description: This is accessible behind a feature flag - kubernetes.podspec-init-containers - type: object - x-kubernetes-preserve-unknown-fields: true - nodeSelector: - description: This is accessible behind a feature flag - kubernetes.podspec-nodeselector - type: object - x-kubernetes-preserve-unknown-fields: true - x-kubernetes-map-type: atomic - priorityClassName: - description: This is accessible behind a feature flag - kubernetes.podspec-priorityclassname - type: string - x-kubernetes-preserve-unknown-fields: true - responseStartTimeoutSeconds: - description: ResponseStartTimeoutSeconds is the maximum duration in seconds that the request routing layer will wait for a request delivered to a container to begin sending any network traffic. - type: integer - format: int64 - runtimeClassName: - description: This is accessible behind a feature flag - kubernetes.podspec-runtimeclassname - type: string - x-kubernetes-preserve-unknown-fields: true - schedulerName: - description: This is accessible behind a feature flag - kubernetes.podspec-schedulername - type: string - x-kubernetes-preserve-unknown-fields: true - securityContext: - description: This is accessible behind a feature flag - kubernetes.podspec-securitycontext - type: object - x-kubernetes-preserve-unknown-fields: true - serviceAccountName: - description: 'ServiceAccountName is the name of the ServiceAccount to use to run this pod. More info: https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/' - type: string - timeoutSeconds: - description: TimeoutSeconds is the maximum duration in seconds that the request instance is allowed to respond to a request. If unspecified, a system default will be provided. - type: integer - format: int64 - tolerations: - description: This is accessible behind a feature flag - kubernetes.podspec-tolerations - type: array - items: - description: This is accessible behind a feature flag - kubernetes.podspec-tolerations - type: object - x-kubernetes-preserve-unknown-fields: true - topologySpreadConstraints: - description: This is accessible behind a feature flag - kubernetes.podspec-topologyspreadconstraints - type: array - items: - description: This is accessible behind a feature flag - kubernetes.podspec-topologyspreadconstraints - type: object - x-kubernetes-preserve-unknown-fields: true - volumes: - description: 'List of volumes that can be mounted by containers belonging to the pod. More info: https://kubernetes.io/docs/concepts/storage/volumes' - type: array - items: - description: Volume represents a named volume in a pod that may be accessed by any container in the pod. - type: object - required: - - name - properties: - configMap: - description: configMap represents a configMap that should populate this volume - type: object - properties: - defaultMode: - description: 'defaultMode is optional: mode bits used to set permissions on created files by default. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. Defaults to 0644. Directories within the path are not affected by this setting. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.' - type: integer - format: int32 - items: - description: items if unspecified, each key-value pair in the Data field of the referenced ConfigMap will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the ConfigMap, the volume setup will error unless it is marked optional. Paths must be relative and may not contain the '..' path or start with '..'. - type: array - items: - description: Maps a string key to a path within a volume. - type: object - required: - - key - - path - properties: - key: - description: key is the key to project. - type: string - mode: - description: 'mode is Optional: mode bits used to set permissions on this file. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.' - type: integer - format: int32 - path: - description: path is the relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'. - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?' - type: string - optional: - description: optional specify whether the ConfigMap or its keys must be defined - type: boolean - x-kubernetes-map-type: atomic - emptyDir: - description: This is accessible behind a feature flag - kubernetes.podspec-emptydir - type: object - x-kubernetes-preserve-unknown-fields: true - name: - description: 'name of the volume. Must be a DNS_LABEL and unique within the pod. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - persistentVolumeClaim: - description: This is accessible behind a feature flag - kubernetes.podspec-persistent-volume-claim - type: object - x-kubernetes-preserve-unknown-fields: true - projected: - description: projected items for all in one resources secrets, configmaps, and downward API - type: object - properties: - defaultMode: - description: defaultMode are the mode bits used to set permissions on created files by default. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. Directories within the path are not affected by this setting. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. - type: integer - format: int32 - sources: - description: sources is the list of volume projections - type: array - items: - description: Projection that may be projected along with other supported volume types - type: object - properties: - configMap: - description: configMap information about the configMap data to project - type: object - properties: - items: - description: items if unspecified, each key-value pair in the Data field of the referenced ConfigMap will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the ConfigMap, the volume setup will error unless it is marked optional. Paths must be relative and may not contain the '..' path or start with '..'. - type: array - items: - description: Maps a string key to a path within a volume. - type: object - required: - - key - - path - properties: - key: - description: key is the key to project. - type: string - mode: - description: 'mode is Optional: mode bits used to set permissions on this file. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.' - type: integer - format: int32 - path: - description: path is the relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'. - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?' - type: string - optional: - description: optional specify whether the ConfigMap or its keys must be defined - type: boolean - x-kubernetes-map-type: atomic - secret: - description: secret information about the secret data to project - type: object - properties: - items: - description: items if unspecified, each key-value pair in the Data field of the referenced Secret will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the Secret, the volume setup will error unless it is marked optional. Paths must be relative and may not contain the '..' path or start with '..'. - type: array - items: - description: Maps a string key to a path within a volume. - type: object - required: - - key - - path - properties: - key: - description: key is the key to project. - type: string - mode: - description: 'mode is Optional: mode bits used to set permissions on this file. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.' - type: integer - format: int32 - path: - description: path is the relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'. - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?' - type: string - optional: - description: optional field specify whether the Secret or its key must be defined - type: boolean - x-kubernetes-map-type: atomic - serviceAccountToken: - description: serviceAccountToken is information about the serviceAccountToken data to project - type: object - required: - - path - properties: - audience: - description: audience is the intended audience of the token. A recipient of a token must identify itself with an identifier specified in the audience of the token, and otherwise should reject the token. The audience defaults to the identifier of the apiserver. - type: string - expirationSeconds: - description: expirationSeconds is the requested duration of validity of the service account token. As the token approaches expiration, the kubelet volume plugin will proactively rotate the service account token. The kubelet will start trying to rotate the token if the token is older than 80 percent of its time to live or if the token is older than 24 hours.Defaults to 1 hour and must be at least 10 minutes. - type: integer - format: int64 - path: - description: path is the path relative to the mount point of the file to project the token into. - type: string - secret: - description: 'secret represents a secret that should populate this volume. More info: https://kubernetes.io/docs/concepts/storage/volumes#secret' - type: object - properties: - defaultMode: - description: 'defaultMode is Optional: mode bits used to set permissions on created files by default. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. Defaults to 0644. Directories within the path are not affected by this setting. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.' - type: integer - format: int32 - items: - description: items If unspecified, each key-value pair in the Data field of the referenced Secret will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the Secret, the volume setup will error unless it is marked optional. Paths must be relative and may not contain the '..' path or start with '..'. - type: array - items: - description: Maps a string key to a path within a volume. - type: object - required: - - key - - path - properties: - key: - description: key is the key to project. - type: string - mode: - description: 'mode is Optional: mode bits used to set permissions on this file. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.' - type: integer - format: int32 - path: - description: path is the relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'. - type: string - optional: - description: optional field specify whether the Secret or its keys must be defined - type: boolean - secretName: - description: 'secretName is the name of the secret in the pod''s namespace to use. More info: https://kubernetes.io/docs/concepts/storage/volumes#secret' - type: string - status: - description: ConfigurationStatus communicates the observed state of the Configuration (from the controller). - type: object - properties: - annotations: - description: Annotations is additional Status fields for the Resource to save some additional State as well as convey more information to the user. This is roughly akin to Annotations on any k8s resource, just the reconciler conveying richer information outwards. - type: object - additionalProperties: - type: string - conditions: - description: Conditions the latest available observations of a resource's current state. - type: array - items: - description: 'Condition defines a readiness condition for a Knative resource. See: https://github.com/kubernetes/community/blob/master/contributors/devel/sig-architecture/api-conventions.md#typical-status-properties' - type: object - required: - - status - - type - properties: - lastTransitionTime: - description: LastTransitionTime is the last time the condition transitioned from one status to another. We use VolatileTime in place of metav1.Time to exclude this from creating equality.Semantic differences (all other things held constant). - type: string - message: - description: A human readable message indicating details about the transition. - type: string - reason: - description: The reason for the condition's last transition. - type: string - severity: - description: Severity with which to treat failures of this type of condition. When this is not specified, it defaults to Error. - type: string - status: - description: Status of the condition, one of True, False, Unknown. - type: string - type: - description: Type of condition. - type: string - latestCreatedRevisionName: - description: LatestCreatedRevisionName is the last revision that was created from this Configuration. It might not be ready yet, for that use LatestReadyRevisionName. - type: string - latestReadyRevisionName: - description: LatestReadyRevisionName holds the name of the latest Revision stamped out from this Configuration that has had its "Ready" condition become "True". - type: string - observedGeneration: - description: ObservedGeneration is the 'Generation' of the Service that was last processed by the controller. - type: integer - format: int64 - ---- -# Copyright 2020 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - name: clusterdomainclaims.networking.internal.knative.dev - labels: - app.kubernetes.io/name: knative-serving - app.kubernetes.io/component: networking - app.kubernetes.io/version: "1.8.6" - knative.dev/crd-install: "true" -spec: - group: networking.internal.knative.dev - versions: - - name: v1alpha1 - served: true - storage: true - subresources: - status: {} - schema: - openAPIV3Schema: - description: ClusterDomainClaim is a cluster-wide reservation for a particular domain name. - type: object - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - description: 'Spec is the desired state of the ClusterDomainClaim. More info: https://github.com/kubernetes/community/blob/master/contributors/devel/sig-architecture/api-conventions.md#spec-and-status' - type: object - required: - - namespace - properties: - namespace: - description: Namespace is the namespace which is allowed to create a DomainMapping using this ClusterDomainClaim's name. - type: string - names: - kind: ClusterDomainClaim - plural: clusterdomainclaims - singular: clusterdomainclaim - categories: - - knative-internal - - networking - shortNames: - - cdc - scope: Cluster - ---- -# Copyright 2020 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - name: domainmappings.serving.knative.dev - labels: - app.kubernetes.io/name: knative-serving - app.kubernetes.io/version: "1.8.6" - knative.dev/crd-install: "true" -spec: - group: serving.knative.dev - versions: - - name: v1beta1 - served: true - storage: false - subresources: - status: {} - additionalPrinterColumns: - - name: URL - type: string - jsonPath: .status.url - - name: Ready - type: string - jsonPath: ".status.conditions[?(@.type=='Ready')].status" - - name: Reason - type: string - jsonPath: ".status.conditions[?(@.type=='Ready')].reason" - "schema": - "openAPIV3Schema": - description: DomainMapping is a mapping from a custom hostname to an Addressable. - type: object - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - description: 'Spec is the desired state of the DomainMapping. More info: https://github.com/kubernetes/community/blob/master/contributors/devel/sig-architecture/api-conventions.md#spec-and-status' - type: object - required: - - ref - properties: - ref: - description: "Ref specifies the target of the Domain Mapping. \n The object identified by the Ref must be an Addressable with a URL of the form `{name}.{namespace}.{domain}` where `{domain}` is the cluster domain, and `{name}` and `{namespace}` are the name and namespace of a Kubernetes Service. \n This contract is satisfied by Knative types such as Knative Services and Knative Routes, and by Kubernetes Services." - type: object - required: - - kind - - name - properties: - apiVersion: - description: API version of the referent. - type: string - group: - description: 'Group of the API, without the version of the group. This can be used as an alternative to the APIVersion, and then resolved using ResolveGroup. Note: This API is EXPERIMENTAL and might break anytime. For more details: https://github.com/knative/eventing/issues/5086' - type: string - kind: - description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - namespace: - description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ This is optional field, it gets defaulted to the object holding it if left out.' - type: string - tls: - description: TLS allows the DomainMapping to terminate TLS traffic with an existing secret. - type: object - required: - - secretName - properties: - secretName: - description: SecretName is the name of the existing secret used to terminate TLS traffic. - type: string - status: - description: 'Status is the current state of the DomainMapping. More info: https://github.com/kubernetes/community/blob/master/contributors/devel/sig-architecture/api-conventions.md#spec-and-status' - type: object - properties: - address: - description: Address holds the information needed for a DomainMapping to be the target of an event. - type: object - properties: - url: - type: string - annotations: - description: Annotations is additional Status fields for the Resource to save some additional State as well as convey more information to the user. This is roughly akin to Annotations on any k8s resource, just the reconciler conveying richer information outwards. - type: object - additionalProperties: - type: string - conditions: - description: Conditions the latest available observations of a resource's current state. - type: array - items: - description: 'Condition defines a readiness condition for a Knative resource. See: https://github.com/kubernetes/community/blob/master/contributors/devel/sig-architecture/api-conventions.md#typical-status-properties' - type: object - required: - - status - - type - properties: - lastTransitionTime: - description: LastTransitionTime is the last time the condition transitioned from one status to another. We use VolatileTime in place of metav1.Time to exclude this from creating equality.Semantic differences (all other things held constant). - type: string - message: - description: A human readable message indicating details about the transition. - type: string - reason: - description: The reason for the condition's last transition. - type: string - severity: - description: Severity with which to treat failures of this type of condition. When this is not specified, it defaults to Error. - type: string - status: - description: Status of the condition, one of True, False, Unknown. - type: string - type: - description: Type of condition. - type: string - observedGeneration: - description: ObservedGeneration is the 'Generation' of the Service that was last processed by the controller. - type: integer - format: int64 - url: - description: URL is the URL of this DomainMapping. - type: string - - name: v1alpha1 - served: true - storage: true - subresources: - status: {} - schema: - openAPIV3Schema: - description: DomainMapping is a mapping from a custom hostname to an Addressable. - type: object - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - description: 'Spec is the desired state of the DomainMapping. More info: https://github.com/kubernetes/community/blob/master/contributors/devel/sig-architecture/api-conventions.md#spec-and-status' - type: object - required: - - ref - properties: - ref: - description: "Ref specifies the target of the Domain Mapping. \n The object identified by the Ref must be an Addressable with a URL of the form `{name}.{namespace}.{domain}` where `{domain}` is the cluster domain, and `{name}` and `{namespace}` are the name and namespace of a Kubernetes Service. \n This contract is satisfied by Knative types such as Knative Services and Knative Routes, and by Kubernetes Services." - type: object - required: - - kind - - name - properties: - apiVersion: - description: API version of the referent. - type: string - group: - description: 'Group of the API, without the version of the group. This can be used as an alternative to the APIVersion, and then resolved using ResolveGroup. Note: This API is EXPERIMENTAL and might break anytime. For more details: https://github.com/knative/eventing/issues/5086' - type: string - kind: - description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - namespace: - description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ This is optional field, it gets defaulted to the object holding it if left out.' - type: string - tls: - description: TLS allows the DomainMapping to terminate TLS traffic with an existing secret. - type: object - required: - - secretName - properties: - secretName: - description: SecretName is the name of the existing secret used to terminate TLS traffic. - type: string - status: - description: 'Status is the current state of the DomainMapping. More info: https://github.com/kubernetes/community/blob/master/contributors/devel/sig-architecture/api-conventions.md#spec-and-status' - type: object - properties: - address: - description: Address holds the information needed for a DomainMapping to be the target of an event. - type: object - properties: - url: - type: string - annotations: - description: Annotations is additional Status fields for the Resource to save some additional State as well as convey more information to the user. This is roughly akin to Annotations on any k8s resource, just the reconciler conveying richer information outwards. - type: object - additionalProperties: - type: string - conditions: - description: Conditions the latest available observations of a resource's current state. - type: array - items: - description: 'Condition defines a readiness condition for a Knative resource. See: https://github.com/kubernetes/community/blob/master/contributors/devel/sig-architecture/api-conventions.md#typical-status-properties' - type: object - required: - - status - - type - properties: - lastTransitionTime: - description: LastTransitionTime is the last time the condition transitioned from one status to another. We use VolatileTime in place of metav1.Time to exclude this from creating equality.Semantic differences (all other things held constant). - type: string - message: - description: A human readable message indicating details about the transition. - type: string - reason: - description: The reason for the condition's last transition. - type: string - severity: - description: Severity with which to treat failures of this type of condition. When this is not specified, it defaults to Error. - type: string - status: - description: Status of the condition, one of True, False, Unknown. - type: string - type: - description: Type of condition. - type: string - observedGeneration: - description: ObservedGeneration is the 'Generation' of the Service that was last processed by the controller. - type: integer - format: int64 - url: - description: URL is the URL of this DomainMapping. - type: string - additionalPrinterColumns: - - name: URL - type: string - jsonPath: .status.url - - name: Ready - type: string - jsonPath: ".status.conditions[?(@.type=='Ready')].status" - - name: Reason - type: string - jsonPath: ".status.conditions[?(@.type=='Ready')].reason" - names: - kind: DomainMapping - plural: domainmappings - singular: domainmapping - categories: - - all - - knative - - serving - shortNames: - - dm - scope: Namespaced - ---- -# Copyright 2020 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - name: ingresses.networking.internal.knative.dev - labels: - app.kubernetes.io/name: knative-serving - app.kubernetes.io/component: networking - app.kubernetes.io/version: "1.8.6" - knative.dev/crd-install: "true" -spec: - group: networking.internal.knative.dev - versions: - - name: v1alpha1 - served: true - storage: true - subresources: - status: {} - schema: - openAPIV3Schema: - description: "Ingress is a collection of rules that allow inbound connections to reach the endpoints defined by a backend. An Ingress can be configured to give services externally-reachable URLs, load balance traffic, offer name based virtual hosting, etc. \n This is heavily based on K8s Ingress https://godoc.org/k8s.io/api/networking/v1beta1#Ingress which some highlighted modifications." - type: object - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - description: 'Spec is the desired state of the Ingress. More info: https://github.com/kubernetes/community/blob/master/contributors/devel/sig-architecture/api-conventions.md#spec-and-status' - type: object - properties: - httpOption: - description: 'HTTPOption is the option of HTTP. It has the following two values: `HTTPOptionEnabled`, `HTTPOptionRedirected`' - type: string - rules: - description: A list of host rules used to configure the Ingress. - type: array - items: - description: IngressRule represents the rules mapping the paths under a specified host to the related backend services. Incoming requests are first evaluated for a host match, then routed to the backend associated with the matching IngressRuleValue. - type: object - properties: - hosts: - description: 'Host is the fully qualified domain name of a network host, as defined by RFC 3986. Note the following deviations from the "host" part of the URI as defined in the RFC: 1. IPs are not allowed. Currently a rule value can only apply to the IP in the Spec of the parent . 2. The `:` delimiter is not respected because ports are not allowed. Currently the port of an Ingress is implicitly :80 for http and :443 for https. Both these may change in the future. If the host is unspecified, the Ingress routes all traffic based on the specified IngressRuleValue. If multiple matching Hosts were provided, the first rule will take precedent.' - type: array - items: - type: string - http: - description: HTTP represents a rule to apply against incoming requests. If the rule is satisfied, the request is routed to the specified backend. - type: object - required: - - paths - properties: - paths: - description: "A collection of paths that map requests to backends. \n If they are multiple matching paths, the first match takes precedence." - type: array - items: - description: HTTPIngressPath associates a path regex with a backend. Incoming URLs matching the path are forwarded to the backend. - type: object - required: - - splits - properties: - appendHeaders: - description: "AppendHeaders allow specifying additional HTTP headers to add before forwarding a request to the destination service. \n NOTE: This differs from K8s Ingress which doesn't allow header appending." - type: object - additionalProperties: - type: string - headers: - description: Headers defines header matching rules which is a map from a header name to HeaderMatch which specify a matching condition. When a request matched with all the header matching rules, the request is routed by the corresponding ingress rule. If it is empty, the headers are not used for matching - type: object - additionalProperties: - description: HeaderMatch represents a matching value of Headers in HTTPIngressPath. Currently, only the exact matching is supported. - type: object - required: - - exact - properties: - exact: - type: string - path: - description: Path represents a literal prefix to which this rule should apply. Currently it can contain characters disallowed from the conventional "path" part of a URL as defined by RFC 3986. Paths must begin with a '/'. If unspecified, the path defaults to a catch all sending traffic to the backend. - type: string - rewriteHost: - description: "RewriteHost rewrites the incoming request's host header. \n This field is currently experimental and not supported by all Ingress implementations." - type: string - splits: - description: Splits defines the referenced service endpoints to which the traffic will be forwarded to. - type: array - items: - description: IngressBackendSplit describes all endpoints for a given service and port. - type: object - required: - - serviceName - - serviceNamespace - - servicePort - properties: - appendHeaders: - description: "AppendHeaders allow specifying additional HTTP headers to add before forwarding a request to the destination service. \n NOTE: This differs from K8s Ingress which doesn't allow header appending." - type: object - additionalProperties: - type: string - percent: - description: "Specifies the split percentage, a number between 0 and 100. If only one split is specified, we default to 100. \n NOTE: This differs from K8s Ingress to allow percentage split." - type: integer - serviceName: - description: Specifies the name of the referenced service. - type: string - serviceNamespace: - description: "Specifies the namespace of the referenced service. \n NOTE: This differs from K8s Ingress to allow routing to different namespaces." - type: string - servicePort: - description: Specifies the port of the referenced service. - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - visibility: - description: Visibility signifies whether this rule should `ClusterLocal`. If it's not specified then it defaults to `ExternalIP`. - type: string - tls: - description: 'TLS configuration. Currently Ingress only supports a single TLS port: 443. If multiple members of this list specify different hosts, they will be multiplexed on the same port according to the hostname specified through the SNI TLS extension, if the ingress controller fulfilling the ingress supports SNI.' - type: array - items: - description: IngressTLS describes the transport layer security associated with an Ingress. - type: object - properties: - hosts: - description: Hosts is a list of hosts included in the TLS certificate. The values in this list must match the name/s used in the tlsSecret. Defaults to the wildcard host setting for the loadbalancer controller fulfilling this Ingress, if left unspecified. - type: array - items: - type: string - secretName: - description: SecretName is the name of the secret used to terminate SSL traffic. - type: string - secretNamespace: - description: SecretNamespace is the namespace of the secret used to terminate SSL traffic. If not set the namespace should be assumed to be the same as the Ingress. If set the secret should have the same namespace as the Ingress otherwise the behaviour is undefined and not supported. - type: string - status: - description: 'Status is the current state of the Ingress. More info: https://github.com/kubernetes/community/blob/master/contributors/devel/sig-architecture/api-conventions.md#spec-and-status' - type: object - properties: - annotations: - description: Annotations is additional Status fields for the Resource to save some additional State as well as convey more information to the user. This is roughly akin to Annotations on any k8s resource, just the reconciler conveying richer information outwards. - type: object - additionalProperties: - type: string - conditions: - description: Conditions the latest available observations of a resource's current state. - type: array - items: - description: 'Condition defines a readiness condition for a Knative resource. See: https://github.com/kubernetes/community/blob/master/contributors/devel/sig-architecture/api-conventions.md#typical-status-properties' - type: object - required: - - status - - type - properties: - lastTransitionTime: - description: LastTransitionTime is the last time the condition transitioned from one status to another. We use VolatileTime in place of metav1.Time to exclude this from creating equality.Semantic differences (all other things held constant). - type: string - message: - description: A human readable message indicating details about the transition. - type: string - reason: - description: The reason for the condition's last transition. - type: string - severity: - description: Severity with which to treat failures of this type of condition. When this is not specified, it defaults to Error. - type: string - status: - description: Status of the condition, one of True, False, Unknown. - type: string - type: - description: Type of condition. - type: string - observedGeneration: - description: ObservedGeneration is the 'Generation' of the Service that was last processed by the controller. - type: integer - format: int64 - privateLoadBalancer: - description: PrivateLoadBalancer contains the current status of the load-balancer. - type: object - properties: - ingress: - description: Ingress is a list containing ingress points for the load-balancer. Traffic intended for the service should be sent to these ingress points. - type: array - items: - description: 'LoadBalancerIngressStatus represents the status of a load-balancer ingress point: traffic intended for the service should be sent to an ingress point.' - type: object - properties: - domain: - description: Domain is set for load-balancer ingress points that are DNS based (typically AWS load-balancers) - type: string - domainInternal: - description: "DomainInternal is set if there is a cluster-local DNS name to access the Ingress. \n NOTE: This differs from K8s Ingress, since we also desire to have a cluster-local DNS name to allow routing in case of not having a mesh." - type: string - ip: - description: IP is set for load-balancer ingress points that are IP based (typically GCE or OpenStack load-balancers) - type: string - meshOnly: - description: MeshOnly is set if the Ingress is only load-balanced through a Service mesh. - type: boolean - publicLoadBalancer: - description: PublicLoadBalancer contains the current status of the load-balancer. - type: object - properties: - ingress: - description: Ingress is a list containing ingress points for the load-balancer. Traffic intended for the service should be sent to these ingress points. - type: array - items: - description: 'LoadBalancerIngressStatus represents the status of a load-balancer ingress point: traffic intended for the service should be sent to an ingress point.' - type: object - properties: - domain: - description: Domain is set for load-balancer ingress points that are DNS based (typically AWS load-balancers) - type: string - domainInternal: - description: "DomainInternal is set if there is a cluster-local DNS name to access the Ingress. \n NOTE: This differs from K8s Ingress, since we also desire to have a cluster-local DNS name to allow routing in case of not having a mesh." - type: string - ip: - description: IP is set for load-balancer ingress points that are IP based (typically GCE or OpenStack load-balancers) - type: string - meshOnly: - description: MeshOnly is set if the Ingress is only load-balanced through a Service mesh. - type: boolean - additionalPrinterColumns: - - name: Ready - type: string - jsonPath: ".status.conditions[?(@.type=='Ready')].status" - - name: Reason - type: string - jsonPath: ".status.conditions[?(@.type=='Ready')].reason" - names: - kind: Ingress - plural: ingresses - singular: ingress - categories: - - knative-internal - - networking - shortNames: - - kingress - - king - scope: Namespaced - ---- -# Copyright 2019 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -# Note: The schema part of the spec is auto-generated by hack/update-schemas.sh. - -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - name: metrics.autoscaling.internal.knative.dev - labels: - app.kubernetes.io/name: knative-serving - app.kubernetes.io/version: "1.8.6" - knative.dev/crd-install: "true" -spec: - group: autoscaling.internal.knative.dev - names: - kind: Metric - plural: metrics - singular: metric - categories: - - knative-internal - - autoscaling - scope: Namespaced - versions: - - name: v1alpha1 - served: true - storage: true - subresources: - status: {} - additionalPrinterColumns: - - name: Ready - type: string - jsonPath: ".status.conditions[?(@.type=='Ready')].status" - - name: Reason - type: string - jsonPath: ".status.conditions[?(@.type=='Ready')].reason" - schema: - openAPIV3Schema: - description: Metric represents a resource to configure the metric collector with. - type: object - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - description: Spec holds the desired state of the Metric (from the client). - type: object - required: - - panicWindow - - scrapeTarget - - stableWindow - properties: - panicWindow: - description: PanicWindow is the aggregation window for metrics where quick reactions are needed. - type: integer - format: int64 - scrapeTarget: - description: ScrapeTarget is the K8s service that publishes the metric endpoint. - type: string - stableWindow: - description: StableWindow is the aggregation window for metrics in a stable state. - type: integer - format: int64 - status: - description: Status communicates the observed state of the Metric (from the controller). - type: object - properties: - annotations: - description: Annotations is additional Status fields for the Resource to save some additional State as well as convey more information to the user. This is roughly akin to Annotations on any k8s resource, just the reconciler conveying richer information outwards. - type: object - additionalProperties: - type: string - conditions: - description: Conditions the latest available observations of a resource's current state. - type: array - items: - description: 'Condition defines a readiness condition for a Knative resource. See: https://github.com/kubernetes/community/blob/master/contributors/devel/sig-architecture/api-conventions.md#typical-status-properties' - type: object - required: - - status - - type - properties: - lastTransitionTime: - description: LastTransitionTime is the last time the condition transitioned from one status to another. We use VolatileTime in place of metav1.Time to exclude this from creating equality.Semantic differences (all other things held constant). - type: string - message: - description: A human readable message indicating details about the transition. - type: string - reason: - description: The reason for the condition's last transition. - type: string - severity: - description: Severity with which to treat failures of this type of condition. When this is not specified, it defaults to Error. - type: string - status: - description: Status of the condition, one of True, False, Unknown. - type: string - type: - description: Type of condition. - type: string - observedGeneration: - description: ObservedGeneration is the 'Generation' of the Service that was last processed by the controller. - type: integer - format: int64 - ---- -# Copyright 2018 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -# Note: The schema part of the spec is auto-generated by hack/update-schemas.sh. - -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - name: podautoscalers.autoscaling.internal.knative.dev - labels: - app.kubernetes.io/name: knative-serving - app.kubernetes.io/version: "1.8.6" - knative.dev/crd-install: "true" -spec: - group: autoscaling.internal.knative.dev - names: - kind: PodAutoscaler - plural: podautoscalers - singular: podautoscaler - categories: - - knative-internal - - autoscaling - shortNames: - - kpa - - pa - scope: Namespaced - versions: - - name: v1alpha1 - served: true - storage: true - subresources: - status: {} - additionalPrinterColumns: - - name: DesiredScale - type: integer - jsonPath: ".status.desiredScale" - - name: ActualScale - type: integer - jsonPath: ".status.actualScale" - - name: Ready - type: string - jsonPath: ".status.conditions[?(@.type=='Ready')].status" - - name: Reason - type: string - jsonPath: ".status.conditions[?(@.type=='Ready')].reason" - schema: - openAPIV3Schema: - description: 'PodAutoscaler is a Knative abstraction that encapsulates the interface by which Knative components instantiate autoscalers. This definition is an abstraction that may be backed by multiple definitions. For more information, see the Knative Pluggability presentation: https://docs.google.com/presentation/d/19vW9HFZ6Puxt31biNZF3uLRejDmu82rxJIk1cWmxF7w/edit' - type: object - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - description: Spec holds the desired state of the PodAutoscaler (from the client). - type: object - required: - - protocolType - - scaleTargetRef - properties: - containerConcurrency: - description: ContainerConcurrency specifies the maximum allowed in-flight (concurrent) requests per container of the Revision. Defaults to `0` which means unlimited concurrency. - type: integer - format: int64 - protocolType: - description: The application-layer protocol. Matches `ProtocolType` inferred from the revision spec. - type: string - reachability: - description: Reachability specifies whether or not the `ScaleTargetRef` can be reached (ie. has a route). Defaults to `ReachabilityUnknown` - type: string - scaleTargetRef: - description: ScaleTargetRef defines the /scale-able resource that this PodAutoscaler is responsible for quickly right-sizing. - type: object - properties: - apiVersion: - description: API version of the referent. - type: string - kind: - description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - x-kubernetes-map-type: atomic - status: - description: Status communicates the observed state of the PodAutoscaler (from the controller). - type: object - required: - - metricsServiceName - - serviceName - properties: - actualScale: - description: ActualScale shows the actual number of replicas for the revision. - type: integer - format: int32 - annotations: - description: Annotations is additional Status fields for the Resource to save some additional State as well as convey more information to the user. This is roughly akin to Annotations on any k8s resource, just the reconciler conveying richer information outwards. - type: object - additionalProperties: - type: string - conditions: - description: Conditions the latest available observations of a resource's current state. - type: array - items: - description: 'Condition defines a readiness condition for a Knative resource. See: https://github.com/kubernetes/community/blob/master/contributors/devel/sig-architecture/api-conventions.md#typical-status-properties' - type: object - required: - - status - - type - properties: - lastTransitionTime: - description: LastTransitionTime is the last time the condition transitioned from one status to another. We use VolatileTime in place of metav1.Time to exclude this from creating equality.Semantic differences (all other things held constant). - type: string - message: - description: A human readable message indicating details about the transition. - type: string - reason: - description: The reason for the condition's last transition. - type: string - severity: - description: Severity with which to treat failures of this type of condition. When this is not specified, it defaults to Error. - type: string - status: - description: Status of the condition, one of True, False, Unknown. - type: string - type: - description: Type of condition. - type: string - desiredScale: - description: DesiredScale shows the current desired number of replicas for the revision. - type: integer - format: int32 - metricsServiceName: - description: MetricsServiceName is the K8s Service name that provides revision metrics. The service is managed by the PA object. - type: string - observedGeneration: - description: ObservedGeneration is the 'Generation' of the Service that was last processed by the controller. - type: integer - format: int64 - serviceName: - description: ServiceName is the K8s Service name that serves the revision, scaled by this PA. The service is created and owned by the ServerlessService object owned by this PA. - type: string - ---- -# Copyright 2019 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -# Note: The schema part of the spec is auto-generated by hack/update-schemas.sh. - -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - name: revisions.serving.knative.dev - labels: - app.kubernetes.io/name: knative-serving - app.kubernetes.io/version: "1.8.6" - knative.dev/crd-install: "true" -spec: - group: serving.knative.dev - names: - kind: Revision - plural: revisions - singular: revision - categories: - - all - - knative - - serving - shortNames: - - rev - scope: Namespaced - versions: - - name: v1 - served: true - storage: true - subresources: - status: {} - additionalPrinterColumns: - - name: Config Name - type: string - jsonPath: ".metadata.labels['serving\\.knative\\.dev/configuration']" - - name: K8s Service Name - type: string - jsonPath: ".status.serviceName" - - name: Generation - type: string # int in string form :( - jsonPath: ".metadata.labels['serving\\.knative\\.dev/configurationGeneration']" - - name: Ready - type: string - jsonPath: ".status.conditions[?(@.type=='Ready')].status" - - name: Reason - type: string - jsonPath: ".status.conditions[?(@.type=='Ready')].reason" - - name: Actual Replicas - type: integer - jsonPath: ".status.actualReplicas" - - name: Desired Replicas - type: integer - jsonPath: ".status.desiredReplicas" - schema: - openAPIV3Schema: - description: "Revision is an immutable snapshot of code and configuration. A revision references a container image. Revisions are created by updates to a Configuration. \n See also: https://github.com/knative/serving/blob/main/docs/spec/overview.md#revision" - type: object - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - description: RevisionSpec holds the desired state of the Revision (from the client). - type: object - required: - - containers - properties: - affinity: - description: This is accessible behind a feature flag - kubernetes.podspec-affinity - type: object - x-kubernetes-preserve-unknown-fields: true - automountServiceAccountToken: - description: AutomountServiceAccountToken indicates whether a service account token should be automatically mounted. - type: boolean - containerConcurrency: - description: ContainerConcurrency specifies the maximum allowed in-flight (concurrent) requests per container of the Revision. Defaults to `0` which means concurrency to the application is not limited, and the system decides the target concurrency for the autoscaler. - type: integer - format: int64 - containers: - description: List of containers belonging to the pod. Containers cannot currently be added or removed. There must be at least one container in a Pod. Cannot be updated. - type: array - items: - description: A single application container that you want to run within a pod. - type: object - properties: - args: - description: 'Arguments to the entrypoint. The container image''s CMD is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container''s environment. If a variable cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)" will produce the string literal "$(VAR_NAME)". Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell' - type: array - items: - type: string - command: - description: 'Entrypoint array. Not executed within a shell. The container image''s ENTRYPOINT is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container''s environment. If a variable cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)" will produce the string literal "$(VAR_NAME)". Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell' - type: array - items: - type: string - env: - description: List of environment variables to set in the container. Cannot be updated. - type: array - items: - description: EnvVar represents an environment variable present in a Container. - type: object - required: - - name - properties: - name: - description: Name of the environment variable. Must be a C_IDENTIFIER. - type: string - value: - description: 'Variable references $(VAR_NAME) are expanded using the previously defined environment variables in the container and any service environment variables. If a variable cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)" will produce the string literal "$(VAR_NAME)". Escaped references will never be expanded, regardless of whether the variable exists or not. Defaults to "".' - type: string - valueFrom: - description: Source for the environment variable's value. Cannot be used if value is not empty. - type: object - properties: - configMapKeyRef: - description: Selects a key of a ConfigMap. - type: object - required: - - key - properties: - key: - description: The key to select. - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?' - type: string - optional: - description: Specify whether the ConfigMap or its key must be defined - type: boolean - x-kubernetes-map-type: atomic - fieldRef: - description: This is accessible behind a feature flag - kubernetes.podspec-fieldref - type: object - x-kubernetes-preserve-unknown-fields: true - x-kubernetes-map-type: atomic - resourceFieldRef: - description: This is accessible behind a feature flag - kubernetes.podspec-fieldref - type: object - x-kubernetes-preserve-unknown-fields: true - x-kubernetes-map-type: atomic - secretKeyRef: - description: Selects a key of a secret in the pod's namespace - type: object - required: - - key - properties: - key: - description: The key of the secret to select from. Must be a valid secret key. - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?' - type: string - optional: - description: Specify whether the Secret or its key must be defined - type: boolean - x-kubernetes-map-type: atomic - envFrom: - description: List of sources to populate environment variables in the container. The keys defined within a source must be a C_IDENTIFIER. All invalid keys will be reported as an event when the container is starting. When a key exists in multiple sources, the value associated with the last source will take precedence. Values defined by an Env with a duplicate key will take precedence. Cannot be updated. - type: array - items: - description: EnvFromSource represents the source of a set of ConfigMaps - type: object - properties: - configMapRef: - description: The ConfigMap to select from - type: object - properties: - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?' - type: string - optional: - description: Specify whether the ConfigMap must be defined - type: boolean - x-kubernetes-map-type: atomic - prefix: - description: An optional identifier to prepend to each key in the ConfigMap. Must be a C_IDENTIFIER. - type: string - secretRef: - description: The Secret to select from - type: object - properties: - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?' - type: string - optional: - description: Specify whether the Secret must be defined - type: boolean - x-kubernetes-map-type: atomic - image: - description: 'Container image name. More info: https://kubernetes.io/docs/concepts/containers/images This field is optional to allow higher level config management to default or override container images in workload controllers like Deployments and StatefulSets.' - type: string - imagePullPolicy: - description: 'Image pull policy. One of Always, Never, IfNotPresent. Defaults to Always if :latest tag is specified, or IfNotPresent otherwise. Cannot be updated. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images' - type: string - livenessProbe: - description: 'Periodic probe of container liveness. Container will be restarted if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' - type: object - properties: - exec: - description: Exec specifies the action to take. - type: object - properties: - command: - description: Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. - type: array - items: - type: string - failureThreshold: - description: Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1. - type: integer - format: int32 - httpGet: - description: HTTPGet specifies the http request to perform. - type: object - properties: - host: - description: Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. - type: string - httpHeaders: - description: Custom headers to set in the request. HTTP allows repeated headers. - type: array - items: - description: HTTPHeader describes a custom header to be used in HTTP probes - type: object - required: - - name - - value - properties: - name: - description: The header field name - type: string - value: - description: The header field value - type: string - path: - description: Path to access on the HTTP server. - type: string - port: - description: Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - scheme: - description: Scheme to use for connecting to the host. Defaults to HTTP. - type: string - initialDelaySeconds: - description: 'Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' - type: integer - format: int32 - periodSeconds: - description: How often (in seconds) to perform the probe. - type: integer - format: int32 - successThreshold: - description: Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1. - type: integer - format: int32 - tcpSocket: - description: TCPSocket specifies an action involving a TCP port. - type: object - properties: - host: - description: 'Optional: Host name to connect to, defaults to the pod IP.' - type: string - port: - description: Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - timeoutSeconds: - description: 'Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' - type: integer - format: int32 - name: - description: Name of the container specified as a DNS_LABEL. Each container in a pod must have a unique name (DNS_LABEL). Cannot be updated. - type: string - ports: - description: List of ports to expose from the container. Not specifying a port here DOES NOT prevent that port from being exposed. Any port which is listening on the default "0.0.0.0" address inside a container will be accessible from the network. Modifying this array with strategic merge patch may corrupt the data. For more information See https://github.com/kubernetes/kubernetes/issues/108255. Cannot be updated. - type: array - items: - description: ContainerPort represents a network port in a single container. - type: object - required: - - containerPort - properties: - containerPort: - description: Number of port to expose on the pod's IP address. This must be a valid port number, 0 < x < 65536. - type: integer - format: int32 - name: - description: If specified, this must be an IANA_SVC_NAME and unique within the pod. Each named port in a pod must have a unique name. Name for the port that can be referred to by services. - type: string - protocol: - description: Protocol for port. Must be UDP, TCP, or SCTP. Defaults to "TCP". - type: string - default: TCP - x-kubernetes-list-map-keys: - - containerPort - - protocol - x-kubernetes-list-type: map - readinessProbe: - description: 'Periodic probe of container service readiness. Container will be removed from service endpoints if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' - type: object - properties: - exec: - description: Exec specifies the action to take. - type: object - properties: - command: - description: Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. - type: array - items: - type: string - failureThreshold: - description: Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1. - type: integer - format: int32 - httpGet: - description: HTTPGet specifies the http request to perform. - type: object - properties: - host: - description: Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. - type: string - httpHeaders: - description: Custom headers to set in the request. HTTP allows repeated headers. - type: array - items: - description: HTTPHeader describes a custom header to be used in HTTP probes - type: object - required: - - name - - value - properties: - name: - description: The header field name - type: string - value: - description: The header field value - type: string - path: - description: Path to access on the HTTP server. - type: string - port: - description: Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - scheme: - description: Scheme to use for connecting to the host. Defaults to HTTP. - type: string - initialDelaySeconds: - description: 'Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' - type: integer - format: int32 - periodSeconds: - description: How often (in seconds) to perform the probe. - type: integer - format: int32 - successThreshold: - description: Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1. - type: integer - format: int32 - tcpSocket: - description: TCPSocket specifies an action involving a TCP port. - type: object - properties: - host: - description: 'Optional: Host name to connect to, defaults to the pod IP.' - type: string - port: - description: Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - timeoutSeconds: - description: 'Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' - type: integer - format: int32 - resources: - description: 'Compute Resources required by this container. Cannot be updated. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' - type: object - properties: - limits: - description: 'Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' - type: object - additionalProperties: - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - requests: - description: 'Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' - type: object - additionalProperties: - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - securityContext: - description: 'SecurityContext defines the security options the container should be run with. If set, the fields of SecurityContext override the equivalent fields of PodSecurityContext. More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/' - type: object - properties: - allowPrivilegeEscalation: - description: 'AllowPrivilegeEscalation controls whether a process can gain more privileges than its parent process. This bool directly controls if the no_new_privs flag will be set on the container process. AllowPrivilegeEscalation is true always when the container is: 1) run as Privileged 2) has CAP_SYS_ADMIN Note that this field cannot be set when spec.os.name is windows.' - type: boolean - capabilities: - description: The capabilities to add/drop when running containers. Defaults to the default set of capabilities granted by the container runtime. Note that this field cannot be set when spec.os.name is windows. - type: object - properties: - add: - description: This is accessible behind a feature flag - kubernetes.containerspec-addcapabilities - type: array - items: - description: Capability represent POSIX capabilities type - type: string - drop: - description: Removed capabilities - type: array - items: - description: Capability represent POSIX capabilities type - type: string - readOnlyRootFilesystem: - description: Whether this container has a read-only root filesystem. Default is false. Note that this field cannot be set when spec.os.name is windows. - type: boolean - runAsGroup: - description: The GID to run the entrypoint of the container process. Uses runtime default if unset. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is windows. - type: integer - format: int64 - runAsNonRoot: - description: Indicates that the container must run as a non-root user. If true, the Kubelet will validate the image at runtime to ensure that it does not run as UID 0 (root) and fail to start the container if it does. If unset or false, no such validation will be performed. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. - type: boolean - runAsUser: - description: The UID to run the entrypoint of the container process. Defaults to user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is windows. - type: integer - format: int64 - terminationMessagePath: - description: 'Optional: Path at which the file to which the container''s termination message will be written is mounted into the container''s filesystem. Message written is intended to be brief final status, such as an assertion failure message. Will be truncated by the node if greater than 4096 bytes. The total message length across all containers will be limited to 12kb. Defaults to /dev/termination-log. Cannot be updated.' - type: string - terminationMessagePolicy: - description: Indicate how the termination message should be populated. File will use the contents of terminationMessagePath to populate the container status message on both success and failure. FallbackToLogsOnError will use the last chunk of container log output if the termination message file is empty and the container exited with an error. The log output is limited to 2048 bytes or 80 lines, whichever is smaller. Defaults to File. Cannot be updated. - type: string - volumeMounts: - description: Pod volumes to mount into the container's filesystem. Cannot be updated. - type: array - items: - description: VolumeMount describes a mounting of a Volume within a container. - type: object - required: - - mountPath - - name - properties: - mountPath: - description: Path within the container at which the volume should be mounted. Must not contain ':'. - type: string - name: - description: This must match the Name of a Volume. - type: string - readOnly: - description: Mounted read-only if true, read-write otherwise (false or unspecified). Defaults to false. - type: boolean - subPath: - description: Path within the volume from which the container's volume should be mounted. Defaults to "" (volume's root). - type: string - workingDir: - description: Container's working directory. If not specified, the container runtime's default will be used, which might be configured in the container image. Cannot be updated. - type: string - dnsConfig: - description: This is accessible behind a feature flag - kubernetes.podspec-dnsconfig - type: object - x-kubernetes-preserve-unknown-fields: true - dnsPolicy: - description: This is accessible behind a feature flag - kubernetes.podspec-dnspolicy - type: string - enableServiceLinks: - description: 'EnableServiceLinks indicates whether information about services should be injected into pod''s environment variables, matching the syntax of Docker links. Optional: Knative defaults this to false.' - type: boolean - hostAliases: - description: This is accessible behind a feature flag - kubernetes.podspec-hostaliases - type: array - items: - description: This is accessible behind a feature flag - kubernetes.podspec-hostaliases - type: object - x-kubernetes-preserve-unknown-fields: true - idleTimeoutSeconds: - description: IdleTimeoutSeconds is the maximum duration in seconds a request will be allowed to stay open while not receiving any bytes from the user's application. If unspecified, a system default will be provided. - type: integer - format: int64 - imagePullSecrets: - description: 'ImagePullSecrets is an optional list of references to secrets in the same namespace to use for pulling any of the images used by this PodSpec. If specified, these secrets will be passed to individual puller implementations for them to use. More info: https://kubernetes.io/docs/concepts/containers/images#specifying-imagepullsecrets-on-a-pod' - type: array - items: - description: LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. - type: object - properties: - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?' - type: string - x-kubernetes-map-type: atomic - initContainers: - description: 'List of initialization containers belonging to the pod. Init containers are executed in order prior to containers being started. If any init container fails, the pod is considered to have failed and is handled according to its restartPolicy. The name for an init container or normal container must be unique among all containers. Init containers may not have Lifecycle actions, Readiness probes, Liveness probes, or Startup probes. The resourceRequirements of an init container are taken into account during scheduling by finding the highest request/limit for each resource type, and then using the max of of that value or the sum of the normal containers. Limits are applied to init containers in a similar fashion. Init containers cannot currently be added or removed. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/init-containers/' - type: array - items: - description: This is accessible behind a feature flag - kubernetes.podspec-init-containers - type: object - x-kubernetes-preserve-unknown-fields: true - nodeSelector: - description: This is accessible behind a feature flag - kubernetes.podspec-nodeselector - type: object - x-kubernetes-preserve-unknown-fields: true - x-kubernetes-map-type: atomic - priorityClassName: - description: This is accessible behind a feature flag - kubernetes.podspec-priorityclassname - type: string - x-kubernetes-preserve-unknown-fields: true - responseStartTimeoutSeconds: - description: ResponseStartTimeoutSeconds is the maximum duration in seconds that the request routing layer will wait for a request delivered to a container to begin sending any network traffic. - type: integer - format: int64 - runtimeClassName: - description: This is accessible behind a feature flag - kubernetes.podspec-runtimeclassname - type: string - x-kubernetes-preserve-unknown-fields: true - schedulerName: - description: This is accessible behind a feature flag - kubernetes.podspec-schedulername - type: string - x-kubernetes-preserve-unknown-fields: true - securityContext: - description: This is accessible behind a feature flag - kubernetes.podspec-securitycontext - type: object - x-kubernetes-preserve-unknown-fields: true - serviceAccountName: - description: 'ServiceAccountName is the name of the ServiceAccount to use to run this pod. More info: https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/' - type: string - timeoutSeconds: - description: TimeoutSeconds is the maximum duration in seconds that the request instance is allowed to respond to a request. If unspecified, a system default will be provided. - type: integer - format: int64 - tolerations: - description: This is accessible behind a feature flag - kubernetes.podspec-tolerations - type: array - items: - description: This is accessible behind a feature flag - kubernetes.podspec-tolerations - type: object - x-kubernetes-preserve-unknown-fields: true - topologySpreadConstraints: - description: This is accessible behind a feature flag - kubernetes.podspec-topologyspreadconstraints - type: array - items: - description: This is accessible behind a feature flag - kubernetes.podspec-topologyspreadconstraints - type: object - x-kubernetes-preserve-unknown-fields: true - volumes: - description: 'List of volumes that can be mounted by containers belonging to the pod. More info: https://kubernetes.io/docs/concepts/storage/volumes' - type: array - items: - description: Volume represents a named volume in a pod that may be accessed by any container in the pod. - type: object - required: - - name - properties: - configMap: - description: configMap represents a configMap that should populate this volume - type: object - properties: - defaultMode: - description: 'defaultMode is optional: mode bits used to set permissions on created files by default. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. Defaults to 0644. Directories within the path are not affected by this setting. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.' - type: integer - format: int32 - items: - description: items if unspecified, each key-value pair in the Data field of the referenced ConfigMap will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the ConfigMap, the volume setup will error unless it is marked optional. Paths must be relative and may not contain the '..' path or start with '..'. - type: array - items: - description: Maps a string key to a path within a volume. - type: object - required: - - key - - path - properties: - key: - description: key is the key to project. - type: string - mode: - description: 'mode is Optional: mode bits used to set permissions on this file. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.' - type: integer - format: int32 - path: - description: path is the relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'. - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?' - type: string - optional: - description: optional specify whether the ConfigMap or its keys must be defined - type: boolean - x-kubernetes-map-type: atomic - emptyDir: - description: This is accessible behind a feature flag - kubernetes.podspec-emptydir - type: object - x-kubernetes-preserve-unknown-fields: true - name: - description: 'name of the volume. Must be a DNS_LABEL and unique within the pod. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - persistentVolumeClaim: - description: This is accessible behind a feature flag - kubernetes.podspec-persistent-volume-claim - type: object - x-kubernetes-preserve-unknown-fields: true - projected: - description: projected items for all in one resources secrets, configmaps, and downward API - type: object - properties: - defaultMode: - description: defaultMode are the mode bits used to set permissions on created files by default. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. Directories within the path are not affected by this setting. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. - type: integer - format: int32 - sources: - description: sources is the list of volume projections - type: array - items: - description: Projection that may be projected along with other supported volume types - type: object - properties: - configMap: - description: configMap information about the configMap data to project - type: object - properties: - items: - description: items if unspecified, each key-value pair in the Data field of the referenced ConfigMap will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the ConfigMap, the volume setup will error unless it is marked optional. Paths must be relative and may not contain the '..' path or start with '..'. - type: array - items: - description: Maps a string key to a path within a volume. - type: object - required: - - key - - path - properties: - key: - description: key is the key to project. - type: string - mode: - description: 'mode is Optional: mode bits used to set permissions on this file. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.' - type: integer - format: int32 - path: - description: path is the relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'. - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?' - type: string - optional: - description: optional specify whether the ConfigMap or its keys must be defined - type: boolean - x-kubernetes-map-type: atomic - secret: - description: secret information about the secret data to project - type: object - properties: - items: - description: items if unspecified, each key-value pair in the Data field of the referenced Secret will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the Secret, the volume setup will error unless it is marked optional. Paths must be relative and may not contain the '..' path or start with '..'. - type: array - items: - description: Maps a string key to a path within a volume. - type: object - required: - - key - - path - properties: - key: - description: key is the key to project. - type: string - mode: - description: 'mode is Optional: mode bits used to set permissions on this file. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.' - type: integer - format: int32 - path: - description: path is the relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'. - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?' - type: string - optional: - description: optional field specify whether the Secret or its key must be defined - type: boolean - x-kubernetes-map-type: atomic - serviceAccountToken: - description: serviceAccountToken is information about the serviceAccountToken data to project - type: object - required: - - path - properties: - audience: - description: audience is the intended audience of the token. A recipient of a token must identify itself with an identifier specified in the audience of the token, and otherwise should reject the token. The audience defaults to the identifier of the apiserver. - type: string - expirationSeconds: - description: expirationSeconds is the requested duration of validity of the service account token. As the token approaches expiration, the kubelet volume plugin will proactively rotate the service account token. The kubelet will start trying to rotate the token if the token is older than 80 percent of its time to live or if the token is older than 24 hours.Defaults to 1 hour and must be at least 10 minutes. - type: integer - format: int64 - path: - description: path is the path relative to the mount point of the file to project the token into. - type: string - secret: - description: 'secret represents a secret that should populate this volume. More info: https://kubernetes.io/docs/concepts/storage/volumes#secret' - type: object - properties: - defaultMode: - description: 'defaultMode is Optional: mode bits used to set permissions on created files by default. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. Defaults to 0644. Directories within the path are not affected by this setting. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.' - type: integer - format: int32 - items: - description: items If unspecified, each key-value pair in the Data field of the referenced Secret will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the Secret, the volume setup will error unless it is marked optional. Paths must be relative and may not contain the '..' path or start with '..'. - type: array - items: - description: Maps a string key to a path within a volume. - type: object - required: - - key - - path - properties: - key: - description: key is the key to project. - type: string - mode: - description: 'mode is Optional: mode bits used to set permissions on this file. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.' - type: integer - format: int32 - path: - description: path is the relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'. - type: string - optional: - description: optional field specify whether the Secret or its keys must be defined - type: boolean - secretName: - description: 'secretName is the name of the secret in the pod''s namespace to use. More info: https://kubernetes.io/docs/concepts/storage/volumes#secret' - type: string - status: - description: RevisionStatus communicates the observed state of the Revision (from the controller). - type: object - properties: - actualReplicas: - description: ActualReplicas reflects the amount of ready pods running this revision. - type: integer - format: int32 - annotations: - description: Annotations is additional Status fields for the Resource to save some additional State as well as convey more information to the user. This is roughly akin to Annotations on any k8s resource, just the reconciler conveying richer information outwards. - type: object - additionalProperties: - type: string - conditions: - description: Conditions the latest available observations of a resource's current state. - type: array - items: - description: 'Condition defines a readiness condition for a Knative resource. See: https://github.com/kubernetes/community/blob/master/contributors/devel/sig-architecture/api-conventions.md#typical-status-properties' - type: object - required: - - status - - type - properties: - lastTransitionTime: - description: LastTransitionTime is the last time the condition transitioned from one status to another. We use VolatileTime in place of metav1.Time to exclude this from creating equality.Semantic differences (all other things held constant). - type: string - message: - description: A human readable message indicating details about the transition. - type: string - reason: - description: The reason for the condition's last transition. - type: string - severity: - description: Severity with which to treat failures of this type of condition. When this is not specified, it defaults to Error. - type: string - status: - description: Status of the condition, one of True, False, Unknown. - type: string - type: - description: Type of condition. - type: string - containerStatuses: - description: 'ContainerStatuses is a slice of images present in .Spec.Container[*].Image to their respective digests and their container name. The digests are resolved during the creation of Revision. ContainerStatuses holds the container name and image digests for both serving and non serving containers. ref: http://bit.ly/image-digests' - type: array - items: - description: ContainerStatus holds the information of container name and image digest value - type: object - properties: - imageDigest: - type: string - name: - type: string - desiredReplicas: - description: DesiredReplicas reflects the desired amount of pods running this revision. - type: integer - format: int32 - initContainerStatuses: - description: 'InitContainerStatuses is a slice of images present in .Spec.InitContainer[*].Image to their respective digests and their container name. The digests are resolved during the creation of Revision. ContainerStatuses holds the container name and image digests for both serving and non serving containers. ref: http://bit.ly/image-digests' - type: array - items: - description: ContainerStatus holds the information of container name and image digest value - type: object - properties: - imageDigest: - type: string - name: - type: string - logUrl: - description: LogURL specifies the generated logging url for this particular revision based on the revision url template specified in the controller's config. - type: string - observedGeneration: - description: ObservedGeneration is the 'Generation' of the Service that was last processed by the controller. - type: integer - format: int64 - ---- -# Copyright 2019 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -# Note: The schema part of the spec is auto-generated by hack/update-schemas.sh. - -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - name: routes.serving.knative.dev - labels: - app.kubernetes.io/name: knative-serving - app.kubernetes.io/version: "1.8.6" - knative.dev/crd-install: "true" - duck.knative.dev/addressable: "true" -spec: - group: serving.knative.dev - names: - kind: Route - plural: routes - singular: route - categories: - - all - - knative - - serving - shortNames: - - rt - scope: Namespaced - versions: - - name: v1 - served: true - storage: true - subresources: - status: {} - additionalPrinterColumns: - - name: URL - type: string - jsonPath: .status.url - - name: Ready - type: string - jsonPath: ".status.conditions[?(@.type=='Ready')].status" - - name: Reason - type: string - jsonPath: ".status.conditions[?(@.type=='Ready')].reason" - schema: - openAPIV3Schema: - description: 'Route is responsible for configuring ingress over a collection of Revisions. Some of the Revisions a Route distributes traffic over may be specified by referencing the Configuration responsible for creating them; in these cases the Route is additionally responsible for monitoring the Configuration for "latest ready revision" changes, and smoothly rolling out latest revisions. See also: https://github.com/knative/serving/blob/main/docs/spec/overview.md#route' - type: object - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - description: Spec holds the desired state of the Route (from the client). - type: object - properties: - traffic: - description: Traffic specifies how to distribute traffic over a collection of revisions and configurations. - type: array - items: - description: TrafficTarget holds a single entry of the routing table for a Route. - type: object - properties: - configurationName: - description: ConfigurationName of a configuration to whose latest revision we will send this portion of traffic. When the "status.latestReadyRevisionName" of the referenced configuration changes, we will automatically migrate traffic from the prior "latest ready" revision to the new one. This field is never set in Route's status, only its spec. This is mutually exclusive with RevisionName. - type: string - latestRevision: - description: LatestRevision may be optionally provided to indicate that the latest ready Revision of the Configuration should be used for this traffic target. When provided LatestRevision must be true if RevisionName is empty; it must be false when RevisionName is non-empty. - type: boolean - percent: - description: 'Percent indicates that percentage based routing should be used and the value indicates the percent of traffic that is be routed to this Revision or Configuration. `0` (zero) mean no traffic, `100` means all traffic. When percentage based routing is being used the follow rules apply: - the sum of all percent values must equal 100 - when not specified, the implied value for `percent` is zero for that particular Revision or Configuration' - type: integer - format: int64 - revisionName: - description: RevisionName of a specific revision to which to send this portion of traffic. This is mutually exclusive with ConfigurationName. - type: string - tag: - description: Tag is optionally used to expose a dedicated url for referencing this target exclusively. - type: string - url: - description: URL displays the URL for accessing named traffic targets. URL is displayed in status, and is disallowed on spec. URL must contain a scheme (e.g. http://) and a hostname, but may not contain anything else (e.g. basic auth, url path, etc.) - type: string - status: - description: Status communicates the observed state of the Route (from the controller). - type: object - properties: - address: - description: Address holds the information needed for a Route to be the target of an event. - type: object - properties: - url: - type: string - annotations: - description: Annotations is additional Status fields for the Resource to save some additional State as well as convey more information to the user. This is roughly akin to Annotations on any k8s resource, just the reconciler conveying richer information outwards. - type: object - additionalProperties: - type: string - conditions: - description: Conditions the latest available observations of a resource's current state. - type: array - items: - description: 'Condition defines a readiness condition for a Knative resource. See: https://github.com/kubernetes/community/blob/master/contributors/devel/sig-architecture/api-conventions.md#typical-status-properties' - type: object - required: - - status - - type - properties: - lastTransitionTime: - description: LastTransitionTime is the last time the condition transitioned from one status to another. We use VolatileTime in place of metav1.Time to exclude this from creating equality.Semantic differences (all other things held constant). - type: string - message: - description: A human readable message indicating details about the transition. - type: string - reason: - description: The reason for the condition's last transition. - type: string - severity: - description: Severity with which to treat failures of this type of condition. When this is not specified, it defaults to Error. - type: string - status: - description: Status of the condition, one of True, False, Unknown. - type: string - type: - description: Type of condition. - type: string - observedGeneration: - description: ObservedGeneration is the 'Generation' of the Service that was last processed by the controller. - type: integer - format: int64 - traffic: - description: Traffic holds the configured traffic distribution. These entries will always contain RevisionName references. When ConfigurationName appears in the spec, this will hold the LatestReadyRevisionName that we last observed. - type: array - items: - description: TrafficTarget holds a single entry of the routing table for a Route. - type: object - properties: - configurationName: - description: ConfigurationName of a configuration to whose latest revision we will send this portion of traffic. When the "status.latestReadyRevisionName" of the referenced configuration changes, we will automatically migrate traffic from the prior "latest ready" revision to the new one. This field is never set in Route's status, only its spec. This is mutually exclusive with RevisionName. - type: string - latestRevision: - description: LatestRevision may be optionally provided to indicate that the latest ready Revision of the Configuration should be used for this traffic target. When provided LatestRevision must be true if RevisionName is empty; it must be false when RevisionName is non-empty. - type: boolean - percent: - description: 'Percent indicates that percentage based routing should be used and the value indicates the percent of traffic that is be routed to this Revision or Configuration. `0` (zero) mean no traffic, `100` means all traffic. When percentage based routing is being used the follow rules apply: - the sum of all percent values must equal 100 - when not specified, the implied value for `percent` is zero for that particular Revision or Configuration' - type: integer - format: int64 - revisionName: - description: RevisionName of a specific revision to which to send this portion of traffic. This is mutually exclusive with ConfigurationName. - type: string - tag: - description: Tag is optionally used to expose a dedicated url for referencing this target exclusively. - type: string - url: - description: URL displays the URL for accessing named traffic targets. URL is displayed in status, and is disallowed on spec. URL must contain a scheme (e.g. http://) and a hostname, but may not contain anything else (e.g. basic auth, url path, etc.) - type: string - url: - description: URL holds the url that will distribute traffic over the provided traffic targets. It generally has the form http[s]://{route-name}.{route-namespace}.{cluster-level-suffix} - type: string - ---- -# Copyright 2019 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - name: serverlessservices.networking.internal.knative.dev - labels: - app.kubernetes.io/name: knative-serving - app.kubernetes.io/component: networking - app.kubernetes.io/version: "1.8.6" - knative.dev/crd-install: "true" -spec: - group: networking.internal.knative.dev - versions: - - name: v1alpha1 - served: true - storage: true - subresources: - status: {} - schema: - openAPIV3Schema: - description: 'ServerlessService is a proxy for the K8s service objects containing the endpoints for the revision, whether those are endpoints of the activator or revision pods. See: https://knative.page.link/naxz for details.' - type: object - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - description: 'Spec is the desired state of the ServerlessService. More info: https://github.com/kubernetes/community/blob/master/contributors/devel/sig-architecture/api-conventions.md#spec-and-status' - type: object - required: - - objectRef - - protocolType - properties: - mode: - description: Mode describes the mode of operation of the ServerlessService. - type: string - numActivators: - description: NumActivators contains number of Activators that this revision should be assigned. O means — assign all. - type: integer - format: int32 - objectRef: - description: ObjectRef defines the resource that this ServerlessService is responsible for making "serverless". - type: object - properties: - apiVersion: - description: API version of the referent. - type: string - fieldPath: - description: 'If referring to a piece of an object instead of an entire object, this string should contain a valid JSON/Go field access statement, such as desiredState.manifest.containers[2]. For example, if the object reference is to a container within a pod, this would take on a value like: "spec.containers{name}" (where "name" refers to the name of the container that triggered the event) or if no container name is specified "spec.containers[2]" (container with index 2 in this pod). This syntax is chosen only to have some well-defined way of referencing a part of an object. TODO: this design is not final and this field is subject to change in the future.' - type: string - kind: - description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - namespace: - description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' - type: string - resourceVersion: - description: 'Specific resourceVersion to which this reference is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency' - type: string - uid: - description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids' - type: string - x-kubernetes-map-type: atomic - protocolType: - description: The application-layer protocol. Matches `RevisionProtocolType` set on the owning pa/revision. serving imports networking, so just use string. - type: string - status: - description: 'Status is the current state of the ServerlessService. More info: https://github.com/kubernetes/community/blob/master/contributors/devel/sig-architecture/api-conventions.md#spec-and-status' - type: object - properties: - annotations: - description: Annotations is additional Status fields for the Resource to save some additional State as well as convey more information to the user. This is roughly akin to Annotations on any k8s resource, just the reconciler conveying richer information outwards. - type: object - additionalProperties: - type: string - conditions: - description: Conditions the latest available observations of a resource's current state. - type: array - items: - description: 'Condition defines a readiness condition for a Knative resource. See: https://github.com/kubernetes/community/blob/master/contributors/devel/sig-architecture/api-conventions.md#typical-status-properties' - type: object - required: - - status - - type - properties: - lastTransitionTime: - description: LastTransitionTime is the last time the condition transitioned from one status to another. We use VolatileTime in place of metav1.Time to exclude this from creating equality.Semantic differences (all other things held constant). - type: string - message: - description: A human readable message indicating details about the transition. - type: string - reason: - description: The reason for the condition's last transition. - type: string - severity: - description: Severity with which to treat failures of this type of condition. When this is not specified, it defaults to Error. - type: string - status: - description: Status of the condition, one of True, False, Unknown. - type: string - type: - description: Type of condition. - type: string - observedGeneration: - description: ObservedGeneration is the 'Generation' of the Service that was last processed by the controller. - type: integer - format: int64 - privateServiceName: - description: PrivateServiceName holds the name of a core K8s Service resource that load balances over the user service pods backing this Revision. - type: string - serviceName: - description: ServiceName holds the name of a core K8s Service resource that load balances over the pods backing this Revision (activator or revision). - type: string - additionalPrinterColumns: - - name: Mode - type: string - jsonPath: ".spec.mode" - - name: Activators - type: integer - jsonPath: ".spec.numActivators" - - name: ServiceName - type: string - jsonPath: ".status.serviceName" - - name: PrivateServiceName - type: string - jsonPath: ".status.privateServiceName" - - name: Ready - type: string - jsonPath: ".status.conditions[?(@.type=='Ready')].status" - - name: Reason - type: string - jsonPath: ".status.conditions[?(@.type=='Ready')].reason" - names: - kind: ServerlessService - plural: serverlessservices - singular: serverlessservice - categories: - - knative-internal - - networking - shortNames: - - sks - scope: Namespaced - ---- -# Copyright 2019 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -# Note: The schema part of the spec is auto-generated by hack/update-schemas.sh. - -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - name: services.serving.knative.dev - labels: - app.kubernetes.io/name: knative-serving - app.kubernetes.io/version: "1.8.6" - knative.dev/crd-install: "true" - duck.knative.dev/addressable: "true" - duck.knative.dev/podspecable: "true" -spec: - group: serving.knative.dev - names: - kind: Service - plural: services - singular: service - categories: - - all - - knative - - serving - shortNames: - - kservice - - ksvc - scope: Namespaced - versions: - - name: v1 - served: true - storage: true - subresources: - status: {} - additionalPrinterColumns: - - name: URL - type: string - jsonPath: .status.url - - name: LatestCreated - type: string - jsonPath: .status.latestCreatedRevisionName - - name: LatestReady - type: string - jsonPath: .status.latestReadyRevisionName - - name: Ready - type: string - jsonPath: ".status.conditions[?(@.type=='Ready')].status" - - name: Reason - type: string - jsonPath: ".status.conditions[?(@.type=='Ready')].reason" - schema: - openAPIV3Schema: - description: "Service acts as a top-level container that manages a Route and Configuration which implement a network service. Service exists to provide a singular abstraction which can be access controlled, reasoned about, and which encapsulates software lifecycle decisions such as rollout policy and team resource ownership. Service acts only as an orchestrator of the underlying Routes and Configurations (much as a kubernetes Deployment orchestrates ReplicaSets), and its usage is optional but recommended. \n The Service's controller will track the statuses of its owned Configuration and Route, reflecting their statuses and conditions as its own. \n See also: https://github.com/knative/serving/blob/main/docs/spec/overview.md#service" - type: object - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - description: ServiceSpec represents the configuration for the Service object. A Service's specification is the union of the specifications for a Route and Configuration. The Service restricts what can be expressed in these fields, e.g. the Route must reference the provided Configuration; however, these limitations also enable friendlier defaulting, e.g. Route never needs a Configuration name, and may be defaulted to the appropriate "run latest" spec. - type: object - properties: - template: - description: Template holds the latest specification for the Revision to be stamped out. - type: object - properties: - metadata: - type: object - properties: - annotations: - type: object - additionalProperties: - type: string - finalizers: - type: array - items: - type: string - labels: - type: object - additionalProperties: - type: string - name: - type: string - namespace: - type: string - x-kubernetes-preserve-unknown-fields: true - spec: - description: RevisionSpec holds the desired state of the Revision (from the client). - type: object - required: - - containers - properties: - affinity: - description: This is accessible behind a feature flag - kubernetes.podspec-affinity - type: object - x-kubernetes-preserve-unknown-fields: true - automountServiceAccountToken: - description: AutomountServiceAccountToken indicates whether a service account token should be automatically mounted. - type: boolean - containerConcurrency: - description: ContainerConcurrency specifies the maximum allowed in-flight (concurrent) requests per container of the Revision. Defaults to `0` which means concurrency to the application is not limited, and the system decides the target concurrency for the autoscaler. - type: integer - format: int64 - containers: - description: List of containers belonging to the pod. Containers cannot currently be added or removed. There must be at least one container in a Pod. Cannot be updated. - type: array - items: - description: A single application container that you want to run within a pod. - type: object - properties: - args: - description: 'Arguments to the entrypoint. The container image''s CMD is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container''s environment. If a variable cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)" will produce the string literal "$(VAR_NAME)". Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell' - type: array - items: - type: string - command: - description: 'Entrypoint array. Not executed within a shell. The container image''s ENTRYPOINT is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container''s environment. If a variable cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)" will produce the string literal "$(VAR_NAME)". Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell' - type: array - items: - type: string - env: - description: List of environment variables to set in the container. Cannot be updated. - type: array - items: - description: EnvVar represents an environment variable present in a Container. - type: object - required: - - name - properties: - name: - description: Name of the environment variable. Must be a C_IDENTIFIER. - type: string - value: - description: 'Variable references $(VAR_NAME) are expanded using the previously defined environment variables in the container and any service environment variables. If a variable cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)" will produce the string literal "$(VAR_NAME)". Escaped references will never be expanded, regardless of whether the variable exists or not. Defaults to "".' - type: string - valueFrom: - description: Source for the environment variable's value. Cannot be used if value is not empty. - type: object - properties: - configMapKeyRef: - description: Selects a key of a ConfigMap. - type: object - required: - - key - properties: - key: - description: The key to select. - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?' - type: string - optional: - description: Specify whether the ConfigMap or its key must be defined - type: boolean - x-kubernetes-map-type: atomic - fieldRef: - description: This is accessible behind a feature flag - kubernetes.podspec-fieldref - type: object - x-kubernetes-preserve-unknown-fields: true - x-kubernetes-map-type: atomic - resourceFieldRef: - description: This is accessible behind a feature flag - kubernetes.podspec-fieldref - type: object - x-kubernetes-preserve-unknown-fields: true - x-kubernetes-map-type: atomic - secretKeyRef: - description: Selects a key of a secret in the pod's namespace - type: object - required: - - key - properties: - key: - description: The key of the secret to select from. Must be a valid secret key. - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?' - type: string - optional: - description: Specify whether the Secret or its key must be defined - type: boolean - x-kubernetes-map-type: atomic - envFrom: - description: List of sources to populate environment variables in the container. The keys defined within a source must be a C_IDENTIFIER. All invalid keys will be reported as an event when the container is starting. When a key exists in multiple sources, the value associated with the last source will take precedence. Values defined by an Env with a duplicate key will take precedence. Cannot be updated. - type: array - items: - description: EnvFromSource represents the source of a set of ConfigMaps - type: object - properties: - configMapRef: - description: The ConfigMap to select from - type: object - properties: - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?' - type: string - optional: - description: Specify whether the ConfigMap must be defined - type: boolean - x-kubernetes-map-type: atomic - prefix: - description: An optional identifier to prepend to each key in the ConfigMap. Must be a C_IDENTIFIER. - type: string - secretRef: - description: The Secret to select from - type: object - properties: - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?' - type: string - optional: - description: Specify whether the Secret must be defined - type: boolean - x-kubernetes-map-type: atomic - image: - description: 'Container image name. More info: https://kubernetes.io/docs/concepts/containers/images This field is optional to allow higher level config management to default or override container images in workload controllers like Deployments and StatefulSets.' - type: string - imagePullPolicy: - description: 'Image pull policy. One of Always, Never, IfNotPresent. Defaults to Always if :latest tag is specified, or IfNotPresent otherwise. Cannot be updated. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images' - type: string - livenessProbe: - description: 'Periodic probe of container liveness. Container will be restarted if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' - type: object - properties: - exec: - description: Exec specifies the action to take. - type: object - properties: - command: - description: Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. - type: array - items: - type: string - failureThreshold: - description: Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1. - type: integer - format: int32 - httpGet: - description: HTTPGet specifies the http request to perform. - type: object - properties: - host: - description: Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. - type: string - httpHeaders: - description: Custom headers to set in the request. HTTP allows repeated headers. - type: array - items: - description: HTTPHeader describes a custom header to be used in HTTP probes - type: object - required: - - name - - value - properties: - name: - description: The header field name - type: string - value: - description: The header field value - type: string - path: - description: Path to access on the HTTP server. - type: string - port: - description: Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - scheme: - description: Scheme to use for connecting to the host. Defaults to HTTP. - type: string - initialDelaySeconds: - description: 'Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' - type: integer - format: int32 - periodSeconds: - description: How often (in seconds) to perform the probe. - type: integer - format: int32 - successThreshold: - description: Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1. - type: integer - format: int32 - tcpSocket: - description: TCPSocket specifies an action involving a TCP port. - type: object - properties: - host: - description: 'Optional: Host name to connect to, defaults to the pod IP.' - type: string - port: - description: Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - timeoutSeconds: - description: 'Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' - type: integer - format: int32 - name: - description: Name of the container specified as a DNS_LABEL. Each container in a pod must have a unique name (DNS_LABEL). Cannot be updated. - type: string - ports: - description: List of ports to expose from the container. Not specifying a port here DOES NOT prevent that port from being exposed. Any port which is listening on the default "0.0.0.0" address inside a container will be accessible from the network. Modifying this array with strategic merge patch may corrupt the data. For more information See https://github.com/kubernetes/kubernetes/issues/108255. Cannot be updated. - type: array - items: - description: ContainerPort represents a network port in a single container. - type: object - required: - - containerPort - properties: - containerPort: - description: Number of port to expose on the pod's IP address. This must be a valid port number, 0 < x < 65536. - type: integer - format: int32 - name: - description: If specified, this must be an IANA_SVC_NAME and unique within the pod. Each named port in a pod must have a unique name. Name for the port that can be referred to by services. - type: string - protocol: - description: Protocol for port. Must be UDP, TCP, or SCTP. Defaults to "TCP". - type: string - default: TCP - x-kubernetes-list-map-keys: - - containerPort - - protocol - x-kubernetes-list-type: map - readinessProbe: - description: 'Periodic probe of container service readiness. Container will be removed from service endpoints if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' - type: object - properties: - exec: - description: Exec specifies the action to take. - type: object - properties: - command: - description: Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. - type: array - items: - type: string - failureThreshold: - description: Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1. - type: integer - format: int32 - httpGet: - description: HTTPGet specifies the http request to perform. - type: object - properties: - host: - description: Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. - type: string - httpHeaders: - description: Custom headers to set in the request. HTTP allows repeated headers. - type: array - items: - description: HTTPHeader describes a custom header to be used in HTTP probes - type: object - required: - - name - - value - properties: - name: - description: The header field name - type: string - value: - description: The header field value - type: string - path: - description: Path to access on the HTTP server. - type: string - port: - description: Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - scheme: - description: Scheme to use for connecting to the host. Defaults to HTTP. - type: string - initialDelaySeconds: - description: 'Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' - type: integer - format: int32 - periodSeconds: - description: How often (in seconds) to perform the probe. - type: integer - format: int32 - successThreshold: - description: Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1. - type: integer - format: int32 - tcpSocket: - description: TCPSocket specifies an action involving a TCP port. - type: object - properties: - host: - description: 'Optional: Host name to connect to, defaults to the pod IP.' - type: string - port: - description: Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - timeoutSeconds: - description: 'Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' - type: integer - format: int32 - resources: - description: 'Compute Resources required by this container. Cannot be updated. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' - type: object - properties: - limits: - description: 'Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' - type: object - additionalProperties: - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - requests: - description: 'Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' - type: object - additionalProperties: - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - securityContext: - description: 'SecurityContext defines the security options the container should be run with. If set, the fields of SecurityContext override the equivalent fields of PodSecurityContext. More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/' - type: object - properties: - allowPrivilegeEscalation: - description: 'AllowPrivilegeEscalation controls whether a process can gain more privileges than its parent process. This bool directly controls if the no_new_privs flag will be set on the container process. AllowPrivilegeEscalation is true always when the container is: 1) run as Privileged 2) has CAP_SYS_ADMIN Note that this field cannot be set when spec.os.name is windows.' - type: boolean - capabilities: - description: The capabilities to add/drop when running containers. Defaults to the default set of capabilities granted by the container runtime. Note that this field cannot be set when spec.os.name is windows. - type: object - properties: - add: - description: This is accessible behind a feature flag - kubernetes.containerspec-addcapabilities - type: array - items: - description: Capability represent POSIX capabilities type - type: string - drop: - description: Removed capabilities - type: array - items: - description: Capability represent POSIX capabilities type - type: string - readOnlyRootFilesystem: - description: Whether this container has a read-only root filesystem. Default is false. Note that this field cannot be set when spec.os.name is windows. - type: boolean - runAsGroup: - description: The GID to run the entrypoint of the container process. Uses runtime default if unset. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is windows. - type: integer - format: int64 - runAsNonRoot: - description: Indicates that the container must run as a non-root user. If true, the Kubelet will validate the image at runtime to ensure that it does not run as UID 0 (root) and fail to start the container if it does. If unset or false, no such validation will be performed. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. - type: boolean - runAsUser: - description: The UID to run the entrypoint of the container process. Defaults to user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is windows. - type: integer - format: int64 - terminationMessagePath: - description: 'Optional: Path at which the file to which the container''s termination message will be written is mounted into the container''s filesystem. Message written is intended to be brief final status, such as an assertion failure message. Will be truncated by the node if greater than 4096 bytes. The total message length across all containers will be limited to 12kb. Defaults to /dev/termination-log. Cannot be updated.' - type: string - terminationMessagePolicy: - description: Indicate how the termination message should be populated. File will use the contents of terminationMessagePath to populate the container status message on both success and failure. FallbackToLogsOnError will use the last chunk of container log output if the termination message file is empty and the container exited with an error. The log output is limited to 2048 bytes or 80 lines, whichever is smaller. Defaults to File. Cannot be updated. - type: string - volumeMounts: - description: Pod volumes to mount into the container's filesystem. Cannot be updated. - type: array - items: - description: VolumeMount describes a mounting of a Volume within a container. - type: object - required: - - mountPath - - name - properties: - mountPath: - description: Path within the container at which the volume should be mounted. Must not contain ':'. - type: string - name: - description: This must match the Name of a Volume. - type: string - readOnly: - description: Mounted read-only if true, read-write otherwise (false or unspecified). Defaults to false. - type: boolean - subPath: - description: Path within the volume from which the container's volume should be mounted. Defaults to "" (volume's root). - type: string - workingDir: - description: Container's working directory. If not specified, the container runtime's default will be used, which might be configured in the container image. Cannot be updated. - type: string - dnsConfig: - description: This is accessible behind a feature flag - kubernetes.podspec-dnsconfig - type: object - x-kubernetes-preserve-unknown-fields: true - dnsPolicy: - description: This is accessible behind a feature flag - kubernetes.podspec-dnspolicy - type: string - enableServiceLinks: - description: 'EnableServiceLinks indicates whether information about services should be injected into pod''s environment variables, matching the syntax of Docker links. Optional: Knative defaults this to false.' - type: boolean - hostAliases: - description: This is accessible behind a feature flag - kubernetes.podspec-hostaliases - type: array - items: - description: This is accessible behind a feature flag - kubernetes.podspec-hostaliases - type: object - x-kubernetes-preserve-unknown-fields: true - idleTimeoutSeconds: - description: IdleTimeoutSeconds is the maximum duration in seconds a request will be allowed to stay open while not receiving any bytes from the user's application. If unspecified, a system default will be provided. - type: integer - format: int64 - imagePullSecrets: - description: 'ImagePullSecrets is an optional list of references to secrets in the same namespace to use for pulling any of the images used by this PodSpec. If specified, these secrets will be passed to individual puller implementations for them to use. More info: https://kubernetes.io/docs/concepts/containers/images#specifying-imagepullsecrets-on-a-pod' - type: array - items: - description: LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. - type: object - properties: - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?' - type: string - x-kubernetes-map-type: atomic - initContainers: - description: 'List of initialization containers belonging to the pod. Init containers are executed in order prior to containers being started. If any init container fails, the pod is considered to have failed and is handled according to its restartPolicy. The name for an init container or normal container must be unique among all containers. Init containers may not have Lifecycle actions, Readiness probes, Liveness probes, or Startup probes. The resourceRequirements of an init container are taken into account during scheduling by finding the highest request/limit for each resource type, and then using the max of of that value or the sum of the normal containers. Limits are applied to init containers in a similar fashion. Init containers cannot currently be added or removed. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/init-containers/' - type: array - items: - description: This is accessible behind a feature flag - kubernetes.podspec-init-containers - type: object - x-kubernetes-preserve-unknown-fields: true - nodeSelector: - description: This is accessible behind a feature flag - kubernetes.podspec-nodeselector - type: object - x-kubernetes-preserve-unknown-fields: true - x-kubernetes-map-type: atomic - priorityClassName: - description: This is accessible behind a feature flag - kubernetes.podspec-priorityclassname - type: string - x-kubernetes-preserve-unknown-fields: true - responseStartTimeoutSeconds: - description: ResponseStartTimeoutSeconds is the maximum duration in seconds that the request routing layer will wait for a request delivered to a container to begin sending any network traffic. - type: integer - format: int64 - runtimeClassName: - description: This is accessible behind a feature flag - kubernetes.podspec-runtimeclassname - type: string - x-kubernetes-preserve-unknown-fields: true - schedulerName: - description: This is accessible behind a feature flag - kubernetes.podspec-schedulername - type: string - x-kubernetes-preserve-unknown-fields: true - securityContext: - description: This is accessible behind a feature flag - kubernetes.podspec-securitycontext - type: object - x-kubernetes-preserve-unknown-fields: true - serviceAccountName: - description: 'ServiceAccountName is the name of the ServiceAccount to use to run this pod. More info: https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/' - type: string - timeoutSeconds: - description: TimeoutSeconds is the maximum duration in seconds that the request instance is allowed to respond to a request. If unspecified, a system default will be provided. - type: integer - format: int64 - tolerations: - description: This is accessible behind a feature flag - kubernetes.podspec-tolerations - type: array - items: - description: This is accessible behind a feature flag - kubernetes.podspec-tolerations - type: object - x-kubernetes-preserve-unknown-fields: true - topologySpreadConstraints: - description: This is accessible behind a feature flag - kubernetes.podspec-topologyspreadconstraints - type: array - items: - description: This is accessible behind a feature flag - kubernetes.podspec-topologyspreadconstraints - type: object - x-kubernetes-preserve-unknown-fields: true - volumes: - description: 'List of volumes that can be mounted by containers belonging to the pod. More info: https://kubernetes.io/docs/concepts/storage/volumes' - type: array - items: - description: Volume represents a named volume in a pod that may be accessed by any container in the pod. - type: object - required: - - name - properties: - configMap: - description: configMap represents a configMap that should populate this volume - type: object - properties: - defaultMode: - description: 'defaultMode is optional: mode bits used to set permissions on created files by default. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. Defaults to 0644. Directories within the path are not affected by this setting. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.' - type: integer - format: int32 - items: - description: items if unspecified, each key-value pair in the Data field of the referenced ConfigMap will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the ConfigMap, the volume setup will error unless it is marked optional. Paths must be relative and may not contain the '..' path or start with '..'. - type: array - items: - description: Maps a string key to a path within a volume. - type: object - required: - - key - - path - properties: - key: - description: key is the key to project. - type: string - mode: - description: 'mode is Optional: mode bits used to set permissions on this file. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.' - type: integer - format: int32 - path: - description: path is the relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'. - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?' - type: string - optional: - description: optional specify whether the ConfigMap or its keys must be defined - type: boolean - x-kubernetes-map-type: atomic - emptyDir: - description: This is accessible behind a feature flag - kubernetes.podspec-emptydir - type: object - x-kubernetes-preserve-unknown-fields: true - name: - description: 'name of the volume. Must be a DNS_LABEL and unique within the pod. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - persistentVolumeClaim: - description: This is accessible behind a feature flag - kubernetes.podspec-persistent-volume-claim - type: object - x-kubernetes-preserve-unknown-fields: true - projected: - description: projected items for all in one resources secrets, configmaps, and downward API - type: object - properties: - defaultMode: - description: defaultMode are the mode bits used to set permissions on created files by default. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. Directories within the path are not affected by this setting. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. - type: integer - format: int32 - sources: - description: sources is the list of volume projections - type: array - items: - description: Projection that may be projected along with other supported volume types - type: object - properties: - configMap: - description: configMap information about the configMap data to project - type: object - properties: - items: - description: items if unspecified, each key-value pair in the Data field of the referenced ConfigMap will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the ConfigMap, the volume setup will error unless it is marked optional. Paths must be relative and may not contain the '..' path or start with '..'. - type: array - items: - description: Maps a string key to a path within a volume. - type: object - required: - - key - - path - properties: - key: - description: key is the key to project. - type: string - mode: - description: 'mode is Optional: mode bits used to set permissions on this file. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.' - type: integer - format: int32 - path: - description: path is the relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'. - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?' - type: string - optional: - description: optional specify whether the ConfigMap or its keys must be defined - type: boolean - x-kubernetes-map-type: atomic - secret: - description: secret information about the secret data to project - type: object - properties: - items: - description: items if unspecified, each key-value pair in the Data field of the referenced Secret will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the Secret, the volume setup will error unless it is marked optional. Paths must be relative and may not contain the '..' path or start with '..'. - type: array - items: - description: Maps a string key to a path within a volume. - type: object - required: - - key - - path - properties: - key: - description: key is the key to project. - type: string - mode: - description: 'mode is Optional: mode bits used to set permissions on this file. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.' - type: integer - format: int32 - path: - description: path is the relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'. - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?' - type: string - optional: - description: optional field specify whether the Secret or its key must be defined - type: boolean - x-kubernetes-map-type: atomic - serviceAccountToken: - description: serviceAccountToken is information about the serviceAccountToken data to project - type: object - required: - - path - properties: - audience: - description: audience is the intended audience of the token. A recipient of a token must identify itself with an identifier specified in the audience of the token, and otherwise should reject the token. The audience defaults to the identifier of the apiserver. - type: string - expirationSeconds: - description: expirationSeconds is the requested duration of validity of the service account token. As the token approaches expiration, the kubelet volume plugin will proactively rotate the service account token. The kubelet will start trying to rotate the token if the token is older than 80 percent of its time to live or if the token is older than 24 hours.Defaults to 1 hour and must be at least 10 minutes. - type: integer - format: int64 - path: - description: path is the path relative to the mount point of the file to project the token into. - type: string - secret: - description: 'secret represents a secret that should populate this volume. More info: https://kubernetes.io/docs/concepts/storage/volumes#secret' - type: object - properties: - defaultMode: - description: 'defaultMode is Optional: mode bits used to set permissions on created files by default. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. Defaults to 0644. Directories within the path are not affected by this setting. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.' - type: integer - format: int32 - items: - description: items If unspecified, each key-value pair in the Data field of the referenced Secret will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the Secret, the volume setup will error unless it is marked optional. Paths must be relative and may not contain the '..' path or start with '..'. - type: array - items: - description: Maps a string key to a path within a volume. - type: object - required: - - key - - path - properties: - key: - description: key is the key to project. - type: string - mode: - description: 'mode is Optional: mode bits used to set permissions on this file. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.' - type: integer - format: int32 - path: - description: path is the relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'. - type: string - optional: - description: optional field specify whether the Secret or its keys must be defined - type: boolean - secretName: - description: 'secretName is the name of the secret in the pod''s namespace to use. More info: https://kubernetes.io/docs/concepts/storage/volumes#secret' - type: string - traffic: - description: Traffic specifies how to distribute traffic over a collection of revisions and configurations. - type: array - items: - description: TrafficTarget holds a single entry of the routing table for a Route. - type: object - properties: - configurationName: - description: ConfigurationName of a configuration to whose latest revision we will send this portion of traffic. When the "status.latestReadyRevisionName" of the referenced configuration changes, we will automatically migrate traffic from the prior "latest ready" revision to the new one. This field is never set in Route's status, only its spec. This is mutually exclusive with RevisionName. - type: string - latestRevision: - description: LatestRevision may be optionally provided to indicate that the latest ready Revision of the Configuration should be used for this traffic target. When provided LatestRevision must be true if RevisionName is empty; it must be false when RevisionName is non-empty. - type: boolean - percent: - description: 'Percent indicates that percentage based routing should be used and the value indicates the percent of traffic that is be routed to this Revision or Configuration. `0` (zero) mean no traffic, `100` means all traffic. When percentage based routing is being used the follow rules apply: - the sum of all percent values must equal 100 - when not specified, the implied value for `percent` is zero for that particular Revision or Configuration' - type: integer - format: int64 - revisionName: - description: RevisionName of a specific revision to which to send this portion of traffic. This is mutually exclusive with ConfigurationName. - type: string - tag: - description: Tag is optionally used to expose a dedicated url for referencing this target exclusively. - type: string - url: - description: URL displays the URL for accessing named traffic targets. URL is displayed in status, and is disallowed on spec. URL must contain a scheme (e.g. http://) and a hostname, but may not contain anything else (e.g. basic auth, url path, etc.) - type: string - status: - description: ServiceStatus represents the Status stanza of the Service resource. - type: object - properties: - address: - description: Address holds the information needed for a Route to be the target of an event. - type: object - properties: - url: - type: string - annotations: - description: Annotations is additional Status fields for the Resource to save some additional State as well as convey more information to the user. This is roughly akin to Annotations on any k8s resource, just the reconciler conveying richer information outwards. - type: object - additionalProperties: - type: string - conditions: - description: Conditions the latest available observations of a resource's current state. - type: array - items: - description: 'Condition defines a readiness condition for a Knative resource. See: https://github.com/kubernetes/community/blob/master/contributors/devel/sig-architecture/api-conventions.md#typical-status-properties' - type: object - required: - - status - - type - properties: - lastTransitionTime: - description: LastTransitionTime is the last time the condition transitioned from one status to another. We use VolatileTime in place of metav1.Time to exclude this from creating equality.Semantic differences (all other things held constant). - type: string - message: - description: A human readable message indicating details about the transition. - type: string - reason: - description: The reason for the condition's last transition. - type: string - severity: - description: Severity with which to treat failures of this type of condition. When this is not specified, it defaults to Error. - type: string - status: - description: Status of the condition, one of True, False, Unknown. - type: string - type: - description: Type of condition. - type: string - latestCreatedRevisionName: - description: LatestCreatedRevisionName is the last revision that was created from this Configuration. It might not be ready yet, for that use LatestReadyRevisionName. - type: string - latestReadyRevisionName: - description: LatestReadyRevisionName holds the name of the latest Revision stamped out from this Configuration that has had its "Ready" condition become "True". - type: string - observedGeneration: - description: ObservedGeneration is the 'Generation' of the Service that was last processed by the controller. - type: integer - format: int64 - traffic: - description: Traffic holds the configured traffic distribution. These entries will always contain RevisionName references. When ConfigurationName appears in the spec, this will hold the LatestReadyRevisionName that we last observed. - type: array - items: - description: TrafficTarget holds a single entry of the routing table for a Route. - type: object - properties: - configurationName: - description: ConfigurationName of a configuration to whose latest revision we will send this portion of traffic. When the "status.latestReadyRevisionName" of the referenced configuration changes, we will automatically migrate traffic from the prior "latest ready" revision to the new one. This field is never set in Route's status, only its spec. This is mutually exclusive with RevisionName. - type: string - latestRevision: - description: LatestRevision may be optionally provided to indicate that the latest ready Revision of the Configuration should be used for this traffic target. When provided LatestRevision must be true if RevisionName is empty; it must be false when RevisionName is non-empty. - type: boolean - percent: - description: 'Percent indicates that percentage based routing should be used and the value indicates the percent of traffic that is be routed to this Revision or Configuration. `0` (zero) mean no traffic, `100` means all traffic. When percentage based routing is being used the follow rules apply: - the sum of all percent values must equal 100 - when not specified, the implied value for `percent` is zero for that particular Revision or Configuration' - type: integer - format: int64 - revisionName: - description: RevisionName of a specific revision to which to send this portion of traffic. This is mutually exclusive with ConfigurationName. - type: string - tag: - description: Tag is optionally used to expose a dedicated url for referencing this target exclusively. - type: string - url: - description: URL displays the URL for accessing named traffic targets. URL is displayed in status, and is disallowed on spec. URL must contain a scheme (e.g. http://) and a hostname, but may not contain anything else (e.g. basic auth, url path, etc.) - type: string - url: - description: URL holds the url that will distribute traffic over the provided traffic targets. It generally has the form http[s]://{route-name}.{route-namespace}.{cluster-level-suffix} - type: string - ---- -# Copyright 2018 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - name: images.caching.internal.knative.dev - labels: - app.kubernetes.io/name: knative-serving - app.kubernetes.io/version: "1.8.6" - knative.dev/crd-install: "true" -spec: - group: caching.internal.knative.dev - names: - kind: Image - plural: images - singular: image - categories: - - knative-internal - - caching - scope: Namespaced - versions: - - name: v1alpha1 - served: true - storage: true - subresources: - status: {} - schema: - openAPIV3Schema: - description: Image is a Knative abstraction that encapsulates the interface by which Knative components express a desire to have a particular image cached. - type: object - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - description: Spec holds the desired state of the Image (from the client). - type: object - required: - - image - properties: - image: - description: Image is the name of the container image url to cache across the cluster. - type: string - imagePullSecrets: - description: ImagePullSecrets contains the names of the Kubernetes Secrets containing login information used by the Pods which will run this container. - type: array - items: - description: LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. - type: object - properties: - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?' - type: string - x-kubernetes-map-type: atomic - serviceAccountName: - description: 'ServiceAccountName is the name of the Kubernetes ServiceAccount as which the Pods will run this container. This is potentially used to authenticate the image pull if the service account has attached pull secrets. For more information: https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/#add-imagepullsecrets-to-a-service-account' - type: string - status: - description: Status communicates the observed state of the Image (from the controller). - type: object - properties: - annotations: - description: Annotations is additional Status fields for the Resource to save some additional State as well as convey more information to the user. This is roughly akin to Annotations on any k8s resource, just the reconciler conveying richer information outwards. - type: object - additionalProperties: - type: string - conditions: - description: Conditions the latest available observations of a resource's current state. - type: array - items: - description: 'Condition defines a readiness condition for a Knative resource. See: https://github.com/kubernetes/community/blob/master/contributors/devel/sig-architecture/api-conventions.md#typical-status-properties' - type: object - required: - - status - - type - properties: - lastTransitionTime: - description: LastTransitionTime is the last time the condition transitioned from one status to another. We use VolatileTime in place of metav1.Time to exclude this from creating equality.Semantic differences (all other things held constant). - type: string - message: - description: A human readable message indicating details about the transition. - type: string - reason: - description: The reason for the condition's last transition. - type: string - severity: - description: Severity with which to treat failures of this type of condition. When this is not specified, it defaults to Error. - type: string - status: - description: Status of the condition, one of True, False, Unknown. - type: string - type: - description: Type of condition. - type: string - observedGeneration: - description: ObservedGeneration is the 'Generation' of the Service that was last processed by the controller. - type: integer - format: int64 - additionalPrinterColumns: - - name: Image - type: string - jsonPath: .spec.image - ---- diff --git a/cmd/operator/kodata/knative-serving/1.8.6/3-serving-hpa.yaml b/cmd/operator/kodata/knative-serving/1.8.6/3-serving-hpa.yaml deleted file mode 100644 index 3f64a05636..0000000000 --- a/cmd/operator/kodata/knative-serving/1.8.6/3-serving-hpa.yaml +++ /dev/null @@ -1,112 +0,0 @@ -# Copyright 2019 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: apps/v1 -kind: Deployment -metadata: - name: autoscaler-hpa - namespace: knative-serving - labels: - autoscaling.knative.dev/autoscaler-provider: hpa - app.kubernetes.io/component: autoscaler-hpa - app.kubernetes.io/name: knative-serving - app.kubernetes.io/version: "1.8.6" -spec: - selector: - matchLabels: - app: autoscaler-hpa - template: - metadata: - annotations: - cluster-autoscaler.kubernetes.io/safe-to-evict: "true" - labels: - app: autoscaler-hpa - app.kubernetes.io/component: autoscaler-hpa - app.kubernetes.io/name: knative-serving - app.kubernetes.io/version: "1.8.6" - spec: - # To avoid node becoming SPOF, spread our replicas to different nodes. - affinity: - podAntiAffinity: - preferredDuringSchedulingIgnoredDuringExecution: - - podAffinityTerm: - labelSelector: - matchLabels: - app: autoscaler-hpa - topologyKey: kubernetes.io/hostname - weight: 100 - serviceAccountName: controller - containers: - - name: autoscaler-hpa - # This is the Go import path for the binary that is containerized - # and substituted here. - image: gcr.io/knative-releases/knative.dev/serving/cmd/autoscaler-hpa@sha256:9160e6a2d646a93b51f5068f655f3fec3674110232e3be73260dcc2dd0c1adcd - resources: - requests: - cpu: 30m - memory: 40Mi - limits: - cpu: 300m - memory: 400Mi - env: - - name: SYSTEM_NAMESPACE - valueFrom: - fieldRef: - fieldPath: metadata.namespace - - name: CONFIG_LOGGING_NAME - value: config-logging - - name: CONFIG_OBSERVABILITY_NAME - value: config-observability - # TODO(https://github.com/knative/pkg/pull/953): Remove stackdriver specific config - - name: METRICS_DOMAIN - value: knative.dev/serving - securityContext: - allowPrivilegeEscalation: false - readOnlyRootFilesystem: true - runAsNonRoot: true - capabilities: - drop: - - ALL - seccompProfile: - type: RuntimeDefault - ports: - - name: metrics - containerPort: 9090 - - name: profiling - containerPort: 8008 ---- -apiVersion: v1 -kind: Service -metadata: - labels: - app: autoscaler-hpa - autoscaling.knative.dev/autoscaler-provider: hpa - app.kubernetes.io/component: autoscaler-hpa - app.kubernetes.io/name: knative-serving - app.kubernetes.io/version: "1.8.6" - name: autoscaler-hpa - namespace: knative-serving -spec: - ports: - # Define metrics and profiling for them to be accessible within service meshes. - - name: http-metrics - port: 9090 - targetPort: 9090 - - name: http-profiling - port: 8008 - targetPort: 8008 - selector: - app: autoscaler-hpa - ---- diff --git a/cmd/operator/kodata/knative-serving/1.8.6/4-serving-post-install-jobs.yaml b/cmd/operator/kodata/knative-serving/1.8.6/4-serving-post-install-jobs.yaml deleted file mode 100644 index 0b8b534576..0000000000 --- a/cmd/operator/kodata/knative-serving/1.8.6/4-serving-post-install-jobs.yaml +++ /dev/null @@ -1,70 +0,0 @@ - ---- -# /tmp/knative.8x2B5C3W/tmp.JJteTt0PBw/serving-storage-version-migration.yaml -# Copyright 2020 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: batch/v1 -kind: Job -metadata: - generateName: storage-version-migration-serving- - namespace: knative-serving - labels: - app: storage-version-migration-serving - app.kubernetes.io/name: knative-serving - app.kubernetes.io/component: storage-version-migration-job - app.kubernetes.io/version: "1.8.6" -spec: - ttlSecondsAfterFinished: 600 - backoffLimit: 10 - template: - metadata: - annotations: - sidecar.istio.io/inject: "false" - labels: - app: storage-version-migration-serving - app.kubernetes.io/name: knative-serving - app.kubernetes.io/component: storage-version-migration-job - app.kubernetes.io/version: "1.8.6" - spec: - serviceAccountName: controller - restartPolicy: OnFailure - containers: - - name: migrate - # This is the Go import path for the binary that is containerized - # and substituted here. - image: gcr.io/knative-releases/knative.dev/pkg/apiextensions/storageversion/cmd/migrate@sha256:24483f5ab8ca10f7cb4f740cb5075c3b06b676949921ee64c02cceb5c1aff7ef - args: - - "services.serving.knative.dev" - - "configurations.serving.knative.dev" - - "revisions.serving.knative.dev" - - "routes.serving.knative.dev" - resources: - requests: - cpu: 100m - memory: 100Mi - limits: - cpu: 1000m - memory: 1000Mi - securityContext: - allowPrivilegeEscalation: false - readOnlyRootFilesystem: true - runAsNonRoot: true - capabilities: - drop: - - ALL - seccompProfile: - type: RuntimeDefault - ---- diff --git a/go.mod b/go.mod index c8b6432901..fa53ab1ad0 100644 --- a/go.mod +++ b/go.mod @@ -13,7 +13,7 @@ require ( gocloud.dev v0.22.0 golang.org/x/mod v0.13.0 golang.org/x/oauth2 v0.13.0 - google.golang.org/api v0.147.0 + google.golang.org/api v0.148.0 istio.io/api v0.0.0-20220420164308-b6a03a9e477e istio.io/client-go v1.13.3 k8s.io/api v0.27.6 @@ -21,10 +21,10 @@ require ( k8s.io/client-go v0.27.6 k8s.io/code-generator v0.27.6 k8s.io/utils v0.0.0-20230209194617-a36077c30491 - knative.dev/caching v0.0.0-20231017130712-54d0758671ef + knative.dev/caching v0.0.0-20231023174851-e3e39c3f4bff knative.dev/eventing v0.39.0 - knative.dev/hack v0.0.0-20231016131700-2c938d4918da - knative.dev/pkg v0.0.0-20231023151236-29775d7c9e5c + knative.dev/hack v0.0.0-20231025074238-d4af42e9b222 + knative.dev/pkg v0.0.0-20231023152443-b7a62c0b7003 knative.dev/serving v0.39.0 sigs.k8s.io/yaml v1.3.0 ) @@ -88,7 +88,7 @@ require ( github.com/kelseyhightower/envconfig v1.4.0 // indirect github.com/mailru/easyjson v0.7.7 // indirect github.com/mattn/go-ieproxy v0.0.1 // indirect - github.com/matttproud/golang_protobuf_extensions v1.0.4 // indirect + github.com/matttproud/golang_protobuf_extensions/v2 v2.0.0 // indirect github.com/mitchellh/go-homedir v1.1.0 // indirect github.com/modern-go/concurrent v0.0.0-20180306012644-bacd9c7ef1dd // indirect github.com/modern-go/reflect2 v1.0.2 // indirect @@ -100,7 +100,7 @@ require ( github.com/pmezard/go-difflib v1.0.0 // indirect github.com/prometheus/client_golang v1.17.0 // indirect github.com/prometheus/client_model v0.4.1-0.20230718164431-9a2bf3000d16 // indirect - github.com/prometheus/common v0.44.0 // indirect + github.com/prometheus/common v0.45.0 // indirect github.com/prometheus/procfs v0.11.1 // indirect github.com/prometheus/statsd_exporter v0.22.7 // indirect github.com/rickb777/date v1.13.0 // indirect @@ -128,8 +128,8 @@ require ( google.golang.org/appengine v1.6.7 // indirect google.golang.org/genproto v0.0.0-20231002182017-d307bd883b97 // indirect google.golang.org/genproto/googleapis/api v0.0.0-20231002182017-d307bd883b97 // indirect - google.golang.org/genproto/googleapis/rpc v0.0.0-20231009173412-8bfb1ae86b6c // indirect - google.golang.org/grpc v1.58.3 // indirect + google.golang.org/genproto/googleapis/rpc v0.0.0-20231012201019-e917dd12ba7a // indirect + google.golang.org/grpc v1.59.0 // indirect google.golang.org/protobuf v1.31.0 // indirect gopkg.in/inf.v0 v0.9.1 // indirect gopkg.in/yaml.v2 v2.4.0 // indirect diff --git a/go.sum b/go.sum index f37b799cf4..2b0bbf7152 100644 --- a/go.sum +++ b/go.sum @@ -363,7 +363,7 @@ github.com/golang-jwt/jwt/v4 v4.4.2 h1:rcc4lwaZgFMCZ5jxF9ABolDcIHdBytAFgqFPbSJQA github.com/golang-jwt/jwt/v4 v4.4.2/go.mod h1:m21LjoU+eqJr34lmDMbreY2eSTRJ1cv77w39/MY0Ch0= github.com/golang-sql/civil v0.0.0-20190719163853-cb61b32ac6fe/go.mod h1:8vg3r2VgvsThLBIFL93Qb5yWzgyZWhEmBwUJWevAkK0= github.com/golang/glog v0.0.0-20160126235308-23def4e6c14b/go.mod h1:SBH7ygxi8pfUlaOkMMuAQtPIUF8ecWP5IEl/CR7VP2Q= -github.com/golang/glog v1.1.0 h1:/d3pCKDPWNnvIWe0vVUpNP32qc8U3PDVxySP/y360qE= +github.com/golang/glog v1.1.2 h1:DVjP2PbBOzHyzA+dn3WhHIq4NdVu3Q+pvivFICf/7fo= github.com/golang/groupcache v0.0.0-20160516000752-02826c3e7903/go.mod h1:cIg4eruTrX1D+g88fzRXU5OdNfaM+9IcxsU14FzY7Hc= github.com/golang/groupcache v0.0.0-20190129154638-5b532d6fd5ef/go.mod h1:cIg4eruTrX1D+g88fzRXU5OdNfaM+9IcxsU14FzY7Hc= github.com/golang/groupcache v0.0.0-20190702054246-869f871628b6/go.mod h1:cIg4eruTrX1D+g88fzRXU5OdNfaM+9IcxsU14FzY7Hc= @@ -583,8 +583,8 @@ github.com/mattn/go-runewidth v0.0.2/go.mod h1:LwmH8dsx7+W8Uxz3IHJYH5QSwggIsqBzp github.com/mattn/goveralls v0.0.2/go.mod h1:8d1ZMHsd7fW6IRPKQh46F2WRpyib5/X4FOpevwGNQEw= github.com/matttproud/golang_protobuf_extensions v1.0.1/go.mod h1:D8He9yQNgCq6Z5Ld7szi9bcBfOoFv/3dc6xSMkL2PC0= github.com/matttproud/golang_protobuf_extensions v1.0.2-0.20181231171920-c182affec369/go.mod h1:BSXmuO+STAnVfrANrmjBb36TMTDstsz7MSK+HVaYKv4= -github.com/matttproud/golang_protobuf_extensions v1.0.4 h1:mmDVorXM7PCGKw94cs5zkfA9PSy5pEvNWRP0ET0TIVo= -github.com/matttproud/golang_protobuf_extensions v1.0.4/go.mod h1:BSXmuO+STAnVfrANrmjBb36TMTDstsz7MSK+HVaYKv4= +github.com/matttproud/golang_protobuf_extensions/v2 v2.0.0 h1:jWpvCLoY8Z/e3VKvlsiIGKtc+UG6U5vzxaoagmhXfyg= +github.com/matttproud/golang_protobuf_extensions/v2 v2.0.0/go.mod h1:QUyp042oQthUoa9bqDv0ER0wrtXnBruoNd7aNjkbP+k= github.com/mitchellh/go-homedir v1.1.0 h1:lukF9ziXFxDFPkA1vsr5zpc1XuPDn/wFntq5mG+4E0Y= github.com/mitchellh/go-homedir v1.1.0/go.mod h1:SfyaCUpYCn1Vlf4IUYiD9fPX4A5wJrkLzIz1N1q0pr0= github.com/mitchellh/mapstructure v1.1.2/go.mod h1:FVVH3fgwuzCH5S8UJGiWEs2h04kUh9fWfEaFds41c1Y= @@ -672,8 +672,8 @@ github.com/prometheus/common v0.26.0/go.mod h1:M7rCNAaPfAosfx8veZJCuw84e35h3Cfd9 github.com/prometheus/common v0.32.1/go.mod h1:vu+V0TpY+O6vW9J44gczi3Ap/oXXR10b+M/gUGO4Hls= github.com/prometheus/common v0.35.0/go.mod h1:phzohg0JFMnBEFGxTDbfu3QyL5GI8gTQJFhYO5B3mfA= github.com/prometheus/common v0.37.0/go.mod h1:phzohg0JFMnBEFGxTDbfu3QyL5GI8gTQJFhYO5B3mfA= -github.com/prometheus/common v0.44.0 h1:+5BrQJwiBB9xsMygAB3TNvpQKOwlkc25LbISbrdOOfY= -github.com/prometheus/common v0.44.0/go.mod h1:ofAIvZbQ1e/nugmZGz4/qCb9Ap1VoSTIO7x0VV9VvuY= +github.com/prometheus/common v0.45.0 h1:2BGz0eBc2hdMDLnO/8n0jeB3oPrt2D08CekT0lneoxM= +github.com/prometheus/common v0.45.0/go.mod h1:YJmSTw9BoKxJplESWWxlbyttQR4uaEcGyv9MZjVOJsY= github.com/prometheus/procfs v0.0.0-20181005140218-185b4288413d/go.mod h1:c3At6R/oaqEKCNdg8wHV1ftS6bRYblBhIjjI8uT2IGk= github.com/prometheus/procfs v0.0.0-20190507164030-5867b95ac084/go.mod h1:TjEm7ze935MbeOT/UhFTIMYKhuLP4wbCsTZCD3I8kEA= github.com/prometheus/procfs v0.0.2/go.mod h1:TjEm7ze935MbeOT/UhFTIMYKhuLP4wbCsTZCD3I8kEA= @@ -1168,8 +1168,8 @@ google.golang.org/api v0.36.0/go.mod h1:+z5ficQTmoYpPn8LCUNVpK5I7hwkpjbcgqA7I34q google.golang.org/api v0.40.0/go.mod h1:fYKFpnQN0DsDSKRVRcQSDQNtqWPfM9i+zNPxepjRCQ8= google.golang.org/api v0.41.0/go.mod h1:RkxM5lITDfTzmyKFPt+wGrCJbVfniCr2ool8kTBzRTU= google.golang.org/api v0.43.0/go.mod h1:nQsDGjRXMo4lvh5hP0TKqF244gqhGcr/YSIykhUk/94= -google.golang.org/api v0.147.0 h1:Can3FaQo9LlVqxJCodNmeZW/ib3/qKAY3rFeXiHo5gc= -google.golang.org/api v0.147.0/go.mod h1:pQ/9j83DcmPd/5C9e2nFOdjjNkDZ1G+zkbK2uvdkJMs= +google.golang.org/api v0.148.0 h1:HBq4TZlN4/1pNcu0geJZ/Q50vIwIXT532UIMYoo0vOs= +google.golang.org/api v0.148.0/go.mod h1:8/TBgwaKjfqTdacOJrOv2+2Q6fBDU1uHKK06oGSkxzU= google.golang.org/appengine v1.1.0/go.mod h1:EbEs0AVv82hx2wNQdGPgUI5lhzA/G0D9YwlJXL52JkM= google.golang.org/appengine v1.4.0/go.mod h1:xpcJRLb0r/rnEns0DIKYYv+WjYCduHsrkT7/EB5XEv4= google.golang.org/appengine v1.5.0/go.mod h1:xpcJRLb0r/rnEns0DIKYYv+WjYCduHsrkT7/EB5XEv4= @@ -1232,8 +1232,8 @@ google.golang.org/genproto v0.0.0-20231002182017-d307bd883b97 h1:SeZZZx0cP0fqUyA google.golang.org/genproto v0.0.0-20231002182017-d307bd883b97/go.mod h1:t1VqOqqvce95G3hIDCT5FeO3YUc6Q4Oe24L/+rNMxRk= google.golang.org/genproto/googleapis/api v0.0.0-20231002182017-d307bd883b97 h1:W18sezcAYs+3tDZX4F80yctqa12jcP1PUS2gQu1zTPU= google.golang.org/genproto/googleapis/api v0.0.0-20231002182017-d307bd883b97/go.mod h1:iargEX0SFPm3xcfMI0d1domjg0ZF4Aa0p2awqyxhvF0= -google.golang.org/genproto/googleapis/rpc v0.0.0-20231009173412-8bfb1ae86b6c h1:jHkCUWkseRf+W+edG5hMzr/Uh1xkDREY4caybAq4dpY= -google.golang.org/genproto/googleapis/rpc v0.0.0-20231009173412-8bfb1ae86b6c/go.mod h1:4cYg8o5yUbm77w8ZX00LhMVNl/YVBFJRYWDc0uYWMs0= +google.golang.org/genproto/googleapis/rpc v0.0.0-20231012201019-e917dd12ba7a h1:a2MQQVoTo96JC9PMGtGBymLp7+/RzpFc2yX/9WfFg1c= +google.golang.org/genproto/googleapis/rpc v0.0.0-20231012201019-e917dd12ba7a/go.mod h1:4cYg8o5yUbm77w8ZX00LhMVNl/YVBFJRYWDc0uYWMs0= google.golang.org/grpc v1.19.0/go.mod h1:mqu4LbDTu4XGKhr4mRzUsmM4RtVoemTSY81AxZiDr8c= google.golang.org/grpc v1.20.0/go.mod h1:chYK+tFQF0nDUGJgXMSgLCQk3phJEuONr2DCgLDdAQM= google.golang.org/grpc v1.20.1/go.mod h1:10oTOabMzJvdu6/UiuZezV6QK5dSlG84ov/aaiqXj38= @@ -1259,8 +1259,8 @@ google.golang.org/grpc v1.36.0/go.mod h1:qjiiYl8FncCW8feJPdyg3v6XW24KsRHe+dy9BAG google.golang.org/grpc v1.36.1/go.mod h1:qjiiYl8FncCW8feJPdyg3v6XW24KsRHe+dy9BAGRRjU= google.golang.org/grpc v1.40.0/go.mod h1:ogyxbiOoUXAkP+4+xa6PZSE9DZgIHtSpzjDTB9KAK34= google.golang.org/grpc v1.42.0/go.mod h1:k+4IHHFw41K8+bbowsex27ge2rCb65oeWqe4jJ590SU= -google.golang.org/grpc v1.58.3 h1:BjnpXut1btbtgN/6sp+brB2Kbm2LjNXnidYujAVbSoQ= -google.golang.org/grpc v1.58.3/go.mod h1:tgX3ZQDlNJGU96V6yHh1T/JeoBQ2TXdr43YbYSsCJk0= +google.golang.org/grpc v1.59.0 h1:Z5Iec2pjwb+LEOqzpB2MR12/eKFhDPhuqW91O+4bwUk= +google.golang.org/grpc v1.59.0/go.mod h1:aUPDwccQo6OTjy7Hct4AfBPD1GptF4fyUjIkQ9YtF98= google.golang.org/protobuf v0.0.0-20200109180630-ec00e32a8dfd/go.mod h1:DFci5gLYBciE7Vtevhsrf46CRTquxDuWsQurQQe4oz8= google.golang.org/protobuf v0.0.0-20200221191635-4d8936d0db64/go.mod h1:kwYJMbMJ01Woi6D6+Kah6886xMZcty6N08ah7+eCXa0= google.golang.org/protobuf v0.0.0-20200228230310-ab0ca4ff8a60/go.mod h1:cfTl7dwQJ+fmap5saPgwCLgHXTUD7jkjRqWcaiX5VyM= @@ -1389,16 +1389,16 @@ k8s.io/utils v0.0.0-20210819203725-bdf08cb9a70a/go.mod h1:jPW/WVKK9YHAvNhRxK0md/ k8s.io/utils v0.0.0-20210930125809-cb0fa318a74b/go.mod h1:jPW/WVKK9YHAvNhRxK0md/EJ228hCsBRufyofKtW8HA= k8s.io/utils v0.0.0-20230209194617-a36077c30491 h1:r0BAOLElQnnFhE/ApUsg3iHdVYYPBjNSSOMowRZxxsY= k8s.io/utils v0.0.0-20230209194617-a36077c30491/go.mod h1:OLgZIPagt7ERELqWJFomSt595RzquPNLL48iOWgYOg0= -knative.dev/caching v0.0.0-20231017130712-54d0758671ef h1:92Gn5HUcgMJ78mbSpkCfUxrCTHHZSnvjURk0YRCbUqo= -knative.dev/caching v0.0.0-20231017130712-54d0758671ef/go.mod h1:plGN+mIBKRtVxZ0vQeZ3Gt02RIaj0niwIMnQNkQHycw= +knative.dev/caching v0.0.0-20231023174851-e3e39c3f4bff h1:4vWbQsnE8nv9ugK/DpwDCZSiaMIUJ7NW0XCh0d8hXGw= +knative.dev/caching v0.0.0-20231023174851-e3e39c3f4bff/go.mod h1:oih9hU4xTM6wi16Wha7eSnk52MB7uDvMhC0C+g4hVrQ= knative.dev/eventing v0.39.0 h1:UlP5sSfxUzsFvdDF+T22EYoaz9LdITcha1oF898kLFw= knative.dev/eventing v0.39.0/go.mod h1:MlEiEcHALqZnu0OFMuWdJfjBzM7HlSJfk8pQbTcIy4o= -knative.dev/hack v0.0.0-20231016131700-2c938d4918da h1:xy+fvuz2LDOMsZ5UwXRaMF70NYUs9fsG+EF5/ierYBg= -knative.dev/hack v0.0.0-20231016131700-2c938d4918da/go.mod h1:yk2OjGDsbEnQjfxdm0/HJKS2WqTLEFg/N6nUs6Rqx3Q= +knative.dev/hack v0.0.0-20231025074238-d4af42e9b222 h1:xjfhm3OayDP+7n8cWnETiwG/TXsAeyKFQQsbxPlZ0WQ= +knative.dev/hack v0.0.0-20231025074238-d4af42e9b222/go.mod h1:yk2OjGDsbEnQjfxdm0/HJKS2WqTLEFg/N6nUs6Rqx3Q= knative.dev/networking v0.0.0-20231017124814-2a7676e912b7 h1:6+1icZuxiZO1paFZ4d/ysKWVG2M4WB7OxNJNyLG0P/E= knative.dev/networking v0.0.0-20231017124814-2a7676e912b7/go.mod h1:1gcHoIVG47ekQWjkddqRq+/7tWRh+CB9W4k/NAcdRbk= -knative.dev/pkg v0.0.0-20231023151236-29775d7c9e5c h1:xyPoEToTWeBdn6tinhLxXfnhJhTNQt5WzHiTNiFphRw= -knative.dev/pkg v0.0.0-20231023151236-29775d7c9e5c/go.mod h1:HHRXEd7ZlFpthgE+rwAZ6MUVnuJOAeolnaFSthXloUQ= +knative.dev/pkg v0.0.0-20231023152443-b7a62c0b7003 h1:oeJLBwgNdO+UE4McWemwj41lfTfnEl8eC/vhaWqx/ME= +knative.dev/pkg v0.0.0-20231023152443-b7a62c0b7003/go.mod h1:RE2nhTVkvAM+kK+q+US3Anv0+g4s8s87Fv+ZrQHCc60= knative.dev/serving v0.39.0 h1:NVt8WthHmFFMWZ3qpBblXt47del8qqrbCegqwGBVSwk= knative.dev/serving v0.39.0/go.mod h1:0QIp5mvgWa1oUC2MxMf+Q/JWgG8JhAsSdJKc6iTRlvE= nhooyr.io/websocket v1.8.6/go.mod h1:B70DZP8IakI65RVQ51MsWP/8jndNma26DVA/nFSCgW0= diff --git a/hack/update-codegen.sh b/hack/update-codegen.sh index 8a0e0f349b..11cc17c4ac 100755 --- a/hack/update-codegen.sh +++ b/hack/update-codegen.sh @@ -22,7 +22,7 @@ source $(dirname $0)/../vendor/knative.dev/hack/codegen-library.sh # If we run with -mod=vendor here, then generate-groups.sh looks for vendor files in the wrong place. export GOFLAGS=-mod= -readonly RELEASE_VERSION="v1.11" +readonly RELEASE_VERSION="v1.12" boilerplate="${REPO_ROOT_DIR}/hack/boilerplate/boilerplate.go.txt" diff --git a/pkg/reconciler/knativeserving/security/security_test.go b/pkg/reconciler/knativeserving/security/security_test.go index 7bef23ecd3..75cee1b428 100644 --- a/pkg/reconciler/knativeserving/security/security_test.go +++ b/pkg/reconciler/knativeserving/security/security_test.go @@ -43,7 +43,7 @@ func TestAppendTargetSecurityGuard(t *testing.T) { instance: servingv1beta1.KnativeServing{ Spec: servingv1beta1.KnativeServingSpec{ CommonSpec: base.CommonSpec{ - Version: "1.8.0", + Version: "1.12.0", }, Security: &servingv1beta1.SecurityConfigs{ SecurityGuard: base.SecurityGuardConfiguration{ diff --git a/pkg/reconciler/knativeserving/security/securityguard.go b/pkg/reconciler/knativeserving/security/securityguard.go index 85617c5b97..65ae6e1c8d 100644 --- a/pkg/reconciler/knativeserving/security/securityguard.go +++ b/pkg/reconciler/knativeserving/security/securityguard.go @@ -33,10 +33,10 @@ import ( var ( // SecurityGuardVersion is the hash map to maintain the relationship between knative version and the security guard version SecurityGuardVersion = map[string]string{ + "v1.12": "0.6", "v1.11": "0.6", "v1.10": "0.6", "v1.9": "0.6", - "v1.8": "0.6", } // QueueProxyMountPodInfoKey is the key for the QueueProxyMountPodInfo diff --git a/pkg/reconciler/knativeserving/security/testdata/kodata/knative-serving/1.8.0/serving-core.yaml b/pkg/reconciler/knativeserving/security/testdata/kodata/knative-serving/1.12.0/serving-core.yaml similarity index 100% rename from pkg/reconciler/knativeserving/security/testdata/kodata/knative-serving/1.8.0/serving-core.yaml rename to pkg/reconciler/knativeserving/security/testdata/kodata/knative-serving/1.12.0/serving-core.yaml diff --git a/test/e2e-common.sh b/test/e2e-common.sh index e70d2a08d2..d30f4e522d 100755 --- a/test/e2e-common.sh +++ b/test/e2e-common.sh @@ -23,9 +23,9 @@ readonly PREVIOUS_SERVING_RELEASE_VERSION="1.11" readonly PREVIOUS_EVENTING_RELEASE_VERSION="1.11" # The target serving/eventing release to upgrade, installed by the operator. It can be a release available under # kodata or an incoming new release. This value should be in the semantic format of major.minor. -readonly TARGET_RELEASE_VERSION="latest" +readonly TARGET_RELEASE_VERSION="1.12" # This is the branch name of knative repos, where we run the upgrade tests. -readonly KNATIVE_REPO_BRANCH="${PULL_BASE_REF}" +readonly KNATIVE_REPO_BRANCH="release-1.12" # Namespaces used for tests # This environment variable TEST_NAMESPACE defines the namespace to install Knative Serving. export TEST_NAMESPACE="${TEST_NAMESPACE:-knative-operator-testing}" diff --git a/third_party/VENDOR-LICENSE/github.com/matttproud/golang_protobuf_extensions/pbutil/LICENSE b/third_party/VENDOR-LICENSE/github.com/matttproud/golang_protobuf_extensions/v2/pbutil/LICENSE similarity index 100% rename from third_party/VENDOR-LICENSE/github.com/matttproud/golang_protobuf_extensions/pbutil/LICENSE rename to third_party/VENDOR-LICENSE/github.com/matttproud/golang_protobuf_extensions/v2/pbutil/LICENSE diff --git a/third_party/VENDOR-LICENSE/github.com/matttproud/golang_protobuf_extensions/pbutil/NOTICE b/third_party/VENDOR-LICENSE/github.com/matttproud/golang_protobuf_extensions/v2/pbutil/NOTICE similarity index 100% rename from third_party/VENDOR-LICENSE/github.com/matttproud/golang_protobuf_extensions/pbutil/NOTICE rename to third_party/VENDOR-LICENSE/github.com/matttproud/golang_protobuf_extensions/v2/pbutil/NOTICE diff --git a/vendor/github.com/matttproud/golang_protobuf_extensions/LICENSE b/vendor/github.com/matttproud/golang_protobuf_extensions/v2/LICENSE similarity index 100% rename from vendor/github.com/matttproud/golang_protobuf_extensions/LICENSE rename to vendor/github.com/matttproud/golang_protobuf_extensions/v2/LICENSE diff --git a/vendor/github.com/matttproud/golang_protobuf_extensions/NOTICE b/vendor/github.com/matttproud/golang_protobuf_extensions/v2/NOTICE similarity index 100% rename from vendor/github.com/matttproud/golang_protobuf_extensions/NOTICE rename to vendor/github.com/matttproud/golang_protobuf_extensions/v2/NOTICE diff --git a/vendor/github.com/matttproud/golang_protobuf_extensions/pbutil/.gitignore b/vendor/github.com/matttproud/golang_protobuf_extensions/v2/pbutil/.gitignore similarity index 100% rename from vendor/github.com/matttproud/golang_protobuf_extensions/pbutil/.gitignore rename to vendor/github.com/matttproud/golang_protobuf_extensions/v2/pbutil/.gitignore diff --git a/vendor/github.com/matttproud/golang_protobuf_extensions/pbutil/Makefile b/vendor/github.com/matttproud/golang_protobuf_extensions/v2/pbutil/Makefile similarity index 100% rename from vendor/github.com/matttproud/golang_protobuf_extensions/pbutil/Makefile rename to vendor/github.com/matttproud/golang_protobuf_extensions/v2/pbutil/Makefile diff --git a/vendor/github.com/matttproud/golang_protobuf_extensions/pbutil/decode.go b/vendor/github.com/matttproud/golang_protobuf_extensions/v2/pbutil/decode.go similarity index 83% rename from vendor/github.com/matttproud/golang_protobuf_extensions/pbutil/decode.go rename to vendor/github.com/matttproud/golang_protobuf_extensions/v2/pbutil/decode.go index 258c0636aa..7c08e564f1 100644 --- a/vendor/github.com/matttproud/golang_protobuf_extensions/pbutil/decode.go +++ b/vendor/github.com/matttproud/golang_protobuf_extensions/v2/pbutil/decode.go @@ -19,9 +19,10 @@ import ( "errors" "io" - "github.com/golang/protobuf/proto" + "google.golang.org/protobuf/proto" ) +// TODO: Give error package name prefix in next minor release. var errInvalidVarint = errors.New("invalid varint32 encountered") // ReadDelimited decodes a message from the provided length-delimited stream, @@ -36,6 +37,12 @@ var errInvalidVarint = errors.New("invalid varint32 encountered") // of the stream has been reached in doing so. In that case, any subsequent // calls return (0, io.EOF). func ReadDelimited(r io.Reader, m proto.Message) (n int, err error) { + // TODO: Consider allowing the caller to specify a decode buffer in the + // next major version. + + // TODO: Consider using error wrapping to annotate error state in pass- + // through cases in the next minor version. + // Per AbstractParser#parsePartialDelimitedFrom with // CodedInputStream#readRawVarint32. var headerBuf [binary.MaxVarintLen32]byte @@ -53,15 +60,14 @@ func ReadDelimited(r io.Reader, m proto.Message) (n int, err error) { if err != nil { return bytesRead, err } - // A Reader should not return (0, nil), but if it does, - // it should be treated as no-op (according to the - // Reader contract). So let's go on... + // A Reader should not return (0, nil); but if it does, it should + // be treated as no-op according to the Reader contract. continue } bytesRead += newBytesRead // Now present everything read so far to the varint decoder and // see if a varint can be decoded already. - messageLength, varIntBytes = proto.DecodeVarint(headerBuf[:bytesRead]) + messageLength, varIntBytes = binary.Uvarint(headerBuf[:bytesRead]) } messageBuf := make([]byte, messageLength) diff --git a/vendor/github.com/matttproud/golang_protobuf_extensions/pbutil/doc.go b/vendor/github.com/matttproud/golang_protobuf_extensions/v2/pbutil/doc.go similarity index 100% rename from vendor/github.com/matttproud/golang_protobuf_extensions/pbutil/doc.go rename to vendor/github.com/matttproud/golang_protobuf_extensions/v2/pbutil/doc.go diff --git a/vendor/github.com/matttproud/golang_protobuf_extensions/pbutil/encode.go b/vendor/github.com/matttproud/golang_protobuf_extensions/v2/pbutil/encode.go similarity index 91% rename from vendor/github.com/matttproud/golang_protobuf_extensions/pbutil/encode.go rename to vendor/github.com/matttproud/golang_protobuf_extensions/v2/pbutil/encode.go index 8fb59ad226..e58dd9d297 100644 --- a/vendor/github.com/matttproud/golang_protobuf_extensions/pbutil/encode.go +++ b/vendor/github.com/matttproud/golang_protobuf_extensions/v2/pbutil/encode.go @@ -18,7 +18,7 @@ import ( "encoding/binary" "io" - "github.com/golang/protobuf/proto" + "google.golang.org/protobuf/proto" ) // WriteDelimited encodes and dumps a message to the provided writer prefixed @@ -28,6 +28,9 @@ import ( // number of bytes written and any applicable error. This is roughly // equivalent to the companion Java API's MessageLite#writeDelimitedTo. func WriteDelimited(w io.Writer, m proto.Message) (n int, err error) { + // TODO: Consider allowing the caller to specify an encode buffer in the + // next major version. + buffer, err := proto.Marshal(m) if err != nil { return 0, err diff --git a/vendor/github.com/prometheus/common/expfmt/decode.go b/vendor/github.com/prometheus/common/expfmt/decode.go index 9063978151..0ca86a3dc7 100644 --- a/vendor/github.com/prometheus/common/expfmt/decode.go +++ b/vendor/github.com/prometheus/common/expfmt/decode.go @@ -22,7 +22,7 @@ import ( dto "github.com/prometheus/client_model/go" - "github.com/matttproud/golang_protobuf_extensions/pbutil" + "github.com/matttproud/golang_protobuf_extensions/v2/pbutil" "github.com/prometheus/common/model" ) diff --git a/vendor/github.com/prometheus/common/expfmt/encode.go b/vendor/github.com/prometheus/common/expfmt/encode.go index 7f611ffaad..ca21406000 100644 --- a/vendor/github.com/prometheus/common/expfmt/encode.go +++ b/vendor/github.com/prometheus/common/expfmt/encode.go @@ -18,7 +18,7 @@ import ( "io" "net/http" - "github.com/matttproud/golang_protobuf_extensions/pbutil" + "github.com/matttproud/golang_protobuf_extensions/v2/pbutil" "github.com/prometheus/common/internal/bitbucket.org/ww/goautoneg" "google.golang.org/protobuf/encoding/prototext" diff --git a/vendor/google.golang.org/api/internal/version.go b/vendor/google.golang.org/api/internal/version.go index b0a50e8416..5fac05c085 100644 --- a/vendor/google.golang.org/api/internal/version.go +++ b/vendor/google.golang.org/api/internal/version.go @@ -5,4 +5,4 @@ package internal // Version is the current tagged release of the library. -const Version = "0.147.0" +const Version = "0.148.0" diff --git a/vendor/google.golang.org/api/storage/v1/storage-api.json b/vendor/google.golang.org/api/storage/v1/storage-api.json index adc2dc58bf..2af5c30f44 100644 --- a/vendor/google.golang.org/api/storage/v1/storage-api.json +++ b/vendor/google.golang.org/api/storage/v1/storage-api.json @@ -26,7 +26,7 @@ "description": "Stores and retrieves potentially large, immutable data objects.", "discoveryVersion": "v1", "documentationLink": "https://developers.google.com/storage/docs/json_api/", - "etag": "\"32313532343139313031303538363232393732\"", + "etag": "\"3133333835393639383131353638313238353437\"", "icons": { "x16": "https://www.google.com/images/icons/product/cloud_storage-16.png", "x32": "https://www.google.com/images/icons/product/cloud_storage-32.png" @@ -1144,6 +1144,301 @@ } } }, + "managedFolders": { + "methods": { + "delete": { + "description": "Permanently deletes a managed folder.", + "httpMethod": "DELETE", + "id": "storage.managedFolders.delete", + "parameterOrder": [ + "bucket", + "managedFolder" + ], + "parameters": { + "bucket": { + "description": "Name of the bucket containing the managed folder.", + "location": "path", + "required": true, + "type": "string" + }, + "ifMetagenerationMatch": { + "description": "If set, only deletes the managed folder if its metageneration matches this value.", + "format": "int64", + "location": "query", + "type": "string" + }, + "ifMetagenerationNotMatch": { + "description": "If set, only deletes the managed folder if its metageneration does not match this value.", + "format": "int64", + "location": "query", + "type": "string" + }, + "managedFolder": { + "description": "The managed folder name/path.", + "location": "path", + "required": true, + "type": "string" + } + }, + "path": "b/{bucket}/managedFolders/{managedFolder}", + "scopes": [ + "https://www.googleapis.com/auth/cloud-platform", + "https://www.googleapis.com/auth/devstorage.full_control", + "https://www.googleapis.com/auth/devstorage.read_write" + ] + }, + "get": { + "description": "Returns metadata of the specified managed folder.", + "httpMethod": "GET", + "id": "storage.managedFolders.get", + "parameterOrder": [ + "bucket", + "managedFolder" + ], + "parameters": { + "bucket": { + "description": "Name of the bucket containing the managed folder.", + "location": "path", + "required": true, + "type": "string" + }, + "ifMetagenerationMatch": { + "description": "Makes the return of the managed folder metadata conditional on whether the managed folder's current metageneration matches the given value.", + "format": "int64", + "location": "query", + "type": "string" + }, + "ifMetagenerationNotMatch": { + "description": "Makes the return of the managed folder metadata conditional on whether the managed folder's current metageneration does not match the given value.", + "format": "int64", + "location": "query", + "type": "string" + }, + "managedFolder": { + "description": "The managed folder name/path.", + "location": "path", + "required": true, + "type": "string" + } + }, + "path": "b/{bucket}/managedFolders/{managedFolder}", + "response": { + "$ref": "ManagedFolder" + }, + "scopes": [ + "https://www.googleapis.com/auth/cloud-platform", + "https://www.googleapis.com/auth/cloud-platform.read-only", + "https://www.googleapis.com/auth/devstorage.full_control", + "https://www.googleapis.com/auth/devstorage.read_only", + "https://www.googleapis.com/auth/devstorage.read_write" + ] + }, + "getIamPolicy": { + "description": "Returns an IAM policy for the specified managed folder.", + "httpMethod": "GET", + "id": "storage.managedFolders.getIamPolicy", + "parameterOrder": [ + "bucket", + "managedFolder" + ], + "parameters": { + "bucket": { + "description": "Name of the bucket containing the managed folder.", + "location": "path", + "required": true, + "type": "string" + }, + "managedFolder": { + "description": "The managed folder name/path.", + "location": "path", + "required": true, + "type": "string" + }, + "optionsRequestedPolicyVersion": { + "description": "The IAM policy format version to be returned. If the optionsRequestedPolicyVersion is for an older version that doesn't support part of the requested IAM policy, the request fails.", + "format": "int32", + "location": "query", + "minimum": "1", + "type": "integer" + }, + "userProject": { + "description": "The project to be billed for this request. Required for Requester Pays buckets.", + "location": "query", + "type": "string" + } + }, + "path": "b/{bucket}/managedFolders/{managedFolder}/iam", + "response": { + "$ref": "Policy" + }, + "scopes": [ + "https://www.googleapis.com/auth/cloud-platform", + "https://www.googleapis.com/auth/cloud-platform.read-only", + "https://www.googleapis.com/auth/devstorage.full_control", + "https://www.googleapis.com/auth/devstorage.read_only", + "https://www.googleapis.com/auth/devstorage.read_write" + ] + }, + "insert": { + "description": "Creates a new managed folder.", + "httpMethod": "POST", + "id": "storage.managedFolders.insert", + "parameterOrder": [ + "bucket" + ], + "parameters": { + "bucket": { + "description": "Name of the bucket containing the managed folder.", + "location": "path", + "required": true, + "type": "string" + } + }, + "path": "b/{bucket}/managedFolders", + "request": { + "$ref": "ManagedFolder" + }, + "response": { + "$ref": "ManagedFolder" + }, + "scopes": [ + "https://www.googleapis.com/auth/cloud-platform", + "https://www.googleapis.com/auth/devstorage.full_control", + "https://www.googleapis.com/auth/devstorage.read_write" + ] + }, + "list": { + "description": "Lists managed folders in the given bucket.", + "httpMethod": "GET", + "id": "storage.managedFolders.list", + "parameterOrder": [ + "bucket" + ], + "parameters": { + "bucket": { + "description": "Name of the bucket containing the managed folder.", + "location": "path", + "required": true, + "type": "string" + }, + "pageSize": { + "description": "Maximum number of items return in a single page of responses.", + "format": "int32", + "location": "query", + "minimum": "0", + "type": "integer" + }, + "pageToken": { + "description": "A previously-returned page token representing part of the larger set of results to view.", + "location": "query", + "type": "string" + }, + "prefix": { + "description": "The managed folder name/path prefix to filter the output list of results.", + "location": "query", + "type": "string" + } + }, + "path": "b/{bucket}/managedFolders", + "response": { + "$ref": "ManagedFolders" + }, + "scopes": [ + "https://www.googleapis.com/auth/cloud-platform", + "https://www.googleapis.com/auth/cloud-platform.read-only", + "https://www.googleapis.com/auth/devstorage.full_control", + "https://www.googleapis.com/auth/devstorage.read_only", + "https://www.googleapis.com/auth/devstorage.read_write" + ] + }, + "setIamPolicy": { + "description": "Updates an IAM policy for the specified managed folder.", + "httpMethod": "PUT", + "id": "storage.managedFolders.setIamPolicy", + "parameterOrder": [ + "bucket", + "managedFolder" + ], + "parameters": { + "bucket": { + "description": "Name of the bucket containing the managed folder.", + "location": "path", + "required": true, + "type": "string" + }, + "managedFolder": { + "description": "The managed folder name/path.", + "location": "path", + "required": true, + "type": "string" + }, + "userProject": { + "description": "The project to be billed for this request. Required for Requester Pays buckets.", + "location": "query", + "type": "string" + } + }, + "path": "b/{bucket}/managedFolders/{managedFolder}/iam", + "request": { + "$ref": "Policy" + }, + "response": { + "$ref": "Policy" + }, + "scopes": [ + "https://www.googleapis.com/auth/cloud-platform", + "https://www.googleapis.com/auth/devstorage.full_control" + ] + }, + "testIamPermissions": { + "description": "Tests a set of permissions on the given managed folder to see which, if any, are held by the caller.", + "httpMethod": "GET", + "id": "storage.managedFolders.testIamPermissions", + "parameterOrder": [ + "bucket", + "managedFolder", + "permissions" + ], + "parameters": { + "bucket": { + "description": "Name of the bucket containing the managed folder.", + "location": "path", + "required": true, + "type": "string" + }, + "managedFolder": { + "description": "The managed folder name/path.", + "location": "path", + "required": true, + "type": "string" + }, + "permissions": { + "description": "Permissions to test.", + "location": "query", + "repeated": true, + "required": true, + "type": "string" + }, + "userProject": { + "description": "The project to be billed for this request. Required for Requester Pays buckets.", + "location": "query", + "type": "string" + } + }, + "path": "b/{bucket}/managedFolders/{managedFolder}/iam/testPermissions", + "response": { + "$ref": "TestIamPermissionsResponse" + }, + "scopes": [ + "https://www.googleapis.com/auth/cloud-platform", + "https://www.googleapis.com/auth/cloud-platform.read-only", + "https://www.googleapis.com/auth/devstorage.full_control", + "https://www.googleapis.com/auth/devstorage.read_only", + "https://www.googleapis.com/auth/devstorage.read_write" + ] + } + } + }, "notifications": { "methods": { "delete": { @@ -2175,6 +2470,11 @@ "location": "query", "type": "string" }, + "includeFoldersAsPrefixes": { + "description": "Only applicable if delimiter is set to '/'. If true, will also include folders and managed folders (besides objects) in the returned prefixes.", + "location": "query", + "type": "boolean" + }, "includeTrailingDelimiter": { "description": "If true, objects that end in exactly one instance of delimiter will have their metadata included in items in addition to prefixes.", "location": "query", @@ -3263,7 +3563,7 @@ } } }, - "revision": "20230926", + "revision": "20231012", "rootUrl": "https://storage.googleapis.com/", "schemas": { "Bucket": { @@ -4149,6 +4449,72 @@ }, "type": "object" }, + "ManagedFolder": { + "description": "A managed folder.", + "id": "ManagedFolder", + "properties": { + "bucket": { + "description": "The name of the bucket containing this managed folder.", + "type": "string" + }, + "createTime": { + "description": "The creation time of the managed folder in RFC 3339 format.", + "format": "date-time", + "type": "string" + }, + "id": { + "description": "The ID of the managed folder, including the bucket name and managed folder name.", + "type": "string" + }, + "kind": { + "default": "storage#managedFolder", + "description": "The kind of item this is. For managed folders, this is always storage#managedFolder.", + "type": "string" + }, + "metageneration": { + "description": "The version of the metadata for this managed folder. Used for preconditions and for detecting changes in metadata.", + "format": "int64", + "type": "string" + }, + "name": { + "description": "The name of the managed folder. Required if not specified by URL parameter.", + "type": "string" + }, + "selfLink": { + "description": "The link to this managed folder.", + "type": "string" + }, + "updateTime": { + "description": "The last update time of the managed folder metadata in RFC 3339 format.", + "format": "date-time", + "type": "string" + } + }, + "type": "object" + }, + "ManagedFolders": { + "description": "A list of managed folders.", + "id": "ManagedFolders", + "properties": { + "items": { + "description": "The list of items.", + "items": { + "$ref": "ManagedFolder" + }, + "type": "array" + }, + "kind": { + "default": "storage#managedFolders", + "description": "The kind of item this is. For lists of managed folders, this is always storage#managedFolders.", + "type": "string" + }, + "nextPageToken": { + "description": "The continuation token, used to page through large result sets. Provide this value in a subsequent request to return the next page of results.", + "type": "string" + } + }, + "type": "object" + }, "Notification": { "description": "A subscription to receive Google PubSub notifications.", "id": "Notification", @@ -4565,14 +4931,15 @@ "type": "object" }, "Policy": { - "description": "A bucket/object IAM policy.", + "description": "A bucket/object/managedFolder IAM policy.", "id": "Policy", "properties": { "bindings": { "annotations": { "required": [ "storage.buckets.setIamPolicy", - "storage.objects.setIamPolicy" + "storage.objects.setIamPolicy", + "storage.managedFolders.setIamPolicy" ] }, "description": "An association between a role, which comes with a set of permissions, and members who may assume that role.", @@ -4586,7 +4953,8 @@ "annotations": { "required": [ "storage.buckets.setIamPolicy", - "storage.objects.setIamPolicy" + "storage.objects.setIamPolicy", + "storage.managedFolders.setIamPolicy" ] }, "description": "A collection of identifiers for members who may assume the provided role. Recognized identifiers are as follows: \n- allUsers — A special identifier that represents anyone on the internet; with or without a Google account. \n- allAuthenticatedUsers — A special identifier that represents anyone who is authenticated with a Google account or a service account. \n- user:emailid — An email address that represents a specific account. For example, user:alice@gmail.com or user:joe@example.com. \n- serviceAccount:emailid — An email address that represents a service account. For example, serviceAccount:my-other-app@appspot.gserviceaccount.com . \n- group:emailid — An email address that represents a Google group. For example, group:admins@example.com. \n- domain:domain — A Google Apps domain name that represents all the users of that domain. For example, domain:google.com or domain:example.com. \n- projectOwner:projectid — Owners of the given project. For example, projectOwner:my-example-project \n- projectEditor:projectid — Editors of the given project. For example, projectEditor:my-example-project \n- projectViewer:projectid — Viewers of the given project. For example, projectViewer:my-example-project", @@ -4599,7 +4967,8 @@ "annotations": { "required": [ "storage.buckets.setIamPolicy", - "storage.objects.setIamPolicy" + "storage.objects.setIamPolicy", + "storage.managedFolders.setIamPolicy" ] }, "description": "The role to which members belong. Two types of roles are supported: new IAM roles, which grant permissions that do not map directly to those provided by ACLs, and legacy IAM roles, which do map directly to ACL permissions. All roles are of the format roles/storage.specificRole.\nThe new IAM roles are: \n- roles/storage.admin — Full control of Google Cloud Storage resources. \n- roles/storage.objectViewer — Read-Only access to Google Cloud Storage objects. \n- roles/storage.objectCreator — Access to create objects in Google Cloud Storage. \n- roles/storage.objectAdmin — Full control of Google Cloud Storage objects. The legacy IAM roles are: \n- roles/storage.legacyObjectReader — Read-only access to objects without listing. Equivalent to an ACL entry on an object with the READER role. \n- roles/storage.legacyObjectOwner — Read/write access to existing objects without listing. Equivalent to an ACL entry on an object with the OWNER role. \n- roles/storage.legacyBucketReader — Read access to buckets with object listing. Equivalent to an ACL entry on a bucket with the READER role. \n- roles/storage.legacyBucketWriter — Read access to buckets with object listing/creation/deletion. Equivalent to an ACL entry on a bucket with the WRITER role. \n- roles/storage.legacyBucketOwner — Read and write access to existing buckets with object listing/creation/deletion. Equivalent to an ACL entry on a bucket with the OWNER role.", @@ -4621,7 +4990,7 @@ "type": "string" }, "resourceId": { - "description": "The ID of the resource to which this policy belongs. Will be of the form projects/_/buckets/bucket for buckets, and projects/_/buckets/bucket/objects/object for objects. A specific generation may be specified by appending #generationNumber to the end of the object name, e.g. projects/_/buckets/my-bucket/objects/data.txt#17. The current generation can be denoted with #0. This field is ignored on input.", + "description": "The ID of the resource to which this policy belongs. Will be of the form projects/_/buckets/bucket for buckets, projects/_/buckets/bucket/objects/object for objects, and projects/_/buckets/bucket/managedFolders/managedFolder. A specific generation may be specified by appending #generationNumber to the end of the object name, e.g. projects/_/buckets/my-bucket/objects/data.txt#17. The current generation can be denoted with #0. This field is ignored on input.", "type": "string" }, "version": { @@ -4683,7 +5052,7 @@ "type": "object" }, "TestIamPermissionsResponse": { - "description": "A storage.(buckets|objects).testIamPermissions response.", + "description": "A storage.(buckets|objects|managedFolders).testIamPermissions response.", "id": "TestIamPermissionsResponse", "properties": { "kind": { @@ -4692,7 +5061,7 @@ "type": "string" }, "permissions": { - "description": "The permissions held by the caller. Permissions are always of the format storage.resource.capability, where resource is one of buckets or objects. The supported permissions are as follows: \n- storage.buckets.delete — Delete bucket. \n- storage.buckets.get — Read bucket metadata. \n- storage.buckets.getIamPolicy — Read bucket IAM policy. \n- storage.buckets.create — Create bucket. \n- storage.buckets.list — List buckets. \n- storage.buckets.setIamPolicy — Update bucket IAM policy. \n- storage.buckets.update — Update bucket metadata. \n- storage.objects.delete — Delete object. \n- storage.objects.get — Read object data and metadata. \n- storage.objects.getIamPolicy — Read object IAM policy. \n- storage.objects.create — Create object. \n- storage.objects.list — List objects. \n- storage.objects.setIamPolicy — Update object IAM policy. \n- storage.objects.update — Update object metadata.", + "description": "The permissions held by the caller. Permissions are always of the format storage.resource.capability, where resource is one of buckets, objects, or managedFolders. The supported permissions are as follows: \n- storage.buckets.delete — Delete bucket. \n- storage.buckets.get — Read bucket metadata. \n- storage.buckets.getIamPolicy — Read bucket IAM policy. \n- storage.buckets.create — Create bucket. \n- storage.buckets.list — List buckets. \n- storage.buckets.setIamPolicy — Update bucket IAM policy. \n- storage.buckets.update — Update bucket metadata. \n- storage.objects.delete — Delete object. \n- storage.objects.get — Read object data and metadata. \n- storage.objects.getIamPolicy — Read object IAM policy. \n- storage.objects.create — Create object. \n- storage.objects.list — List objects. \n- storage.objects.setIamPolicy — Update object IAM policy. \n- storage.objects.update — Update object metadata. \n- storage.managedFolders.delete — Delete managed folder. \n- storage.managedFolders.get — Read managed folder metadata. \n- storage.managedFolders.getIamPolicy — Read managed folder IAM policy. \n- storage.managedFolders.create — Create managed folder. \n- storage.managedFolders.list — List managed folders. \n- storage.managedFolders.setIamPolicy — Update managed folder IAM policy.", "items": { "type": "string" }, diff --git a/vendor/google.golang.org/api/storage/v1/storage-gen.go b/vendor/google.golang.org/api/storage/v1/storage-gen.go index e35440cc3b..2b2aa81ec0 100644 --- a/vendor/google.golang.org/api/storage/v1/storage-gen.go +++ b/vendor/google.golang.org/api/storage/v1/storage-gen.go @@ -159,6 +159,7 @@ func New(client *http.Client) (*Service, error) { s.Buckets = NewBucketsService(s) s.Channels = NewChannelsService(s) s.DefaultObjectAccessControls = NewDefaultObjectAccessControlsService(s) + s.ManagedFolders = NewManagedFoldersService(s) s.Notifications = NewNotificationsService(s) s.ObjectAccessControls = NewObjectAccessControlsService(s) s.Objects = NewObjectsService(s) @@ -180,6 +181,8 @@ type Service struct { DefaultObjectAccessControls *DefaultObjectAccessControlsService + ManagedFolders *ManagedFoldersService + Notifications *NotificationsService ObjectAccessControls *ObjectAccessControlsService @@ -234,6 +237,15 @@ type DefaultObjectAccessControlsService struct { s *Service } +func NewManagedFoldersService(s *Service) *ManagedFoldersService { + rs := &ManagedFoldersService{s: s} + return rs +} + +type ManagedFoldersService struct { + s *Service +} + func NewNotificationsService(s *Service) *NotificationsService { rs := &NotificationsService{s: s} return rs @@ -1951,6 +1963,106 @@ func (s *HmacKeysMetadata) MarshalJSON() ([]byte, error) { return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields) } +// ManagedFolder: A managed folder. +type ManagedFolder struct { + // Bucket: The name of the bucket containing this managed folder. + Bucket string `json:"bucket,omitempty"` + + // CreateTime: The creation time of the managed folder in RFC 3339 + // format. + CreateTime string `json:"createTime,omitempty"` + + // Id: The ID of the managed folder, including the bucket name and + // managed folder name. + Id string `json:"id,omitempty"` + + // Kind: The kind of item this is. For managed folders, this is always + // storage#managedFolder. + Kind string `json:"kind,omitempty"` + + // Metageneration: The version of the metadata for this managed folder. + // Used for preconditions and for detecting changes in metadata. + Metageneration int64 `json:"metageneration,omitempty,string"` + + // Name: The name of the managed folder. Required if not specified by + // URL parameter. + Name string `json:"name,omitempty"` + + // SelfLink: The link to this managed folder. + SelfLink string `json:"selfLink,omitempty"` + + // UpdateTime: The last update time of the managed folder metadata in + // RFC 3339 format. + UpdateTime string `json:"updateTime,omitempty"` + + // ServerResponse contains the HTTP response code and headers from the + // server. + googleapi.ServerResponse `json:"-"` + + // ForceSendFields is a list of field names (e.g. "Bucket") to + // unconditionally include in API requests. By default, fields with + // empty or default values are omitted from API requests. However, any + // non-pointer, non-interface field appearing in ForceSendFields will be + // sent to the server regardless of whether the field is empty or not. + // This may be used to include empty fields in Patch requests. + ForceSendFields []string `json:"-"` + + // NullFields is a list of field names (e.g. "Bucket") to include in API + // requests with the JSON null value. By default, fields with empty + // values are omitted from API requests. However, any field with an + // empty value appearing in NullFields will be sent to the server as + // null. It is an error if a field in this list has a non-empty value. + // This may be used to include null fields in Patch requests. + NullFields []string `json:"-"` +} + +func (s *ManagedFolder) MarshalJSON() ([]byte, error) { + type NoMethod ManagedFolder + raw := NoMethod(*s) + return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields) +} + +// ManagedFolders: A list of managed folders. +type ManagedFolders struct { + // Items: The list of items. + Items []*ManagedFolder `json:"items,omitempty"` + + // Kind: The kind of item this is. For lists of managed folders, this is + // always storage#managedFolders. + Kind string `json:"kind,omitempty"` + + // NextPageToken: The continuation token, used to page through large + // result sets. Provide this value in a subsequent request to return the + // next page of results. + NextPageToken string `json:"nextPageToken,omitempty"` + + // ServerResponse contains the HTTP response code and headers from the + // server. + googleapi.ServerResponse `json:"-"` + + // ForceSendFields is a list of field names (e.g. "Items") to + // unconditionally include in API requests. By default, fields with + // empty or default values are omitted from API requests. However, any + // non-pointer, non-interface field appearing in ForceSendFields will be + // sent to the server regardless of whether the field is empty or not. + // This may be used to include empty fields in Patch requests. + ForceSendFields []string `json:"-"` + + // NullFields is a list of field names (e.g. "Items") to include in API + // requests with the JSON null value. By default, fields with empty + // values are omitted from API requests. However, any field with an + // empty value appearing in NullFields will be sent to the server as + // null. It is an error if a field in this list has a non-empty value. + // This may be used to include null fields in Patch requests. + NullFields []string `json:"-"` +} + +func (s *ManagedFolders) MarshalJSON() ([]byte, error) { + type NoMethod ManagedFolders + raw := NoMethod(*s) + return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields) +} + // Notification: A subscription to receive Google PubSub notifications. type Notification struct { // CustomAttributes: An optional list of additional attributes to attach @@ -2539,7 +2651,7 @@ func (s *Objects) MarshalJSON() ([]byte, error) { return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields) } -// Policy: A bucket/object IAM policy. +// Policy: A bucket/object/managedFolder IAM policy. type Policy struct { // Bindings: An association between a role, which comes with a set of // permissions, and members who may assume that role. @@ -2553,8 +2665,9 @@ type Policy struct { Kind string `json:"kind,omitempty"` // ResourceId: The ID of the resource to which this policy belongs. Will - // be of the form projects/_/buckets/bucket for buckets, and - // projects/_/buckets/bucket/objects/object for objects. A specific + // be of the form projects/_/buckets/bucket for buckets, + // projects/_/buckets/bucket/objects/object for objects, and + // projects/_/buckets/bucket/managedFolders/managedFolder. A specific // generation may be specified by appending #generationNumber to the end // of the object name, e.g. // projects/_/buckets/my-bucket/objects/data.txt#17. The current @@ -2771,15 +2884,15 @@ func (s *ServiceAccount) MarshalJSON() ([]byte, error) { } // TestIamPermissionsResponse: A -// storage.(buckets|objects).testIamPermissions response. +// storage.(buckets|objects|managedFolders).testIamPermissions response. type TestIamPermissionsResponse struct { // Kind: The kind of item this is. Kind string `json:"kind,omitempty"` // Permissions: The permissions held by the caller. Permissions are // always of the format storage.resource.capability, where resource is - // one of buckets or objects. The supported permissions are as follows: - // + // one of buckets, objects, or managedFolders. The supported permissions + // are as follows: // - storage.buckets.delete — Delete bucket. // - storage.buckets.get — Read bucket metadata. // - storage.buckets.getIamPolicy — Read bucket IAM policy. @@ -2794,6 +2907,14 @@ type TestIamPermissionsResponse struct { // - storage.objects.list — List objects. // - storage.objects.setIamPolicy — Update object IAM policy. // - storage.objects.update — Update object metadata. + // - storage.managedFolders.delete — Delete managed folder. + // - storage.managedFolders.get — Read managed folder metadata. + // - storage.managedFolders.getIamPolicy — Read managed folder IAM + // policy. + // - storage.managedFolders.create — Create managed folder. + // - storage.managedFolders.list — List managed folders. + // - storage.managedFolders.setIamPolicy — Update managed folder IAM + // policy. Permissions []string `json:"permissions,omitempty"` // ServerResponse contains the HTTP response code and headers from the @@ -6993,39 +7114,48 @@ func (c *DefaultObjectAccessControlsUpdateCall) Do(opts ...googleapi.CallOption) } -// method id "storage.notifications.delete": +// method id "storage.managedFolders.delete": -type NotificationsDeleteCall struct { - s *Service - bucket string - notification string - urlParams_ gensupport.URLParams - ctx_ context.Context - header_ http.Header +type ManagedFoldersDeleteCall struct { + s *Service + bucket string + managedFolder string + urlParams_ gensupport.URLParams + ctx_ context.Context + header_ http.Header } -// Delete: Permanently deletes a notification subscription. +// Delete: Permanently deletes a managed folder. // -// - bucket: The parent bucket of the notification. -// - notification: ID of the notification to delete. -func (r *NotificationsService) Delete(bucket string, notification string) *NotificationsDeleteCall { - c := &NotificationsDeleteCall{s: r.s, urlParams_: make(gensupport.URLParams)} +// - bucket: Name of the bucket containing the managed folder. +// - managedFolder: The managed folder name/path. +func (r *ManagedFoldersService) Delete(bucket string, managedFolder string) *ManagedFoldersDeleteCall { + c := &ManagedFoldersDeleteCall{s: r.s, urlParams_: make(gensupport.URLParams)} c.bucket = bucket - c.notification = notification + c.managedFolder = managedFolder return c } -// UserProject sets the optional parameter "userProject": The project to -// be billed for this request. Required for Requester Pays buckets. -func (c *NotificationsDeleteCall) UserProject(userProject string) *NotificationsDeleteCall { - c.urlParams_.Set("userProject", userProject) +// IfMetagenerationMatch sets the optional parameter +// "ifMetagenerationMatch": If set, only deletes the managed folder if +// its metageneration matches this value. +func (c *ManagedFoldersDeleteCall) IfMetagenerationMatch(ifMetagenerationMatch int64) *ManagedFoldersDeleteCall { + c.urlParams_.Set("ifMetagenerationMatch", fmt.Sprint(ifMetagenerationMatch)) + return c +} + +// IfMetagenerationNotMatch sets the optional parameter +// "ifMetagenerationNotMatch": If set, only deletes the managed folder +// if its metageneration does not match this value. +func (c *ManagedFoldersDeleteCall) IfMetagenerationNotMatch(ifMetagenerationNotMatch int64) *ManagedFoldersDeleteCall { + c.urlParams_.Set("ifMetagenerationNotMatch", fmt.Sprint(ifMetagenerationNotMatch)) return c } // Fields allows partial responses to be retrieved. See // https://developers.google.com/gdata/docs/2.0/basics#PartialResponse // for more information. -func (c *NotificationsDeleteCall) Fields(s ...googleapi.Field) *NotificationsDeleteCall { +func (c *ManagedFoldersDeleteCall) Fields(s ...googleapi.Field) *ManagedFoldersDeleteCall { c.urlParams_.Set("fields", googleapi.CombineFields(s)) return c } @@ -7033,21 +7163,21 @@ func (c *NotificationsDeleteCall) Fields(s ...googleapi.Field) *NotificationsDel // Context sets the context to be used in this call's Do method. Any // pending HTTP request will be aborted if the provided context is // canceled. -func (c *NotificationsDeleteCall) Context(ctx context.Context) *NotificationsDeleteCall { +func (c *ManagedFoldersDeleteCall) Context(ctx context.Context) *ManagedFoldersDeleteCall { c.ctx_ = ctx return c } // Header returns an http.Header that can be modified by the caller to // add HTTP headers to the request. -func (c *NotificationsDeleteCall) Header() http.Header { +func (c *ManagedFoldersDeleteCall) Header() http.Header { if c.header_ == nil { c.header_ = make(http.Header) } return c.header_ } -func (c *NotificationsDeleteCall) doRequest(alt string) (*http.Response, error) { +func (c *ManagedFoldersDeleteCall) doRequest(alt string) (*http.Response, error) { reqHeaders := make(http.Header) reqHeaders.Set("x-goog-api-client", "gl-go/"+gensupport.GoVersion()+" gdcl/"+internal.Version) for k, v := range c.header_ { @@ -7057,7 +7187,7 @@ func (c *NotificationsDeleteCall) doRequest(alt string) (*http.Response, error) var body io.Reader = nil c.urlParams_.Set("alt", alt) c.urlParams_.Set("prettyPrint", "false") - urls := googleapi.ResolveRelative(c.s.BasePath, "b/{bucket}/notificationConfigs/{notification}") + urls := googleapi.ResolveRelative(c.s.BasePath, "b/{bucket}/managedFolders/{managedFolder}") urls += "?" + c.urlParams_.Encode() req, err := http.NewRequest("DELETE", urls, body) if err != nil { @@ -7065,14 +7195,14 @@ func (c *NotificationsDeleteCall) doRequest(alt string) (*http.Response, error) } req.Header = reqHeaders googleapi.Expand(req.URL, map[string]string{ - "bucket": c.bucket, - "notification": c.notification, + "bucket": c.bucket, + "managedFolder": c.managedFolder, }) return gensupport.SendRequest(c.ctx_, c.s.client, req) } -// Do executes the "storage.notifications.delete" call. -func (c *NotificationsDeleteCall) Do(opts ...googleapi.CallOption) error { +// Do executes the "storage.managedFolders.delete" call. +func (c *ManagedFoldersDeleteCall) Do(opts ...googleapi.CallOption) error { gensupport.SetOptions(c.urlParams_, opts...) res, err := c.doRequest("json") if err != nil { @@ -7084,33 +7214,40 @@ func (c *NotificationsDeleteCall) Do(opts ...googleapi.CallOption) error { } return nil // { - // "description": "Permanently deletes a notification subscription.", + // "description": "Permanently deletes a managed folder.", // "httpMethod": "DELETE", - // "id": "storage.notifications.delete", + // "id": "storage.managedFolders.delete", // "parameterOrder": [ // "bucket", - // "notification" + // "managedFolder" // ], // "parameters": { // "bucket": { - // "description": "The parent bucket of the notification.", + // "description": "Name of the bucket containing the managed folder.", // "location": "path", // "required": true, // "type": "string" // }, - // "notification": { - // "description": "ID of the notification to delete.", - // "location": "path", - // "required": true, + // "ifMetagenerationMatch": { + // "description": "If set, only deletes the managed folder if its metageneration matches this value.", + // "format": "int64", + // "location": "query", // "type": "string" // }, - // "userProject": { - // "description": "The project to be billed for this request. Required for Requester Pays buckets.", + // "ifMetagenerationNotMatch": { + // "description": "If set, only deletes the managed folder if its metageneration does not match this value.", + // "format": "int64", // "location": "query", // "type": "string" + // }, + // "managedFolder": { + // "description": "The managed folder name/path.", + // "location": "path", + // "required": true, + // "type": "string" // } // }, - // "path": "b/{bucket}/notificationConfigs/{notification}", + // "path": "b/{bucket}/managedFolders/{managedFolder}", // "scopes": [ // "https://www.googleapis.com/auth/cloud-platform", // "https://www.googleapis.com/auth/devstorage.full_control", @@ -7120,40 +7257,51 @@ func (c *NotificationsDeleteCall) Do(opts ...googleapi.CallOption) error { } -// method id "storage.notifications.get": +// method id "storage.managedFolders.get": -type NotificationsGetCall struct { - s *Service - bucket string - notification string - urlParams_ gensupport.URLParams - ifNoneMatch_ string - ctx_ context.Context - header_ http.Header +type ManagedFoldersGetCall struct { + s *Service + bucket string + managedFolder string + urlParams_ gensupport.URLParams + ifNoneMatch_ string + ctx_ context.Context + header_ http.Header } -// Get: View a notification configuration. +// Get: Returns metadata of the specified managed folder. // -// - bucket: The parent bucket of the notification. -// - notification: Notification ID. -func (r *NotificationsService) Get(bucket string, notification string) *NotificationsGetCall { - c := &NotificationsGetCall{s: r.s, urlParams_: make(gensupport.URLParams)} +// - bucket: Name of the bucket containing the managed folder. +// - managedFolder: The managed folder name/path. +func (r *ManagedFoldersService) Get(bucket string, managedFolder string) *ManagedFoldersGetCall { + c := &ManagedFoldersGetCall{s: r.s, urlParams_: make(gensupport.URLParams)} c.bucket = bucket - c.notification = notification + c.managedFolder = managedFolder return c } -// UserProject sets the optional parameter "userProject": The project to -// be billed for this request. Required for Requester Pays buckets. -func (c *NotificationsGetCall) UserProject(userProject string) *NotificationsGetCall { - c.urlParams_.Set("userProject", userProject) +// IfMetagenerationMatch sets the optional parameter +// "ifMetagenerationMatch": Makes the return of the managed folder +// metadata conditional on whether the managed folder's current +// metageneration matches the given value. +func (c *ManagedFoldersGetCall) IfMetagenerationMatch(ifMetagenerationMatch int64) *ManagedFoldersGetCall { + c.urlParams_.Set("ifMetagenerationMatch", fmt.Sprint(ifMetagenerationMatch)) + return c +} + +// IfMetagenerationNotMatch sets the optional parameter +// "ifMetagenerationNotMatch": Makes the return of the managed folder +// metadata conditional on whether the managed folder's current +// metageneration does not match the given value. +func (c *ManagedFoldersGetCall) IfMetagenerationNotMatch(ifMetagenerationNotMatch int64) *ManagedFoldersGetCall { + c.urlParams_.Set("ifMetagenerationNotMatch", fmt.Sprint(ifMetagenerationNotMatch)) return c } // Fields allows partial responses to be retrieved. See // https://developers.google.com/gdata/docs/2.0/basics#PartialResponse // for more information. -func (c *NotificationsGetCall) Fields(s ...googleapi.Field) *NotificationsGetCall { +func (c *ManagedFoldersGetCall) Fields(s ...googleapi.Field) *ManagedFoldersGetCall { c.urlParams_.Set("fields", googleapi.CombineFields(s)) return c } @@ -7163,7 +7311,7 @@ func (c *NotificationsGetCall) Fields(s ...googleapi.Field) *NotificationsGetCal // getting updates only after the object has changed since the last // request. Use googleapi.IsNotModified to check whether the response // error from Do is the result of In-None-Match. -func (c *NotificationsGetCall) IfNoneMatch(entityTag string) *NotificationsGetCall { +func (c *ManagedFoldersGetCall) IfNoneMatch(entityTag string) *ManagedFoldersGetCall { c.ifNoneMatch_ = entityTag return c } @@ -7171,21 +7319,21 @@ func (c *NotificationsGetCall) IfNoneMatch(entityTag string) *NotificationsGetCa // Context sets the context to be used in this call's Do method. Any // pending HTTP request will be aborted if the provided context is // canceled. -func (c *NotificationsGetCall) Context(ctx context.Context) *NotificationsGetCall { +func (c *ManagedFoldersGetCall) Context(ctx context.Context) *ManagedFoldersGetCall { c.ctx_ = ctx return c } // Header returns an http.Header that can be modified by the caller to // add HTTP headers to the request. -func (c *NotificationsGetCall) Header() http.Header { +func (c *ManagedFoldersGetCall) Header() http.Header { if c.header_ == nil { c.header_ = make(http.Header) } return c.header_ } -func (c *NotificationsGetCall) doRequest(alt string) (*http.Response, error) { +func (c *ManagedFoldersGetCall) doRequest(alt string) (*http.Response, error) { reqHeaders := make(http.Header) reqHeaders.Set("x-goog-api-client", "gl-go/"+gensupport.GoVersion()+" gdcl/"+internal.Version) for k, v := range c.header_ { @@ -7198,7 +7346,7 @@ func (c *NotificationsGetCall) doRequest(alt string) (*http.Response, error) { var body io.Reader = nil c.urlParams_.Set("alt", alt) c.urlParams_.Set("prettyPrint", "false") - urls := googleapi.ResolveRelative(c.s.BasePath, "b/{bucket}/notificationConfigs/{notification}") + urls := googleapi.ResolveRelative(c.s.BasePath, "b/{bucket}/managedFolders/{managedFolder}") urls += "?" + c.urlParams_.Encode() req, err := http.NewRequest("GET", urls, body) if err != nil { @@ -7206,20 +7354,20 @@ func (c *NotificationsGetCall) doRequest(alt string) (*http.Response, error) { } req.Header = reqHeaders googleapi.Expand(req.URL, map[string]string{ - "bucket": c.bucket, - "notification": c.notification, + "bucket": c.bucket, + "managedFolder": c.managedFolder, }) return gensupport.SendRequest(c.ctx_, c.s.client, req) } -// Do executes the "storage.notifications.get" call. -// Exactly one of *Notification or error will be non-nil. Any non-2xx +// Do executes the "storage.managedFolders.get" call. +// Exactly one of *ManagedFolder or error will be non-nil. Any non-2xx // status code is an error. Response headers are in either -// *Notification.ServerResponse.Header or (if a response was returned at -// all) in error.(*googleapi.Error).Header. Use googleapi.IsNotModified -// to check whether the returned error was because -// http.StatusNotModified was returned. -func (c *NotificationsGetCall) Do(opts ...googleapi.CallOption) (*Notification, error) { +// *ManagedFolder.ServerResponse.Header or (if a response was returned +// at all) in error.(*googleapi.Error).Header. Use +// googleapi.IsNotModified to check whether the returned error was +// because http.StatusNotModified was returned. +func (c *ManagedFoldersGetCall) Do(opts ...googleapi.CallOption) (*ManagedFolder, error) { gensupport.SetOptions(c.urlParams_, opts...) res, err := c.doRequest("json") if res != nil && res.StatusCode == http.StatusNotModified { @@ -7238,7 +7386,7 @@ func (c *NotificationsGetCall) Do(opts ...googleapi.CallOption) (*Notification, if err := googleapi.CheckResponse(res); err != nil { return nil, gensupport.WrapError(err) } - ret := &Notification{ + ret := &ManagedFolder{ ServerResponse: googleapi.ServerResponse{ Header: res.Header, HTTPStatusCode: res.StatusCode, @@ -7250,35 +7398,42 @@ func (c *NotificationsGetCall) Do(opts ...googleapi.CallOption) (*Notification, } return ret, nil // { - // "description": "View a notification configuration.", + // "description": "Returns metadata of the specified managed folder.", // "httpMethod": "GET", - // "id": "storage.notifications.get", + // "id": "storage.managedFolders.get", // "parameterOrder": [ // "bucket", - // "notification" + // "managedFolder" // ], // "parameters": { // "bucket": { - // "description": "The parent bucket of the notification.", + // "description": "Name of the bucket containing the managed folder.", // "location": "path", // "required": true, // "type": "string" // }, - // "notification": { - // "description": "Notification ID", - // "location": "path", - // "required": true, + // "ifMetagenerationMatch": { + // "description": "Makes the return of the managed folder metadata conditional on whether the managed folder's current metageneration matches the given value.", + // "format": "int64", + // "location": "query", // "type": "string" // }, - // "userProject": { - // "description": "The project to be billed for this request. Required for Requester Pays buckets.", + // "ifMetagenerationNotMatch": { + // "description": "Makes the return of the managed folder metadata conditional on whether the managed folder's current metageneration does not match the given value.", + // "format": "int64", // "location": "query", // "type": "string" + // }, + // "managedFolder": { + // "description": "The managed folder name/path.", + // "location": "path", + // "required": true, + // "type": "string" // } // }, - // "path": "b/{bucket}/notificationConfigs/{notification}", + // "path": "b/{bucket}/managedFolders/{managedFolder}", // "response": { - // "$ref": "Notification" + // "$ref": "ManagedFolder" // }, // "scopes": [ // "https://www.googleapis.com/auth/cloud-platform", @@ -7291,30 +7446,42 @@ func (c *NotificationsGetCall) Do(opts ...googleapi.CallOption) (*Notification, } -// method id "storage.notifications.insert": +// method id "storage.managedFolders.getIamPolicy": -type NotificationsInsertCall struct { - s *Service - bucket string - notification *Notification - urlParams_ gensupport.URLParams - ctx_ context.Context - header_ http.Header +type ManagedFoldersGetIamPolicyCall struct { + s *Service + bucket string + managedFolder string + urlParams_ gensupport.URLParams + ifNoneMatch_ string + ctx_ context.Context + header_ http.Header } -// Insert: Creates a notification subscription for a given bucket. +// GetIamPolicy: Returns an IAM policy for the specified managed folder. // -// - bucket: The parent bucket of the notification. -func (r *NotificationsService) Insert(bucket string, notification *Notification) *NotificationsInsertCall { - c := &NotificationsInsertCall{s: r.s, urlParams_: make(gensupport.URLParams)} +// - bucket: Name of the bucket containing the managed folder. +// - managedFolder: The managed folder name/path. +func (r *ManagedFoldersService) GetIamPolicy(bucket string, managedFolder string) *ManagedFoldersGetIamPolicyCall { + c := &ManagedFoldersGetIamPolicyCall{s: r.s, urlParams_: make(gensupport.URLParams)} c.bucket = bucket - c.notification = notification + c.managedFolder = managedFolder + return c +} + +// OptionsRequestedPolicyVersion sets the optional parameter +// "optionsRequestedPolicyVersion": The IAM policy format version to be +// returned. If the optionsRequestedPolicyVersion is for an older +// version that doesn't support part of the requested IAM policy, the +// request fails. +func (c *ManagedFoldersGetIamPolicyCall) OptionsRequestedPolicyVersion(optionsRequestedPolicyVersion int64) *ManagedFoldersGetIamPolicyCall { + c.urlParams_.Set("optionsRequestedPolicyVersion", fmt.Sprint(optionsRequestedPolicyVersion)) return c } // UserProject sets the optional parameter "userProject": The project to // be billed for this request. Required for Requester Pays buckets. -func (c *NotificationsInsertCall) UserProject(userProject string) *NotificationsInsertCall { +func (c *ManagedFoldersGetIamPolicyCall) UserProject(userProject string) *ManagedFoldersGetIamPolicyCall { c.urlParams_.Set("userProject", userProject) return c } @@ -7322,61 +7489,1231 @@ func (c *NotificationsInsertCall) UserProject(userProject string) *Notifications // Fields allows partial responses to be retrieved. See // https://developers.google.com/gdata/docs/2.0/basics#PartialResponse // for more information. -func (c *NotificationsInsertCall) Fields(s ...googleapi.Field) *NotificationsInsertCall { +func (c *ManagedFoldersGetIamPolicyCall) Fields(s ...googleapi.Field) *ManagedFoldersGetIamPolicyCall { c.urlParams_.Set("fields", googleapi.CombineFields(s)) return c } +// IfNoneMatch sets the optional parameter which makes the operation +// fail if the object's ETag matches the given value. This is useful for +// getting updates only after the object has changed since the last +// request. Use googleapi.IsNotModified to check whether the response +// error from Do is the result of In-None-Match. +func (c *ManagedFoldersGetIamPolicyCall) IfNoneMatch(entityTag string) *ManagedFoldersGetIamPolicyCall { + c.ifNoneMatch_ = entityTag + return c +} + // Context sets the context to be used in this call's Do method. Any // pending HTTP request will be aborted if the provided context is // canceled. -func (c *NotificationsInsertCall) Context(ctx context.Context) *NotificationsInsertCall { +func (c *ManagedFoldersGetIamPolicyCall) Context(ctx context.Context) *ManagedFoldersGetIamPolicyCall { c.ctx_ = ctx return c } // Header returns an http.Header that can be modified by the caller to // add HTTP headers to the request. -func (c *NotificationsInsertCall) Header() http.Header { +func (c *ManagedFoldersGetIamPolicyCall) Header() http.Header { if c.header_ == nil { c.header_ = make(http.Header) } return c.header_ } -func (c *NotificationsInsertCall) doRequest(alt string) (*http.Response, error) { +func (c *ManagedFoldersGetIamPolicyCall) doRequest(alt string) (*http.Response, error) { reqHeaders := make(http.Header) reqHeaders.Set("x-goog-api-client", "gl-go/"+gensupport.GoVersion()+" gdcl/"+internal.Version) for k, v := range c.header_ { reqHeaders[k] = v } reqHeaders.Set("User-Agent", c.s.userAgent()) - var body io.Reader = nil - body, err := googleapi.WithoutDataWrapper.JSONReader(c.notification) - if err != nil { - return nil, err + if c.ifNoneMatch_ != "" { + reqHeaders.Set("If-None-Match", c.ifNoneMatch_) } - reqHeaders.Set("Content-Type", "application/json") + var body io.Reader = nil c.urlParams_.Set("alt", alt) c.urlParams_.Set("prettyPrint", "false") - urls := googleapi.ResolveRelative(c.s.BasePath, "b/{bucket}/notificationConfigs") + urls := googleapi.ResolveRelative(c.s.BasePath, "b/{bucket}/managedFolders/{managedFolder}/iam") urls += "?" + c.urlParams_.Encode() - req, err := http.NewRequest("POST", urls, body) + req, err := http.NewRequest("GET", urls, body) if err != nil { return nil, err } req.Header = reqHeaders googleapi.Expand(req.URL, map[string]string{ - "bucket": c.bucket, + "bucket": c.bucket, + "managedFolder": c.managedFolder, }) return gensupport.SendRequest(c.ctx_, c.s.client, req) } -// Do executes the "storage.notifications.insert" call. -// Exactly one of *Notification or error will be non-nil. Any non-2xx -// status code is an error. Response headers are in either -// *Notification.ServerResponse.Header or (if a response was returned at -// all) in error.(*googleapi.Error).Header. Use googleapi.IsNotModified +// Do executes the "storage.managedFolders.getIamPolicy" call. +// Exactly one of *Policy or error will be non-nil. Any non-2xx status +// code is an error. Response headers are in either +// *Policy.ServerResponse.Header or (if a response was returned at all) +// in error.(*googleapi.Error).Header. Use googleapi.IsNotModified to +// check whether the returned error was because http.StatusNotModified +// was returned. +func (c *ManagedFoldersGetIamPolicyCall) Do(opts ...googleapi.CallOption) (*Policy, error) { + gensupport.SetOptions(c.urlParams_, opts...) + res, err := c.doRequest("json") + if res != nil && res.StatusCode == http.StatusNotModified { + if res.Body != nil { + res.Body.Close() + } + return nil, gensupport.WrapError(&googleapi.Error{ + Code: res.StatusCode, + Header: res.Header, + }) + } + if err != nil { + return nil, err + } + defer googleapi.CloseBody(res) + if err := googleapi.CheckResponse(res); err != nil { + return nil, gensupport.WrapError(err) + } + ret := &Policy{ + ServerResponse: googleapi.ServerResponse{ + Header: res.Header, + HTTPStatusCode: res.StatusCode, + }, + } + target := &ret + if err := gensupport.DecodeResponse(target, res); err != nil { + return nil, err + } + return ret, nil + // { + // "description": "Returns an IAM policy for the specified managed folder.", + // "httpMethod": "GET", + // "id": "storage.managedFolders.getIamPolicy", + // "parameterOrder": [ + // "bucket", + // "managedFolder" + // ], + // "parameters": { + // "bucket": { + // "description": "Name of the bucket containing the managed folder.", + // "location": "path", + // "required": true, + // "type": "string" + // }, + // "managedFolder": { + // "description": "The managed folder name/path.", + // "location": "path", + // "required": true, + // "type": "string" + // }, + // "optionsRequestedPolicyVersion": { + // "description": "The IAM policy format version to be returned. If the optionsRequestedPolicyVersion is for an older version that doesn't support part of the requested IAM policy, the request fails.", + // "format": "int32", + // "location": "query", + // "minimum": "1", + // "type": "integer" + // }, + // "userProject": { + // "description": "The project to be billed for this request. Required for Requester Pays buckets.", + // "location": "query", + // "type": "string" + // } + // }, + // "path": "b/{bucket}/managedFolders/{managedFolder}/iam", + // "response": { + // "$ref": "Policy" + // }, + // "scopes": [ + // "https://www.googleapis.com/auth/cloud-platform", + // "https://www.googleapis.com/auth/cloud-platform.read-only", + // "https://www.googleapis.com/auth/devstorage.full_control", + // "https://www.googleapis.com/auth/devstorage.read_only", + // "https://www.googleapis.com/auth/devstorage.read_write" + // ] + // } + +} + +// method id "storage.managedFolders.insert": + +type ManagedFoldersInsertCall struct { + s *Service + bucket string + managedfolder *ManagedFolder + urlParams_ gensupport.URLParams + ctx_ context.Context + header_ http.Header +} + +// Insert: Creates a new managed folder. +// +// - bucket: Name of the bucket containing the managed folder. +func (r *ManagedFoldersService) Insert(bucket string, managedfolder *ManagedFolder) *ManagedFoldersInsertCall { + c := &ManagedFoldersInsertCall{s: r.s, urlParams_: make(gensupport.URLParams)} + c.bucket = bucket + c.managedfolder = managedfolder + return c +} + +// Fields allows partial responses to be retrieved. See +// https://developers.google.com/gdata/docs/2.0/basics#PartialResponse +// for more information. +func (c *ManagedFoldersInsertCall) Fields(s ...googleapi.Field) *ManagedFoldersInsertCall { + c.urlParams_.Set("fields", googleapi.CombineFields(s)) + return c +} + +// Context sets the context to be used in this call's Do method. Any +// pending HTTP request will be aborted if the provided context is +// canceled. +func (c *ManagedFoldersInsertCall) Context(ctx context.Context) *ManagedFoldersInsertCall { + c.ctx_ = ctx + return c +} + +// Header returns an http.Header that can be modified by the caller to +// add HTTP headers to the request. +func (c *ManagedFoldersInsertCall) Header() http.Header { + if c.header_ == nil { + c.header_ = make(http.Header) + } + return c.header_ +} + +func (c *ManagedFoldersInsertCall) doRequest(alt string) (*http.Response, error) { + reqHeaders := make(http.Header) + reqHeaders.Set("x-goog-api-client", "gl-go/"+gensupport.GoVersion()+" gdcl/"+internal.Version) + for k, v := range c.header_ { + reqHeaders[k] = v + } + reqHeaders.Set("User-Agent", c.s.userAgent()) + var body io.Reader = nil + body, err := googleapi.WithoutDataWrapper.JSONReader(c.managedfolder) + if err != nil { + return nil, err + } + reqHeaders.Set("Content-Type", "application/json") + c.urlParams_.Set("alt", alt) + c.urlParams_.Set("prettyPrint", "false") + urls := googleapi.ResolveRelative(c.s.BasePath, "b/{bucket}/managedFolders") + urls += "?" + c.urlParams_.Encode() + req, err := http.NewRequest("POST", urls, body) + if err != nil { + return nil, err + } + req.Header = reqHeaders + googleapi.Expand(req.URL, map[string]string{ + "bucket": c.bucket, + }) + return gensupport.SendRequest(c.ctx_, c.s.client, req) +} + +// Do executes the "storage.managedFolders.insert" call. +// Exactly one of *ManagedFolder or error will be non-nil. Any non-2xx +// status code is an error. Response headers are in either +// *ManagedFolder.ServerResponse.Header or (if a response was returned +// at all) in error.(*googleapi.Error).Header. Use +// googleapi.IsNotModified to check whether the returned error was +// because http.StatusNotModified was returned. +func (c *ManagedFoldersInsertCall) Do(opts ...googleapi.CallOption) (*ManagedFolder, error) { + gensupport.SetOptions(c.urlParams_, opts...) + res, err := c.doRequest("json") + if res != nil && res.StatusCode == http.StatusNotModified { + if res.Body != nil { + res.Body.Close() + } + return nil, gensupport.WrapError(&googleapi.Error{ + Code: res.StatusCode, + Header: res.Header, + }) + } + if err != nil { + return nil, err + } + defer googleapi.CloseBody(res) + if err := googleapi.CheckResponse(res); err != nil { + return nil, gensupport.WrapError(err) + } + ret := &ManagedFolder{ + ServerResponse: googleapi.ServerResponse{ + Header: res.Header, + HTTPStatusCode: res.StatusCode, + }, + } + target := &ret + if err := gensupport.DecodeResponse(target, res); err != nil { + return nil, err + } + return ret, nil + // { + // "description": "Creates a new managed folder.", + // "httpMethod": "POST", + // "id": "storage.managedFolders.insert", + // "parameterOrder": [ + // "bucket" + // ], + // "parameters": { + // "bucket": { + // "description": "Name of the bucket containing the managed folder.", + // "location": "path", + // "required": true, + // "type": "string" + // } + // }, + // "path": "b/{bucket}/managedFolders", + // "request": { + // "$ref": "ManagedFolder" + // }, + // "response": { + // "$ref": "ManagedFolder" + // }, + // "scopes": [ + // "https://www.googleapis.com/auth/cloud-platform", + // "https://www.googleapis.com/auth/devstorage.full_control", + // "https://www.googleapis.com/auth/devstorage.read_write" + // ] + // } + +} + +// method id "storage.managedFolders.list": + +type ManagedFoldersListCall struct { + s *Service + bucket string + urlParams_ gensupport.URLParams + ifNoneMatch_ string + ctx_ context.Context + header_ http.Header +} + +// List: Lists managed folders in the given bucket. +// +// - bucket: Name of the bucket containing the managed folder. +func (r *ManagedFoldersService) List(bucket string) *ManagedFoldersListCall { + c := &ManagedFoldersListCall{s: r.s, urlParams_: make(gensupport.URLParams)} + c.bucket = bucket + return c +} + +// PageSize sets the optional parameter "pageSize": Maximum number of +// items return in a single page of responses. +func (c *ManagedFoldersListCall) PageSize(pageSize int64) *ManagedFoldersListCall { + c.urlParams_.Set("pageSize", fmt.Sprint(pageSize)) + return c +} + +// PageToken sets the optional parameter "pageToken": A +// previously-returned page token representing part of the larger set of +// results to view. +func (c *ManagedFoldersListCall) PageToken(pageToken string) *ManagedFoldersListCall { + c.urlParams_.Set("pageToken", pageToken) + return c +} + +// Prefix sets the optional parameter "prefix": The managed folder +// name/path prefix to filter the output list of results. +func (c *ManagedFoldersListCall) Prefix(prefix string) *ManagedFoldersListCall { + c.urlParams_.Set("prefix", prefix) + return c +} + +// Fields allows partial responses to be retrieved. See +// https://developers.google.com/gdata/docs/2.0/basics#PartialResponse +// for more information. +func (c *ManagedFoldersListCall) Fields(s ...googleapi.Field) *ManagedFoldersListCall { + c.urlParams_.Set("fields", googleapi.CombineFields(s)) + return c +} + +// IfNoneMatch sets the optional parameter which makes the operation +// fail if the object's ETag matches the given value. This is useful for +// getting updates only after the object has changed since the last +// request. Use googleapi.IsNotModified to check whether the response +// error from Do is the result of In-None-Match. +func (c *ManagedFoldersListCall) IfNoneMatch(entityTag string) *ManagedFoldersListCall { + c.ifNoneMatch_ = entityTag + return c +} + +// Context sets the context to be used in this call's Do method. Any +// pending HTTP request will be aborted if the provided context is +// canceled. +func (c *ManagedFoldersListCall) Context(ctx context.Context) *ManagedFoldersListCall { + c.ctx_ = ctx + return c +} + +// Header returns an http.Header that can be modified by the caller to +// add HTTP headers to the request. +func (c *ManagedFoldersListCall) Header() http.Header { + if c.header_ == nil { + c.header_ = make(http.Header) + } + return c.header_ +} + +func (c *ManagedFoldersListCall) doRequest(alt string) (*http.Response, error) { + reqHeaders := make(http.Header) + reqHeaders.Set("x-goog-api-client", "gl-go/"+gensupport.GoVersion()+" gdcl/"+internal.Version) + for k, v := range c.header_ { + reqHeaders[k] = v + } + reqHeaders.Set("User-Agent", c.s.userAgent()) + if c.ifNoneMatch_ != "" { + reqHeaders.Set("If-None-Match", c.ifNoneMatch_) + } + var body io.Reader = nil + c.urlParams_.Set("alt", alt) + c.urlParams_.Set("prettyPrint", "false") + urls := googleapi.ResolveRelative(c.s.BasePath, "b/{bucket}/managedFolders") + urls += "?" + c.urlParams_.Encode() + req, err := http.NewRequest("GET", urls, body) + if err != nil { + return nil, err + } + req.Header = reqHeaders + googleapi.Expand(req.URL, map[string]string{ + "bucket": c.bucket, + }) + return gensupport.SendRequest(c.ctx_, c.s.client, req) +} + +// Do executes the "storage.managedFolders.list" call. +// Exactly one of *ManagedFolders or error will be non-nil. Any non-2xx +// status code is an error. Response headers are in either +// *ManagedFolders.ServerResponse.Header or (if a response was returned +// at all) in error.(*googleapi.Error).Header. Use +// googleapi.IsNotModified to check whether the returned error was +// because http.StatusNotModified was returned. +func (c *ManagedFoldersListCall) Do(opts ...googleapi.CallOption) (*ManagedFolders, error) { + gensupport.SetOptions(c.urlParams_, opts...) + res, err := c.doRequest("json") + if res != nil && res.StatusCode == http.StatusNotModified { + if res.Body != nil { + res.Body.Close() + } + return nil, gensupport.WrapError(&googleapi.Error{ + Code: res.StatusCode, + Header: res.Header, + }) + } + if err != nil { + return nil, err + } + defer googleapi.CloseBody(res) + if err := googleapi.CheckResponse(res); err != nil { + return nil, gensupport.WrapError(err) + } + ret := &ManagedFolders{ + ServerResponse: googleapi.ServerResponse{ + Header: res.Header, + HTTPStatusCode: res.StatusCode, + }, + } + target := &ret + if err := gensupport.DecodeResponse(target, res); err != nil { + return nil, err + } + return ret, nil + // { + // "description": "Lists managed folders in the given bucket.", + // "httpMethod": "GET", + // "id": "storage.managedFolders.list", + // "parameterOrder": [ + // "bucket" + // ], + // "parameters": { + // "bucket": { + // "description": "Name of the bucket containing the managed folder.", + // "location": "path", + // "required": true, + // "type": "string" + // }, + // "pageSize": { + // "description": "Maximum number of items return in a single page of responses.", + // "format": "int32", + // "location": "query", + // "minimum": "0", + // "type": "integer" + // }, + // "pageToken": { + // "description": "A previously-returned page token representing part of the larger set of results to view.", + // "location": "query", + // "type": "string" + // }, + // "prefix": { + // "description": "The managed folder name/path prefix to filter the output list of results.", + // "location": "query", + // "type": "string" + // } + // }, + // "path": "b/{bucket}/managedFolders", + // "response": { + // "$ref": "ManagedFolders" + // }, + // "scopes": [ + // "https://www.googleapis.com/auth/cloud-platform", + // "https://www.googleapis.com/auth/cloud-platform.read-only", + // "https://www.googleapis.com/auth/devstorage.full_control", + // "https://www.googleapis.com/auth/devstorage.read_only", + // "https://www.googleapis.com/auth/devstorage.read_write" + // ] + // } + +} + +// Pages invokes f for each page of results. +// A non-nil error returned from f will halt the iteration. +// The provided context supersedes any context provided to the Context method. +func (c *ManagedFoldersListCall) Pages(ctx context.Context, f func(*ManagedFolders) error) error { + c.ctx_ = ctx + defer c.PageToken(c.urlParams_.Get("pageToken")) // reset paging to original point + for { + x, err := c.Do() + if err != nil { + return err + } + if err := f(x); err != nil { + return err + } + if x.NextPageToken == "" { + return nil + } + c.PageToken(x.NextPageToken) + } +} + +// method id "storage.managedFolders.setIamPolicy": + +type ManagedFoldersSetIamPolicyCall struct { + s *Service + bucket string + managedFolder string + policy *Policy + urlParams_ gensupport.URLParams + ctx_ context.Context + header_ http.Header +} + +// SetIamPolicy: Updates an IAM policy for the specified managed folder. +// +// - bucket: Name of the bucket containing the managed folder. +// - managedFolder: The managed folder name/path. +func (r *ManagedFoldersService) SetIamPolicy(bucket string, managedFolder string, policy *Policy) *ManagedFoldersSetIamPolicyCall { + c := &ManagedFoldersSetIamPolicyCall{s: r.s, urlParams_: make(gensupport.URLParams)} + c.bucket = bucket + c.managedFolder = managedFolder + c.policy = policy + return c +} + +// UserProject sets the optional parameter "userProject": The project to +// be billed for this request. Required for Requester Pays buckets. +func (c *ManagedFoldersSetIamPolicyCall) UserProject(userProject string) *ManagedFoldersSetIamPolicyCall { + c.urlParams_.Set("userProject", userProject) + return c +} + +// Fields allows partial responses to be retrieved. See +// https://developers.google.com/gdata/docs/2.0/basics#PartialResponse +// for more information. +func (c *ManagedFoldersSetIamPolicyCall) Fields(s ...googleapi.Field) *ManagedFoldersSetIamPolicyCall { + c.urlParams_.Set("fields", googleapi.CombineFields(s)) + return c +} + +// Context sets the context to be used in this call's Do method. Any +// pending HTTP request will be aborted if the provided context is +// canceled. +func (c *ManagedFoldersSetIamPolicyCall) Context(ctx context.Context) *ManagedFoldersSetIamPolicyCall { + c.ctx_ = ctx + return c +} + +// Header returns an http.Header that can be modified by the caller to +// add HTTP headers to the request. +func (c *ManagedFoldersSetIamPolicyCall) Header() http.Header { + if c.header_ == nil { + c.header_ = make(http.Header) + } + return c.header_ +} + +func (c *ManagedFoldersSetIamPolicyCall) doRequest(alt string) (*http.Response, error) { + reqHeaders := make(http.Header) + reqHeaders.Set("x-goog-api-client", "gl-go/"+gensupport.GoVersion()+" gdcl/"+internal.Version) + for k, v := range c.header_ { + reqHeaders[k] = v + } + reqHeaders.Set("User-Agent", c.s.userAgent()) + var body io.Reader = nil + body, err := googleapi.WithoutDataWrapper.JSONReader(c.policy) + if err != nil { + return nil, err + } + reqHeaders.Set("Content-Type", "application/json") + c.urlParams_.Set("alt", alt) + c.urlParams_.Set("prettyPrint", "false") + urls := googleapi.ResolveRelative(c.s.BasePath, "b/{bucket}/managedFolders/{managedFolder}/iam") + urls += "?" + c.urlParams_.Encode() + req, err := http.NewRequest("PUT", urls, body) + if err != nil { + return nil, err + } + req.Header = reqHeaders + googleapi.Expand(req.URL, map[string]string{ + "bucket": c.bucket, + "managedFolder": c.managedFolder, + }) + return gensupport.SendRequest(c.ctx_, c.s.client, req) +} + +// Do executes the "storage.managedFolders.setIamPolicy" call. +// Exactly one of *Policy or error will be non-nil. Any non-2xx status +// code is an error. Response headers are in either +// *Policy.ServerResponse.Header or (if a response was returned at all) +// in error.(*googleapi.Error).Header. Use googleapi.IsNotModified to +// check whether the returned error was because http.StatusNotModified +// was returned. +func (c *ManagedFoldersSetIamPolicyCall) Do(opts ...googleapi.CallOption) (*Policy, error) { + gensupport.SetOptions(c.urlParams_, opts...) + res, err := c.doRequest("json") + if res != nil && res.StatusCode == http.StatusNotModified { + if res.Body != nil { + res.Body.Close() + } + return nil, gensupport.WrapError(&googleapi.Error{ + Code: res.StatusCode, + Header: res.Header, + }) + } + if err != nil { + return nil, err + } + defer googleapi.CloseBody(res) + if err := googleapi.CheckResponse(res); err != nil { + return nil, gensupport.WrapError(err) + } + ret := &Policy{ + ServerResponse: googleapi.ServerResponse{ + Header: res.Header, + HTTPStatusCode: res.StatusCode, + }, + } + target := &ret + if err := gensupport.DecodeResponse(target, res); err != nil { + return nil, err + } + return ret, nil + // { + // "description": "Updates an IAM policy for the specified managed folder.", + // "httpMethod": "PUT", + // "id": "storage.managedFolders.setIamPolicy", + // "parameterOrder": [ + // "bucket", + // "managedFolder" + // ], + // "parameters": { + // "bucket": { + // "description": "Name of the bucket containing the managed folder.", + // "location": "path", + // "required": true, + // "type": "string" + // }, + // "managedFolder": { + // "description": "The managed folder name/path.", + // "location": "path", + // "required": true, + // "type": "string" + // }, + // "userProject": { + // "description": "The project to be billed for this request. Required for Requester Pays buckets.", + // "location": "query", + // "type": "string" + // } + // }, + // "path": "b/{bucket}/managedFolders/{managedFolder}/iam", + // "request": { + // "$ref": "Policy" + // }, + // "response": { + // "$ref": "Policy" + // }, + // "scopes": [ + // "https://www.googleapis.com/auth/cloud-platform", + // "https://www.googleapis.com/auth/devstorage.full_control" + // ] + // } + +} + +// method id "storage.managedFolders.testIamPermissions": + +type ManagedFoldersTestIamPermissionsCall struct { + s *Service + bucket string + managedFolder string + urlParams_ gensupport.URLParams + ifNoneMatch_ string + ctx_ context.Context + header_ http.Header +} + +// TestIamPermissions: Tests a set of permissions on the given managed +// folder to see which, if any, are held by the caller. +// +// - bucket: Name of the bucket containing the managed folder. +// - managedFolder: The managed folder name/path. +// - permissions: Permissions to test. +func (r *ManagedFoldersService) TestIamPermissions(bucket string, managedFolder string, permissions []string) *ManagedFoldersTestIamPermissionsCall { + c := &ManagedFoldersTestIamPermissionsCall{s: r.s, urlParams_: make(gensupport.URLParams)} + c.bucket = bucket + c.managedFolder = managedFolder + c.urlParams_.SetMulti("permissions", append([]string{}, permissions...)) + return c +} + +// UserProject sets the optional parameter "userProject": The project to +// be billed for this request. Required for Requester Pays buckets. +func (c *ManagedFoldersTestIamPermissionsCall) UserProject(userProject string) *ManagedFoldersTestIamPermissionsCall { + c.urlParams_.Set("userProject", userProject) + return c +} + +// Fields allows partial responses to be retrieved. See +// https://developers.google.com/gdata/docs/2.0/basics#PartialResponse +// for more information. +func (c *ManagedFoldersTestIamPermissionsCall) Fields(s ...googleapi.Field) *ManagedFoldersTestIamPermissionsCall { + c.urlParams_.Set("fields", googleapi.CombineFields(s)) + return c +} + +// IfNoneMatch sets the optional parameter which makes the operation +// fail if the object's ETag matches the given value. This is useful for +// getting updates only after the object has changed since the last +// request. Use googleapi.IsNotModified to check whether the response +// error from Do is the result of In-None-Match. +func (c *ManagedFoldersTestIamPermissionsCall) IfNoneMatch(entityTag string) *ManagedFoldersTestIamPermissionsCall { + c.ifNoneMatch_ = entityTag + return c +} + +// Context sets the context to be used in this call's Do method. Any +// pending HTTP request will be aborted if the provided context is +// canceled. +func (c *ManagedFoldersTestIamPermissionsCall) Context(ctx context.Context) *ManagedFoldersTestIamPermissionsCall { + c.ctx_ = ctx + return c +} + +// Header returns an http.Header that can be modified by the caller to +// add HTTP headers to the request. +func (c *ManagedFoldersTestIamPermissionsCall) Header() http.Header { + if c.header_ == nil { + c.header_ = make(http.Header) + } + return c.header_ +} + +func (c *ManagedFoldersTestIamPermissionsCall) doRequest(alt string) (*http.Response, error) { + reqHeaders := make(http.Header) + reqHeaders.Set("x-goog-api-client", "gl-go/"+gensupport.GoVersion()+" gdcl/"+internal.Version) + for k, v := range c.header_ { + reqHeaders[k] = v + } + reqHeaders.Set("User-Agent", c.s.userAgent()) + if c.ifNoneMatch_ != "" { + reqHeaders.Set("If-None-Match", c.ifNoneMatch_) + } + var body io.Reader = nil + c.urlParams_.Set("alt", alt) + c.urlParams_.Set("prettyPrint", "false") + urls := googleapi.ResolveRelative(c.s.BasePath, "b/{bucket}/managedFolders/{managedFolder}/iam/testPermissions") + urls += "?" + c.urlParams_.Encode() + req, err := http.NewRequest("GET", urls, body) + if err != nil { + return nil, err + } + req.Header = reqHeaders + googleapi.Expand(req.URL, map[string]string{ + "bucket": c.bucket, + "managedFolder": c.managedFolder, + }) + return gensupport.SendRequest(c.ctx_, c.s.client, req) +} + +// Do executes the "storage.managedFolders.testIamPermissions" call. +// Exactly one of *TestIamPermissionsResponse or error will be non-nil. +// Any non-2xx status code is an error. Response headers are in either +// *TestIamPermissionsResponse.ServerResponse.Header or (if a response +// was returned at all) in error.(*googleapi.Error).Header. Use +// googleapi.IsNotModified to check whether the returned error was +// because http.StatusNotModified was returned. +func (c *ManagedFoldersTestIamPermissionsCall) Do(opts ...googleapi.CallOption) (*TestIamPermissionsResponse, error) { + gensupport.SetOptions(c.urlParams_, opts...) + res, err := c.doRequest("json") + if res != nil && res.StatusCode == http.StatusNotModified { + if res.Body != nil { + res.Body.Close() + } + return nil, gensupport.WrapError(&googleapi.Error{ + Code: res.StatusCode, + Header: res.Header, + }) + } + if err != nil { + return nil, err + } + defer googleapi.CloseBody(res) + if err := googleapi.CheckResponse(res); err != nil { + return nil, gensupport.WrapError(err) + } + ret := &TestIamPermissionsResponse{ + ServerResponse: googleapi.ServerResponse{ + Header: res.Header, + HTTPStatusCode: res.StatusCode, + }, + } + target := &ret + if err := gensupport.DecodeResponse(target, res); err != nil { + return nil, err + } + return ret, nil + // { + // "description": "Tests a set of permissions on the given managed folder to see which, if any, are held by the caller.", + // "httpMethod": "GET", + // "id": "storage.managedFolders.testIamPermissions", + // "parameterOrder": [ + // "bucket", + // "managedFolder", + // "permissions" + // ], + // "parameters": { + // "bucket": { + // "description": "Name of the bucket containing the managed folder.", + // "location": "path", + // "required": true, + // "type": "string" + // }, + // "managedFolder": { + // "description": "The managed folder name/path.", + // "location": "path", + // "required": true, + // "type": "string" + // }, + // "permissions": { + // "description": "Permissions to test.", + // "location": "query", + // "repeated": true, + // "required": true, + // "type": "string" + // }, + // "userProject": { + // "description": "The project to be billed for this request. Required for Requester Pays buckets.", + // "location": "query", + // "type": "string" + // } + // }, + // "path": "b/{bucket}/managedFolders/{managedFolder}/iam/testPermissions", + // "response": { + // "$ref": "TestIamPermissionsResponse" + // }, + // "scopes": [ + // "https://www.googleapis.com/auth/cloud-platform", + // "https://www.googleapis.com/auth/cloud-platform.read-only", + // "https://www.googleapis.com/auth/devstorage.full_control", + // "https://www.googleapis.com/auth/devstorage.read_only", + // "https://www.googleapis.com/auth/devstorage.read_write" + // ] + // } + +} + +// method id "storage.notifications.delete": + +type NotificationsDeleteCall struct { + s *Service + bucket string + notification string + urlParams_ gensupport.URLParams + ctx_ context.Context + header_ http.Header +} + +// Delete: Permanently deletes a notification subscription. +// +// - bucket: The parent bucket of the notification. +// - notification: ID of the notification to delete. +func (r *NotificationsService) Delete(bucket string, notification string) *NotificationsDeleteCall { + c := &NotificationsDeleteCall{s: r.s, urlParams_: make(gensupport.URLParams)} + c.bucket = bucket + c.notification = notification + return c +} + +// UserProject sets the optional parameter "userProject": The project to +// be billed for this request. Required for Requester Pays buckets. +func (c *NotificationsDeleteCall) UserProject(userProject string) *NotificationsDeleteCall { + c.urlParams_.Set("userProject", userProject) + return c +} + +// Fields allows partial responses to be retrieved. See +// https://developers.google.com/gdata/docs/2.0/basics#PartialResponse +// for more information. +func (c *NotificationsDeleteCall) Fields(s ...googleapi.Field) *NotificationsDeleteCall { + c.urlParams_.Set("fields", googleapi.CombineFields(s)) + return c +} + +// Context sets the context to be used in this call's Do method. Any +// pending HTTP request will be aborted if the provided context is +// canceled. +func (c *NotificationsDeleteCall) Context(ctx context.Context) *NotificationsDeleteCall { + c.ctx_ = ctx + return c +} + +// Header returns an http.Header that can be modified by the caller to +// add HTTP headers to the request. +func (c *NotificationsDeleteCall) Header() http.Header { + if c.header_ == nil { + c.header_ = make(http.Header) + } + return c.header_ +} + +func (c *NotificationsDeleteCall) doRequest(alt string) (*http.Response, error) { + reqHeaders := make(http.Header) + reqHeaders.Set("x-goog-api-client", "gl-go/"+gensupport.GoVersion()+" gdcl/"+internal.Version) + for k, v := range c.header_ { + reqHeaders[k] = v + } + reqHeaders.Set("User-Agent", c.s.userAgent()) + var body io.Reader = nil + c.urlParams_.Set("alt", alt) + c.urlParams_.Set("prettyPrint", "false") + urls := googleapi.ResolveRelative(c.s.BasePath, "b/{bucket}/notificationConfigs/{notification}") + urls += "?" + c.urlParams_.Encode() + req, err := http.NewRequest("DELETE", urls, body) + if err != nil { + return nil, err + } + req.Header = reqHeaders + googleapi.Expand(req.URL, map[string]string{ + "bucket": c.bucket, + "notification": c.notification, + }) + return gensupport.SendRequest(c.ctx_, c.s.client, req) +} + +// Do executes the "storage.notifications.delete" call. +func (c *NotificationsDeleteCall) Do(opts ...googleapi.CallOption) error { + gensupport.SetOptions(c.urlParams_, opts...) + res, err := c.doRequest("json") + if err != nil { + return err + } + defer googleapi.CloseBody(res) + if err := googleapi.CheckResponse(res); err != nil { + return gensupport.WrapError(err) + } + return nil + // { + // "description": "Permanently deletes a notification subscription.", + // "httpMethod": "DELETE", + // "id": "storage.notifications.delete", + // "parameterOrder": [ + // "bucket", + // "notification" + // ], + // "parameters": { + // "bucket": { + // "description": "The parent bucket of the notification.", + // "location": "path", + // "required": true, + // "type": "string" + // }, + // "notification": { + // "description": "ID of the notification to delete.", + // "location": "path", + // "required": true, + // "type": "string" + // }, + // "userProject": { + // "description": "The project to be billed for this request. Required for Requester Pays buckets.", + // "location": "query", + // "type": "string" + // } + // }, + // "path": "b/{bucket}/notificationConfigs/{notification}", + // "scopes": [ + // "https://www.googleapis.com/auth/cloud-platform", + // "https://www.googleapis.com/auth/devstorage.full_control", + // "https://www.googleapis.com/auth/devstorage.read_write" + // ] + // } + +} + +// method id "storage.notifications.get": + +type NotificationsGetCall struct { + s *Service + bucket string + notification string + urlParams_ gensupport.URLParams + ifNoneMatch_ string + ctx_ context.Context + header_ http.Header +} + +// Get: View a notification configuration. +// +// - bucket: The parent bucket of the notification. +// - notification: Notification ID. +func (r *NotificationsService) Get(bucket string, notification string) *NotificationsGetCall { + c := &NotificationsGetCall{s: r.s, urlParams_: make(gensupport.URLParams)} + c.bucket = bucket + c.notification = notification + return c +} + +// UserProject sets the optional parameter "userProject": The project to +// be billed for this request. Required for Requester Pays buckets. +func (c *NotificationsGetCall) UserProject(userProject string) *NotificationsGetCall { + c.urlParams_.Set("userProject", userProject) + return c +} + +// Fields allows partial responses to be retrieved. See +// https://developers.google.com/gdata/docs/2.0/basics#PartialResponse +// for more information. +func (c *NotificationsGetCall) Fields(s ...googleapi.Field) *NotificationsGetCall { + c.urlParams_.Set("fields", googleapi.CombineFields(s)) + return c +} + +// IfNoneMatch sets the optional parameter which makes the operation +// fail if the object's ETag matches the given value. This is useful for +// getting updates only after the object has changed since the last +// request. Use googleapi.IsNotModified to check whether the response +// error from Do is the result of In-None-Match. +func (c *NotificationsGetCall) IfNoneMatch(entityTag string) *NotificationsGetCall { + c.ifNoneMatch_ = entityTag + return c +} + +// Context sets the context to be used in this call's Do method. Any +// pending HTTP request will be aborted if the provided context is +// canceled. +func (c *NotificationsGetCall) Context(ctx context.Context) *NotificationsGetCall { + c.ctx_ = ctx + return c +} + +// Header returns an http.Header that can be modified by the caller to +// add HTTP headers to the request. +func (c *NotificationsGetCall) Header() http.Header { + if c.header_ == nil { + c.header_ = make(http.Header) + } + return c.header_ +} + +func (c *NotificationsGetCall) doRequest(alt string) (*http.Response, error) { + reqHeaders := make(http.Header) + reqHeaders.Set("x-goog-api-client", "gl-go/"+gensupport.GoVersion()+" gdcl/"+internal.Version) + for k, v := range c.header_ { + reqHeaders[k] = v + } + reqHeaders.Set("User-Agent", c.s.userAgent()) + if c.ifNoneMatch_ != "" { + reqHeaders.Set("If-None-Match", c.ifNoneMatch_) + } + var body io.Reader = nil + c.urlParams_.Set("alt", alt) + c.urlParams_.Set("prettyPrint", "false") + urls := googleapi.ResolveRelative(c.s.BasePath, "b/{bucket}/notificationConfigs/{notification}") + urls += "?" + c.urlParams_.Encode() + req, err := http.NewRequest("GET", urls, body) + if err != nil { + return nil, err + } + req.Header = reqHeaders + googleapi.Expand(req.URL, map[string]string{ + "bucket": c.bucket, + "notification": c.notification, + }) + return gensupport.SendRequest(c.ctx_, c.s.client, req) +} + +// Do executes the "storage.notifications.get" call. +// Exactly one of *Notification or error will be non-nil. Any non-2xx +// status code is an error. Response headers are in either +// *Notification.ServerResponse.Header or (if a response was returned at +// all) in error.(*googleapi.Error).Header. Use googleapi.IsNotModified +// to check whether the returned error was because +// http.StatusNotModified was returned. +func (c *NotificationsGetCall) Do(opts ...googleapi.CallOption) (*Notification, error) { + gensupport.SetOptions(c.urlParams_, opts...) + res, err := c.doRequest("json") + if res != nil && res.StatusCode == http.StatusNotModified { + if res.Body != nil { + res.Body.Close() + } + return nil, gensupport.WrapError(&googleapi.Error{ + Code: res.StatusCode, + Header: res.Header, + }) + } + if err != nil { + return nil, err + } + defer googleapi.CloseBody(res) + if err := googleapi.CheckResponse(res); err != nil { + return nil, gensupport.WrapError(err) + } + ret := &Notification{ + ServerResponse: googleapi.ServerResponse{ + Header: res.Header, + HTTPStatusCode: res.StatusCode, + }, + } + target := &ret + if err := gensupport.DecodeResponse(target, res); err != nil { + return nil, err + } + return ret, nil + // { + // "description": "View a notification configuration.", + // "httpMethod": "GET", + // "id": "storage.notifications.get", + // "parameterOrder": [ + // "bucket", + // "notification" + // ], + // "parameters": { + // "bucket": { + // "description": "The parent bucket of the notification.", + // "location": "path", + // "required": true, + // "type": "string" + // }, + // "notification": { + // "description": "Notification ID", + // "location": "path", + // "required": true, + // "type": "string" + // }, + // "userProject": { + // "description": "The project to be billed for this request. Required for Requester Pays buckets.", + // "location": "query", + // "type": "string" + // } + // }, + // "path": "b/{bucket}/notificationConfigs/{notification}", + // "response": { + // "$ref": "Notification" + // }, + // "scopes": [ + // "https://www.googleapis.com/auth/cloud-platform", + // "https://www.googleapis.com/auth/cloud-platform.read-only", + // "https://www.googleapis.com/auth/devstorage.full_control", + // "https://www.googleapis.com/auth/devstorage.read_only", + // "https://www.googleapis.com/auth/devstorage.read_write" + // ] + // } + +} + +// method id "storage.notifications.insert": + +type NotificationsInsertCall struct { + s *Service + bucket string + notification *Notification + urlParams_ gensupport.URLParams + ctx_ context.Context + header_ http.Header +} + +// Insert: Creates a notification subscription for a given bucket. +// +// - bucket: The parent bucket of the notification. +func (r *NotificationsService) Insert(bucket string, notification *Notification) *NotificationsInsertCall { + c := &NotificationsInsertCall{s: r.s, urlParams_: make(gensupport.URLParams)} + c.bucket = bucket + c.notification = notification + return c +} + +// UserProject sets the optional parameter "userProject": The project to +// be billed for this request. Required for Requester Pays buckets. +func (c *NotificationsInsertCall) UserProject(userProject string) *NotificationsInsertCall { + c.urlParams_.Set("userProject", userProject) + return c +} + +// Fields allows partial responses to be retrieved. See +// https://developers.google.com/gdata/docs/2.0/basics#PartialResponse +// for more information. +func (c *NotificationsInsertCall) Fields(s ...googleapi.Field) *NotificationsInsertCall { + c.urlParams_.Set("fields", googleapi.CombineFields(s)) + return c +} + +// Context sets the context to be used in this call's Do method. Any +// pending HTTP request will be aborted if the provided context is +// canceled. +func (c *NotificationsInsertCall) Context(ctx context.Context) *NotificationsInsertCall { + c.ctx_ = ctx + return c +} + +// Header returns an http.Header that can be modified by the caller to +// add HTTP headers to the request. +func (c *NotificationsInsertCall) Header() http.Header { + if c.header_ == nil { + c.header_ = make(http.Header) + } + return c.header_ +} + +func (c *NotificationsInsertCall) doRequest(alt string) (*http.Response, error) { + reqHeaders := make(http.Header) + reqHeaders.Set("x-goog-api-client", "gl-go/"+gensupport.GoVersion()+" gdcl/"+internal.Version) + for k, v := range c.header_ { + reqHeaders[k] = v + } + reqHeaders.Set("User-Agent", c.s.userAgent()) + var body io.Reader = nil + body, err := googleapi.WithoutDataWrapper.JSONReader(c.notification) + if err != nil { + return nil, err + } + reqHeaders.Set("Content-Type", "application/json") + c.urlParams_.Set("alt", alt) + c.urlParams_.Set("prettyPrint", "false") + urls := googleapi.ResolveRelative(c.s.BasePath, "b/{bucket}/notificationConfigs") + urls += "?" + c.urlParams_.Encode() + req, err := http.NewRequest("POST", urls, body) + if err != nil { + return nil, err + } + req.Header = reqHeaders + googleapi.Expand(req.URL, map[string]string{ + "bucket": c.bucket, + }) + return gensupport.SendRequest(c.ctx_, c.s.client, req) +} + +// Do executes the "storage.notifications.insert" call. +// Exactly one of *Notification or error will be non-nil. Any non-2xx +// status code is an error. Response headers are in either +// *Notification.ServerResponse.Header or (if a response was returned at +// all) in error.(*googleapi.Error).Header. Use googleapi.IsNotModified // to check whether the returned error was because // http.StatusNotModified was returned. func (c *NotificationsInsertCall) Do(opts ...googleapi.CallOption) (*Notification, error) { @@ -10743,6 +12080,15 @@ func (c *ObjectsListCall) EndOffset(endOffset string) *ObjectsListCall { return c } +// IncludeFoldersAsPrefixes sets the optional parameter +// "includeFoldersAsPrefixes": Only applicable if delimiter is set to +// '/'. If true, will also include folders and managed folders (besides +// objects) in the returned prefixes. +func (c *ObjectsListCall) IncludeFoldersAsPrefixes(includeFoldersAsPrefixes bool) *ObjectsListCall { + c.urlParams_.Set("includeFoldersAsPrefixes", fmt.Sprint(includeFoldersAsPrefixes)) + return c +} + // IncludeTrailingDelimiter sets the optional parameter // "includeTrailingDelimiter": If true, objects that end in exactly one // instance of delimiter will have their metadata included in items in @@ -10950,6 +12296,11 @@ func (c *ObjectsListCall) Do(opts ...googleapi.CallOption) (*Objects, error) { // "location": "query", // "type": "string" // }, + // "includeFoldersAsPrefixes": { + // "description": "Only applicable if delimiter is set to '/'. If true, will also include folders and managed folders (besides objects) in the returned prefixes.", + // "location": "query", + // "type": "boolean" + // }, // "includeTrailingDelimiter": { // "description": "If true, objects that end in exactly one instance of delimiter will have their metadata included in items in addition to prefixes.", // "location": "query", diff --git a/vendor/google.golang.org/grpc/README.md b/vendor/google.golang.org/grpc/README.md index 1bc92248cb..ab0fbb79b8 100644 --- a/vendor/google.golang.org/grpc/README.md +++ b/vendor/google.golang.org/grpc/README.md @@ -1,8 +1,8 @@ # gRPC-Go -[![Build Status](https://travis-ci.org/grpc/grpc-go.svg)](https://travis-ci.org/grpc/grpc-go) [![GoDoc](https://pkg.go.dev/badge/google.golang.org/grpc)][API] [![GoReportCard](https://goreportcard.com/badge/grpc/grpc-go)](https://goreportcard.com/report/github.com/grpc/grpc-go) +[![codecov](https://codecov.io/gh/grpc/grpc-go/graph/badge.svg)](https://codecov.io/gh/grpc/grpc-go) The [Go][] implementation of [gRPC][]: A high performance, open source, general RPC framework that puts mobile and HTTP/2 first. For more information see the diff --git a/vendor/google.golang.org/grpc/attributes/attributes.go b/vendor/google.golang.org/grpc/attributes/attributes.go index 712fef4d0f..52d530d7ad 100644 --- a/vendor/google.golang.org/grpc/attributes/attributes.go +++ b/vendor/google.golang.org/grpc/attributes/attributes.go @@ -121,9 +121,9 @@ func (a *Attributes) String() string { return sb.String() } -func str(x any) string { +func str(x any) (s string) { if v, ok := x.(fmt.Stringer); ok { - return v.String() + return fmt.Sprint(v) } else if v, ok := x.(string); ok { return v } diff --git a/vendor/google.golang.org/grpc/balancer/balancer.go b/vendor/google.golang.org/grpc/balancer/balancer.go index b6377f445a..d79560a2e2 100644 --- a/vendor/google.golang.org/grpc/balancer/balancer.go +++ b/vendor/google.golang.org/grpc/balancer/balancer.go @@ -30,6 +30,7 @@ import ( "google.golang.org/grpc/channelz" "google.golang.org/grpc/connectivity" "google.golang.org/grpc/credentials" + "google.golang.org/grpc/grpclog" "google.golang.org/grpc/internal" "google.golang.org/grpc/metadata" "google.golang.org/grpc/resolver" @@ -39,6 +40,8 @@ import ( var ( // m is a map from name to balancer builder. m = make(map[string]Builder) + + logger = grpclog.Component("balancer") ) // Register registers the balancer builder to the balancer map. b.Name @@ -51,6 +54,12 @@ var ( // an init() function), and is not thread-safe. If multiple Balancers are // registered with the same name, the one registered last will take effect. func Register(b Builder) { + if strings.ToLower(b.Name()) != b.Name() { + // TODO: Skip the use of strings.ToLower() to index the map after v1.59 + // is released to switch to case sensitive balancer registry. Also, + // remove this warning and update the docstrings for Register and Get. + logger.Warningf("Balancer registered with name %q. grpc-go will be switching to case sensitive balancer registries soon", b.Name()) + } m[strings.ToLower(b.Name())] = b } @@ -70,6 +79,12 @@ func init() { // Note that the compare is done in a case-insensitive fashion. // If no builder is register with the name, nil will be returned. func Get(name string) Builder { + if strings.ToLower(name) != name { + // TODO: Skip the use of strings.ToLower() to index the map after v1.59 + // is released to switch to case sensitive balancer registry. Also, + // remove this warning and update the docstrings for Register and Get. + logger.Warningf("Balancer retrieved for name %q. grpc-go will be switching to case sensitive balancer registries soon", name) + } if b, ok := m[strings.ToLower(name)]; ok { return b } diff --git a/vendor/google.golang.org/grpc/balancer/grpclb/grpclb.go b/vendor/google.golang.org/grpc/balancer/grpclb/grpclb.go index f2ddfc3788..86ba65be4c 100644 --- a/vendor/google.golang.org/grpc/balancer/grpclb/grpclb.go +++ b/vendor/google.golang.org/grpc/balancer/grpclb/grpclb.go @@ -32,14 +32,18 @@ import ( "google.golang.org/grpc" "google.golang.org/grpc/balancer" + "google.golang.org/grpc/balancer/base" grpclbstate "google.golang.org/grpc/balancer/grpclb/state" "google.golang.org/grpc/connectivity" "google.golang.org/grpc/credentials" "google.golang.org/grpc/grpclog" "google.golang.org/grpc/internal" "google.golang.org/grpc/internal/backoff" + internalgrpclog "google.golang.org/grpc/internal/grpclog" + "google.golang.org/grpc/internal/pretty" "google.golang.org/grpc/internal/resolver/dns" "google.golang.org/grpc/resolver" + "google.golang.org/grpc/resolver/manual" durationpb "github.com/golang/protobuf/ptypes/duration" lbpb "google.golang.org/grpc/balancer/grpclb/grpc_lb_v1" @@ -132,7 +136,11 @@ func (b *lbBuilder) Build(cc balancer.ClientConn, opt balancer.BuildOptions) bal // This generates a manual resolver builder with a fixed scheme. This // scheme will be used to dial to remote LB, so we can send filtered // address updates to remote LB ClientConn using this manual resolver. - r := &lbManualResolver{scheme: "grpclb-internal", ccb: cc} + mr := manual.NewBuilderWithScheme("grpclb-internal") + // ResolveNow() on this manual resolver is forwarded to the parent + // ClientConn, so when grpclb client loses contact with the remote balancer, + // the parent ClientConn's resolver will re-resolve. + mr.ResolveNowCallback = cc.ResolveNow lb := &lbBalancer{ cc: newLBCacheClientConn(cc), @@ -142,23 +150,24 @@ func (b *lbBuilder) Build(cc balancer.ClientConn, opt balancer.BuildOptions) bal fallbackTimeout: b.fallbackTimeout, doneCh: make(chan struct{}), - manualResolver: r, + manualResolver: mr, subConns: make(map[resolver.Address]balancer.SubConn), scStates: make(map[balancer.SubConn]connectivity.State), - picker: &errPicker{err: balancer.ErrNoSubConnAvailable}, + picker: base.NewErrPicker(balancer.ErrNoSubConnAvailable), clientStats: newRPCStats(), backoff: backoff.DefaultExponential, // TODO: make backoff configurable. } + lb.logger = internalgrpclog.NewPrefixLogger(logger, fmt.Sprintf("[grpclb %p] ", lb)) var err error if opt.CredsBundle != nil { lb.grpclbClientConnCreds, err = opt.CredsBundle.NewWithMode(internal.CredsBundleModeBalancer) if err != nil { - logger.Warningf("lbBalancer: client connection creds NewWithMode failed: %v", err) + lb.logger.Warningf("Failed to create credentials used for connecting to grpclb: %v", err) } lb.grpclbBackendCreds, err = opt.CredsBundle.NewWithMode(internal.CredsBundleModeBackendFromBalancer) if err != nil { - logger.Warningf("lbBalancer: backend creds NewWithMode failed: %v", err) + lb.logger.Warningf("Failed to create credentials used for connecting to backends returned by grpclb: %v", err) } } @@ -170,6 +179,7 @@ type lbBalancer struct { dialTarget string // user's dial target target string // same as dialTarget unless overridden in service config opt balancer.BuildOptions + logger *internalgrpclog.PrefixLogger usePickFirst bool @@ -188,7 +198,7 @@ type lbBalancer struct { // manualResolver is used in the remote LB ClientConn inside grpclb. When // resolved address updates are received by grpclb, filtered updates will be // send to remote LB ClientConn through this resolver. - manualResolver *lbManualResolver + manualResolver *manual.Resolver // The ClientConn to talk to the remote balancer. ccRemoteLB *remoteBalancerCCWrapper // backoff for calling remote balancer. @@ -236,12 +246,12 @@ type lbBalancer struct { // Caller must hold lb.mu. func (lb *lbBalancer) regeneratePicker(resetDrop bool) { if lb.state == connectivity.TransientFailure { - lb.picker = &errPicker{err: fmt.Errorf("all SubConns are in TransientFailure, last connection error: %v", lb.connErr)} + lb.picker = base.NewErrPicker(fmt.Errorf("all SubConns are in TransientFailure, last connection error: %v", lb.connErr)) return } if lb.state == connectivity.Connecting { - lb.picker = &errPicker{err: balancer.ErrNoSubConnAvailable} + lb.picker = base.NewErrPicker(balancer.ErrNoSubConnAvailable) return } @@ -268,7 +278,7 @@ func (lb *lbBalancer) regeneratePicker(resetDrop bool) { // // This doesn't seem to be necessary after the connecting check above. // Kept for safety. - lb.picker = &errPicker{err: balancer.ErrNoSubConnAvailable} + lb.picker = base.NewErrPicker(balancer.ErrNoSubConnAvailable) return } if lb.inFallback { @@ -322,21 +332,21 @@ func (lb *lbBalancer) aggregateSubConnStates() connectivity.State { // UpdateSubConnState is unused; NewSubConn's options always specifies // updateSubConnState as the listener. func (lb *lbBalancer) UpdateSubConnState(sc balancer.SubConn, scs balancer.SubConnState) { - logger.Errorf("grpclb: UpdateSubConnState(%v, %+v) called unexpectedly", sc, scs) + lb.logger.Errorf("UpdateSubConnState(%v, %+v) called unexpectedly", sc, scs) } func (lb *lbBalancer) updateSubConnState(sc balancer.SubConn, scs balancer.SubConnState) { s := scs.ConnectivityState - if logger.V(2) { - logger.Infof("lbBalancer: handle SubConn state change: %p, %v", sc, s) + if lb.logger.V(2) { + lb.logger.Infof("SubConn state change: %p, %v", sc, s) } lb.mu.Lock() defer lb.mu.Unlock() oldS, ok := lb.scStates[sc] if !ok { - if logger.V(2) { - logger.Infof("lbBalancer: got state changes for an unknown SubConn: %p, %v", sc, s) + if lb.logger.V(2) { + lb.logger.Infof("Received state change for an unknown SubConn: %p, %v", sc, s) } return } @@ -441,8 +451,8 @@ func (lb *lbBalancer) handleServiceConfig(gc *grpclbServiceConfig) { if lb.usePickFirst == newUsePickFirst { return } - if logger.V(2) { - logger.Infof("lbBalancer: switching mode, new usePickFirst: %+v", newUsePickFirst) + if lb.logger.V(2) { + lb.logger.Infof("Switching mode. Is pick_first used for backends? %v", newUsePickFirst) } lb.refreshSubConns(lb.backendAddrs, lb.inFallback, newUsePickFirst) } @@ -453,8 +463,8 @@ func (lb *lbBalancer) ResolverError(error) { } func (lb *lbBalancer) UpdateClientConnState(ccs balancer.ClientConnState) error { - if logger.V(2) { - logger.Infof("lbBalancer: UpdateClientConnState: %+v", ccs) + if lb.logger.V(2) { + lb.logger.Infof("UpdateClientConnState: %s", pretty.ToJSON(ccs)) } gc, _ := ccs.BalancerConfig.(*grpclbServiceConfig) lb.handleServiceConfig(gc) @@ -482,7 +492,9 @@ func (lb *lbBalancer) UpdateClientConnState(ccs balancer.ClientConnState) error } else if lb.ccRemoteLB == nil { // First time receiving resolved addresses, create a cc to remote // balancers. - lb.newRemoteBalancerCCWrapper() + if err := lb.newRemoteBalancerCCWrapper(); err != nil { + return err + } // Start the fallback goroutine. go lb.fallbackToBackendsAfter(lb.fallbackTimeout) } diff --git a/vendor/google.golang.org/grpc/balancer/grpclb/grpclb_picker.go b/vendor/google.golang.org/grpc/balancer/grpclb/grpclb_picker.go index 39bc5cc71e..20c5f2ec39 100644 --- a/vendor/google.golang.org/grpc/balancer/grpclb/grpclb_picker.go +++ b/vendor/google.golang.org/grpc/balancer/grpclb/grpclb_picker.go @@ -98,15 +98,6 @@ func (s *rpcStats) knownReceived() { atomic.AddInt64(&s.numCallsFinished, 1) } -type errPicker struct { - // Pick always returns this err. - err error -} - -func (p *errPicker) Pick(balancer.PickInfo) (balancer.PickResult, error) { - return balancer.PickResult{}, p.err -} - // rrPicker does roundrobin on subConns. It's typically used when there's no // response from remote balancer, and grpclb falls back to the resolved // backends. diff --git a/vendor/google.golang.org/grpc/balancer/grpclb/grpclb_remote_balancer.go b/vendor/google.golang.org/grpc/balancer/grpclb/grpclb_remote_balancer.go index edb66a90a3..c8fe1edd8e 100644 --- a/vendor/google.golang.org/grpc/balancer/grpclb/grpclb_remote_balancer.go +++ b/vendor/google.golang.org/grpc/balancer/grpclb/grpclb_remote_balancer.go @@ -27,11 +27,8 @@ import ( "time" "github.com/golang/protobuf/proto" - timestamppb "github.com/golang/protobuf/ptypes/timestamp" - "github.com/google/go-cmp/cmp" "google.golang.org/grpc" "google.golang.org/grpc/balancer" - lbpb "google.golang.org/grpc/balancer/grpclb/grpc_lb_v1" "google.golang.org/grpc/connectivity" "google.golang.org/grpc/credentials/insecure" "google.golang.org/grpc/internal/backoff" @@ -39,13 +36,28 @@ import ( "google.golang.org/grpc/keepalive" "google.golang.org/grpc/metadata" "google.golang.org/grpc/resolver" + + timestamppb "github.com/golang/protobuf/ptypes/timestamp" + lbpb "google.golang.org/grpc/balancer/grpclb/grpc_lb_v1" ) +func serverListEqual(a, b []*lbpb.Server) bool { + if len(a) != len(b) { + return false + } + for i := 0; i < len(a); i++ { + if !proto.Equal(a[i], b[i]) { + return false + } + } + return true +} + // processServerList updates balancer's internal state, create/remove SubConns // and regenerates picker using the received serverList. func (lb *lbBalancer) processServerList(l *lbpb.ServerList) { - if logger.V(2) { - logger.Infof("lbBalancer: processing server list: %+v", l) + if lb.logger.V(2) { + lb.logger.Infof("Processing server list: %#v", l) } lb.mu.Lock() defer lb.mu.Unlock() @@ -55,9 +67,9 @@ func (lb *lbBalancer) processServerList(l *lbpb.ServerList) { lb.serverListReceived = true // If the new server list == old server list, do nothing. - if cmp.Equal(lb.fullServerList, l.Servers, cmp.Comparer(proto.Equal)) { - if logger.V(2) { - logger.Infof("lbBalancer: new serverlist same as the previous one, ignoring") + if serverListEqual(lb.fullServerList, l.Servers) { + if lb.logger.V(2) { + lb.logger.Infof("Ignoring new server list as it is the same as the previous one") } return } @@ -78,9 +90,8 @@ func (lb *lbBalancer) processServerList(l *lbpb.ServerList) { ipStr = fmt.Sprintf("[%s]", ipStr) } addr := imetadata.Set(resolver.Address{Addr: fmt.Sprintf("%s:%d", ipStr, s.Port)}, md) - if logger.V(2) { - logger.Infof("lbBalancer: server list entry[%d]: ipStr:|%s|, port:|%d|, load balancer token:|%v|", - i, ipStr, s.Port, s.LoadBalanceToken) + if lb.logger.V(2) { + lb.logger.Infof("Server list entry:|%d|, ipStr:|%s|, port:|%d|, load balancer token:|%v|", i, ipStr, s.Port, s.LoadBalanceToken) } backendAddrs = append(backendAddrs, addr) } @@ -149,7 +160,7 @@ func (lb *lbBalancer) refreshSubConns(backendAddrs []resolver.Address, fallback // This bypasses the cc wrapper with SubConn cache. sc, err := lb.cc.ClientConn.NewSubConn(backendAddrs, opts) if err != nil { - logger.Warningf("grpclb: failed to create new SubConn: %v", err) + lb.logger.Warningf("Failed to create new SubConn: %v", err) return } sc.Connect() @@ -174,7 +185,7 @@ func (lb *lbBalancer) refreshSubConns(backendAddrs []resolver.Address, fallback opts.StateListener = func(scs balancer.SubConnState) { lb.updateSubConnState(sc, scs) } sc, err := lb.cc.NewSubConn([]resolver.Address{addr}, opts) if err != nil { - logger.Warningf("grpclb: failed to create new SubConn: %v", err) + lb.logger.Warningf("Failed to create new SubConn: %v", err) continue } lb.subConns[addrWithoutAttrs] = sc // Use the addr without MD as key for the map. @@ -217,7 +228,7 @@ type remoteBalancerCCWrapper struct { wg sync.WaitGroup } -func (lb *lbBalancer) newRemoteBalancerCCWrapper() { +func (lb *lbBalancer) newRemoteBalancerCCWrapper() error { var dopts []grpc.DialOption if creds := lb.opt.DialCreds; creds != nil { dopts = append(dopts, grpc.WithTransportCredentials(creds)) @@ -248,9 +259,10 @@ func (lb *lbBalancer) newRemoteBalancerCCWrapper() { // // The grpclb server addresses will set field ServerName, and creds will // receive ServerName as authority. - cc, err := grpc.DialContext(context.Background(), lb.manualResolver.Scheme()+":///grpclb.subClientConn", dopts...) + target := lb.manualResolver.Scheme() + ":///grpclb.subClientConn" + cc, err := grpc.Dial(target, dopts...) if err != nil { - logger.Fatalf("failed to dial: %v", err) + return fmt.Errorf("grpc.Dial(%s): %v", target, err) } ccw := &remoteBalancerCCWrapper{ cc: cc, @@ -261,6 +273,7 @@ func (lb *lbBalancer) newRemoteBalancerCCWrapper() { lb.ccRemoteLB = ccw ccw.wg.Add(1) go ccw.watchRemoteBalancer() + return nil } // close closed the ClientConn to remote balancer, and waits until all @@ -408,9 +421,9 @@ func (ccw *remoteBalancerCCWrapper) watchRemoteBalancer() { default: if err != nil { if err == errServerTerminatedConnection { - logger.Info(err) + ccw.lb.logger.Infof("Call to remote balancer failed: %v", err) } else { - logger.Warning(err) + ccw.lb.logger.Warningf("Call to remote balancer failed: %v", err) } } } diff --git a/vendor/google.golang.org/grpc/balancer/grpclb/grpclb_util.go b/vendor/google.golang.org/grpc/balancer/grpclb/grpclb_util.go index 680779f1c8..c0f762c0c0 100644 --- a/vendor/google.golang.org/grpc/balancer/grpclb/grpclb_util.go +++ b/vendor/google.golang.org/grpc/balancer/grpclb/grpclb_util.go @@ -27,67 +27,6 @@ import ( "google.golang.org/grpc/resolver" ) -// The parent ClientConn should re-resolve when grpclb loses connection to the -// remote balancer. When the ClientConn inside grpclb gets a TransientFailure, -// it calls lbManualResolver.ResolveNow(), which calls parent ClientConn's -// ResolveNow, and eventually results in re-resolve happening in parent -// ClientConn's resolver (DNS for example). -// -// parent -// ClientConn -// +-----------------------------------------------------------------+ -// | parent +---------------------------------+ | -// | DNS ClientConn | grpclb | | -// | resolver balancerWrapper | | | -// | + + | grpclb grpclb | | -// | | | | ManualResolver ClientConn | | -// | | | | + + | | -// | | | | | | Transient | | -// | | | | | | Failure | | -// | | | | | <--------- | | | -// | | | <--------------- | ResolveNow | | | -// | | <--------- | ResolveNow | | | | | -// | | ResolveNow | | | | | | -// | | | | | | | | -// | + + | + + | | -// | +---------------------------------+ | -// +-----------------------------------------------------------------+ - -// lbManualResolver is used by the ClientConn inside grpclb. It's a manual -// resolver with a special ResolveNow() function. -// -// When ResolveNow() is called, it calls ResolveNow() on the parent ClientConn, -// so when grpclb client lose contact with remote balancers, the parent -// ClientConn's resolver will re-resolve. -type lbManualResolver struct { - scheme string - ccr resolver.ClientConn - - ccb balancer.ClientConn -} - -func (r *lbManualResolver) Build(_ resolver.Target, cc resolver.ClientConn, _ resolver.BuildOptions) (resolver.Resolver, error) { - r.ccr = cc - return r, nil -} - -func (r *lbManualResolver) Scheme() string { - return r.scheme -} - -// ResolveNow calls resolveNow on the parent ClientConn. -func (r *lbManualResolver) ResolveNow(o resolver.ResolveNowOptions) { - r.ccb.ResolveNow(o) -} - -// Close is a noop for Resolver. -func (*lbManualResolver) Close() {} - -// UpdateState calls cc.UpdateState. -func (r *lbManualResolver) UpdateState(s resolver.State) { - r.ccr.UpdateState(s) -} - const subConnCacheTime = time.Second * 10 // lbCacheClientConn is a wrapper balancer.ClientConn with a SubConn cache. diff --git a/vendor/google.golang.org/grpc/clientconn.go b/vendor/google.golang.org/grpc/clientconn.go index ff7fea1022..429c389e47 100644 --- a/vendor/google.golang.org/grpc/clientconn.go +++ b/vendor/google.golang.org/grpc/clientconn.go @@ -337,8 +337,8 @@ func (cc *ClientConn) exitIdleMode() error { return errConnClosing } if cc.idlenessState != ccIdlenessStateIdle { - cc.mu.Unlock() channelz.Infof(logger, cc.channelzID, "ClientConn asked to exit idle mode, current mode is %v", cc.idlenessState) + cc.mu.Unlock() return nil } @@ -404,13 +404,13 @@ func (cc *ClientConn) exitIdleMode() error { // name resolver, load balancer and any subchannels. func (cc *ClientConn) enterIdleMode() error { cc.mu.Lock() + defer cc.mu.Unlock() + if cc.conns == nil { - cc.mu.Unlock() return ErrClientConnClosing } if cc.idlenessState != ccIdlenessStateActive { - channelz.Errorf(logger, cc.channelzID, "ClientConn asked to enter idle mode, current mode is %v", cc.idlenessState) - cc.mu.Unlock() + channelz.Warningf(logger, cc.channelzID, "ClientConn asked to enter idle mode, current mode is %v", cc.idlenessState) return nil } @@ -431,14 +431,14 @@ func (cc *ClientConn) enterIdleMode() error { cc.balancerWrapper.enterIdleMode() cc.csMgr.updateState(connectivity.Idle) cc.idlenessState = ccIdlenessStateIdle - cc.mu.Unlock() + cc.addTraceEvent("entering idle mode") go func() { - cc.addTraceEvent("entering idle mode") for ac := range conns { ac.tearDown(errConnIdling) } }() + return nil } @@ -804,6 +804,12 @@ func init() { internal.SubscribeToConnectivityStateChanges = func(cc *ClientConn, s grpcsync.Subscriber) func() { return cc.csMgr.pubSub.Subscribe(s) } + internal.EnterIdleModeForTesting = func(cc *ClientConn) error { + return cc.enterIdleMode() + } + internal.ExitIdleModeForTesting = func(cc *ClientConn) error { + return cc.exitIdleMode() + } } func (cc *ClientConn) maybeApplyDefaultServiceConfig(addrs []resolver.Address) { diff --git a/vendor/google.golang.org/grpc/dialoptions.go b/vendor/google.golang.org/grpc/dialoptions.go index 1fd0d5c127..cfc9fd85e8 100644 --- a/vendor/google.golang.org/grpc/dialoptions.go +++ b/vendor/google.golang.org/grpc/dialoptions.go @@ -644,6 +644,7 @@ func defaultDialOptions() dialOptions { UseProxy: true, }, recvBufferPool: nopBufferPool{}, + idleTimeout: 30 * time.Minute, } } @@ -680,8 +681,8 @@ func WithResolvers(rs ...resolver.Builder) DialOption { // channel will exit idle mode when the Connect() method is called or when an // RPC is initiated. // -// By default this feature is disabled, which can also be explicitly configured -// by passing zero to this function. +// A default timeout of 30 minutes will be used if this dial option is not set +// at dial time and idleness can be disabled by passing a timeout of zero. // // # Experimental // diff --git a/vendor/google.golang.org/grpc/encoding/encoding.go b/vendor/google.golang.org/grpc/encoding/encoding.go index 69d5580b6a..5ebf88d714 100644 --- a/vendor/google.golang.org/grpc/encoding/encoding.go +++ b/vendor/google.golang.org/grpc/encoding/encoding.go @@ -38,6 +38,10 @@ const Identity = "identity" // Compressor is used for compressing and decompressing when sending or // receiving messages. +// +// If a Compressor implements `DecompressedSize(compressedBytes []byte) int`, +// gRPC will invoke it to determine the size of the buffer allocated for the +// result of decompression. A return value of -1 indicates unknown size. type Compressor interface { // Compress writes the data written to wc to w after compressing it. If an // error occurs while initializing the compressor, that error is returned @@ -51,15 +55,6 @@ type Compressor interface { // coding header. The result must be static; the result cannot change // between calls. Name() string - // If a Compressor implements - // DecompressedSize(compressedBytes []byte) int, gRPC will call it - // to determine the size of the buffer allocated for the result of decompression. - // Return -1 to indicate unknown size. - // - // Experimental - // - // Notice: This API is EXPERIMENTAL and may be changed or removed in a - // later release. } var registeredCompressor = make(map[string]Compressor) diff --git a/vendor/google.golang.org/grpc/health/grpc_health_v1/health_grpc.pb.go b/vendor/google.golang.org/grpc/health/grpc_health_v1/health_grpc.pb.go index a01a1b4d54..4439cda0f3 100644 --- a/vendor/google.golang.org/grpc/health/grpc_health_v1/health_grpc.pb.go +++ b/vendor/google.golang.org/grpc/health/grpc_health_v1/health_grpc.pb.go @@ -44,8 +44,15 @@ const ( // // For semantics around ctx use and closing/ending streaming RPCs, please refer to https://pkg.go.dev/google.golang.org/grpc/?tab=doc#ClientConn.NewStream. type HealthClient interface { - // If the requested service is unknown, the call will fail with status - // NOT_FOUND. + // Check gets the health of the specified service. If the requested service + // is unknown, the call will fail with status NOT_FOUND. If the caller does + // not specify a service name, the server should respond with its overall + // health status. + // + // Clients should set a deadline when calling Check, and can declare the + // server unhealthy if they do not receive a timely response. + // + // Check implementations should be idempotent and side effect free. Check(ctx context.Context, in *HealthCheckRequest, opts ...grpc.CallOption) (*HealthCheckResponse, error) // Performs a watch for the serving status of the requested service. // The server will immediately send back a message indicating the current @@ -118,8 +125,15 @@ func (x *healthWatchClient) Recv() (*HealthCheckResponse, error) { // All implementations should embed UnimplementedHealthServer // for forward compatibility type HealthServer interface { - // If the requested service is unknown, the call will fail with status - // NOT_FOUND. + // Check gets the health of the specified service. If the requested service + // is unknown, the call will fail with status NOT_FOUND. If the caller does + // not specify a service name, the server should respond with its overall + // health status. + // + // Clients should set a deadline when calling Check, and can declare the + // server unhealthy if they do not receive a timely response. + // + // Check implementations should be idempotent and side effect free. Check(context.Context, *HealthCheckRequest) (*HealthCheckResponse, error) // Performs a watch for the serving status of the requested service. // The server will immediately send back a message indicating the current diff --git a/vendor/google.golang.org/grpc/internal/backoff/backoff.go b/vendor/google.golang.org/grpc/internal/backoff/backoff.go index 5fc0ee3da5..fed1c011a3 100644 --- a/vendor/google.golang.org/grpc/internal/backoff/backoff.go +++ b/vendor/google.golang.org/grpc/internal/backoff/backoff.go @@ -23,6 +23,8 @@ package backoff import ( + "context" + "errors" "time" grpcbackoff "google.golang.org/grpc/backoff" @@ -71,3 +73,37 @@ func (bc Exponential) Backoff(retries int) time.Duration { } return time.Duration(backoff) } + +// ErrResetBackoff is the error to be returned by the function executed by RunF, +// to instruct the latter to reset its backoff state. +var ErrResetBackoff = errors.New("reset backoff state") + +// RunF provides a convenient way to run a function f repeatedly until the +// context expires or f returns a non-nil error that is not ErrResetBackoff. +// When f returns ErrResetBackoff, RunF continues to run f, but resets its +// backoff state before doing so. backoff accepts an integer representing the +// number of retries, and returns the amount of time to backoff. +func RunF(ctx context.Context, f func() error, backoff func(int) time.Duration) { + attempt := 0 + timer := time.NewTimer(0) + for ctx.Err() == nil { + select { + case <-timer.C: + case <-ctx.Done(): + timer.Stop() + return + } + + err := f() + if errors.Is(err, ErrResetBackoff) { + timer.Reset(0) + attempt = 0 + continue + } + if err != nil { + return + } + timer.Reset(backoff(attempt)) + attempt++ + } +} diff --git a/vendor/google.golang.org/grpc/internal/internal.go b/vendor/google.golang.org/grpc/internal/internal.go index c8a8c76d62..0d94c63e06 100644 --- a/vendor/google.golang.org/grpc/internal/internal.go +++ b/vendor/google.golang.org/grpc/internal/internal.go @@ -175,6 +175,12 @@ var ( // GRPCResolverSchemeExtraMetadata determines when gRPC will add extra // metadata to RPCs. GRPCResolverSchemeExtraMetadata string = "xds" + + // EnterIdleModeForTesting gets the ClientConn to enter IDLE mode. + EnterIdleModeForTesting any // func(*grpc.ClientConn) error + + // ExitIdleModeForTesting gets the ClientConn to exit IDLE mode. + ExitIdleModeForTesting any // func(*grpc.ClientConn) error ) // HealthChecker defines the signature of the client-side LB channel health checking function. diff --git a/vendor/google.golang.org/grpc/internal/status/status.go b/vendor/google.golang.org/grpc/internal/status/status.go index 4cf85cad9f..03ef2fedd5 100644 --- a/vendor/google.golang.org/grpc/internal/status/status.go +++ b/vendor/google.golang.org/grpc/internal/status/status.go @@ -43,6 +43,34 @@ type Status struct { s *spb.Status } +// NewWithProto returns a new status including details from statusProto. This +// is meant to be used by the gRPC library only. +func NewWithProto(code codes.Code, message string, statusProto []string) *Status { + if len(statusProto) != 1 { + // No grpc-status-details bin header, or multiple; just ignore. + return &Status{s: &spb.Status{Code: int32(code), Message: message}} + } + st := &spb.Status{} + if err := proto.Unmarshal([]byte(statusProto[0]), st); err != nil { + // Probably not a google.rpc.Status proto; do not provide details. + return &Status{s: &spb.Status{Code: int32(code), Message: message}} + } + if st.Code == int32(code) { + // The codes match between the grpc-status header and the + // grpc-status-details-bin header; use the full details proto. + return &Status{s: st} + } + return &Status{ + s: &spb.Status{ + Code: int32(codes.Internal), + Message: fmt.Sprintf( + "grpc-status-details-bin mismatch: grpc-status=%v, grpc-message=%q, grpc-status-details-bin=%+v", + code, message, st, + ), + }, + } +} + // New returns a Status representing c and msg. func New(c codes.Code, msg string) *Status { return &Status{s: &spb.Status{Code: int32(c), Message: msg}} diff --git a/vendor/google.golang.org/grpc/internal/transport/handler_server.go b/vendor/google.golang.org/grpc/internal/transport/handler_server.go index 98f80e3fa0..17f7a21b5a 100644 --- a/vendor/google.golang.org/grpc/internal/transport/handler_server.go +++ b/vendor/google.golang.org/grpc/internal/transport/handler_server.go @@ -220,18 +220,20 @@ func (ht *serverHandlerTransport) WriteStatus(s *Stream, st *status.Status) erro h.Set("Grpc-Message", encodeGrpcMessage(m)) } + s.hdrMu.Lock() if p := st.Proto(); p != nil && len(p.Details) > 0 { + delete(s.trailer, grpcStatusDetailsBinHeader) stBytes, err := proto.Marshal(p) if err != nil { // TODO: return error instead, when callers are able to handle it. panic(err) } - h.Set("Grpc-Status-Details-Bin", encodeBinHeader(stBytes)) + h.Set(grpcStatusDetailsBinHeader, encodeBinHeader(stBytes)) } - if md := s.Trailer(); len(md) > 0 { - for k, vv := range md { + if len(s.trailer) > 0 { + for k, vv := range s.trailer { // Clients don't tolerate reading restricted headers after some non restricted ones were sent. if isReservedHeader(k) { continue @@ -243,6 +245,7 @@ func (ht *serverHandlerTransport) WriteStatus(s *Stream, st *status.Status) erro } } } + s.hdrMu.Unlock() }) if err == nil { // transport has not been closed @@ -287,7 +290,7 @@ func (ht *serverHandlerTransport) writeCommonHeaders(s *Stream) { } // writeCustomHeaders sets custom headers set on the stream via SetHeader -// on the first write call (Write, WriteHeader, or WriteStatus). +// on the first write call (Write, WriteHeader, or WriteStatus) func (ht *serverHandlerTransport) writeCustomHeaders(s *Stream) { h := ht.rw.Header() @@ -344,7 +347,7 @@ func (ht *serverHandlerTransport) WriteHeader(s *Stream, md metadata.MD) error { return err } -func (ht *serverHandlerTransport) HandleStreams(startStream func(*Stream), traceCtx func(context.Context, string) context.Context) { +func (ht *serverHandlerTransport) HandleStreams(startStream func(*Stream)) { // With this transport type there will be exactly 1 stream: this HTTP request. ctx := ht.req.Context() diff --git a/vendor/google.golang.org/grpc/internal/transport/http2_client.go b/vendor/google.golang.org/grpc/internal/transport/http2_client.go index badab8acf3..d6f5c49358 100644 --- a/vendor/google.golang.org/grpc/internal/transport/http2_client.go +++ b/vendor/google.golang.org/grpc/internal/transport/http2_client.go @@ -1399,7 +1399,6 @@ func (t *http2Client) operateHeaders(frame *http2.MetaHeadersFrame) { mdata = make(map[string][]string) contentTypeErr = "malformed header: missing HTTP content-type" grpcMessage string - statusGen *status.Status recvCompress string httpStatusCode *int httpStatusErr string @@ -1434,12 +1433,6 @@ func (t *http2Client) operateHeaders(frame *http2.MetaHeadersFrame) { rawStatusCode = codes.Code(uint32(code)) case "grpc-message": grpcMessage = decodeGrpcMessage(hf.Value) - case "grpc-status-details-bin": - var err error - statusGen, err = decodeGRPCStatusDetails(hf.Value) - if err != nil { - headerError = fmt.Sprintf("transport: malformed grpc-status-details-bin: %v", err) - } case ":status": if hf.Value == "200" { httpStatusErr = "" @@ -1548,14 +1541,12 @@ func (t *http2Client) operateHeaders(frame *http2.MetaHeadersFrame) { return } - if statusGen == nil { - statusGen = status.New(rawStatusCode, grpcMessage) - } + status := istatus.NewWithProto(rawStatusCode, grpcMessage, mdata[grpcStatusDetailsBinHeader]) // If client received END_STREAM from server while stream was still active, // send RST_STREAM. rstStream := s.getState() == streamActive - t.closeStream(s, io.EOF, rstStream, http2.ErrCodeNo, statusGen, mdata, true) + t.closeStream(s, io.EOF, rstStream, http2.ErrCodeNo, status, mdata, true) } // readServerPreface reads and handles the initial settings frame from the diff --git a/vendor/google.golang.org/grpc/internal/transport/http2_server.go b/vendor/google.golang.org/grpc/internal/transport/http2_server.go index c06db679d8..6fa1eb4199 100644 --- a/vendor/google.golang.org/grpc/internal/transport/http2_server.go +++ b/vendor/google.golang.org/grpc/internal/transport/http2_server.go @@ -342,7 +342,7 @@ func NewServerTransport(conn net.Conn, config *ServerConfig) (_ ServerTransport, // operateHeaders takes action on the decoded headers. Returns an error if fatal // error encountered and transport needs to close, otherwise returns nil. -func (t *http2Server) operateHeaders(frame *http2.MetaHeadersFrame, handle func(*Stream), traceCtx func(context.Context, string) context.Context) error { +func (t *http2Server) operateHeaders(frame *http2.MetaHeadersFrame, handle func(*Stream)) error { // Acquire max stream ID lock for entire duration t.maxStreamMu.Lock() defer t.maxStreamMu.Unlock() @@ -561,7 +561,7 @@ func (t *http2Server) operateHeaders(frame *http2.MetaHeadersFrame, handle func( } if t.inTapHandle != nil { var err error - if s.ctx, err = t.inTapHandle(s.ctx, &tap.Info{FullMethodName: s.method}); err != nil { + if s.ctx, err = t.inTapHandle(s.ctx, &tap.Info{FullMethodName: s.method, Header: mdata}); err != nil { t.mu.Unlock() if t.logger.V(logLevel) { t.logger.Infof("Aborting the stream early due to InTapHandle failure: %v", err) @@ -592,7 +592,6 @@ func (t *http2Server) operateHeaders(frame *http2.MetaHeadersFrame, handle func( s.requestRead = func(n int) { t.adjustWindow(s, uint32(n)) } - s.ctx = traceCtx(s.ctx, s.method) for _, sh := range t.stats { s.ctx = sh.TagRPC(s.ctx, &stats.RPCTagInfo{FullMethodName: s.method}) inHeader := &stats.InHeader{ @@ -630,7 +629,7 @@ func (t *http2Server) operateHeaders(frame *http2.MetaHeadersFrame, handle func( // HandleStreams receives incoming streams using the given handler. This is // typically run in a separate goroutine. // traceCtx attaches trace to ctx and returns the new context. -func (t *http2Server) HandleStreams(handle func(*Stream), traceCtx func(context.Context, string) context.Context) { +func (t *http2Server) HandleStreams(handle func(*Stream)) { defer close(t.readerDone) for { t.controlBuf.throttle() @@ -665,7 +664,7 @@ func (t *http2Server) HandleStreams(handle func(*Stream), traceCtx func(context. } switch frame := frame.(type) { case *http2.MetaHeadersFrame: - if err := t.operateHeaders(frame, handle, traceCtx); err != nil { + if err := t.operateHeaders(frame, handle); err != nil { t.Close(err) break } @@ -1053,12 +1052,15 @@ func (t *http2Server) WriteStatus(s *Stream, st *status.Status) error { headerFields = append(headerFields, hpack.HeaderField{Name: "grpc-message", Value: encodeGrpcMessage(st.Message())}) if p := st.Proto(); p != nil && len(p.Details) > 0 { + // Do not use the user's grpc-status-details-bin (if present) if we are + // even attempting to set our own. + delete(s.trailer, grpcStatusDetailsBinHeader) stBytes, err := proto.Marshal(p) if err != nil { // TODO: return error instead, when callers are able to handle it. t.logger.Errorf("Failed to marshal rpc status: %s, error: %v", pretty.ToJSON(p), err) } else { - headerFields = append(headerFields, hpack.HeaderField{Name: "grpc-status-details-bin", Value: encodeBinHeader(stBytes)}) + headerFields = append(headerFields, hpack.HeaderField{Name: grpcStatusDetailsBinHeader, Value: encodeBinHeader(stBytes)}) } } diff --git a/vendor/google.golang.org/grpc/internal/transport/http_util.go b/vendor/google.golang.org/grpc/internal/transport/http_util.go index 1958140082..dc29d590e9 100644 --- a/vendor/google.golang.org/grpc/internal/transport/http_util.go +++ b/vendor/google.golang.org/grpc/internal/transport/http_util.go @@ -34,12 +34,9 @@ import ( "time" "unicode/utf8" - "github.com/golang/protobuf/proto" "golang.org/x/net/http2" "golang.org/x/net/http2/hpack" - spb "google.golang.org/genproto/googleapis/rpc/status" "google.golang.org/grpc/codes" - "google.golang.org/grpc/status" ) const ( @@ -88,6 +85,8 @@ var ( } ) +var grpcStatusDetailsBinHeader = "grpc-status-details-bin" + // isReservedHeader checks whether hdr belongs to HTTP2 headers // reserved by gRPC protocol. Any other headers are classified as the // user-specified metadata. @@ -103,7 +102,6 @@ func isReservedHeader(hdr string) bool { "grpc-message", "grpc-status", "grpc-timeout", - "grpc-status-details-bin", // Intentionally exclude grpc-previous-rpc-attempts and // grpc-retry-pushback-ms, which are "reserved", but their API // intentionally works via metadata. @@ -154,18 +152,6 @@ func decodeMetadataHeader(k, v string) (string, error) { return v, nil } -func decodeGRPCStatusDetails(rawDetails string) (*status.Status, error) { - v, err := decodeBinHeader(rawDetails) - if err != nil { - return nil, err - } - st := &spb.Status{} - if err = proto.Unmarshal(v, st); err != nil { - return nil, err - } - return status.FromProto(st), nil -} - type timeoutUnit uint8 const ( diff --git a/vendor/google.golang.org/grpc/internal/transport/transport.go b/vendor/google.golang.org/grpc/internal/transport/transport.go index 74a811fc05..aac056e723 100644 --- a/vendor/google.golang.org/grpc/internal/transport/transport.go +++ b/vendor/google.golang.org/grpc/internal/transport/transport.go @@ -698,7 +698,7 @@ type ClientTransport interface { // Write methods for a given Stream will be called serially. type ServerTransport interface { // HandleStreams receives incoming streams using the given handler. - HandleStreams(func(*Stream), func(context.Context, string) context.Context) + HandleStreams(func(*Stream)) // WriteHeader sends the header metadata for the given stream. // WriteHeader may not be called on all streams. diff --git a/vendor/google.golang.org/grpc/resolver/manual/manual.go b/vendor/google.golang.org/grpc/resolver/manual/manual.go new file mode 100644 index 0000000000..0a4262342f --- /dev/null +++ b/vendor/google.golang.org/grpc/resolver/manual/manual.go @@ -0,0 +1,119 @@ +/* + * + * Copyright 2017 gRPC authors. + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * + */ + +// Package manual defines a resolver that can be used to manually send resolved +// addresses to ClientConn. +package manual + +import ( + "sync" + + "google.golang.org/grpc/resolver" +) + +// NewBuilderWithScheme creates a new manual resolver builder with the given +// scheme. Every instance of the manual resolver may only ever be used with a +// single grpc.ClientConn. Otherwise, bad things will happen. +func NewBuilderWithScheme(scheme string) *Resolver { + return &Resolver{ + BuildCallback: func(resolver.Target, resolver.ClientConn, resolver.BuildOptions) {}, + UpdateStateCallback: func(error) {}, + ResolveNowCallback: func(resolver.ResolveNowOptions) {}, + CloseCallback: func() {}, + scheme: scheme, + } +} + +// Resolver is also a resolver builder. +// It's build() function always returns itself. +type Resolver struct { + // BuildCallback is called when the Build method is called. Must not be + // nil. Must not be changed after the resolver may be built. + BuildCallback func(resolver.Target, resolver.ClientConn, resolver.BuildOptions) + // UpdateStateCallback is called when the UpdateState method is called on + // the resolver. The value passed as argument to this callback is the value + // returned by the resolver.ClientConn. Must not be nil. Must not be + // changed after the resolver may be built. + UpdateStateCallback func(err error) + // ResolveNowCallback is called when the ResolveNow method is called on the + // resolver. Must not be nil. Must not be changed after the resolver may + // be built. + ResolveNowCallback func(resolver.ResolveNowOptions) + // CloseCallback is called when the Close method is called. Must not be + // nil. Must not be changed after the resolver may be built. + CloseCallback func() + scheme string + + // Fields actually belong to the resolver. + // Guards access to below fields. + mu sync.Mutex + CC resolver.ClientConn + // Storing the most recent state update makes this resolver resilient to + // restarts, which is possible with channel idleness. + lastSeenState *resolver.State +} + +// InitialState adds initial state to the resolver so that UpdateState doesn't +// need to be explicitly called after Dial. +func (r *Resolver) InitialState(s resolver.State) { + r.lastSeenState = &s +} + +// Build returns itself for Resolver, because it's both a builder and a resolver. +func (r *Resolver) Build(target resolver.Target, cc resolver.ClientConn, opts resolver.BuildOptions) (resolver.Resolver, error) { + r.BuildCallback(target, cc, opts) + r.mu.Lock() + r.CC = cc + if r.lastSeenState != nil { + err := r.CC.UpdateState(*r.lastSeenState) + go r.UpdateStateCallback(err) + } + r.mu.Unlock() + return r, nil +} + +// Scheme returns the manual resolver's scheme. +func (r *Resolver) Scheme() string { + return r.scheme +} + +// ResolveNow is a noop for Resolver. +func (r *Resolver) ResolveNow(o resolver.ResolveNowOptions) { + r.ResolveNowCallback(o) +} + +// Close is a noop for Resolver. +func (r *Resolver) Close() { + r.CloseCallback() +} + +// UpdateState calls CC.UpdateState. +func (r *Resolver) UpdateState(s resolver.State) { + r.mu.Lock() + err := r.CC.UpdateState(s) + r.lastSeenState = &s + r.mu.Unlock() + r.UpdateStateCallback(err) +} + +// ReportError calls CC.ReportError. +func (r *Resolver) ReportError(err error) { + r.mu.Lock() + r.CC.ReportError(err) + r.mu.Unlock() +} diff --git a/vendor/google.golang.org/grpc/server.go b/vendor/google.golang.org/grpc/server.go index eeae92fbe0..8f60d42143 100644 --- a/vendor/google.golang.org/grpc/server.go +++ b/vendor/google.golang.org/grpc/server.go @@ -983,7 +983,7 @@ func (s *Server) serveStreams(st transport.ServerTransport) { f := func() { defer streamQuota.release() defer wg.Done() - s.handleStream(st, stream, s.traceInfo(st, stream)) + s.handleStream(st, stream) } if s.opts.numServerWorkers > 0 { @@ -995,12 +995,6 @@ func (s *Server) serveStreams(st transport.ServerTransport) { } } go f() - }, func(ctx context.Context, method string) context.Context { - if !EnableTracing { - return ctx - } - tr := trace.New("grpc.Recv."+methodFamily(method), method) - return trace.NewContext(ctx, tr) }) wg.Wait() } @@ -1049,30 +1043,6 @@ func (s *Server) ServeHTTP(w http.ResponseWriter, r *http.Request) { s.serveStreams(st) } -// traceInfo returns a traceInfo and associates it with stream, if tracing is enabled. -// If tracing is not enabled, it returns nil. -func (s *Server) traceInfo(st transport.ServerTransport, stream *transport.Stream) (trInfo *traceInfo) { - if !EnableTracing { - return nil - } - tr, ok := trace.FromContext(stream.Context()) - if !ok { - return nil - } - - trInfo = &traceInfo{ - tr: tr, - firstLine: firstLine{ - client: false, - remoteAddr: st.RemoteAddr(), - }, - } - if dl, ok := stream.Context().Deadline(); ok { - trInfo.firstLine.deadline = time.Until(dl) - } - return trInfo -} - func (s *Server) addConn(addr string, st transport.ServerTransport) bool { s.mu.Lock() defer s.mu.Unlock() @@ -1133,7 +1103,7 @@ func (s *Server) incrCallsFailed() { atomic.AddInt64(&s.czData.callsFailed, 1) } -func (s *Server) sendResponse(t transport.ServerTransport, stream *transport.Stream, msg any, cp Compressor, opts *transport.Options, comp encoding.Compressor) error { +func (s *Server) sendResponse(ctx context.Context, t transport.ServerTransport, stream *transport.Stream, msg any, cp Compressor, opts *transport.Options, comp encoding.Compressor) error { data, err := encode(s.getCodec(stream.ContentSubtype()), msg) if err != nil { channelz.Error(logger, s.channelzID, "grpc: server failed to encode response: ", err) @@ -1152,7 +1122,7 @@ func (s *Server) sendResponse(t transport.ServerTransport, stream *transport.Str err = t.Write(stream, hdr, payload, opts) if err == nil { for _, sh := range s.opts.statsHandlers { - sh.HandleRPC(stream.Context(), outPayload(false, msg, data, payload, time.Now())) + sh.HandleRPC(ctx, outPayload(false, msg, data, payload, time.Now())) } } return err @@ -1194,7 +1164,7 @@ func getChainUnaryHandler(interceptors []UnaryServerInterceptor, curr int, info } } -func (s *Server) processUnaryRPC(t transport.ServerTransport, stream *transport.Stream, info *serviceInfo, md *MethodDesc, trInfo *traceInfo) (err error) { +func (s *Server) processUnaryRPC(ctx context.Context, t transport.ServerTransport, stream *transport.Stream, info *serviceInfo, md *MethodDesc, trInfo *traceInfo) (err error) { shs := s.opts.statsHandlers if len(shs) != 0 || trInfo != nil || channelz.IsOn() { if channelz.IsOn() { @@ -1208,7 +1178,7 @@ func (s *Server) processUnaryRPC(t transport.ServerTransport, stream *transport. IsClientStream: false, IsServerStream: false, } - sh.HandleRPC(stream.Context(), statsBegin) + sh.HandleRPC(ctx, statsBegin) } if trInfo != nil { trInfo.tr.LazyLog(&trInfo.firstLine, false) @@ -1240,7 +1210,7 @@ func (s *Server) processUnaryRPC(t transport.ServerTransport, stream *transport. if err != nil && err != io.EOF { end.Error = toRPCErr(err) } - sh.HandleRPC(stream.Context(), end) + sh.HandleRPC(ctx, end) } if channelz.IsOn() { @@ -1262,7 +1232,6 @@ func (s *Server) processUnaryRPC(t transport.ServerTransport, stream *transport. } } if len(binlogs) != 0 { - ctx := stream.Context() md, _ := metadata.FromIncomingContext(ctx) logEntry := &binarylog.ClientHeader{ Header: md, @@ -1348,7 +1317,7 @@ func (s *Server) processUnaryRPC(t transport.ServerTransport, stream *transport. return status.Errorf(codes.Internal, "grpc: error unmarshalling request: %v", err) } for _, sh := range shs { - sh.HandleRPC(stream.Context(), &stats.InPayload{ + sh.HandleRPC(ctx, &stats.InPayload{ RecvTime: time.Now(), Payload: v, Length: len(d), @@ -1362,7 +1331,7 @@ func (s *Server) processUnaryRPC(t transport.ServerTransport, stream *transport. Message: d, } for _, binlog := range binlogs { - binlog.Log(stream.Context(), cm) + binlog.Log(ctx, cm) } } if trInfo != nil { @@ -1370,7 +1339,7 @@ func (s *Server) processUnaryRPC(t transport.ServerTransport, stream *transport. } return nil } - ctx := NewContextWithServerTransportStream(stream.Context(), stream) + ctx = NewContextWithServerTransportStream(ctx, stream) reply, appErr := md.Handler(info.serviceImpl, ctx, df, s.opts.unaryInt) if appErr != nil { appStatus, ok := status.FromError(appErr) @@ -1395,7 +1364,7 @@ func (s *Server) processUnaryRPC(t transport.ServerTransport, stream *transport. Header: h, } for _, binlog := range binlogs { - binlog.Log(stream.Context(), sh) + binlog.Log(ctx, sh) } } st := &binarylog.ServerTrailer{ @@ -1403,7 +1372,7 @@ func (s *Server) processUnaryRPC(t transport.ServerTransport, stream *transport. Err: appErr, } for _, binlog := range binlogs { - binlog.Log(stream.Context(), st) + binlog.Log(ctx, st) } } return appErr @@ -1418,7 +1387,7 @@ func (s *Server) processUnaryRPC(t transport.ServerTransport, stream *transport. if stream.SendCompress() != sendCompressorName { comp = encoding.GetCompressor(stream.SendCompress()) } - if err := s.sendResponse(t, stream, reply, cp, opts, comp); err != nil { + if err := s.sendResponse(ctx, t, stream, reply, cp, opts, comp); err != nil { if err == io.EOF { // The entire stream is done (for unary RPC only). return err @@ -1445,8 +1414,8 @@ func (s *Server) processUnaryRPC(t transport.ServerTransport, stream *transport. Err: appErr, } for _, binlog := range binlogs { - binlog.Log(stream.Context(), sh) - binlog.Log(stream.Context(), st) + binlog.Log(ctx, sh) + binlog.Log(ctx, st) } } return err @@ -1460,8 +1429,8 @@ func (s *Server) processUnaryRPC(t transport.ServerTransport, stream *transport. Message: reply, } for _, binlog := range binlogs { - binlog.Log(stream.Context(), sh) - binlog.Log(stream.Context(), sm) + binlog.Log(ctx, sh) + binlog.Log(ctx, sm) } } if channelz.IsOn() { @@ -1479,7 +1448,7 @@ func (s *Server) processUnaryRPC(t transport.ServerTransport, stream *transport. Err: appErr, } for _, binlog := range binlogs { - binlog.Log(stream.Context(), st) + binlog.Log(ctx, st) } } return t.WriteStatus(stream, statusOK) @@ -1521,7 +1490,7 @@ func getChainStreamHandler(interceptors []StreamServerInterceptor, curr int, inf } } -func (s *Server) processStreamingRPC(t transport.ServerTransport, stream *transport.Stream, info *serviceInfo, sd *StreamDesc, trInfo *traceInfo) (err error) { +func (s *Server) processStreamingRPC(ctx context.Context, t transport.ServerTransport, stream *transport.Stream, info *serviceInfo, sd *StreamDesc, trInfo *traceInfo) (err error) { if channelz.IsOn() { s.incrCallsStarted() } @@ -1535,10 +1504,10 @@ func (s *Server) processStreamingRPC(t transport.ServerTransport, stream *transp IsServerStream: sd.ServerStreams, } for _, sh := range shs { - sh.HandleRPC(stream.Context(), statsBegin) + sh.HandleRPC(ctx, statsBegin) } } - ctx := NewContextWithServerTransportStream(stream.Context(), stream) + ctx = NewContextWithServerTransportStream(ctx, stream) ss := &serverStream{ ctx: ctx, t: t, @@ -1574,7 +1543,7 @@ func (s *Server) processStreamingRPC(t transport.ServerTransport, stream *transp end.Error = toRPCErr(err) } for _, sh := range shs { - sh.HandleRPC(stream.Context(), end) + sh.HandleRPC(ctx, end) } } @@ -1616,7 +1585,7 @@ func (s *Server) processStreamingRPC(t transport.ServerTransport, stream *transp logEntry.PeerAddr = peer.Addr } for _, binlog := range ss.binlogs { - binlog.Log(stream.Context(), logEntry) + binlog.Log(ctx, logEntry) } } @@ -1694,7 +1663,7 @@ func (s *Server) processStreamingRPC(t transport.ServerTransport, stream *transp Err: appErr, } for _, binlog := range ss.binlogs { - binlog.Log(stream.Context(), st) + binlog.Log(ctx, st) } } t.WriteStatus(ss.s, appStatus) @@ -1712,33 +1681,50 @@ func (s *Server) processStreamingRPC(t transport.ServerTransport, stream *transp Err: appErr, } for _, binlog := range ss.binlogs { - binlog.Log(stream.Context(), st) + binlog.Log(ctx, st) } } return t.WriteStatus(ss.s, statusOK) } -func (s *Server) handleStream(t transport.ServerTransport, stream *transport.Stream, trInfo *traceInfo) { +func (s *Server) handleStream(t transport.ServerTransport, stream *transport.Stream) { + ctx := stream.Context() + var ti *traceInfo + if EnableTracing { + tr := trace.New("grpc.Recv."+methodFamily(stream.Method()), stream.Method()) + ctx = trace.NewContext(ctx, tr) + ti = &traceInfo{ + tr: tr, + firstLine: firstLine{ + client: false, + remoteAddr: t.RemoteAddr(), + }, + } + if dl, ok := ctx.Deadline(); ok { + ti.firstLine.deadline = time.Until(dl) + } + } + sm := stream.Method() if sm != "" && sm[0] == '/' { sm = sm[1:] } pos := strings.LastIndex(sm, "/") if pos == -1 { - if trInfo != nil { - trInfo.tr.LazyLog(&fmtStringer{"Malformed method name %q", []any{sm}}, true) - trInfo.tr.SetError() + if ti != nil { + ti.tr.LazyLog(&fmtStringer{"Malformed method name %q", []any{sm}}, true) + ti.tr.SetError() } errDesc := fmt.Sprintf("malformed method name: %q", stream.Method()) if err := t.WriteStatus(stream, status.New(codes.Unimplemented, errDesc)); err != nil { - if trInfo != nil { - trInfo.tr.LazyLog(&fmtStringer{"%v", []any{err}}, true) - trInfo.tr.SetError() + if ti != nil { + ti.tr.LazyLog(&fmtStringer{"%v", []any{err}}, true) + ti.tr.SetError() } channelz.Warningf(logger, s.channelzID, "grpc: Server.handleStream failed to write status: %v", err) } - if trInfo != nil { - trInfo.tr.Finish() + if ti != nil { + ti.tr.Finish() } return } @@ -1748,17 +1734,17 @@ func (s *Server) handleStream(t transport.ServerTransport, stream *transport.Str srv, knownService := s.services[service] if knownService { if md, ok := srv.methods[method]; ok { - s.processUnaryRPC(t, stream, srv, md, trInfo) + s.processUnaryRPC(ctx, t, stream, srv, md, ti) return } if sd, ok := srv.streams[method]; ok { - s.processStreamingRPC(t, stream, srv, sd, trInfo) + s.processStreamingRPC(ctx, t, stream, srv, sd, ti) return } } // Unknown service, or known server unknown method. if unknownDesc := s.opts.unknownStreamDesc; unknownDesc != nil { - s.processStreamingRPC(t, stream, nil, unknownDesc, trInfo) + s.processStreamingRPC(ctx, t, stream, nil, unknownDesc, ti) return } var errDesc string @@ -1767,19 +1753,19 @@ func (s *Server) handleStream(t transport.ServerTransport, stream *transport.Str } else { errDesc = fmt.Sprintf("unknown method %v for service %v", method, service) } - if trInfo != nil { - trInfo.tr.LazyPrintf("%s", errDesc) - trInfo.tr.SetError() + if ti != nil { + ti.tr.LazyPrintf("%s", errDesc) + ti.tr.SetError() } if err := t.WriteStatus(stream, status.New(codes.Unimplemented, errDesc)); err != nil { - if trInfo != nil { - trInfo.tr.LazyLog(&fmtStringer{"%v", []any{err}}, true) - trInfo.tr.SetError() + if ti != nil { + ti.tr.LazyLog(&fmtStringer{"%v", []any{err}}, true) + ti.tr.SetError() } channelz.Warningf(logger, s.channelzID, "grpc: Server.handleStream failed to write status: %v", err) } - if trInfo != nil { - trInfo.tr.Finish() + if ti != nil { + ti.tr.Finish() } } diff --git a/vendor/google.golang.org/grpc/tap/tap.go b/vendor/google.golang.org/grpc/tap/tap.go index bfa5dfa40e..07f0125768 100644 --- a/vendor/google.golang.org/grpc/tap/tap.go +++ b/vendor/google.golang.org/grpc/tap/tap.go @@ -27,6 +27,8 @@ package tap import ( "context" + + "google.golang.org/grpc/metadata" ) // Info defines the relevant information needed by the handles. @@ -34,6 +36,10 @@ type Info struct { // FullMethodName is the string of grpc method (in the format of // /package.service/method). FullMethodName string + + // Header contains the header metadata received. + Header metadata.MD + // TODO: More to be added. } diff --git a/vendor/google.golang.org/grpc/version.go b/vendor/google.golang.org/grpc/version.go index 724ad21021..6d2cadd79a 100644 --- a/vendor/google.golang.org/grpc/version.go +++ b/vendor/google.golang.org/grpc/version.go @@ -19,4 +19,4 @@ package grpc // Version is the current grpc version. -const Version = "1.58.3" +const Version = "1.59.0" diff --git a/vendor/google.golang.org/grpc/vet.sh b/vendor/google.golang.org/grpc/vet.sh index bbc9e2e3c8..bb480f1f9c 100644 --- a/vendor/google.golang.org/grpc/vet.sh +++ b/vendor/google.golang.org/grpc/vet.sh @@ -93,6 +93,9 @@ git grep -l -e 'grpclog.I' --or -e 'grpclog.W' --or -e 'grpclog.E' --or -e 'grpc # - Ensure all ptypes proto packages are renamed when importing. not git grep "\(import \|^\s*\)\"github.com/golang/protobuf/ptypes/" -- "*.go" +# - Ensure all usages of grpc_testing package are renamed when importing. +not git grep "\(import \|^\s*\)\"google.golang.org/grpc/interop/grpc_testing" -- "*.go" + # - Ensure all xds proto imports are renamed to *pb or *grpc. git grep '"github.com/envoyproxy/go-control-plane/envoy' -- '*.go' ':(exclude)*.pb.go' | not grep -v 'pb "\|grpc "' diff --git a/vendor/knative.dev/hack/codegen-library.sh b/vendor/knative.dev/hack/codegen-library.sh index d9cf1ce7ea..0f21d457ef 100644 --- a/vendor/knative.dev/hack/codegen-library.sh +++ b/vendor/knative.dev/hack/codegen-library.sh @@ -31,5 +31,5 @@ export GOBIN=${GOPATH}/bin # Set GOBIN explicitly as deepcopy-gen is installed b export CODEGEN_PKG=${CODEGEN_PKG:-$(cd ${REPO_ROOT_DIR}; ls -d -1 ./vendor/k8s.io/code-generator 2>/dev/null || echo ../code-generator)} export KNATIVE_CODEGEN_PKG=${KNATIVE_CODEGEN_PKG:-$(cd ${REPO_ROOT_DIR}; ls -d -1 ./vendor/knative.dev/pkg 2>/dev/null || echo "${REPO_ROOT_DIR}")} -chmod +x ${CODEGEN_PKG}/generate-groups.sh -chmod +x ${KNATIVE_CODEGEN_PKG}/hack/generate-knative.sh +[ -x ${CODEGEN_PKG}/generate-groups.sh ] || chmod +x ${CODEGEN_PKG}/generate-groups.sh +[ -x ${KNATIVE_CODEGEN_PKG}/hack/generate-knative.sh ] || chmod +x ${KNATIVE_CODEGEN_PKG}/hack/generate-knative.sh diff --git a/vendor/modules.txt b/vendor/modules.txt index f100446d81..d4bc055d23 100644 --- a/vendor/modules.txt +++ b/vendor/modules.txt @@ -328,9 +328,9 @@ github.com/manifestival/manifestival/internal/sources # github.com/mattn/go-ieproxy v0.0.1 ## explicit; go 1.14 github.com/mattn/go-ieproxy -# github.com/matttproud/golang_protobuf_extensions v1.0.4 -## explicit; go 1.9 -github.com/matttproud/golang_protobuf_extensions/pbutil +# github.com/matttproud/golang_protobuf_extensions/v2 v2.0.0 +## explicit; go 1.19 +github.com/matttproud/golang_protobuf_extensions/v2/pbutil # github.com/mitchellh/go-homedir v1.1.0 ## explicit github.com/mitchellh/go-homedir @@ -374,8 +374,8 @@ github.com/prometheus/client_golang/prometheus/promhttp # github.com/prometheus/client_model v0.4.1-0.20230718164431-9a2bf3000d16 ## explicit; go 1.18 github.com/prometheus/client_model/go -# github.com/prometheus/common v0.44.0 -## explicit; go 1.18 +# github.com/prometheus/common v0.45.0 +## explicit; go 1.20 github.com/prometheus/common/expfmt github.com/prometheus/common/internal/bitbucket.org/ww/goautoneg github.com/prometheus/common/model @@ -567,7 +567,7 @@ golang.org/x/xerrors/internal # gomodules.xyz/jsonpatch/v2 v2.4.0 ## explicit; go 1.20 gomodules.xyz/jsonpatch/v2 -# google.golang.org/api v0.147.0 +# google.golang.org/api v0.148.0 ## explicit; go 1.19 google.golang.org/api/googleapi google.golang.org/api/googleapi/transport @@ -610,12 +610,12 @@ google.golang.org/genproto/protobuf/field_mask google.golang.org/genproto/googleapis/api google.golang.org/genproto/googleapis/api/annotations google.golang.org/genproto/googleapis/api/httpbody -# google.golang.org/genproto/googleapis/rpc v0.0.0-20231009173412-8bfb1ae86b6c +# google.golang.org/genproto/googleapis/rpc v0.0.0-20231012201019-e917dd12ba7a ## explicit; go 1.19 google.golang.org/genproto/googleapis/rpc/code google.golang.org/genproto/googleapis/rpc/errdetails google.golang.org/genproto/googleapis/rpc/status -# google.golang.org/grpc v1.58.3 +# google.golang.org/grpc v1.59.0 ## explicit; go 1.19 google.golang.org/grpc google.golang.org/grpc/attributes @@ -675,6 +675,7 @@ google.golang.org/grpc/keepalive google.golang.org/grpc/metadata google.golang.org/grpc/peer google.golang.org/grpc/resolver +google.golang.org/grpc/resolver/manual google.golang.org/grpc/serviceconfig google.golang.org/grpc/stats google.golang.org/grpc/status @@ -1267,7 +1268,7 @@ k8s.io/utils/net k8s.io/utils/pointer k8s.io/utils/strings/slices k8s.io/utils/trace -# knative.dev/caching v0.0.0-20231017130712-54d0758671ef +# knative.dev/caching v0.0.0-20231023174851-e3e39c3f4bff ## explicit; go 1.18 knative.dev/caching/pkg/apis/caching knative.dev/caching/pkg/apis/caching/v1alpha1 @@ -1360,7 +1361,7 @@ knative.dev/eventing/test/upgrade/prober/wathola/fetcher knative.dev/eventing/test/upgrade/prober/wathola/forwarder knative.dev/eventing/test/upgrade/prober/wathola/receiver knative.dev/eventing/test/upgrade/prober/wathola/sender -# knative.dev/hack v0.0.0-20231016131700-2c938d4918da +# knative.dev/hack v0.0.0-20231025074238-d4af42e9b222 ## explicit; go 1.18 knative.dev/hack knative.dev/hack/shell @@ -1379,7 +1380,7 @@ knative.dev/networking/pkg/http/probe knative.dev/networking/pkg/http/proxy knative.dev/networking/pkg/http/stats knative.dev/networking/pkg/k8s -# knative.dev/pkg v0.0.0-20231023151236-29775d7c9e5c +# knative.dev/pkg v0.0.0-20231023152443-b7a62c0b7003 ## explicit; go 1.18 knative.dev/pkg/apiextensions/storageversion knative.dev/pkg/apiextensions/storageversion/cmd/migrate